IBPS SO IT Officers Study Capsule- (1)

8/18/2019 IBPS SO IT Officers Study Capsule-www.ibpsguide.com (1)

1/55

www.ibpsguide.com Page

IBPS SO IT Officers Study Capsule

DBMS:

What is DBMS? It is Data Base Management System. Off course!

I‘m sure all you know the full form, but have you really ever given a thought to the words that make up the full form –‗cause that is where the entire secret lies in understanding the core of this chapter! Data – is any input which has been processed. It can be in numeric, alphabetic or alphanumeric form. Try to imagin

data as physical files…the kind of dusty files found in government offices.

This processed data (or dusty files) needs to be stored and kept somewhere, so that when we need them we ca

easily retrieve it.

But where do we keep it? How do we keep it?

Don‘t worry; the computer experts have solved your problem by creating the ‗database‘.

Database – is simply a ‗place‘ where all the data are collected and stored in an organized manner.

Think of it as a collection of many steel racks, like the ones found in old government offices! All the files/data are kep

according to their serial numbers/file/folder names (or any other identification style), and stored in the racks/database

Management sy stem – In government officers, there are peons who are responsible for keeping the files in the righplace, bringing required files to the senior officers, putting it back again after updating the files etc., this is nothing buthe system of file management in the office.

Similarly, in computer‘s database, it‘s ‗management system‘ is doing the work of the peon; bring the required files

putting back in the right place, etc. but more efficiently than a peon and faster too!!

I really do hope some vapour-ish ideas are forming in your head about DBMS!

Thus, putting down all our ideas in definition form – DBMS is a software, (i) which helps a user in creating a collection of records and information and storing them on the computer in

systematic way (database),

(ii) it also helps in organizing, sorting and retrieval of the records/information from the database, when required by th

user, to help the user in decision making (management system).


2/55


BENEFITS OF DBMS:-

1. Faster storage and retrieval time2. Accessing data is easy and fast3. Data integrity(credibility of the data) and security. In govt. offices, anyone can pick up any file! But DBM

requires password authorization to access important files.

4. Backups and recovery are possible only in digital world, hence today physical files are becoming extinct.

POINTS TO REMEMBER IN DBMS 1. In DBMS data are stored in relational model, using tables with rows and columns (remember the steel racks!).2. There are two types of Data Manipulation Languages (DML), Structured Query Language (SQL) and Data Definition

Language (DDL).

3. DML are computer languages also known as query language , it is used for accessing and working on the data.

In other words, DML (SQL and DDL), are like the languages people use, Hindi or English, in an office to give orders tothe peon!

4. Data redundancy – which means there are no duplications of data. No multiple files of the same kind.5. Data dictionary – is like a normal dictionary, but containing metadata .

6. Metadata – contains information about all the data in the DBMS .

7. The Keys – Primary key is used to identify a particular or specific record (file). It is unique to a particular file.

Foreign Key makes a connection between a component (field) in one table with a component identified by a primary

key.

8. Relational database – is the kind of database model, where there are logical connections between the various files, whichare kept in tables.

For example: In the given diagram, the information is stored in tables (with rows and columns), in this particular case intwo relational tables. Every column has a F ield name (employee ID, first name, last name, e-mail ID, Department ID and Department name). The relation between the two tables is created by the field ‗Department ID‘, which connects the Employees name/ID/e-mail

to a particular Department like HR or software or accounts.

This is relational database, where a relation is made between items of the database.


3/55


What is Data Structure ?

• A scheme for organizing related pieces of information• A way in which sets of data are organized in a particular system• An organised aggregate of data items • A computer interpretable format used for storing, accessing, transferring and archiving data

• The way data is organised to ensure efficient processing: this may be in lists, arrays, stacks, queues or trees

Data structure is a specialized format for organizing and storing data so that it can be be accessed and worked with in

appropriate ways to make an a program efficient

• Data Structure = Organised Data + Allowed Operations

There are two design aspects to every data structure:

The interface part

The publicly accessible functions of the type. Functions like creation and destruction of the object,

inserting and removing elements (if it is a container), assigning values etc.

The implementation part :

Internal implementation should be independent of the interface. Therefore, the details of the

implementation aspect should be hidden out from the users.

Collections • Programs often deal with collections of items.

• These collections may be organised in many ways and use many different program structures to represent

them, yet, from an abstract point of view, there will be a few common operations on any collection.

create Create a new collection

add Add an item to a collection

delete Delete an item from a collection

find Find an item matching some criterion in the collection

destroy Destroy the collection


4/55


Analyzing an Algorithm

• Simple statement sequence s1; s2; ….; sk Complexity is O( 1 ) as long as k is constant

• Simple loops

for(i=0;i


5/55


6/55


• An array cannot be extended dynamically, one have to allocate a new array of the appropriate size and copy the old arra

to the new array

Linked Lists

• The linked list is a very flexible dynamic data structure: items may be added to it or deletedfrom it at will

– Dynamically allocate space for each element as needed – Include a pointer to the next item – the number of items that may be added to a list is limited only by the

amount of memory available

We are learning this topic using c programming. Linked list is a type of data structure provided in C language

to make use of pointer efficiently.

Introduction to Linked List

1. It is a data Structure which consists if group of nodes that forms a sequence.

2. It is very common data structure that is used to create tree,graph and other abstract data types.

Linked list comprise of group or list of nodes in which each node have link to next node to form a chain.

Linked List definition

1. Linked List is Series of Nodes 2. Each node Consist of two Parts viz Data Part & Pointer Part

3. Pointer Part stores the address of the next node

What is linked list Node ?

1. Each Linked List Consists of Series of Nodes

2. In above Diagram , Linked List Consists of three nodes A,B,C etc

3. Node A has two part one data part which consists of the 5 as data and the second part which contain the address ofthe next node (i.e it contain the address of the next node)


7/55


Linked list Blocks

Linked list is created using following elements –

No Element Explanation

1. Node Linked list is collection of number of nodes

2. Address Field in Node Address field in node is used to keep address of next node

3. Data Field in Node Data field in node is used to hold data inside linked list.

We can represent linked list in real life using train in which all the buggies are nodes and two coaches are

connected using the connectors.

Computer Networks Basics and Network Topology

Computer network is an important chapter from exam point of view. This particular piece is my effort towards makin

this chapter a bearable one for you.

Given in point wise format, these are the points you should know from this chapter, the bare minimum and th

absolute essential. Do not go to the exams without these! And as for the maximum knowledge – well, sky is the lim

my friend!

So we start:

COMPUTER NETWORKS

1. Computer Network is for aiding ‗Data Communication‘, i.e., sending and receiving of data between terminasituated at different places.

2. There are 3 types of ‘ Transmission Channels ’ , namely, Simplex, Half Duplex and Full Duplex Channels.

3. A(sender) B(receiver) : is the simplex channel , where data transmission is in one way direction. Here th

receiver can not send any communication back to the sender via the same channel.

4. Half Duplex ch annel – where the transmission of data is from both ends, but at any particular time only one

happening, either incoming or outgoing transmission. The diagram bellow shows a gap in space between the sende

and receiver messages, to denote the gap in time where at one time only one message (either form the sender o

from the receiver) will get transmitted.


8/55


5. Ful l Duplex channel , is where the data gets transmitted in both directions at the same time, i.e., there is

no time lag or day in communication

Must get Full Computer eBook

NETWORK TOPOLOGY

6. There are 4 main types of ‗Network Topology‘, namely, Mesh, Star, Ring and Bus Network.

7. Topology means the arrangement of various components of a network (such as

server/hubs/nodes/links/information flow channels etc.), and depicts the structure of a network.

8. The following diagrammatic representation is of ‘Mesh Networking’ – the small rectangular boxes are

‗Nodes‘.

