NETWORK SECURITY SIMPLE WAYS TO IMPROVE NETWORK SECURITY

ABSTRACT: Naturally, with the growing benefits of technology, the Internet and network configurations became the growing danger of security breaches, identity theft and cyber crimes. Unfortunately, electronic theft is becoming a greater danger to many businesses across the globe, so how do business owners keep their data safe and secure? One way to keep sensitive information secure is to constantly improve network security and to stay ahead of the game. Every day we hear that computer viruses, hacker, and other security breaches have found new ways to steal identities, financial records and other information we thought previously secure. Because of the increase in such cyber crimes, data protection laws have tightened and the punishments as hardened. With this comes the need for all businesses to take data security veryseriously. It is extremely important to improve network security for your business on a regular basis. Aside from encrypted pages and passwords, there is a multitude of ways to improve network security for your business which include firewalls and other infrastructure protective measures. Education, information and action are key elements to improve any network's security. always changing. However, to stay one step ahead and keep the network secure, business owners and their IT department should learn and understand any and all risks associated with security standards and network systems. Network security can always be improved. After understanding the risks involved in any network, network operators should be educated and informed. It is important for network operators to keep an eye out for operational anomalies. Any anomaly is usually an indication that something is wrong and there may be a security breach. In addition to educating operators, it is important for operators to know and understand the risks associated with your existing security standards. Risk mitigation is essential in improving network security.

In this paper we are going to see about how to improve the network security with the dns servers, routers that is issues and the solutions and some tips from Dr.Heffner world s no 1.NA and etc.,. 1. IMPROVING NETWORK SECURITY WITH BETTER ROUTER: Routers, by definition, have multiple personalities. One Ethernet port is connected to the outside world, four (typically) Ethernet ports offer Internet access to wired devices on a Local Area Network (LAN), and a radio transmitter offers access to Wi-Fi clients. The Wi-Fi interface may even offer multiple SSIDs.

Before a business can adequately protect its network, it is important to understand that there is no such thing as a completely secure system, as technology is

Routers normally keep the various aspects of their personalities separate, but a presentation at the last Black Hat conference(coutersy to you tube), How to Hack Millions of Routers, reported on a crack in this armor. Some understanding of IP addresses is required to understand the problem, so that's where I'll begin.

owner of the router can change it to any internal-use-only address.

Every device on a TCP/IPbased network (and almost all networks use TCP/IP to communicate) gets a unique number, called an IP address. IP addresses are 32 bits and are written as four decimal numbers, each between zero and 255 separated by periods. A common IP address is 192.168.1.1.for eg. The IP address for the esecurityplanet.com website is 63.236.73.116. we can enter an IP address directly into the address bar of a Web browser to visit a website. Most IP addresses are on the public Internet, but some are reserved for internal use only. That is, everyone can use the same internal-use-only addresses on their LAN without any confusion. These special IP addresses are not allowed on the public Internet. The most commonly used internal IP addresses start with either 192.168 or 10. A computer connected to an internal Ethernet port of a router, may see the router as having IP address 192.168.0.1, for example. Millions of routers on millions of LANs can all use this IP address because it is guaranteed never to go out the other side of the router, to the Internet. Routers ship with a default internal IP address and the

In a somewhat Jekyll and Hyde manner, a router uses a different IP address, a "public" one, when communicating on the Internet. The router owner has no control over the public IP address, it is assigned by the Internet Service Provider (ISP) that connects the router to the Internet. All the computers on the LAN appear to the outside world to have the same IP address. You can think of the router as the public spokesperson for all the LANside computers. As suspected the security problem faced by some routers can be prevented by restricting the public as well as private personalities. The public IP address should only be visible to a computer on the Internet and the private IP address should only be visible to computers on the LAN, despite wired or wireless condition. If this barrier is not maintained, illegal users on the Internet can possibly log into the router. And, if that happens, you're in big trouble. Routers are configured using internal websites; that is, websites that live in the router itself, not on the Internet. To modify a router, a computer on the LAN gets to the internal website by IP address. For example, you might type http://192.168.0.1 into the address bar of a Web browser and then log in with a user id and password.

