Unit 3 Assignment 1 Network Security Assessment

Network Security Assessment

Prepared for:

University of Maryland University College

Prepared by:

Christopher Harris

Executive Summary

Security of the companies data is one of the most important components which allows the business to perform its day to day operation using various networking devices, services that absolutely needs to be protected from intruders. Some of these devices include online transactions, the exchange of data between users and clients both internal and external and external web data needs to be secured. There are several polices that would need to be configured such as a web sever and firewall configurations. However, with these configurations the first and most important task is to identify any vulnerabilities or loopholes in security within the company. The company has both LAN (Local Area Network) and WAN (Wireless Local Area Network) and a web sever. These resources need to be secured at all times from hackers or anyone else by implementing the appropriate security measures.

I. Vulnerability Assessments

Security measures need to be implanted in order to secure the various resources. One of these vulnerabilities is the web server itself. If certain FTP ports are left

open hackers may gain access to them. Hackers could use different attacks such as DoS attacks. This vulnerability is crucial and must be monitored since most likely employee information will be stored on it. If accessed it could lead to a huge amount of data loss. Another vulnerable area is the wireless network. This is because attackers from the outside can access it, whether they are in the parking lot or inside the building. The network has a password and an SSID. These passwords can be decrypted using a password cracking software that is easily available. One such way is a Brute Force attack. Getting access to the internal network can result in a heavy amount of damage being done. The firewall is yet another vulnerability, if someone were to attack the firewall and sniff or deposit malicious packets into the network; packets could be redirected to a different location than they were originally intended to. The last vulnerability is information on the web and mail servers or even the company website. An attacker could use Social Engineering, Trojans or Session hacking. Social engineering is where an attacker gathers information about a user from a social site such as Facebook or MySpace and sends mail to that user, usually asking them to click on a link. The users session then has just transferred all of that information to the attacker. The firewall must be protected at all costs, if it is not the company will not survive. Another area of weakness that could cause damage if not fixed as all of the resources that lies on the website or web server and even the Mail server. In order for the business to effectively run, there should some switches and modems that can be used for a wireless infrastructure. To implement this, a switch is required along with LAN cables in case there are any requirements for connecting the system in a LAN. There should also be a NAC (Network Access Protocol) that allows the switch, modem and firewall to work together to provide security features.

II. Network/System Security Recommendations
One of the most important things to do is to make sure that the Windows server is configured to provide maximum security to the business.

There are several ways that this can be completed. It is vital that all communication both internal and external be encrypted using strong encryption algorithms. The protocols that are used to send user credential or store session information cannot be used within any window services. This could lead to session hijacking and attackers could access any information stored. Periodic maintenance of the servers should be performed for any software updates or patches as soon as possible. Otherwise you run the risk of a successful attack. There are security protocols installed to protect website data such as SSL and

TLS.
The wireless network also needs to be made secure from intruders. One way is to implement OTP or Single Sign on techniques. OTP can be used so that the company can send the one time password to a customer to use and after that job or transaction is complete they can no longer sign on. Again the passwords should be complex so that they are difficult to crack. They should include special characters and numeric values. There are two commonly used wireless protocols; WPA and WEP, one of these protocols should be used so that sensitive data can be transferred over the wireless network
All incoming and outgoing traffic must flow through the firewall. It is essential that the firewall be hardened and configured well. One was to configure it well is to encrypt the HTTP services. There are also certain protocols that can be disabled or limited such as SNMP, SSH, FTP, net flow and RADIUS. When a request is made to access a resource, make sure to confirm by using their identity and a password. If a user is not doing anything for an extended amount of time a session timeout feature should be implemented.

III. Application/End-User Security Recommendations
There are applications that are located within the organization that its employees use. Every employee should have training on these applications so that they know how to secure the systems from unauthorized access. There are also configurations that can be done in the users systems such as updating the software and firewalls making sure that all patches are up to date. There should also be complex passwords enforced to make sure that simple, easy to access passwords cannot be used. Any default setting or unused ports should also be disabled. To add additional levels of security to the wireless network, the strongest authentication and encryption techniques should be used with a strong configuration to the firewall and DMZ servers. The company should also include anti-virus software and a backup that performs routine checks of the system to determine if any viruses have made it into the network. A SLA (Service Level Agreement) between the company and the ISP covering all of the services they use.

Bibliography