In mesh network, each node is independent, and is used for high traffic transmission through multiple available

routes. This is a fully connected network, where each node in the network to the other.

As you can see in the diagram, each node is connect to the other four, which is why this type of network is highly

reliable for data transmission as there are more than one route for transmission.

Plus is a particular route fails – then the transmission can automatically switch to other available routes and thetransmission will be successfully completed.

9. In ‗Star Networ k ‘, there is a ‗Cental Node ‘, which is also called the ‗Hub ‘. For your easy understanding, think of

hub as a Server and the other nodes attached to it are the client nodes.


9/55


The communication between the clients takes place through the server. A client (sender) send information to the hub,

the hub then transmits the information to the client (receiver) for whom the information was meant to be transmitted.

In this type of network, if the transmission line between the hub and a node fails, then that node will become

isolated from the network.

And if the central node fails, then the whole network fails!

10. In ‗Ring Network ‘ topology, each node is connected to two other nodes only.

The data flow is usually one way in a ring network, and hence if any line/node fails then the entire network

crumbles.

11. ‗Bus Network is the type of topology in which the nodes are connected by a single communication line. This

single communication line is called a bus .

The bus networks are the simplest of networks, but it has a critical drawback. It can transmit from one node at a

time, because of the single line of communication.

12. Node is a connection point where data transmission originates or ends.


10/55

www.ibpsguide.com Page 1

NETWORK TERMINALS

13. Terminal is a computer network means a computer equipment, it could be anything – a computer, an ATM

machine, the PNR and Train time requesting machines at railway stations.

14. Dumb Terminals are those terminals which cannot do any processing or storage of data. It is simply a

input/output device wired into another computer. It takes the input, transmits the data to the computer (computers ca

process!) to which it is connected and then displays the output.

Examples: Like PNR status checking booth at Railway stations. They have a Cathode Ray Tube (Screen), a Keyboard, or

screen with touch input and gives the output on the screen.

15. Intel l igent Termin als is the kind of terminal which can do its own processing…which would mean it is fitted with

processor and has memory (storage) capacity and thus is actually a computer (but not the kind which looks like ou

PC!)

16. Smart Termin als have processing capacities and memory too, but lesser than intelligent terminals.

MS Excel Keyboard Shortcuts

There are many shortcuts, mostly the ‗common shortcuts‘ which are same in MS Word as well as MS Excel. But not all shortcuts

work here!

Please note, sometimes the shortcuts may differ because of OS or the version of OS or the version of MS Office. The shortcuts I

am listing are MS EXCEL 2003 ones (which are compliant in the latest versions as well) – they are most commonly asked.

If you have a different version, you can check for shortcuts from ‘HELP’ option.

A. MICROSOFT EXCEL – COMMON SHORTCUTS

1. Ctrl + N = will open a new excel document2. Ctrl + O = will open the ‗Open‘ box to open previously saved documents3. Ctrl + W = will close the current excel document without exiting Excel4. Ctrl + S = to save the currently open word document5. Ctrl + P = will give the print option for current document6. Ctrl + Z = will undo the last action7. Ctrl + Y = will restore the action undone8. Ctrl + X = will cut selected item9. Ctrl + C = will copy selected text/item

10. Ctrl + V = will paste the previously cut/copy selected text/item11. Ctrl + A = Selects the whole document12. Ctrl + F = will open Find and Replace option/dialogue box

B. MICROSOFT EXCEL‘S FORMATTING SHORTCUTS

1. Ctrl + B = will bold-en the selected text/selected cell


11/55


2. Ctrl + I = will italicize the selected text/selected cell3. Ctrl + U = will underline the selected text/selected cell4. Home = will take you to the first cell of a row which has any value5. Ctrl + End = will take you to the last row which has any value6. Ctrl + Home = will take you to the very beginning of a document7. Ctrl + Shift + F = will activate the ‗F ont‘ option and you can chose the font you want

C. MICROSOFT EXCEL – INSERT OPTION SHORTCUTS

1. Ctrl + K = to insert a hyperlink2. Alt + I + P + C = will open the Clip Art box on the right side of the document3. Alt + I + P + W = will open the Word Art options box4. Alt + I + P + O = will insert an organization flow chart, which you can edit as per your requirement5. Alt + I + B = insert a page break6. Alt + I + H = opening Chart setup wizard7. Alt +I + M = inserting/attaching a comment to cell on excel8. Alt + I + R = insert rows9. Alt + I + C = insert columns10. Alt + I + E = insert cell11. Alt + E + D = delete cells/rows/column option is opened12. Alt + I + F = open the ‗functions‘ dialogue box. Alternatively function can be added by clicking

on ‗ fx‘ icon on the toolbar.

D. FUNCTION OF FUNCTION KEYS.

1. F1 = opens Help option. F1 opens help option in all MS Office applications.2. F2 = for editing contents of a cell3. F5 = will open ‗Go To‘ option 4. F7 = will open spell check option 5. Ctrl + F9 = minimizes particular work book

6. Ctrl + F10 = restores particular work book7. F10 = will activate Menu bar8. F11 = will open a ‗Chart 1‘ tab 9. F12 = will save the

workbook

Keyboard Shortcuts for MS Word - Learn Quickly

In most of the exams I appeared for this year, in every exam which had computer section, there has been a keyboard shortcut

question – I think in one exam there were two shortcut questions!

Keyboard shortcuts, I understand are boring to mug! Who does that? Computer geeks maybe!

But my friends, we, not the computer geeks, need to show the examiners that we know how to use a computer, and hence we

need to show ‗em we know keyboard shortcuts among other things!

How to learn the shortcuts? By using them! How else would you remember 40-50 shortcuts?!

Those of you who work on MS-Office/Windows or are from computer background obviously have an advantage – but for the others, you have my support and sympathies and you‘ll need to show some eagerness in actually sitting in

front of a laptop/desktop and actually trying out all the shortcuts !


12/55


No other way friends!

I‘m going to list some commonly used/asked MS WORD shortcuts – test yourself and see how many you get right!

Please note, sometimes the shortcuts may differ because of OS or the version of OS or the version of MS Office. The shortcuts I

am listing are MS Word 2003 ones (which are compliant in the latest versions as well) – they are most commonly asked.

If you have a different version, you can check for shortcuts from ‘HELP’ opt ion.

A. MICROSOFT WORD – COMMON SHORTCUTS

1. Ctrl + N = will open a new word document 2. Ctrl + O = will open the ‗Open‘ box to open previously saved documents 3. Ctrl + W = will close the current word document 4. Ctrl + S = to save the currently open word document 5. Ctrl + P = will give the print option for current document 6. Ctrl + Z = will undo the last action7. Ctrl + Y = will restore the action undone

8. Ctrl + X = will cut selected item9. Ctrl + C = will copy selected text/item 10. Ctrl + V = will paste the previously cut/copy selected text/item 11. Ctrl + A = Selects all the text12. Ctrl + F = will open Find and Replace option/dialogue box

B. MICROSOFT WORD‘S FORMATTING SHORTCUTS

1. Ctrl + B = will bold-en the selected text 2. Ctrl + I = will italicize theselected text 3. Ctrl + U = will underline the selected text 4. Ctrl + Shift

+ D = Double underline

5. Ctrl +Shift + > = will increase the font size of selected text 6. Ctrl +Shift + < = willdecrease the font size of selected text 7. Ctrl + 2 = double line spacing 8. End = will take you to the end of a line 9. Home = will take you to the beginning of a line 10. Ctrl + End = will take you to the very end of a document (last page/last line/last word!) 11. Ctrl + Home = will takeyou to the very beginning of a document 12. Shift + F3 = will change the case of letters of selected text (keep pressing the F3 and see how it keeps changing from All

CAPS, to all lower, to Sentence case!) 13. Ctrl + Shift + F = will activate the ‗F ont‘ option and you can chose the font you want 14. Ctrl + Shift + N = will apply the ‗N ormal‘ style to the selected text15. Ctrl + ‗equal sign‘ = for superscript. i.e., select a text first, then do - ‗ctrl + =‘.

example: Birds(of all kinds).

