Fundamentals of Network Security

What is a computer network?

A network consists of two or more computers that are linked in order to share resources, exchange files, or allow electronic communications.

Computer networks are divided into five types, namely:

1. LAN

A local area network (LAN) is a private property network in a building. A LAN is used to connect personal computers and workstations in the office of a company to exchange information.

2. MAN

Metropolitan Area Network (MAN), basically a larger LAN MAN can include company offices that are located adjacent to or also located in an area of the city.

3. WAN

Its scope covers a wide geographical area (covering a country or even a continent).

4. Internet

The internet is a communication network that connects electronic media with other media. Supporting technology standards used are the Transmission Control Protocol or Internet Protocol Suite (abbreviated as TCP or IP)

5. Wireless Network

Relating to communication between computer systems without using cables. This wireless network is often used for computer networks both at close distances (a few meters, using a device or Bluetooth transmitter) and at a distance (via satellite). This field is closely related to the fields of telecommunications, information technology, and computer engineering. Popular types of networks in this wireless network category include Wireless local area networks (WLAN) and Wi-Fi.

What is Network Security ?

Network security is the use of policies and practices to prevent and monitor access, misuse, and denial of unauthorized modifications that occur on computer networks. So Network Security Fundamentals is an entry-level security course that covers the basic concepts of network security

Network security consists of several concepts, namely:

1. Confidentiality

Network security is useful for maintaining the confidentiality of company data.

2. Integrity

Maintain data consistency, accuracy, and trust. The data in it must not be changed by people who do not have rights over it.

3. Availability

Make improvements to hardware if needed, and maintain the operating system environment.

4. Authentication

The sender of the information can be correctly identified, and there is a guarantee that the identity obtained is not fake.

5. Nonrepudiation

That neither sending nor receiving information can deny the sending and receiving of messages.

OSI has 7 layers; each layer has a function and has their own role.

What are they?

Layer 1: Physical layer

The physical layer is the first layer in the OSI network reference model. The responsibility is to transmit data bits. It is done from the sender's physical layer and Addressed to the recipient's physical layer.

Layer 2 : Data Link Layer

The Data Link Layer is the second layer from the bottom in the OSI model and can convert network frames that contain data that detects errors and retransmits failed frames. MAC addresses are also implemented in this layer. Some devices, such as the Network Interface Card (NIC), layer 2 switches, and network bridges, also operate here.

Layer 3 : Network Layer

The network layer has the task of defining IP addresses. This means that each computer can be connected to one network. The network layer also functions to carry out the routing process and make headers for existing data packages.

Layer 4 : Transport Layer

This layer will break the data into data packages and give serial numbers to the data packages so that they can be rearranged when they reach the destination. This layer will determine the protocol that will be used to transmit data, for example, the TCP protocol. This protocol will send data packets while also ensuring that the packet is received successfully (acknowledgment) and retransmitting packages that are lost or damaged in the middle of the road.

Layer 5 : Session Layer

The session layer will define how connections can be made, maintained, or destroyed. At this layer, there are the Name Recognition, NFS, and SMB protocols.

Layer 6 : Presentation Layer

The presentation layer is responsible for the formatting and delivery of information to the application layer for further processing or display. It relieves the application layer of concern regarding syntactical differences in data representation within the end-user systems. An example of a presentation service would be the conversion of an EBCDIC-coded text computer file to an ASCII-coded file.

Layer 7 : Application Layer

Application Layer is an abstraction layer that specifies the shared communications protocols and interface methods used by hosts in a communications network. The application layer abstraction is used in both of the standard models of computer networking: the Internet Protocol Suite (TCP / IP) and the OSI model. Although both models use the same terms for their respective highest level layers, the detailed definitions and purposes are different.

There are many types of attacks on computer networks. The following are some of the attacks most often used by attackers:

1. Spoofing

Spoofing is an attack technique that is carried out by the attacker by falsifying data so that the attacker can look like a trusted host. IP spoofing and ARP spoofing in particular may be used to leverage man-in-the-middle attacks against hosts on a computer network. Spoofing attacks that take advantage of TCP and IP suite protocols may be mitigated with the use of firewalls capable of deep packet inspection or by taking measures to verify the identity of the sender or recipient of a message.

2. DDoS ( Distributed Denial of Service )

A DDoS Attack is a type of attack on a computer or server on the internet network by consuming resources that are owned by the computer. So the computer cannot perform its functions by actually being used to save other users from gaining access to computers that are attacked.

3. Sniffing Attack

A sniffing attack is a data theft technique that involves monitoring and analyzing each packet of data that is transmitted from the client to the server.

4. SQL Injection

SQL Injection is an attack technique that utilizes website security to allow users to enter data without filtering out malicious characters so that attackers can get access to the application database. Inputs are usually entered into certain parts of the website that are related to the site database.

5. Trojan Horse

A Trojan Horse in computer security is an attack that can damage a network or system. With a Trojan horse attack, an attacker can gain access rights to the target and use them to find information from the target

After learning about the types of network attacks, we must also know how to secure a network. Here are some simple things that are useful for protecting the network:

1. Physical Security

Physical security describes security measures that are designed to deny unauthorized access to facilities, equipment, and resources and to protect personnel and property from damage or harm (such as espionage, theft, or terrorist attacks). Physical security involves the use of multiple layers of interdependent systems that can include CCTV surveillance, security guards, protective barriers, locks, access control, perimeter intrusion detection, deterrent systems, fire protection, and other systems designed to protect people and property.

2. Unified Threat Management (UTM)

Unified threat management is an approach to information security where a single hardware or software installation provides multiple security functions. UTM must have a minimum of several converging security features, including a firewall, Intrusion detection, and intrusion prevention.

A Firewall is a computer network security system that functions to protect computers from various types of attacks from outside computers. A firewall works by monitoring and controlling all incoming and outgoing network traffic based on established security rules.

• IDS (intrusion detection system) is a method that can be used to support suggested activities in a system or network.

• IPS (intrusion prevention system) is software that works behind a firewall to identify and block threats to the network by assessing every packet that passes based on the network protocol in the application and tracking threats to network security.

Conclusion of the Course