E-Tutorial 1 ( Security Policy )

Security policy is a definition of what it means to be secure for a organization or system. For an organization, it monitors the behavior of its members and imposes mechanisms such as doors, locks, keys and walls. For systems, the security policy monitors the functions and flow among them and constraints the access of external systems and others including programs and access to data by people.

The many types of security policies are such as:

Computer security policy

Network security policy

Information protection policy

Computer security policy

A computer security policy defines the goals and elements of an organization's computer systems. The definition can be highly formal or informal. Security policies are enforced by organizational policies or security mechanisms. A technical implementation defines whether a computer system is secure or insecure. These formal policy models can be categorized into the core security principles of: Confidentiality, Integrity and Availability.

Network security policy

A network security policy is a generic document that outlines rules for network access, determines how policies are enforced and lays out some of the basic architecture of the company secure environment. It's a very detailed document, meant to control data access, internet surfing habits, use of passwords and email attachments and much more others. It specifies these rules for individuals or groups throughout the company.

Information protection policy

Information protection policy is a document which provides guidelines to users on the processing, storage and transmission of sensitive information. The main goal is to ensure information is appropriately protected from modification or disclosure. It may be appropriate to have new employees sign policy as part of their agreement which would define the levels of sensitivity on information.

Reference :http://en.wikipedia.org/wiki/Security_policy

E-Tutorial 1 ( Common Network Attacks )

There are many types of network attacks such as:

-Hijacking

-Spoofing

-DoS

1) Hijacking (Man in the middle attack)

 Man-in-middle attacks is a stranger assuming your identity in order to read your conversation with your friend. The person on the other end or your friend will most likely continue to think that they are still talking to you, because the stranger that assumed your indenity is continuing to reply to the conversations acting like you and thus will try to keep the conversation going for as long as possible to gain more information.

Solution:

The integrity of public keys must generally be assured in some manner, but need not be secret, passwords and shared secret keys have the additional secrecy requirement. Public keys can be verified by a certificate authority, whose public key is distributed through a secure channel

2) Spoofing

Any internet connected device that sends data through the internet will carry the sender's IP address as well as other important data. If the attacker obtains control over the software running on a network device, they can then easily modify the device's protocols to place an IP address into the data packet's source address field. which makes any packets source IP look like what the attacker wants it to be.

Solution:

The countermeasure for spoofing is ingress filtering which routers usually perform. Routers that perform filtering checks the IP address of incoming packets and determine whether the source addresses that are known to be reachable via that interface. If it can't be reached, the packet is discarded.

3) DoS

A denial of service attack is a special kind of Internet attack targeted at large websites. It is a type of attack on a network that is meant to bring the network down by flooding it with useless traffic.

Solution:

Only ingress filtering only can control DoS attack that are on a smaller scale.

Reference: http://ayurveda.hubpages.com/hub/Types-of-Network-Attacks