16. Ctrl + Shift + ‗the plus sign‘ = for superscript. example: November the 30

th

of 2014.

C. MICROSOFT WORD – INSERT OPTION SHORTCUTS 1. Ctrl + Enter = will give/insert a page break, i.e., it‘ll go to the next page 2. Ctrl + K = to insert a hyperlink 3. Alt + Shift + D = will insert the current Date 4. Alt + Shift + T = will insert

the current Time


13/55


5. Alt + I + P + C = will open the Clip Art box on the right side of the document 6. Alt + I + P + W = willopen the Word Art options box 7. Alt + I + P + H = will insert/open graph/chart input/options box in the form of an excel sheet! (Try it out!) 8. Alt + I + P + O = will insert an organization flow chart, which you can edit as per your requirement

Network Security Types of attacks

Security is a fundamental component of every network design. When planning, building, and operating a network, you

should understand the importance of a strong security policy.

Network Security

A security policy defines what people can and can't do with network components and resources.

Need for Network Security

In the past, hackers were highly skilled programmers who understood the details of computer communications an

how to exploit vulnerabilities. Today almost anyone can become a hacker by downloading tools from the Interne

These complicated attack tools and generally open networks have generated an increased need for network securit

and dynamic security policies.

The easiest way to protect a network from an outside attack is to close it off completely from the outside world. A

closed network provides connectivity only to trusted known parties and sites; a closed network does not allow a

connection to public networks.

Because they have no Internet connectivity, networks designed in this way can be considered safe from Interne

attacks. However, internal threats still exist.

There is a estimates that 60 to 80 percent of network misuse comes from inside the enterprise where the misuse ha

taken place.

With the development of large open networks, security threats have increased significantly in the past 20 years

Hackers have discovered more network vulnerabilities, and because you can now download applications that requir

little or no hacking knowledge to implement, applications intended for troubleshooting and maintaining and optimizin

networks can, in the wrong hands, be used maliciously and pose severe threats.

An adversary

A person that is interested in attacking your network; his motivation can range from gathering or stealing

information, creating a DoS, or just for the challenge of it

Types of attack:

Classes of attack might include passive monitoring of communications, active network attacks, close-in attacksexploitation by insiders, and attacks through the service provider. Information systems and networks offer attractivtargets and should be resistant to attack from the full range of threat agents, from hackers to nation-states. A systemmust be able to limit damage and recover rapidly when attacks occur. There are five types of attack:


14/55


Passive Attack A passive attack monitors unencrypted traffic and looks for clear-text passwords and sensitive information that cabe used in other types of attacks. Passive attacks include traffic analysis, monitoring of unprotected communications

decrypting weakly encrypted traffic, and capturing authentication information such as passwords. Passive interceptioof network operations enables adversaries to see upcoming actions. Passive attacks result in the disclosure oinformation or data files to an attacker without the consent or knowledge of the user.

Active Attack In an active attack, the attacker tries to bypass or break into secured systems. This can be done through stealthviruses, worms, or Trojan horses. Active attacks include attempts to circumvent or break protection features, tintroduce malicious code, and to steal or modify information. These attacks are mounted against a network backbone

exploit information in transit, electronically penetrate an enclave, or attack an authorized remote user during aattempt to connect to an enclave. Active attacks result in the disclosure or dissemination of data files, DoS, o

modification of data.

Distributed Attack A distributed attack requires that the adversary introduce code, such as a Trojan horse or back- door program, to

―trusted‖ component or software that will later be distributed to many other companies and users Distribution attack

focus on the malicious modification of hardware or software at the factory or during distribution. These attack

introduce malicious code such as a back door to a product to gain unauthorized access to information or to a system

function at a later date.

Insider Attack An insider attack involves someone from the inside, such as a disgruntled employee, attacking the network Inside

attacks can be malicious or no malicious. Malicious insiders intentionally eavesdrop, steal, or damage information; us

information in a fraudulent manner; or deny access to other authorized users. No malicious attacks typically resu

from carelessness, lack of knowledge, or intentional circumvention of security for such reasons as performing a task.

Close-in Attack A close-in attack involves someone attempting to get physically close to network components, data, and systems iorder to learn more about a network Close-in attacks consist of regular individuals attaining close physical proximity tnetworks, systems, or facilities for the purpose of modifying, gathering, or denying access to information. Closphysical proximity is achieved through surreptitious entry into the network, open access, or both.One popular form of close in attack is social engineering in a social engineering attack, the attacker compromises th

network or system through social interaction with a person, through an e-mail message or phone. Various tricks can b

used by the individual to revealing information about the security of company. The information that the victim reveals to th

hacker would most likely be used in a subsequent attack to gain unauthorized access


15/55


Phishing Attack

In phishing attack the hacker creates a fake web site that looks exactly like a popular site such as the SBI bank o

paypal. The phishing part of the attack is that the hacker then sends an e-mail message trying to trick the user into

clicking a link that leads to the fake site. When the user attempts to log on with their account information, the hacke

records the username and password and then tries that information on the real site.

Hijack attack Hijack attack In a hijack attack, a hacker takes over a session between you and another individual and disconnectthe other individual from the communication. You still believe that you are talking to the original party and may sen

private information to the hacker by accident.

Spoof attack Spoof attack In a spoof attack, the hacker modifies the source address of the packets he or she is sending so tha

they appear to be coming from someone else. This may be an attempt to bypass your firewall rules.

Buffer overflow

Buffer overflow A buffer overflow attack is when the attacker sends more data to an application than is expected. Abuffer overflow attack usually results in the attacker gaining administrative access to the system in a ommand promp

or shell.

Exploit attack

Exploit attack In this type of attack, the attacker knows of a security problem within an operating system or a piece o

software and leverages that knowledge by exploiting the vulnerability.

Password attack

Password attack An attacker tries to crack the passwords stored in a network account database or a password

protected file. There are three major types of password attacks: a dictionary attack, a brute-force attack, and a hybriattack. A dictionary attack uses a word list file, which is a list of potential passwords. A brute-force attack is when th

attacker tries every possible combination of characters.

What is an operating system?


16/55


An operating system is the most important software that runs on a computer. It manages the

computer's memory, processes, and all of itssoftware and hardware. It also allows you to

communicate with the computer without knowing how to speak the computer's

"language."Without an operating system, a computer is useless .

Watch the video to learn about operating systems.

The operating system's job

You've probably heard the phrase boot your computer , but do you know what that means?

Booting is the process that occurs when you press the power button to turn your computer on.

During this process (which may take a minute or two), the computer does several things:

It runs tests to make sure everything is working correctly.

It checks for new hardware.

It then starts up the operating system.

In the image below, you can see the start-up screen that appears when you turn on a

Windows 7 computer.

Once the operating system has started up, it manages all of the software and hardware on the

computer . Most of the time, there are many different programs running at the same time, and

they all need to access your computer's central processing unit (CPU), memory, and storage.The operating system coordinates all of this to make sure each program gets what it needs.

Without the operating system, the software wouldn't even be able to talk to the hardware, and the

computer would be useless. In the image below, you can see how Windows 7 appears after

starting up.


17/55


Types of operating systems

Operating systems usually come preloaded on any computer you buy. Most people use the

operating system that comes with their computer, but it is possible to upgrade or even change

operating systems.

