Hello My Greenish Hackers !
Welcome back to this beautiful journey of learning new things about About Different Security Stuffs.
So today we are Gonna talk about CND (Computer network Defence).
In simple words how computer networks can be defended from attackers !
To make it easy to understand i am gonna Break this Journey into three different layers.
1- Layer 1 (Technologies Used).
2- Layer 2 (Different Operations).
3- Layer 3 (The Peoples).
Layer 1 (Using Technologies)
This is The first step which an network admin can take to protect his network by installing different network defence System like:
1-Firewalls
A firewall is a network security system, either hardware- or software-based, that uses rules to control incoming and outgoing network traffic. A firewall acts as a barrier between a trusted network and and an untrusted network. A firewall controls access to the resources of a network through a positive control model.
2-Monitoring Systems
There are a alot of software and hardware monitoring equipment which can be used to monitor all the activities going on the network ! if anything seems malicious the network admin can take proper actions against.
3- IDS (Intrusion Detection System)
An intrusion detection system (IDS) is a type of security software designed to automatically alert administrators when someone or something is trying to compromise information system through malicious activities or through security policy violations.
4-IPS (intrusion Prevention Systems)
Intrusion prevention is a preemptive approach to network security used to identify potential threats and respond to them swiftly. Like an intrusion detection system (IDS), an intrusion prevention system (IPS) monitors network traffic. However, because an exploit may be carried out very quickly after the attacker gains access, intrusion prevention systems also have the ability to take immediate action, based on a set of rules established by the network administrator. For example, an IPS might drop a packet that it determines to be malicious and block all further traffic from that IP address or port. Legitimate traffic, meanwhile, should be forwarded to the recipient with no apparent disruption or delay of service.
Well There is alot to be done ! i mean this is not enough to protect you network from those hacker peoples who are continuesly updating theirs brains against your defence mechanisms .
There is more we can do !
1-Active Monitoring
Monitoring can be done by using some softwere tools and by have a lazy,fatty security engineer who can continuesly monitor all the network traffic and network activities. That is what we call active monitoring.
2-Security Assessments
This one is my favourite ! Network admin should continuesly perform securty assesments on their netowork to see how much secure they are ! Security assesment is like Hiring some white hat hackers and ask them to break into your computer network and if they were able to break it ask them how they did it and build and proper defence mechanism for that attack and in return pay some bucks to them !
3-Security incident analysis
If something happens like some cyber attack or some melicious activity was moniterred on the network take a Serious look at that... don't take it easy... dig deep... and find out why an attacker was trying to compromise this functionality or service only ! and try your best to add more security mechanism and prevent the future attacks.
Layer 3 (Peoples !)
well its been always fun in hacking peoples !
well, i will tell you how and why !
Let us take an example i am working as an engineer in some company A and i am working as computer operator in that company that means i will be having credentials(username and password) of that computer systems. So if an attacker failed to get access to that computer system by exploiting the security weaknesses in the computer system. He can Rather Target employs with different Social engineering attacks like phishing,Session Hijacking, to directly get the employed credentials which can be used to get remote access to the companies computer system !
well this is a long topic to discuss !
let's just move on !
1- Tarning Peoples.
Training Companies employs about the security stuffs and mostly about the social engineering attacks like:
Never Open the External Links on Companies systems
Never Execute Outer Programs on Companies system
Never Real the Internal Infrastructure if Companies network to the public !
and the list goes onnnnnnn....
2-User Authentication
Use multiple authentication system before giving access to any of the computer system or service on the companies server. Like Using 2FA or smart-cards with PIN for Physical access to computer system.
3-Training DevOps!
This is the main cause of most of the data breach happening to companies nowadays ! I mean The colleges teaches them how to develop things but they never teaches them how to make things secure ! well i mean if company if asking an developer to develop and login mechanism so that only few peoples who will be given username and passwords will be access to sensitive information behind the login ! But Due to the lack of security knowledge developer keep some security bugs in the code and the attacker uses some recon techniques to locate that bug and exploits to get the complete access that sensitive information within seconds.
4-Having a Red and Blue Team !
Well you will thinking what the heck is this red and blue team !
Ream Team means Attackers
Blue team means Defenders
Its just like playing "batt chia" in Kashmir where some kids pretends to be doctors and some pretends to be evil peoples . same is case here There are some peoples who pretends to be attackers and user their knowledge, tools , and techniques to break through the computer network and if they are able to do so they report the issue to the Blue team which takes different countermeasure to protect the computer system and fix the existing vulnerabilities....
this was just a Overview of how computer system can be secured !
if you more interested to read about this topic !
go on and ask google for some more materials to study !
Thank You
-Imran Parray !
Comments
Post a Comment