The router is normally addressable only by the internal IP address. This insures that only computers on the LAN can make changes to it. Every website that you access will know the public IP address of your router. And, of course, the same does your ISP. But, a couple of things prevent someone from the outside from logging in to a router.

LAN-based computers should be limited in accessing the router by its internal IP address, something that remote Web sites cannot learn. Since a remote Web site can easily learn your public IP address, the bug can allow a illegal users to log on to your router. Not good, for a whole host of reasons. Making things worse, is that far too many people ("victims" might be the better word here) don't change the default password for their router. I've run into many people is who werent aware that routers also have passwords. The illegal user have ready access to the default passwords for routers (here and here for example) and can detect, to some degree,

Fig:2 A model router

fig 1 : firewall representation

First, there is the firewall in the router, which normally denies unsolicited incoming traffic. In addition, routers have an option for remote administration. Non-techies with far away tech helpers can allow their remote helpers to log in to their router without visiting it directly. Typically, remote administration is disabled. Now, finally, we can understand the security problem that Craig Heffner publicized at the Black Hat conference. In a nutshell, the bug he discovered lets a malicious Web page access the router via the public IP address. which router you have. In his initial testing of 30 routers, Heffner found 17 of them were vulnerable to this problem.

2. Are you vulnerable?

It's easy to test if your router is vulnerable to this attack. You can learn your public IP address at many websites, such as ipchicken.com or checkip.dyndns.com. Just enter this address into your favorite Web browser and see what happens. For example, if the public IP address were 1.2.3.4, then try browsing to http://1.2.3.4 (there is no period at the end of an IP address). If you get prompted for a user id and password, your router is vulnerable to this type of attack. If you get an error that the Web page can't be loaded, you're safe. On the technical side, the attack is a new wrinkle on an old problem called DNS rebinding. It depends on the fact that a single website can have multiple IP addresses. When you first visit a malicious website, your computer is given two IP addresses for the bad site. The first is legit, the second is not, it's your public IP address. Then, through caching tricks and purposefully generated errors, the malicious Web page tricks your computer into accessing what it thinks is the alternate IP address of the malicious site, but is actually the public IP address of your router. Heffner adds that "... remote administration does not need to be enabled for this attack to work. All that is required is that a user inside the target network surf to a Web site that is controlled, or has been compromised, by the attacker." Implicit in this, is that that the attack works regardless of the Web browser or the victim's operating system.

The attack is against the router, that's where the vulnerability lies. The attack also involves JavaScript, which is normally restricted to only interfacing with the Web site from whence it came. But, because of the DNS rebinding trick, the Web browser thinks that your router is part of the malicious website. Thus, JavaScript is allowed to manipulate your router.

Defend your router

The simplest defense is that one should not use the router's default password. Change it to something that can't be guessed, longer the password, so that can be more secure. As always with passwords, don't use a word in the dictionary. For safe keeping, I suggest writing the password on a piece of paper (along with the routers IP address and user id) and taping it to the router, face down. If your router is vulnerable, check if the manufacturer has a newer firmware that fixes the problem. Any new router should be tested for this problem first, while it can still be returned. Although not directly relevant to this problem, I suggest verifying that remote administration is, in fact, turned off on your router. If you use Wi-Fi, check if your router can limit administrative access to wired connections. This should prevent any and all wireless users from ever logging in to the router.

3. IMPROVING NETWORK SECURITY WITH DNS SERVERS: The Domain Name System (DNS) is something we all use and depend on, yet don't really pay much attention to; if you have some time to investigate alternatives, you could really enhance your network's performance and security. Before I tell you how to do this, lets have a brief explanation of what DNS is. Think of what a phone book does; it allows you to look up someones phone number so long as you know the persons name. The DNS does something similar for computers. For example, if you type in google.com it translates that name into a sequence of four numbers, called an IP address, which functions something like a phone number does. In this case, google.coms number is 74.125.95.104. The overall Internet infrastructure has a series of master phone books, or DNS root servers, located at strategic places around the world and maintained by a collection of public, semipublic, and private providers. They talk to each other on a regular basis to make sure that as we add new domains they are in synch. As you may imagine, if someone wants to poison one of the entries, or misdirect Internet traffic to a phony domain, it can be done with the right amount of subterfuge. This is what happened in 2008 when an Internet provider in Pakistan managed to block access to all of YouTube when they were apparently just trying to keep Pakistanis from viewing a single video. A more comprehensive list of the various flavors of DNS attacks can be found here at Google.com.