The three most common operating systems for personal computers are Microsoft

Windows, Mac OS X, and Linux.

Modern operating systems use a Graphical User Interface, or GUI (pronounced "gooey"). A GUI

lets you use your mouse to click on icons, buttons, and menus, and everything is clearly

displayed on the screen using a combination of graphics and text.

Each operating system's GUI has a different look and feel, so if you switch to a different operating

system it may seem unfamiliar at first. However, modern operating systems are designed to be

easy to use, and most of the basic principles are the same.

In the images below, you can see the Windows and Mac OS X GUIs.


18/55


Before GUIs, computers had a command-line interface, which meant the user had to type

every single command, and the computer would only display text.

Microsoft Windows Microsoft created the Windows operating system in the mid-1980s. Over the years, there have

been many different versions of

Windows, but the

2012), Windows comes

preloaded on most new PCs, which helps to make it the most popular operating system in the

world.

If you're buying a new computer or upgrading to a newer version of Windows, you can choose

from several different editions of Windows, such as Home Premium, Professional, and

Ultimate. You may need to do some research to decide which edition is right for you.

Visit Microsoft's Windows page to learn more about this operating system.

Check out our tutorials on Windows 8, Windows 7, and Windows XP for more

7 (2009), and Windows Vista (2007). Windows

most recent ones are Windows 8 (released in


19/55


information.

Apple Mac OS X

Mac OS is a line of operating systems created by Apple Inc. It comes preloaded on all new

Macintosh computers, or Macs. All of the recent versions are known as OS X (pronounced O-S

Ten), and the specific versions include Yosemite (released in 2014), Mavericks (2013), Mountain Lion (2012), Lion (2011), and Snow Leopard(2009). Apple also offers a version called Mac OS X Server , which is

designed to be run on servers.

According to StatCounter Global Stats, Mac OS X users account for 7.5% of the operating systems

market as of January 2013—much lower than the percentage of Windows users (more than 90%).

One reason for this is that Apple computers tend to be more expensive. However, many people

prefer the look and feel of Mac OS X.

Check out our tutorials on Mac OS X Mavericks, Mountain

Lion, and Lion for more information.


20/55


Linux Linux (pronounced LINN-ux) is a family of open-source operating systems, which means they

can be modified and distributed by anyone around the world. This is different from proprietary

software like Windows, which can only be modified by the company that owns it (Microsoft). The

advantages of Linux are that it is free, and there are many different distributions (or versions)

you can choose from. Each distribution has a different look and feel, and the most popular onesinclude Ubuntu, Mint, and Fedora.

Linux is named after Linus Torvalds, who created the Linux

kernel in 1991. The kernel is the computer code that is the central

part of an operating system.

According to StatCounter Global Stats, Linux users account for less than 1% of the operating systems market as of January 2013. However, most servers run Linux

because it's relatively easy to customize.


21/55


22/55


Creates an HTML document

Sets off the title and other information that isn‘t displayed on the web page itself

Sets off the visible portion of the document

Body Attributes

Sets the background color, using name or hex value

Sets the text color, using name or hex value Sets the color of links, using name

or hex value

Sets the color of followed links, using name or hex value Sets the color of links on click

Disallows text selection with the mouse and keyboard

Text Tags

Creates preformatted text Creates the

largest headline Creates the smallest headline

Creates bold text Creates italic text

Creates teletype, or typewriter-style text Creates a citation,

usually italic Emphasizes a word (with italic or bold)

Emphasizes a word (with italic or bold) Sets size of font, from 1

to 7

Sets font color, using name or hex value

Links

Creates a hyperlink

Creates a mailto link

Creates an image/link

Creates a target location within a document


23/55


Links to that target location from elsewhere in the document

Formatting

Creates a new paragraph

Aligns a paragraph to the left (default), right, or center.
Inserts a

line break

Indents text from both sides Creates a

definition list

Precedes each definition term Precedes each definition

Creates a numbered list Creates a bulleted

list

Precedes each list item, and adds a number or symbol depending upon the type of list selected

A generic tag used to format large blocks of HTML, also used for stylesheets

Adds an image

Aligns an image: left, right, center; bottom, top, middle Sets size of border around an image

Inserts a horizontal rule

Sets size (height) of rule

Sets width of rule, in percentage or absolute value

Creates a rule without a shadow

Tables

Creates a table Sets off each row in a

table Sets off each cell in a row

Sets off the table header (a normal cell with bold, centered text)


24/55


Table Attributes

Sets width of border around table cells Sets amount of space between table cells

Sets amount of space between a cell‘s border and its contents

Sets width of table, in pixels or as a percentage of document width

or Sets alignment for cell(s) (left, center, or right)

or Sets vertical alignment for cell(s) (top, middle, or bottom)

Sets number of columns a cell should span (default=1) Sets

number of rows a cell should span (default=1) Prevents the lines within a cell from

being broken to fit

Frames

Replaces the tag in a frames document; can also be nested in other framesets

Defines the rows within a frameset, using number in pixels, or percentage of width

Defines the columns within a frameset, using number in pixels, or percentage of

width

Defines a single frame — or region — within a frameset Defines what will appear on

browsers that don‘t support frames

Frames Attributes

Specifies which HTML document should be displayed

Names the frame, or region, so it may be targeted by other frames

Defines the left and right margins for the frame; must be equal to or greater than 1

Defines the top and bottom margins for the frame; must be equal to or greater than 1

Sets whether the frame has a scrollbar; value may equal ―yes,‖ ―no,‖ or ―auto.‖ The

default, as in ordinary documents, is auto.


25/55


Prevents the user from resizing a frame

Forms

For functional forms, you‘ll have to run a script. The HTML just creates the appearance of a form.

Creates all forms

Creates a scrolling menu. Size sets the number of menu items

visible before you need to scroll.

Sets off each menu item

Creates a pulldown

menu Sets off each menu item

Creates a text box area. Columns set the width;

rows set the height.

Creates a checkbox. Text follows tag.

Creates a radio button. Text follows tag

Creates a one-line text area. Size sets length, in characters.

Creates a Submit button

Submit Creates an actual button that is clicked

Creates a Submit button using an image

Creates a Reset button

Basic Security Concepts of Network and System Devices Network devices—such as routers, firewalls, gateways, switches, hubs, and so forth—create the infrastructure of local area

networks (on the corporate scale) and the Internet (on the global scale). Securing such devices is fundamental to protecting

the environment and outgoing/incoming communications. You also have to be aware of security risks and controls available

in the public switched telephone networks (PSTN) infrastructure because PSTNs are often used for computer

communications. This section of the chapter introduces the security concepts applicable to physical devices, network

topologies, and storage media.


26/55


Firewalls

A firewall is a hardware device or software application installed on the borderline of secured networks to examine

and control incoming and outgoing network communications. As the first line of network defense, firewalls provide

protection from outside attacks, but they have no control over attacks from within the corporate network. Some

firewalls also block traffic and services that are actually legitimate.

TIP

Know that a firewall is a hardware or software system designed to protect one network from another network,

and be familiar with the various types of firewalls.

A firewall is designed to protect one network from another network.

Because network security is concentrated on configuring the firewall, or at least is built around it, a compromised

firewall can mean a disaster for a network. For smaller companies, though, a firewall represents the best investment

of time and money. All things considered, a firewall is as indispensable as the Internet itself; however, you should not

rely on it exclusively for top-to-bottom network protection.

Increasingly, companies are also deploying firewalls outside the edges of networks, as well as between network

segments and even on individual machines, where justified.

