Golden Rules for Designing a Secure Network

Security measures keep people honest in the same way that locks do. Cyber-thieves by nature go after the least-defended part of a network. Consider this analogy. In a neighborhood where 25 percent of the homes have home security systems, thieves target the least-defended homes (those without security systems) first. This analogy fits well with networking. When a hacker is doing reconnaissance (for example, port scanning, nmap, and so on) against potential targets, a percentage of these hackers are going to go after the easy-to-target networks. Another small percentage has an "issue" with a potential target and goes after that target regardless of the perceived issue.

468 Chapter 8: Managing and Securing OSPF Networks

Because hackers often have issues that drive their attacks, people need to understand that these issues are usually a result of strong beliefs and feelings, for example, differing political beliefs, differing religious ideologies, differing social beliefs, the desire for attention, the desire for achievement, and financial gain. To back this up, consider the following reports, all within a week of each other in June 2002:


UK security firm mi2g says there's mounting evidence that individual hacker groups with a pro-Islamic agenda are working together to disrupt Web sites in India, Israel and other target countries. (BBC News 19 Jun 2002)


Included in the legislation is that a copyright holder would be allowed to take certain actions to protect online music. Specifically they are: interdiction, in which the copyright holder swamps a P2P file server with false requests so that downloads can't get through; redirection, in which would-be file swappers are pointed to a site that doesn't contain the files they're seeking; and spoofing, in which a corrupt or otherwise undesirable file masquerades as the song or movie file being sought by a file swapper. File-swapping companies criticized the bill, saying it opens the door for copyright holders to conduct "cyber warfare" against consumers. (CNet 25 Jun 2002)


A Russian-born man at Pasadena City College has been arrested as he tried to install keystroke-recording software to capture student credit card information, and Arizona State University officials found that a program had been surreptitiously installed to steal student credit card numbers, passwords, and e-mail. Linking these and other activities to Russian organized crime, the Secret Service and the Education Department have joined in issuing a general alert to American college computer centers. (AP/USA Today 26 Jun 2002)

These examples demonstrate that literally everyday, there are reports of people and groups conducting attacks, and the reasons for the attacks run the entire range of human emotions. Also consider that many other attacks occur that are never documented. This section provides specific ideals to consider to improve the security of your network, whether you already have network security in place or you are designing a new network.

Was this article helpful?

0 0

Post a comment