Make the call

Unlike phone numbers, once youve set up your network, typically you dont give your DNS settings any further thought. If you have a cable or DSL modem, you hook it up and it automatically gets its DNS settings from the cable or phone companys DNS servers, so you may never even know the IP address unless you take the time to check. If you are running a large enterprise network, typically you have your own internal DNS server to provide this service. There are several alternative providers, including OpenDNS and Google's Public DNS, among many others (listed in a blog post here). Why do you bother to opt for an alternative provider? Two good reasons: better browsing performance and better security, which can protect you from known phishing and malware-infected domains. Evaluating which of these alternative DNS providers gives your users better performance is tricky. A lot will depend on how you are connected to your ISP, where they are located, and where your destination is located across the Internet. Before you pick an alternative DNS provider, you can use a Java program to test the speed of your own DNS vs Google and OpenDNS .

Change up
You can change your DNS settings for your individual PC, or for your overall network, typically at your DHCP server or cable modem or router. Any of the alternative providers offer their services free, and some, such as OpenDNS, offer a lot more than just the mapping of IP addresses too.

Here are the instructions for changing the DNS settings. The whole process, from reading the instructions to implementing the change, shouldn't take you more than a couple of minutes.

OpenDNS Google Public DNS

There are a few other nice things about using these alternative providers. First, you can choose to block objectionable domains, which can help you to protect yourself from potential lawsuits over workplace harassment claims. OpenDNS and Google both also spend time blocking the known exploit domains, so you have a better chance of not getting trapped by a hacker. You also get better DNS service, because these providers have servers that will return the domains supposedly faster than the ones for the general Internet. They also catch common types in domains, so if you are like me in mistyping URLs into your browser, Google and OpenDNS can usually direct you to the place you intended.

Dealing with security breaches is a real challenge for many organizations, and the threat of losing sensitive data is significant. It is critical to be ready for them because threats are unquestionably growing and changing. According to vendor firm Panda Security, 34% of all existing viruses were created during 2010. Panda Security also reports that Trojans, such as Zeus, accounted for 56% of all new malware samples detected, and another 11.6% were fake antivirus software, a malware category that first appeared four years ago. The best organizations develop a culture of security. This is especially important now, since most security firms agree that social networking sites will be a major channel for malware and other scams aimed at luring unsuspecting people to infected web sites. Encryption is another area to focus on. Full device-level encryption can hamper performance and battery life, but it means all data are effectively unreadable, even if a device finds its way into the wrong hands. Its also less complex than file- or folder-level encryption with regard to data classifications and user interaction. In short, full encryption has become a must-have for any user with high-level access to ensure compliance with polices and regulations. Depending on your usage, you may need to consider third-party encryption products that can protect the phone as well as its removable SD cards or Wi-Fi equipment in fact, this may be necessary to meet certain data and regulatory requirements. While security technologies like encryption can go a long way toward mitigating risk, good policy planning and enforcement can do even more. 5. CONCLUSION

Alternative lifestyle
These alternative DNS's are just the first step in securing your DNS resources. others are part of a substantial effort underway to create a new series of secure DNS protocol extensions and products to support these extensions. You can check out these products and read more on this site to understand what is involved to deploy them.

4. HOW TO IMPROVE CORPORATE NETWORK SECURITY:

There are six recommended steps which are of great importance keeping security of network in mind. If these steps are properly followed by us, there are greater chances to avoid security threats of computer networks at the first place. a) Larger computer networks should be divided in segments for management of the network and ease in finding culprit systems. Internet access should be filtered by blocking port1433 and port 1434 or one can use different firewall software to implement such type of filters. All unwanted or not required ports should keep blocked for any chance of being misused; only required communication ports should be open to data transfer. Internet access to SQL systems should be allowed from outside. b) Keep closer look on open ports, Port 80 is the most commonly used port for http access c) Network administrator should make sure to keep all the systems including server updated operating system files and latest patches. These critical updates and patches keep the system secure from vulnerabilities. NA make sure to keep clients automatic update option enabled in windows platform, so that when ever updates are released clients machines download and installed them and secure them to the maximum level, same should be done for server operating system but keep closer look in update server OS. Third party security tools are also available and can be installed after testing for meeting better security measures. IT managers can also use powerful authentication methodologies to keep the network secure from security threats. d)- Some times limited Network administrators can help in keeping network secure as lesser the people managing the network lesser are the chances for security