Three basic types of firewalls are available, in addition to one—the stateful inspection firewall—that combines the

features of the three basic types. Firewall architectures include the following:

Packet-filtering firewall Circuit-level gateway

Application-level gateway

Stateful inspection firewall

Packet-Filtering Firewall

Packet-filtering architecture involves checking network traffic for source and destination addresses, source and

destination port numbers, and protocol types. Packet filtering allows an administrator to exclude traffic based on its

source and destination addresses, and, depending on the device, it can also exclude traffic aimed at specific

protocols and ports or traffic that is sent to or from particular addresses. This architecture functions on the Network

layer (layer 3) of the Open System Interconnection (OSI) model. Most quality routers (not just firewalls) have packet-

filtering functionality built in. Devices made by Cisco Systems, the undisputed leader in the area of network devices in

general, employ access lists provided as a feature of the Internetwork Operating System (IOS). For Transmission

Control Protocol/Internet Protocol (TCP/IP) traffic control, the two types of access lists

are standard andextended .


27/55


Only extended lists allow you to check for all the previously listed characteristics and include some other conditions,

such as secondary connections. These access lists can be applied to different interfaces to screen network traffic in

both directions or in either direction on each interface. You can apply an access list filter to the external interface so

the router will discard prohibited packets before it has to spend CPU time on making a routing decision. All packets

that are not explicitly permitted are effectively rejected. Similar solutions that come built into the operating system can

be found in Windows NT and its TCP/IP implementation, Windows 2000 with the same protocol features plus IP

Filtering in the local policies, many Unix-like operating systems, and specialized firewall platforms.

Packet-filtering solutions are considered generally less secure than circuit-level architectures because they still allow

packets inside the network regardless of the communication pattern within the session. Thisopens the system to denial-o

services (DoS) attacks (buffer overflow exploits in "allowed" applications on target machines, connections exhaustion, an

so on).

Circuit-Level Gateway

Circuit-level architecture involves monitoring TCP/IP session requests between trusted hosts on the LAN and non-trusted

hosts on the Internet. This monitoring, performed on the Session layer (layer 5) of the OSI model, is done to determine

whether a requested session is legitimate. When hosts establish a session in TCP/IP communications, they conduct a

procedure called handshaking , in which peers agree on communication parameters in TCP

establishment packets occur only when prescribed. It also verifies the validity of the sequence numbers used

in TCP to reassemble packets in the correct order, as shown in Figure 3.1.

Figure 3.1 A normal handshake. Popular attacks, such as DoS, are often launched when an attacker begins the TCP three-step

handshake sequence with a SYN packet (and thereby begins to establish a connection) that is never completed.

Instead, the attacker emits another SYN packet and initiates another connection that is also never completed (when

repeated thousands of times, it causes problems). This attack, called a SYN flood , forces a victim system to use up

one of its finite number of connections for each connection the initiator opens. Because these requests arrive so

quickly, the victim system has no time to free dangling, incomplete connections before all its resources are consumed

TCP/IP standards suggest acceptable timeout periods that assume a timeout will handle some type of congestion or

outage adequately. However, a massive number of connection attempts can occur during the normal default timeout

period, thereby exhausting system resources and making the system unavailable for legitimate users. These attacks

are detected and prevented in circuit-level architectures where a security device discards suspicious requests. If you

receive 2,000 SYN (connection) requests per minute from a single host, you should become suspicious. Security

devices can also be configured to do some or all of the following:


28/55


29/55


a remote system is by installing a small application on a target machine. A Trojan horse is an application that i

hidden in some other type of content, such as a legitimate program. It can be used to create a new,

secret account called a back door , or it can be used to run spyware, which collects user keystrokes for analysis

Trojan horses can also be used to infect and control affected systems, destroy and expose valuable compan

information, or use your systems as launching pads for further attacks from the inside. After an internal system i

infected, a firewall is not very effective protection, although it can prevent certain types of traffic from flowing

between the attacker and the infected host or between the infected host and other potential victims. Som

Application-layer (layer 7) firewalls offer content filtering, which can help keep malicious Java applets and ActiveX

controls out of your network. You must remember that a firewall is just a first line of defense —it should never b

viewed as a cover-all insurance policy.

DNS transfer — An attempt to issue an ls -d command against a DNS server in a bid to list al

DNS server records (tantamount to getting a map of a fortified city about to be invaded). All DNS servers must be

configured to refuse such a listing if the request does not originate from a preconfigured DNS replication partner. DNSwas designed to be a system open for querying, but a DNS lookup is not the same as asking for a list of all a server's

DNS records. If a DNS software vendor does not allow disabling of the ls command, consider implementing a separate

DNS server for publicly accessible services, such as those located in the demilitarized zone (DMZ), or switch software

vendors.

TIP

It is important that you understand DNS transfers.

Some reconnaissance probes can reveal more than enough information for an attacker to proceed with his plan. If

potential attacker doesn't know about your infrastructure and cannot probe it, chances are you are safe, at least until th

next attacker tries.

You cannot guarantee that your ISP will monitor its network for such activity and prosecute port scanners and pin

sweepers. Therefore, you want your firewall to catch these reconnaissance attempts, log the source information, and ale

administrators on-the-fly. Ping sweeps are simple to protect against, but you should be aware that ICMP requests might b

rejected or discarded and that this difference is important to attackers. Actively rejected ICMP echo requests mean that th

target host is alive, which gives the attacker information. To protect against this probe, a firewall needs to discard the packe

silently so the attacker's ICMP requests appear to be sent to an unused IP address. The same goes for port scanning:

decent firewall detects a port scan in progress and rejects further requests from the source IP address, sending a real-tim

alert to the administrator.

NOTE Attackers Look for Vulnerable Systems Many attackers look for vulnerable systems, not caring who owns them. These

attackers are seldom interested in uncooperative systems, but they shouldn't be the basis of your security policy.

NOTE


30/55


A Pretty Good Reconnaissance Tool LANGuard Network Scanner can be downloaded from http://www.gfi.com. A free,

limited version is available that is still very useful for security configuration and verification purposes.

NOTE A Comprehensive List of Vulnerabilities Go to http://www.astalavista.com. In addition to vulnerability walkthroughs, you

can look through security tutorials on a host of topics, get privacy protection information, and download several tools. (Be

cautious installing the tools, though; be sure you are not installing a Trojan horse or other malware.)

OSI Model The main concept of OSI is that the process of communication between two endpoints in a telecommunication network can be

divided into seven distinct groups of related functions, or layers. Each communicating user or program is at a computer that can

provide those seven layers of function. So in a given message between users, there will be a flow of data down through the layers

in the source computer, across the network and then up through the layers in the receiving computer. The seven layers of functio

are provided by a combination of applications, operating systems, network card device drivers and networking hardware that

enable a system to put a signal on a network cable or out over Wi-Fi or other wireless protocol).

The seven Open Systems Interconnection layers are:

Layer 7: The application layer. This is the layer at which communication partners are identified (Is there someone to talk to?),

network capacity is assessed (Will the network let me talk to them right now?), and that creates a thing to send or opens the

thing received. (This layer is not the application itself, it is the set of services an application should be able to make use of

directly, although some applications may perform application layer functions.)

Layer 6: The presentation layer. This layer is usually part of an operating system (OS) and converts incoming and outgoing datafrom one presentation format to another (for example, from clear text to encrypted text at one end and back to clear text at the

other).

Layer 5: The session layer. This layer sets up, coordinates and terminates conversations. Services include authentication and

reconnection after an interruption. On the Internet, Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) provide

these services for most applications.

Layer 4: The transport layer. This layer manages packetization of data, then the delivery of the packets, including checking

for errors in the data once it arrives. On the Internet, TCP and UDP provide these services for most applications as well.

Layer 3: The network layer. This layer handles the addressing and routing of the data (sending it in the right direction to the

right destination on outgoing transmissions and receiving incoming transmissions at the packet level). IP is the network layer for

the Internet.

