The objective of security management is to achieve accuracy, integrity and protection of all information systems processes and resources.
In this way, security management minimizes errors, fraud and losses in the information systems that interconnect current companies, as well as their customers, suppliers and other interested parties.
Types of security defenses
Encryption
It involves the use of special mathematical algorithms, or keys, to transform digital data into encrypted codes before being transmitted and to decrypt them when they are received. The most used method is the so-called public key method, which is exclusively for the receiver that is known by the transmitter.
Firewalls
It can be a communications processor, typically a router, or a dedicated server, along with firewall software. It serves as a “gatekeeper” system that protects a company's intranets and other computer networks from intrusion by providing a secure filter and transfer point for access to the Internet and other networks.
Defenses against denial of service
Denial of service attacks" over the Internet depend on 3 levels of interconnected systems:
Some types of attacks stand out, such as:
the flood of SYN .-
Sends a stream of TCP/SYN packets (several requests with SYN Flags in the header), often with the spoofed source address. Each of the received packets is treated by the destination as a connection request, causing the server to attempt to establish a connection by responding with a TCP/SYN-ACK packet and waiting for the TCP/ACK response packet (Part of the 3-way TCP connection establishment process). However, because the source address is fake or the real IP address has not requested the connection, the response never arrives.
ICMP Flood.-
called the deadly ping It is a DoS technique that aims to exhaust the victim's bandwidth. It consists of continuously sending a high number of ICMP Echo request (ping) packets of considerable size to the victim, so that the victim has to respond with ICMP Echo reply (pong) packets, which represents an overload on both the network and the victim's system.
Security check
Introduction
The objective of security management is to achieve accuracy, integrity and protection of all information systems processes and resources.
In this way, security management minimizes errors, fraud and losses in the information systems that interconnect current companies, as well as their customers, suppliers and other interested parties.
Types of security defenses
Encryption
It involves the use of special mathematical algorithms, or keys, to transform digital data into encrypted codes before being transmitted and to decrypt them when they are received. The most used method is the so-called public key method, which is exclusively for the receiver that is known by the transmitter.
Firewalls
It can be a communications processor, typically a router, or a dedicated server, along with firewall software. It serves as a “gatekeeper” system that protects a company's intranets and other computer networks from intrusion by providing a secure filter and transfer point for access to the Internet and other networks.
Defenses against denial of service
Denial of service attacks" over the Internet depend on 3 levels of interconnected systems:
Some types of attacks stand out, such as:
the flood of SYN .-
Sends a stream of TCP/SYN packets (several requests with SYN Flags in the header), often with the spoofed source address. Each of the received packets is treated by the destination as a connection request, causing the server to attempt to establish a connection by responding with a TCP/SYN-ACK packet and waiting for the TCP/ACK response packet (Part of the 3-way TCP connection establishment process). However, because the source address is fake or the real IP address has not requested the connection, the response never arrives.
The Internet Control Message Protocol or ICMP (Internet Control Message Protocol).-
is the error control and reporting protocol sub of the Internet Protocol (IP). As such, it is used to send error messages, indicating for example that a particular service is not available or that a router or host cannot be located.
SMURF .-
There is a variant of the ICMP Flood called the Smurf Attack that considerably amplifies the effects of an ICMP attack.
There are three parties in a Smurf Attack: The attacker, the intermediary and the victim (we will verify that the intermediary can also be a victim). The attacker directs ICMP packets type "echo request" (ping) to a broadcast IP address, using the victim's address as the source IP address. The connected computers are expected to respond to the request, using Echo reply(pong), to the origin machine (victim). It is said that the effect is amplified, because the number of responses obtained corresponds to the number of computers on the network that can respond. All of these responses are directed at the victim attempting to collapse their network resources. As stated above, intermediaries also suffer from the same problems as the victims themselves.
UDP FLOOD (UDP Flood).-
Basically this attack consists of generating large amounts of UDP packets against the chosen victim. Due to the connectionless nature of the UDP protocol, these types of attacks are often accompanied by IP spoofing. It is usual to direct this attack against machines that run the Echo service (ping), so that large Echo messages are generated.
JAMMING.-
It is a mechanism used to nullify radio signals or waves by broadcasting a stronger signal to confuse the target of that signal. In a fully wired network, the risk associated with a denial of service can be mitigated in several ways. For example, network and host-based intrusion detection can be installed to monitor network patterns and signatures associated with a denial of service attack. However, this can be a little more difficult for wireless networks due to the over-air factor. Special equipment may be employed to detect, broadcast, or exploit hostile signals for wireless transmission.
Defense against viruses
Many companies create defenses against the spread of viruses by centralizing the distribution and updating of antivirus software as the responsibility of their information systems departments. Copying is prohibited.
ICMP Flood.-
called the deadly ping It is a DoS technique that aims to exhaust the victim's bandwidth. It consists of continuously sending a high number of ICMP Echo request (ping) packets of considerable size to the victim, so that the victim has to respond with ICMP Echo reply (pong) packets, which represents an overload on both the network and the victim's system.
The Internet Control Message Protocol or ICMP (Internet Control Message Protocol).-
is the error control and reporting protocol sub of the Internet Protocol (IP). As such, it is used to send error messages, indicating for example that a particular service is not available or that a router or host cannot be located.
SMURF .-
There is a variant of the ICMP Flood called the Smurf Attack that considerably amplifies the effects of an ICMP attack.
There are three parties in a Smurf Attack: The attacker, the intermediary and the victim (we will verify that the intermediary can also be a victim). The attacker directs ICMP packets type "echo request" (ping) to a broadcast IP address, using the victim's address as the source IP address. The connected computers are expected to respond to the request, using Echo reply(pong), to the origin machine (victim). It is said that the effect is amplified, because the number of responses obtained corresponds to the number of computers on the network that can respond. All of these responses are directed at the victim attempting to collapse their network resources. As stated above, intermediaries also suffer from the same problems as the victims themselves.
UDP FLOOD (UDP Flood).-
Basically this attack consists of generating large amounts of UDP packets against the chosen victim. Due to the connectionless nature of the UDP protocol, these types of attacks are often accompanied by IP spoofing. It is usual to direct this attack against machines that run the Echo service (ping), so that large Echo messages are generated.
JAMMING.-
It is a mechanism used to nullify radio signals or waves by broadcasting a stronger signal to confuse the target of that signal. In a fully wired network, the risk associated with a denial of service can be mitigated in several ways. For example, network and host-based intrusion detection can be installed to monitor network patterns and signatures associated with a denial of service attack. However, this can be a little more difficult for wireless networks due to the over-air factor. Special equipment may be employed to detect, broadcast, or exploit hostile signals for wireless transmission.
Defense against viruses
Many companies create defenses against the spread of viruses by centralizing the distribution and updating of antivirus software as the responsibility of their information systems departments. Copying is prohibited.