malfunctioning, it is also important that,one should not give any local client computer admin rights, If any application which require admin rights for installation, only NA should install it, providing admin information to any one for assistance, but it can be very risky. e) Older known threats can attack again, it should be in mind of NA to keep computer network secure from latest threats. one should also be secured from previously know attacks. Windows known services Talnet, Clipbook should not be disabled, they have certain task to perform, do not disable any default service until you are sure and you know what you are doing. f) Create, configure and implement security policies, implementing security policies can be useful in keeping network secure. Keep network users educated on these policies and make sure to send out notice to all clients if any updates are made in these policies. These security measures are useful and they come with prices. Deploying, maintaining and implementing all these methodologies can increase security costs. NA should be very careful in following above mentioned points. He should also regularly update network users for latest threats and what should and should not be done for keep things smooth and secure. He should also help networks users to assist in unwanted emails which can be risk to network. As far as concerned INFORMATION TECHNOLOGY means the place where the innovative thinkers live. We have to protect ourselves from botnets. Even though the number one Software manufacturer lender are also compromised by someone, the reason is our carelessness. Its not the mistake of software lender. Hackers wil make use of that chance

Now security is in our handimprove it And enjoy the world with maximum possibilities 6. ACKNOWLEDGEMENTS
1. Dr. HEFFENER

World s no.1 NA San Francisco, America. 2. Dr. SATHYABAMA HOD CSE DEPARTMENT , SONA COLLEGE OF TECHNOLOGY, SALEM 3. Mr. SATHYAMOORTHY M.E LECTURER SONA COLLEGE OF TECHNOLOGY, SALEM. 4. Ms. Madhumitha CSE II YR, SONA COLLEGE OF TECHNOLOGY, SALEM 7. REFERENCES:

Simmonds, A; Sandilands, P; van Ekert, L (2004). "An Ontology for Network Security Attacks". Lecture Notes in Computer Science 3285: 317323. doi:10.1007/978-3-54030176-9_41. A Role-Based Trusted Network Provides Pervasive Security and Compliance - interview with Jayshree Ullal, senior VP of Cisco Dave Dittrich, Network monitoring/Intrusion Detection Systems (IDS), University of Washington. Honeypots, Honeynets Julian Fredin, Social software development program Wi-Tech

Cisco. (2011). What is network security?. Retrieved from http://www.cisco.com/cisco/web/sol utions/small_business/resource_cent er/articles/secure_my_business/what _is_network_security/index.html http://www.pcmag.com/encyclopedia _term/0,2542,t=network+security&i =47911,00.asp Security of the Internet (The Froehlich/Kent Encyclopedia of Telecommunications vol. 15. Marcel Dekker, New York, 1997, pp. 231255.) Introduction to Network Security, Matt Curtin. Security Monitoring with Cisco Security MARS, Gary Halleen/Greg Kellogg, Cisco Press, Jul. 6, 2007. Self-Defending Networks: The Next Generation of Network Security, Duane DeCapite, Cisco Press, Sep. 8, 2006. Security Threat Mitigation and Response: Understanding CS-MARS, Dale Tesch/Greg Abelar, Cisco Press, Sep. 26, 2006. Securing Your Business with Cisco ASA and PIX Firewalls, Greg Abelar, Cisco Press, May 27, 2005. Deploying Zone-Based Firewalls, Ivan Pepelnjak, Cisco Press, Oct. 5, 2006. Network Security: PRIVATE Communication in a PUBLIC World, Charlie Kaufman | Radia Perlman | Mike Speciner, Prentice-Hall, 2002. ISBN . Network Infrastructure Security, Angus Wong and Alan Yeung, Springer, 2009.