Network Security Fundamentals

Network security has become more  important to  personal  computer  users,  organizations,  and  the  military. With the advent of the internet, security  became a major concern and the history of security  allows a better understanding of the emergence of  security  technology.  The  internet structure  itself  allowed  for  many security  threats  to  occur.  The  architecture  of  the  internet,  when  modified  can  reduce the possible attacks that can be sent across  the network. Knowing the attack methods, allows  for  the  appropriate  security  to  emerge.  Many  businesses secure t

IBM Security Network IPS

Every organization today needs to manage the risk of exposing business-critical data, improve business continuity, and minimize the cost of managing IT security. Most all IT assets of an organization share a common network infrastructure. Therefore, the first line of defense is to establish proper network security. This security is a prerequisite for a logical set of technical countermeasures to protect from many different attack vectors that use the network to infiltrate the backbone of an organization.

IBM Security Network Intrusion Prevention System

In this IBM® Redguide™ publication, we look closely at network-related security risks such as targeted attacks, worms, bots, intrusion attempts, phishing scams, and so on. These threats target vulnerabilities in IT systems, workstations, and applications and can have a crippling financial effect on all organizations, disrupting business processes, and causing loss of confidential and proprietary information.

Off-Path TCP Sequence Number Inference Attack

TCP was, like most things, initially designed without security considerations. Historically, one of the most serious concerns that reared its head up due to this lack of oversight was the scenario in which an attacker forges a source address and injects packets against a deterministically known TCP initial sequence number. To circumvent these attacks, a patch was provided to randomize the TCP ISN, thus preventing packet injection.

Modern Threat Landscape

Threat evolution from malware shows a continuing strong trend from disruptive to criminal, featuring commercial quality cybercrime toolkits for the attacker. Modern advanced malware has an infection lifecycle. It’s no longer the case that an exploit of a system leads to just one infection. The attacker’s goal is long term control over the system – owning the system. Once a system is exploited, a multi-stage infection cycle begins in which dozens of malware infections are installed. Multiple infections help to ensure enduring control by the cyber criminal.

Software Defined Networking

Software-defined networking (SDN) is an approach to computer networking that allows network administrators to manage network services through abstraction of lower level functionality. This is done by decoupling the system that makes decisions about where traffic is sent (the control plane) from the underlying systems that forwards traffic to the selected destination (the data plane). The inventors and vendors of these systems claim that this simplifies networking.