Some of the methods with which network administrators can defend their systems against the main existing security attacks are reviewed in this work. Some advice on how to achieve this is given in this document. It is mainly focused on security attacks, called: Social Engineering, that is, those that are achieved with errors and / or overconfidence of the human factor. Part of this research was carried out with some surveys directed at some randomly chosen network administrators, from a database of companies and educational institutions in Mexico.
Among the results obtained, it stands out that a good percentage of our network administrators do not have their systems correctly and efficiently backed up. Thus giving input so that users with a minimum of experience, or a hacker apprentice can violate their system. In addition to this, it was found that a large percentage of network administrators and users, who have access to accounts with access to the network of networks, have weak accounts. This is that their passwords are less than 8 characters long, and that they do not contemplate any change policy; and that their security is minimal, since most use passwords related to themselves, this being a determining factor for the violation of a system. Another vulnerable factor in a good percentage of higher education institutions,is that in many cases they do not have enough staff, they resort to the support of their students. And how therefore there is a high rate of rotation of these over time, without the change of security password, with each existing change of support staff.
In this century of great technological advances, where the use of computers has been widespread. Computer networks have had a sustained growth in recent years, where an increasing number of companies and educational institutions depend on a large number of their processes and operations.
This growing expansion of communication networks has necessitated the adoption and development of security tools that protect both the transmitted data and access to network elements from possible attacks.
But in companies and educational institutions this growth often goes beyond the assimilation of technology by its users and administrators; since many of the security problems that arise in an organization are strongly linked, to the human factor: the famous social engineering. Which if we go back to the years, in which the Second World War developed, where the Germans and Italians had the same degree of reliability when obtaining military secrets, but one with sophisticated mathematical methods, while the other with blackmail, robbery. and the charm of his women.
Today there is a trend in the increase in the use of Linux systems, although the percentage of use of UNIX systems has not decreased, contrary to a downward trend in Novel, and the stability in the use of Windows is one of the aspects taken from surveys carried out by network administrators, chosen at random from technological institutes and some private companies.
2.- Security
Security standards began development in the late 1970s, when the need arose to protect certain communications. Various regulatory bodies have emerged, such as ISO (International Standards Organization), ITU (International Telecommunication Union) and SC27 (Subcommittee 27).
We can mention in a general way that maintaining a secure (or reliable) system basically consists of guaranteeing three aspects: confidentiality, integrity and availability.
a) Confidentiality.
It tells us that the objects of a system must be accessed only by authorized elements and that those authorized elements will not make that information available to other entities.
b) Integrity
It means that the elements can only be modified by authorized elements, and in a controlled way
c) Availability
Indicates that system objects must remain accessible to authorized elements; it is the opposite of denial of service.
Among the things that we must keep in mind when making a security design to establish the security policies of our organization, is that we want to protect either the Software, the hardware and / or the data.
Among the points that we must take into account as a good network administrator, are the types of threats against which we need to protect our information:
a) Interruption of service.- That under no circumstances should a service be stopped
b) Interception of data.- Data in a system may only be accessed by authorized users.
c) Modification of our data.- The data will only be modified by valid users.
d) Manufacture of new data or identity theft. - That there are no unauthorized ways to access the data, or that unauthorized users are not created.
When one of the above attacks is received, they could be done in either of the following two ways:
a) Assets.- Attacks made directly to data and / or equipment.
b) Liabilities.- Attacks carried out indirectly on data and / or equipment.
Achieving a good security policy is achieved by maintaining reliable security mechanisms such as:
a) Prevention.- Checking in advance for possible security problems
b) Detection.- Performing an online check of security attacks.
c) Recovery.- After a problem, recover the faults that have occurred.
For the latter, we can mention that system backups are often the only recovery mechanism that administrators have to restore a machine that for any reason (it is not always a pirate that erases disks), has lost the data. Associated with backups, there are usually some typical security problems, eg non-verification of the content. Another classic problem with backups is tagging policy etc.
To prevent invalid user input, authentication methods have been established and are usually divided into three main categories, depending on what they use for identity verification:
a) something that the user knows
b) something that the user has
c) a physical characteristic of the user or an involuntary act of the same
This last category is known as biometric authentication.
