Network Security and Firewalls

Network Security and Firewalls In our age of decaying morals, we find the need for security in every aspect of life. There are far to many people that are willing and able to take anything they can that doesn't belong to them. We have security everywhere we look. There are armed guards in our stores and even schools. Police officers patrol the streets trying to keep people safe. We have people to provide security in a world where things are physical, but what to we do in a computer world, where what we want to keep safe is information? This is where computer security comes into play. We need to define computer security and discuss how computer systems are kept safe. Security is defined as the combination of all mechanisms which allow only authorized people to use the resources they are supposed to. These can be locks, people or physical barriers that stand in the way of a desired location or object. Computer security uses much of the same utilities. Passwords take the place of keys, security analysts take the place of guards, and firewalls take the place of physical barriers. Passwords and firewalls are the two most common ways to secure a computer system. Passwords are the most common forms of computer and network security. They are the most common because of three main reasons. First of all, passwords are cheap to implement. Virtually all computers have a password system built into it already. Every home computer can have a password to lock out certain programs from users other than yourself. Even networked computers and systems can have an elaborate password system at a minimal cost to the company. Passwords are also fast. When a computer prompts you for a user identification and password, you simply type it in and away you go. There is usually very little else that needs to be done. The third benefit to passwords are that they are easy to remember. A user usually chooses a password that is close to them, therefore, it cuts down on the amount of people having problems with getting into the programs they need. The latter benefit to passwords is also its greatest weakness. People's inherent nature is to pick a password that is close to them. They usually will choose a password that they can easily remember and that ends up being something that is easy to guess. One professional took a sample of 13,797 accounts and was able to successfully crack 3340 passwords. The bulk of the passwords cracked were either lists, common names, account names, patterns and machine names (Net Security, 3). These were easily guessed passwords, but they can be changed. There are many passwords that should not be used. These include passwords based on the account name, one's that match a dictionary word exactly, strings of numbers (including social security numbers, phone numbers or addresses), or patterns on the keyboard such as "aaaaa", "asdfg", and "qwert". The passwords chosen should also be longer than 5-6 characters. The best passwords are those consisting of nonsense words, using capital and lower case letters, and a number or two thrown in for good measure. A computer user with a good password can do wonders for computer security. If it is necessary for extreme security on a computer system, time-encrypted passwords can be used. These are memorized passwords that can only be used at a synchronized time on the computer. The difficulty lies in having the computers timed perfectly to each other so that the receiving computer knows it should accept the incoming password at this time. A second type of high security password system is a challenge-response system. This system makes the users memorize a set of rules to convert a challenge issued by the computer into the correct response (Net Security, 2). The drawback to this system is that if you have a large number of computer users, it is difficult to have everyone memorize the rules, make sure the rules are easy enough to remember, and keep the rules secret. No matter what kind of password system you use, there will always be drawbacks to it. Another way to offer security is to build walls around what you want secured. In the computer industry, these are called firewalls. A firewall is a sort of perimeter security. In order to gain access to the network, you must identify yourself to the firewall and it allows you through. There are three main types of firewalls. These are packet filters, circuit-level gateways and application gateways. Packet filters use simple checks to see that the information intended for a specific machine and user only goes to that machine. It does this by checking the computers IP address, which is a unique number assigned to a networked computer (SOS, 2). There are problems with this just as there are problems with passwords. A knowledgeable user can set a computer to "promiscuous" mode, allowing it to read all packets sent through the network. A circuit-level gateway is very much like a packet