Layer 2: The data-link layer. This layer sets up links across the physical network, putting packets into network frames. This layer

has two sub-layers, the Logical Link Control Layer and the Media Access Control Layer. Ethernet is the main data link layer in

use.

Layer 1: The physical layer. This layer conveys the bit stream through the network at the electrical, optical or radio level. It


31/55


provides the hardwaremeans of sending and receiving data on a carrier network.

Attack Example

An attacker receives an email from someone's free Web email account—a very safe and

anonymous communication medium. He uses the email's headers and notes the message's

path from the very first communication point until it reached him. This first point is the IP address of the email sende

as it was assigned by her ISP. Next, the attacker uses PING, nslookup, and whois to find the ISP's domain name

address, and administrative contacts, as well as which name servers are responsible for that domain. Then he issue

an ls –d command against one of the name servers and, with luck, receives a full list of IP addresses and

hostnames used on that ISP's network. Using a ping sweep to locate active hosts and then port scanning to detec

services on those active boxes, he launches attacks against vulnerable applications.

If the ISP uses descriptive names in its DNS, an attacker can learn about physical connection types and the estimated

bandwidth of the target. In a worst case scenario, if crashing or breaking into that machine is not possible, socia

engineering can still work for the attacker.

A good firewall also prevents non-application-specific denial-of-service attacks and, in some cases, even provide

content filtering if it is an Application-level gateway.


32/55


App licat ion-Level Gateway

An Application-level gateway is known as a proxy , and it functions on the highest layer of the OSI model: th

Application layer. A proxy server basically inserts itself between an internal client (inside the network perimeter) an

an external server (outside the network perimeter) for the express purpose of monitoring and sanitizing externa

communications. (For example, a proxy can remove references to internal or private IP addresses from clien

communications before emitting them onto a public network segment, thereby hiding information about networinternals and details from outsiders.) When a packet travels all the way up the TCP/IP stack on a proxy server

software developers can implement application-based security controls. Therefore, user access can be controlled o

an individual basis, group policies can be applied, content types can be restricted, and so on. The higher up the OS

model that a proxy can operate, the more controls that can be implemented; however, there might be some costs in

either performance or flexibility. Some applications will not run properly (because the protocols they use can't b

proxied), or such applications might need to be specially configured to operate in the presence of a proxy server (such

implementations are called proxyable or proxy aware when they can be made to work with a proxy server).

Stateful Inspect ion Firewall

The fourth type of firewall architecture, stateful inspection, combines the aspects of the three basic architectures explained

in the previous sections. Stateful inspection firewalls not only examine packets at the Network layer, but also gather

information about the packet's communications session from all layers to determine whether a packet is valid in the context

in which it is received. For example, when a communications session is opened, the session is recorded in a stat

table. Subsequent session packets are checked against this state table to verify that they are valid in the context o

the session. A packet that is already part of a valid session does not have to be compared to all the rules, which

speeds up processing. Packets that do not make sense in the context of an open session can be discarded. Likewisepackets that attempt to exercise questionable or unwanted commands or activities can be blocked, and questionabl

patterns of activity (attempts at dangling synchronization, invalid segment sizes, and so forth) can be discarded. Thi

prevents potential attacks from getting underway or denials of service from succeeding, but requires complex custom

configurations to work.

Granted, firewalls residing higher up the OSI model can perform the same inspections that lower-leve

implementations can, but they are more complex to write (leaving the potential for overlooked back doors and lots o

bugs), more complicated to maintain, and less complicated to attack as a result of the first two. However, providin

that the software was written correctly and is deployed and maintained correctly, this provides the best security level.

Other Firewall Cons iderat ions

In addition to the four core firewall architectures, a few other elements that administrators have to consider are

involved in the designing of a firewall solution:

Network policy


33/55


Service access policy

Firewall design policy

Authentication policy

Network Policy

Network policy deals with general network use issues, subdivided into high-level policy and low-level policy . High-lev

policy deals with "why"; low-level policy deals with how to place administrative controls on the network. On the hig

level, companies normally stipulate which applications can be used on the network, which applications ca

communicate with the outside world, which applications can talk to local clients from the outside, and which condition

must be met for exceptions to be allowed.

Low-level policy details specifically which commands will be used on the firewalls to actually lock them down. Man

companies are missing this important element, which in turn leads to on-the-fly, poorly designed solutions that are not

effective as security controls. If the company grows dependent on an on-the-fly solution and the engineer who implemente

it leaves the company, successors will have to figure out why and how it works. After network policy is defined, the high

level portion should be communicated to the new and existing employees who need to be aware of what is allowed on the

network and how it is allowed.

Service Access Policy

Service access policy, an extension to the network policy and overall organizational guidelines, should deal wit

issues of communications between the local network and remote services available on the Internet (and vice versa

Firewalls can be used to exclude the internal use of unauthorized external services and the unauthorized external use

of internal services.

Firewall Design Policy

Firewall design policy refers to one of the two fundamental ways firewalls deal with the traffic rules defined by the

administrators. They allow what is expressly permitted and deny the rest, or they deny what is expressly prohibited

and allow the rest. For obvious reasons, "deny-all unless expressly permitted" is much more secure than the

opposite. Every packet goes through the list from top to bottom, and if a match is not found, the packet is rejected.

Thus, entries representing the most frequent kinds of traffic should be placed higher up the list to make a quick

match and minimize overhead.

Authentication Policies

Authentication policies deal with issues of establishing secure, effective user authentication. Older methods o

authentication, such as clear-text passwords, are no longer considered secure. The authentication methods used i

today's networks must be secure enough to be useless in the hands of an interceptor. (Many technologies that can be

used for this purpose are discussed in Chapter 2.)


34/55


In most cases, Application-level authentication is involved on a per-application or per-user basis without th

involvement of firewalls. This is also true about lower-level network services, such as virtual private networking (VPN

where specialized devices establish a tunnel.

Generally, firewalls should not be called on to perform authentication services for general users or access. All that a

firewall should be called on to handle is the traffic it should block

(when rules or filters are violated) or allow to pass through for a connection to be established

(when no untoward or unwanted patterns, addresses, or activities are detected). Firewall authentication policy comes int

play only for firewall configuration. Whenever possible, use only secure methods for remote access to security devices

Telnet sessions, although quick and easy to establish, are inherently unsecure and can jeopardize network control. Instead

use secure shell (SSH) wherever possible. If a firewall does not support SSH, create a third-party SSH server fo

management purposes in the demilitarized zone (see the "Security Zones" section later in the chapter for more about DM

and security zones). Then, configure the firewall to allow SSH in and to allow Telnet connections only from within the DMZ

on the internal interface. This protects the public portion of the management session and (generally) 95% of the risk

eliminated. You can use a VPN link as an alternative to an SSH session; either way, communications will be encrypted anindecipherable to snoopers.

Even hardware firewalls are running highly specialized software that allows them to be configured and monitore

remotely. All password and Telnet session protection rules apply in a standard fashion. That is, don't use Telnet t

manage security devices remotely; this is tantamount to putting an expensive bleeding-edge digital security lock o

your front door and advertising the passkey in the local daily. Use SSH where possible. If your firewall does no

support SSH, create a third-party SSH server for management purposes in the demilitarized zone, and configure th

firewall to allow SSH in and to allow Telnet connections only from within the DMZ on the internal interface. Thi

protects the public portion of the management session and (generally) 95% of the risk is eliminated. You can use VPN

as an alternative to SSH.

As always, use complex passwords of eight or more characters with mixed case and at least one digit and on

punctuation mark. Programs are available that force users to choose secure passwords by refusing passwords tha

appear in the dictionary, are too short, or do not contain at least a few nonalphabetic characters.

