FACULTY OF SCIENCE AND TECHNOLOGY

(FST)

COURSE: DIT 2

COURSE CODE: CSS 071

SUBJECT NAME: COMPUTER NETWORK

LECTURER NAME: MR. KASIAN

KIND OF TASK: INDIVIDUAL ASSIGNMENT

DATE SUBMIT: 14th JAN,2023

NAME REG NUMBER

COLLINS STANLEY 14233046/T.21

QUESTION:

Computer network has enhanced communication between entity that could be in different
location. Today we can send even classified data and information over the network. This has
attracted criminals who target the data and information that are routed over the network for
the purpose of destroying or using them for malicious intent. As network administrator you
need to be aware of various issues concerning protecting the network against these intruders.
Discuss various concepts related to computer network security, highlights some of techniques
that intruder may use to attack the network and explain the counter measure that can be used
by network administrator in protecting the network.
Computer network security refers to the protection of computer networks and information
stored on them from unauthorized access, use, disclosure, disruption, modification, or
destruction. This includes protecting against a wide range of threats such as hacking, viruses,
and denial of service attacks. Network security measures can include things like firewalls,
intrusion detection and prevention systems, encryption, and secure passwords. The goal of
network security is to ensure the confidentiality, integrity, and availability of information and
resources on a network.
Intruders, also known as attackers or hackers, may use a variety of techniques to attack a
network. Some common techniques include:

Social engineering
Social engineering in network security is a tactic used by attackers to trick people into giving
away sensitive information or doing something that could compromise a network's security.
This is done through psychological manipulation and can take many forms, such as phishing
emails, pretexting, baiting, etc. The goal is to exploit human nature to gain access to systems,
networks or sensitive information

Malware
Malware, short for malicious software, is any software specifically designed to harm or
exploit a computer or network. There are many different types of malware, including viruses,
trojans, worms, ransomware, and adware.Viruses are designed to replicate themselves and
spread to other computers, often through email attachments or infected software downloads.
Trojans are malware that disguises itself as legitimate software, but when executed, allows
attackers to gain access to the infected computer.
Worms are similar to viruses in that they replicate themselves, but they do not need to be
executed by the user and can spread automatically over network connections. Ransomware is
a type of malware that encrypts the victim's files and demands a ransom payment to restore
access.
Adware is a type of malware that displays unwanted ads on the victim's computer.

In computer network security, malware is a major threat because it can spread quickly and
cause widespread damage. To protect against malware, it is important to keep your software
and operating system up-to-date, use anti-virus and anti-malware software, and be cautious
when opening email attachments or clicking on links from unknown sources.

(DoS) and (DDoS) attacks:

DDoS stands for Distributed Denial of Service while DoS stands for "Denial of Service." It is
a type of cyber attack in which the attacker attempts to make a particular service or website
unavailable by overwhelming it with traffic from multiple sources. This can be done through
techniques such as flooding the target with too many requests, or by using malware to take
control of multiple devices and use them to attack the target. The goal of a DoS attack is to
disrupt normal traffic and make it impossible for legitimate users to access the service.

Phishing
Phishing is a type of social engineering attack that uses fraudulent emails or messages that
appear to be from legitimate sources, such as banks, government agencies, or well-known
companies, in order to steal sensitive information or gain access to systems or networks.
These emails or messages often include a link or attachment that, when clicked, directs the
victim to a fake website or prompts them to download malware.
Phishing emails or messages often include urgent language or a sense of urgency, such as
"Your account will be closed if you do not update your information immediately."

Password cracking
Is the process of attempting to gain unauthorized access to a computer or network by
guessing or trying different combinations of characters in a password. This can be done using
various techniques such as brute force, dictionary attacks, and phishing. It is important to use
strong and unique passwords, and to implement measures such as two-factor authentication
and regular password updates to protect against password cracking attempts

A man-in-the-middle (MitM) attack

A man-in-the-middle (MitM) attack is when an attacker intercepts and alters the
communication between two parties without them knowing. The attacker can use this to steal
sensitive information or launch further attacks. This can happen on wired or wireless
networks and can be done through various methods. To protect against it, one should use
secure communication protocols and security tools such as firewalls, intrusion detection
systems, and anti-virus software.

To protect networks against these types of attacks, network administrators can use a variety
of countermeasures, including:

Firewalls:
A firewall is a security system that controls incoming and outgoing network traffic by
examining each packet and determining whether it should be allowed through or blocked. It
is typically used to protect a private internal network from unauthorized access, and can be
implemented in hardware, software, or a combination of both. Firewalls can be configured to
allow or block traffic based on a variety of criteria, such as IP address, port number, and
protocol. They can also be configured to detect and block malicious traffic, such as that
generated by viruses, worms, and other malware. A firewall can also be used in conjunction
with other security measures, such as intrusion detection systems and antivirus software, to
provide an additional layer of protection for a network.

Antivirus and anti-malware software:

Antivirus and anti-malware software are tools that are used to detect, prevent, and remove
malware from a computer or network. Malware, short for malicious software, refers to any
software that is designed to harm or exploit a computer system, such as viruses, worms,
trojans, ransomware, and spyware.
Antivirus software is designed to detect and remove viruses, while anti-malware software is
designed to detect and remove a broader range of malware, including viruses. Both types of
software use signature-based detection, which compares files on the computer or network to a
database of known malware signatures. They also use heuristic-based detection which uses
algorithms to identify patterns and behavior that are common to malware.
Antivirus and anti-malware software are important for network security because they can
help protect against malware infections that can cause damage to systems, steal sensitive
information, or allow unauthorized access to a network. Regularly updating and running these
software, and keeping them up-to-date with the latest malware definitions, is important in
order to protect against new and emerging threats.
Encryption
is a method of securing network communication by converting plain text into a coded format
that can only be deciphered by someone with the correct encryption key. The encoded data,
also known as ciphertext, is unreadable to anyone who does not have the key. Encryption can
be used to protect a wide range of network communications, including email, file transfers,
and virtual private network (VPN) connections.

Two-factor authentication
Two factor authentication also known as 2FA he does ecurity process where users are
required to provide the two forms of identification before being granted access to a system or
network the first form is typically a password and the second form is your unique code
generated by authentication device also sent to the user via text or e-mail. This adds an extra
layer of security making it more difficult for attackers to gain unauthorized access even if
they have known the password. 2FA can be implemented in different ways such as via SMS
biometric hardware or mobile apps, this helps to increase the security of the system or
network and protect against various types of attacks

Establishing security policies and procedures

Having a set of clear and consistent policies and procedures in place can help to ensure that
all users are aware of the security risks and how to avoid them. This can include training and
education on safe computing practices, incident response plans, and regular security audits
and assessments.

Backup and disaster recovery

Regularly backing up important data and having a disaster recovery plan in place can help to
ensure that your organization can quickly recover from a security breach or other disaster.

Network monitoring
Regularly monitoring the network for any unusual activity, such as unexpected changes to
files, suspicious network traffic, or changes to the system configuration. This can help to
quickly identify and respond to any security breaches.

In conclusion, network security is a crucial aspect of ensuring the integrity, availability, and
confidentiality of information that is transmitted over a network. It involves a combination of
technologies, processes, and policies to protect networks, devices, and data from
unauthorized access, manipulation, and disclosure.
Encryption, firewalls,detection and prevention systems, and access controls are some of the
key tools and techniques used in network security. It is important to keep network security
measures up to date and regularly monitor the network for any potential threats.