But there may be the best methods, the most sophisticated equipment, but if the users and / or administrators do not carry order, and are careless with the established security policies. It will have an insecure system. In surveys carried out on a randomly chosen group of network administrators from the main companies and institutions of higher education in Mexico.
We can establish that one of the most dangerous attacks and that give rise to the greatest risks are those called social engineering, that is, those caused by the human factor. Either due to carelessness of the administrator, because the user is malicious, or due to carelessness of the user obtaining, losing or changing information. On the other hand caused by the human factor is the resistance to change by members of our organization, as the neglect caused by it.
100% of those surveyed give their users access to the Internet to some extent, making this a security problem, since most of their users use insecure Internet services, such as ftp, telnet, and www. Few use the encrypted equivalents, such as ssh, scp, FIGURE 1. Services provided
Services Provided - Network Administration and Computer Security
In the vast majority of educational companies and institutions, there are no well-defined policies of authority and channels of command in many of these organizations, in large percentage the only one who knows the keys to administration is the manager. This, as long as there is not a lot of staff turnover, is adequate. But what would happen if the network manager changes company?
Then we can visualize that the above is one of the main problems that can be faced, the administrators of the company. And so you must have good control of the staff, training them and that they want the company, as well as "love a shirt."
One of the most serious problems that a network administrator faces is the carelessness of its users when assigning their passwords. Since many times the password you assign is very simple. As well as the carelessness of the same ones by not giving the seriousness that he deserves to the use of the passwords, since he thinks "..I don't have anything important…", but what he doesn't know is that he can use his account or gateway equipment, to attack other computers that have valuable information, even if it is not on the same network. Here the drawback is that the prestige of the institution to which it belongs or where the attack was directed, is the one that is in question.
FIGURE 2. Use of personal passwords
Use of Personal Passwords - Network administration and computer security
By not giving it due importance, and thinking that there is nothing that a curious person wants, many systems are left, completely without restrictions for a curious or initiative user. This does not give the value due to the prestige of the organization, and there are comments such as: "… they always have viruses…", "… even my high school brother has entered that system…", etc.
Since information may not be lost at that point, but prestige DOES. At this point, a computer vandal can impersonate someone's identity, and send, for example, an email to a user thinking that it is sent by a third party.
In places that do have the use of passwords in a personal way, one of the problems they present most frequently is the bad habit of not changing their passwords frequently, which allows them not to have violations of their privacy due to weak passwords. They can be easily obtained by a malicious user or by a hacker. Here we could find that more than 80% of users and administrators do not have an adequate policy to change their passwords and even 50% never make such a change.
FIGURE 3.- Frequency of password change.
Change of Passwords - Network administration and computer security
CONCLUSIONS
When we want to protect the information of our organization, and therefore have our systems reliable and secure. In most cases, we do not require knowing all the gaps or security flaws in an operating system, and other programs that are required in an organization. More than anything is needed to build reliable and cheap authentication systems and / or to design new secure cryptosystems.
But it is preferable to use the existing ones as DES, RSA or Kerberos than not having any as protection in the distribution and authentication of keys.
Other points that we can conclude is that there is widespread use of more than two operating systems in the various networks in our country, living side by side.
This being a weak point in the security of the systems, since it is usually a point of "bankruptcy" of security, if you do not have the knowledge of the operation of both at the security level.
That added that in many educational institutions, due to lack of human resources, they have their students in charge of many of the computer processes within it, mainly telecommunications.
Currently, almost any system on the Internet is vulnerable, and security concerns are of major concern in the communications computer industries. Concerns about security concerns have even begun to dampen overheated hopes about the Internet's ability to support business activities.
BIBLIOGRAPHY
ANONYMOUS., Maximum linux Security, Sams, 2000
FUSTER A., MARTINEZ D., et al, Cryptographic Data Protection Techniques, Computec-Rama, 1998.
HERZBERG, F GOUBERT, J., "Public protection of software", Lecture notes in Computer science, 1985,
KINNUCAN, P, "Data encription gurus: Tuchman and meyer", Cryptologia, 1978
KNUTH, D., The art of computer programming,, Addison-Wesley, 1990
MEDIAVILLA, M., Unix Security, Computec-Rama, 1998.
OPLIGER, R., Authentication Systems for network security, Computec-Rama, 1998.
Download the original file