Passwords should never be birthdays, family member or pet names, nicknames, or other easily guessed words

Passwords should also never be shared with anyone, especially not by email, via instant message, or over the phone

Passwords should not be stored on or around your workstation, and you should not use the password "rememberingfeatures of popular browsers.

NOTE

Secure Password System A more secure form of password system is available for both Unix and Windows hosts.

Called S/KEY (sometimes denoted as SKEY, or winkey for Windows clients), this technology uses one-time hashed

64-bit values as defined in RFCs 1760 and 2289 to prevent passphrases from ever traversing the network in the clea


35/55


The facility generates one-time passwords (which can be used only once, based on a user password associated with

the skey command). Users get a string of six English words in return, which can be used to log in once to a system.

Many routers, firewalls, and other network devices now work with this type of facility.

Passwords should be changed on a regular basis. Most companies use a rotation period between one and thre

months. More frequent password changes tempt employees to write passwords down, and less frequent passwor

changes increase the chances of a password being discovered through either guessing or simple mistakes.

Periodic audits of accounts and automatic account expiration can ensure that users do not retain access to restricte

areas after they no longer need it.

Be sure that the highest privilege levels are assigned to no less than two and no more than four senior engineers fo

fail-over purposes. (That is, if one engineer is on vacation, the other one is not likely to be absent, too.)

Configure alerting and lockout for failed login attempts. In addition, allow configuration changes only from certai

hosts inside the internal network or from a particular local subnet to increase the chances that your securit

infrastructure will not be compromised catastrophically.

NOTE

Finding More Information on Firewalls Point your browser

to http://csrc.nist.gov/publications/nistpubs/800-10/node1.html. Another good introductory firewall document from

Cisco is available

at http://www.cisco.com/warp/public/cc/pd/rt/800/prodlit/fire_wp.htm.

Routers

A router is a physical network device (usually running proprietary software) that is used to connect several networ

segments into one network or an existing large network into smaller subnets. Routers operate on the Network layer o

the OSI model and unite multiple physical network segments into a single seamless, logical network by understandin

how to forward traffic from a sender to ultimately reach an intended receiver. This means that routing behavior

influenced strongly by the protocols in use. To some extent, therefore, understanding routing also require

understanding how Network layer protocols behave.

TIP

Know that a router is an OSI Network layer (layer 3) device that connects two or more networks and routes

traffic between them; they also act as packet filtering and circuit-level firewalls.

Various LAN protocols that were developed many years ago are still around. They do, however, employ certain

techniques that are famous for not scaling well as an enterprise grows. You must take network protocols into account

when considering routing designs. Some protocols require you to design specialized solutions to compensate for

nonscalable or less secure protocol features. Broadcasts and service advertisements are just two types of protocol


36/55


features that can require special routing solutions (or workarounds). The next few paragraphs discuss the following

protocols: NetBIOS Enhanced User Interface (NetBEUI), Internetwork Packet Exchange/Sequenced Packet Exchang

(IPX/SPX), and TCP/IP protocols, for example.

NetBEUI supports only local, bridged (flat) networks; has no addressing capabilities; is not routable; and relies on

broadcasts entirely. This protocol is fairly old, but it can still occur in some remote locations—most likely because of

legacy application issues. NetBEUI is the easiest protocol to deploy because no configuration is required. Owing tobroadcast traffic overhead and lack of logical or physical organization, NetBEUI is not recommended for networks with 30

or more nodes. It is therefore the worst protocol for scalability and should not be the focus for security efforts because it

supports no security features.

IPX/SPX is a routable Novell protocol that is still widely used. Although Novell switched to TCP/IP recently, IPX/SPX has a

significant deployed base and remains supported and widely used. IPX has one significant scalability shortcoming: The

more servers and network resources added, the more broadcast traffic is generated in the form of periodic service

advertising protocol (SAP) announcements. SAP packets inform the network about resource availability. When scaling, it

might not be desirable to propagate such advertisements owing to traffic overhead or for security reasons (an

advertisement is also an invitation, after all).

Routers can help mitigate issues by dividing a larger broadcast domain into smaller subdomains. By acting as a SAP

relay agent, routers can aggregate and forward all broadcast advertisements from any NetWare system only as

required. Remote segments need to receive directed summarized updates, sent to other routers on other subnets.

You can also implement access lists to control access to specific protocols from specific subnets and to limit

distribution of SAP information, thereby controlling who can locate (and access) network resources.

TCP/IP is the de-facto standard protocol for all new networks, whereas other protocols are maintained only for legacy

applications or backward-compatibility. TCP/IP has been around for several decades and provides numerous built-in

techniques for effective control of transmissions over LANs and WANs alike. It has an elaborate addressing scheme

well suited for subnetting and routing, although some proprietary environments can still affect overall network design.

Consider older Windows Networking built on TCP/IP with Windows Internet Naming Service (WINS), Dynamic Host

Configuration Protocol (DHCP), Remote Access Service (RAS), and computer browser issues. Most importantly,

TCP/IP scales extremely well.

Generally speaking, you should not mix protocols, unless business requirements dictate otherwise. Multiprotocol

environments are more difficult to maintain, more difficult to troubleshoot, and less efficient because each protocolimposes overhead and maintenance traffic that subtracts from available bandwidth. Furthermore, recall from the

firewall section of this chapter that the smaller an attack surface is, the lower the likelihood of it being hacked. Each

protocol has its own vulnerabilities, and some protocols rely on broadcasting service advertisements, which are

inherently unsecure. However, if using such protocols is a business requirement, routing provides solutions that can

contain broadcast traffic within specific subnets and make the overall network more efficient and secure. In addition,

routers can employ access lists to reject unwanted traffic.


37/55


38/55


A hacker sending a route update to your network and poisoning (marking as downed) an important route to

cause a DoS condition

The creation of a routing loop that overloads the router and causes the network to become very slow and

appear over- utilized

The update of a route to send all outbound traffic to a different host, which would then forward it to the ISP,

launching an active interception or man-in-the-middle attack

Of course, no matter how secure the routing protocol, the first rule is to change the default password on the

router itself. Failing to create a unique password practically invites attackers to wreak havoc on your network.

Switches

Sometimes referred to as microsegmentation, switching increases the performance of traditional media by reducin

collision domains and facilitating media access. Classic switches operate on the Data Link layer (layer 2) of the OS

model and can be considered a multiport bridge with high-port density.

Switches have superceded more traditional hubs (multiport repeaters), which are no longer capable of accommodating

adequate media access. In addition to facilitating congestion and media-contention problems, a hub is considered highl

unsecure because it enables a flat network (a network segment with many network nodes sharing the same communicatio

channel and seeing communications of every other network node in the segment), which is vulnerable to packet sniffers. (A

switch can provide protection against a casual user attempting to pry into the network but needs additional security, such a

port access control and MAC filtering, against ARP poisoning, sniffers, and other more advanced threats.)

Over time, networks designed on traditional Ethernet technologies grew in size, and network node density wa

constantly increasing. At the same time, software was developing and introducing new network-intensive client/serveapplications that exercised lengthier and more bandwidth-intensive transmissions. Software advancements introduce

multitasking in the Windows world, adding to the existing functions in the Unix environment, and added to the stresse

on the aging Ethernet network technologies.

Here is a simple explanation of the slowdown:

1. Before a workstation can transmit, it listens to the wire and attempts to sense existing activity in the networ

segment.

2. If a transmission is sensed, the workstation must wait a random amount of time and sense again until the wire

clear of transmissions.

3. When the wire is transmission-free, the workstation can commence its own transmission. However, when mor

than one workstation attempts to transmit a signal on the wire at the same time, a collision occurs and th

segment is jammed.


