This section explains the rationale behind a high-level Internet-based network security assessment and penetration testing. Complete control over your network and data requires taking a proactive approach to security, an approach that begins with an assessment to identify and classify risks. Network security assessment is an integral part of any security lifecycle.
business advantage
From a business perspective, information assurance is what makes the business possible. As a security consultant, I have helped many retail customers secure the 802.11 wireless networks used in their stores. By designing and implementing a secure network, these retailers can, for example, implement queuing technology to reduce costs and increase efficiency.
The shortcomings of network security and users' compliance with security policies often allow Internet-based attackers to find and compromise networks. Here are some of the latest examples of companies falling victim to these determined attackers:
RSA Security (http://www.2600.com/hacked_pages/2000/02/www.rsa.com/)
OpenBSD (http://lists.jammed.com/incidents/2002/08/0000.html)
NASDAQ (http://www.wired.com/news/politics/0,1283,21762.00.html)
Playboy Enterprises (http://www.vnunet.com/news/1127004)
Cryptologic (http://lists.jammed.com/isn/2001/09/0042.html)
These concessions occurred similarly, and in some cases resulted in substantial losses. Cryptologic is an online casino gaming provider that lost $1.9 million within hours to a determined attacker. In most major incidents, attackers use more than one technique, including:
Misconfigured or compromised peripheral systems associated with the target network
Direct damage to critical network components using custom zero-day exploit scripts and tools
Using redirect attacks to compromise network traffic (including ARP spoofing, ICMP redirects, and VLAN hacking)
It decrypts user account passwords and uses these credentials to compromise other systems.
Protecting your network and data from targeted attacks requires trust and understanding of your network's technical security, as well as adherence to security policies and incident response procedures. This book covers evaluating technical security and improving the integrity and resilience of IP networks. Heeding the advice presented here and acting preemptively will ensure adequate network security.
IP: Fundamentals of the Internet
IPv4 (Internet Protocol Version 4) is a family of network protocols currently used by all public Internet sites to communicate with each other and transfer data. From the perspective of network security assessment methodology, this book comprehensively explains the steps to be taken during the security assessment of IPv4 networks.