Network Security

In the age of global networking, securing your network is very much essential. When you are connected to internet, you become a part of that global network. While accessing any website or checking your mails, you re accessing resources of that server. similarly when you are accessing resources of another system on internet, other systems can access your resources.

Accessing Internet or being part of this global network is very risky today in corporate environment. According to my experience 99% of employees even don't know that they are under threat. Lots of data is going outside the corporate network without the knowledge of users and administrators.

Reality is more worst for home users. Most of the users are not concerned about the security for their system or network. They have no idea what comes in or goes out. Their only aim is to access the website or check their mails. Most of the users are using wifi routers. They have no idea what is the security of their wifi. If you go to a residential building or any residential area, their is a great possibility that you will find an open wifi to access. On the other hand lots of users are using WPA1 still and it is very easy to crack, sometimes seconds to crack. Normally users don't change the default passwords. While using wifi routers users should change the Default admin password. As well as i will advise every body to disable dhcp and change the ip series. so that if unfortunately some one cracks your wifi, cant access your network.

Exploiting is very common now a days. Sometimes it is difficult for the firewall to recognize malicious traffic to block, as most of the time malicious traffic also travels through common ports i.e. 80, 443, 25 etc. We can't block these common ports on firewalls. Even maually finding such traffic require a lot of training and experience.

While Securing any network you should keep 3 things in mind -

1. A Secure Network suppose that host is hostile.

2. A Secure Host suppose that Network is hostile.

3. A secure Application suppose that User is hostile.

If you are designing or configuring network with you should follow these concepts. Firewall hardening is important as logs are not always useful because most of the time its only postmortem activity. Its is always beneficial to become proactive. You should configure in such a way that outer traffic should not hit your servers directly. Proxies are the best for this purpose.

In the end i would like to say that hardening of your network is very much important but training and educating the end users are the same important aspect of this process. very few companies are going with these aspects. Most of the companies even don't know that they are under threat and what data is going outside their network.