39/55


4. Transmitting workstations then wait a random amount of time and attempt to retransmit.

This regime is characteristic of shared media such as Ethernet and is called collision sense multiple access/collisio

detect (CSMA/CD) to describe the type of circuitry involved. Apple Computer implements a similar approach calle

collision sense multiple access/collision avoidance (CSMA/CA). This differs from CSMA/CD in that it uses explic

signals ready to send (RTS) and clear to send (CTS) before accessing the network media—this approach avoid

collisions rather than detecting them (hence, the difference in their names).

As the number of workstations attempting transmissions on a network segment increases, the chance of a collisio

increases. With more transmissions and collisions, the network becomes over-saturated and slows down.

A collision domain is a collection of network nodes that belong to the same shared network segment. LAN switching

effectively splits broad collision domains into smaller domains or even dedicated network segments and significantl

reduces or completely eliminates collisions and transmission delays. It also effectively doubles transmissio

capabilities by using full-duplex technology, meaning it uses all four pairs of CAT5 cable: two pairs to transmit and th

other two to receive signals.

With recent improvements in switching technology, cost per switch port has steadily decreased, turning switching int

a sound technology investment. In addition to fixing media-contention issues, a switch can help prevent packet sniffin

and increase overall network security. You should implement switching if media contention problems exist or if th

chances of attracting a sniffer are high (for example, in your business's guest offices or conference rooms where the

public can access corporate LAN services). Although switches can enhance network security, they are not securit

devices per se and should not be considered a replacement for purpose-built security devices.

TIP

Know that a switch operates at the Data Link layer (layer 2) of the OSI model and that it can be used to create virtual

LANs.

Switch security, as with firewalls and routers, requires both physical and virtual security controls. A switch has

proprietary software that enables remote configuration of the switching operating system. Restrict physical

access to devices where you can—at the network access point if possible or deeper into the distribution and

core layers of the network. Employ strong authentication and password policies to secure virtual and local

console access to the device's operating system and configuration.

Wireless and Mobile Communications

Wireless communications security was discussed in detail in Chapter 2. You need to remember that Wireless

Application Protocol (WAP) applications are vulnerable to attacks at the WAP gateway. At this point, data streams are

decrypted from Secure Sockets Layer (SSL) and are encrypted into Wireless Transport Layer Security (WTLS) for


40/55


transfer to WAP devices. There is a brief time when the data stream is unencrypted. So, if the gateway infrastructure

is not adequately protected, the entire WAP system is at risk. This vulnerability is especially common in developing

countries where infrastructure investments can take budgetary precedence over security investments.

Some companies that don't specialize in mobile communications might provide WAP applications and services. These

companies usually pass their WAP traffic to a third-party

WAP gateway. The WAP traffic leaves the provider's protected (we assume) network encrypted in SSL. When it is

decrypted at the gateway before being reencrypted in WTLS, it can be compromised; the provider has no control over the

security of the WAP server.

Providers could avoid this vulnerability by operating their own WAP servers, but this is not a practical solution for two

reasons: WAP broadcasting requires very costly equipment investments, and the technology is difficult to maintain and

upgrade. It would be prohibitively complex to coordinate switching WAP clients between WAP service providers.

WAP communication cannot be considered safe in its present implementation. Therefore, WAP devices are inherently

unsecure as well. In addition to the WAP specification flaw, mobile devices are easily lost or stolen. A company must be

aware of these risks and consider which, if any, WAP implementations are suitable for its purposes.

Corporate wireless 802.11x-based infrastructures, on the other hand, have matured, and most types of known

attacks are extremely difficult to conduct in the presence of strong authentication and encryption technologies.

Risks primarily are attributed to the nature of mobile devices: They are small, valuable, and preferred over other

personal items among thieves. All security discussions about physical and virtual device security in the context of

switches, routers, and firewalls also apply to wireless access point devices used at the access level of the wireless

network infrastructure.

Modems

Modems are gradually becoming a relic of "last mile" communications. They are being supplanted by high-speed

cable and DSL connections that are significantly faster and not much more expensive than dial-up access. Although

modems still can be found in some corporations and small/home office environments, most companies now use

more centralized administration and security model. A corporate network environment provides a single point o

access to the Internet for all workstations and is guarded by a firewall or other security controls.

Some companies might still rely on modems, and some migrated environments might still have unused (and possibly

forgotten) modems installed and connected to telephone lines.

Another reason companies might have modems and modem pools attached and connected to their networks is RAS

which is covered in Chapter 2 and in the following section.

No matter how good its firewall, a network's security can be compromised through a single PC connected to both the

network and a modem.


41/55


War-dialing attacks take advantage of network-accessible modems administrators have forgotten or did not know how

to secure. A war dialer is an automated software application that dials a given range of phone numbers to determine

whether any are actually serviced by modems—indicated by returning dual tone multifrequency (DTMF) tones—an

accepting dial-in requests. Telecommunications providers employ anti-war dialing software that attempts to detec

war-dialing activity and disable any subsequent attempts; unfortunately, this protection works only if the numbers are

dialed in sequence.

NOTE

Finding More Information on War Dialing Point your browser

to http://www.att.com/isc/docs/war_dial_detection.pdf. This is a white paper on war-dialing detection written

by AT&T.

After a dial-in request has been accepted by a victim modem, the attacker can initiate password-cracking routines an

compromise the system in a matter of time. Real-time attack-alerting systems are unlikely to detect a war-dialin

attempt because the attack takes place in a seldom- or never-used part of the system. Fortunately, because modem

communications are being replaced by more secure technologies, war dialing has become an unlikely threat for

LAN.

Conventional dial-tone modems, with their low throughput, are relatively easy to flood with useless traffic. This is just

one way to cause a denial of service through modems.

Dial-tone modems have two basic operation modes: transmission and command. When switched on, a modem enter

command mode and awaits instructions from the terminal to begin transmissions. After communication has bee

established, the modem looks for certain patterns in the data flow that signal it to drop the connection and return to

command mode.

The Hayes Corporation developed and patented one such sequence consisting of three escape sequences bounded

by two pauses in the communication stream. The two pauses mark the escape symbols as an actual terminatio

request, not a coincidental matching pattern in the data stream. To avoid paying royalties to Hayes, some equipmen

manufacturers have devised their own (sometimes incompatible or faulty) techniques. Attackers could create wide

scale disconnects by sending a normal data pattern containing certain character sequences (that these "alternativ

solutions" would interpret as termination requests) via email messages, mailing lists, and IRC chat sessions.

Cable and DSL modems are not vulnerable to dial-tone modem attacks, but an always-on connection to the Interne

presents its own dangers. Encryption and firewall solutions must be used for protection against potential attacks ove

high-speed residential media.

Always-on access significantly increases the chances that an attacker will find and compromise a system. Often hom

users are not technically sophisticated enough to take the appropriate safeguards against attacks. Any system


42/55


connected to the Internet should employ a properly configured firewall.

Cable modems also present an additional vulnerability because they provide Internet access using a shared coaxia

cable. Potentially, all traffic to and from a machine connected to a cable modem is visible to other cable users in th

area. Any cable modem traffic that accesses a network must be encrypted to prevent network compromises.

RAS

Remote Access Server (RAS) technologies are described in detail in Chapter 2. Modern technologies such as VPN

use standard corporate network infrastructures such as firewalls and existing authentication systems. A dial-up

modem pool, however, is an RAS device that is fairly distinct from the rest of the network. The following security

controls can be used to protect the RAS point of entry to

IBPS SO IT Officers Study Capsule- (1)

Documents

Transcript of IBPS SO IT Officers Study Capsule- (1)