Network Security Policy .
Added on 2023-05-29
11 Pages3019 Words463 Views
|
|
|
Running head: NETWORK SECURITY
NETWORK SECURITY
(Student’s Name)
(Professor’s Name)
(Course Title)
(Date of Submission)
NETWORK SECURITY
(Student’s Name)
(Professor’s Name)
(Course Title)
(Date of Submission)
NETWORK SECURITY 2
Question six
Footprinting in network security
Footprinting is also referred to as reconnaissance. It is a method of gathering information
or data about computer systems. From a computer security, footprinting is the pre-attack phases
i.e. those actions or tasks which are performed before the actual attack. The common tools used
in footprinting are nslookup, Nmap, traceroute, neotrace, and Sam Spade.
According to network engineers footprinting begins by first determining the objective
and location of an intrusion. After this, information about the organization is then gathered using
non-intrusive methods. Example an organization official website can provide information about
their employees. This information can then be used by an attacker together with social
engineering to reach the objective of the attack. Other information which can be obtained from
footprinting includes organization e-mail addresses, phone numbers, organization procedures and
policies, and the IP address.
The common techniques which are used in footprinting include point of contact queries,
WHOIS queries, World Wide Web spidering, network queries, ping sweeps, SNMP queries,
DNS queries, operating system identification, the point of contact queries, and port scanning.
Footprinting and crawling are used together to get information from the organization website. In
addition, footprinting also helps to draw a network map for the targeted organization. It also
helps to identify vulnerabilities which one can use to build database information of the
organization. Also, footprinting helps in reducing an attack area thus concentrating particular
targets only. Lastly, attackers use footprinting to get an overview of the security posture of an
organization like security configurations and details about the organization firewall
(IRISnetworksystems, n.d).
Question six
Footprinting in network security
Footprinting is also referred to as reconnaissance. It is a method of gathering information
or data about computer systems. From a computer security, footprinting is the pre-attack phases
i.e. those actions or tasks which are performed before the actual attack. The common tools used
in footprinting are nslookup, Nmap, traceroute, neotrace, and Sam Spade.
According to network engineers footprinting begins by first determining the objective
and location of an intrusion. After this, information about the organization is then gathered using
non-intrusive methods. Example an organization official website can provide information about
their employees. This information can then be used by an attacker together with social
engineering to reach the objective of the attack. Other information which can be obtained from
footprinting includes organization e-mail addresses, phone numbers, organization procedures and
policies, and the IP address.
The common techniques which are used in footprinting include point of contact queries,
WHOIS queries, World Wide Web spidering, network queries, ping sweeps, SNMP queries,
DNS queries, operating system identification, the point of contact queries, and port scanning.
Footprinting and crawling are used together to get information from the organization website. In
addition, footprinting also helps to draw a network map for the targeted organization. It also
helps to identify vulnerabilities which one can use to build database information of the
organization. Also, footprinting helps in reducing an attack area thus concentrating particular
targets only. Lastly, attackers use footprinting to get an overview of the security posture of an
organization like security configurations and details about the organization firewall
(IRISnetworksystems, n.d).
NETWORK SECURITY 3
Tools used in footprinting
One of the tools used in footprinting includes Sam Spade. This is a tool which is used to
track down sources of e-mail spams. This tool was authored by Atkins steve in 1997. Some of
the features which make Sam Spade a key footprinting security tool are advanced DNS, Search
IP block which finds the IP block for an organization, Zone transfer which asks the DNS server
information about an organization domain, scan addresses; a feature used to scan a range of IP
addresses to look for open ports, and SMTP relay check; a feature used to check whether an
email server knows about third party (Kahate, 2010).
Nslookup is another footprinting tool. The tool is specifically used to query Domain
Name System so as to obtain the domain name of a certain organization. It is also used for IP
address mapping. WHOIS is another footprinting tool used for querying databases which store
the registered users. The tool delivers database content in human-readable format. With WHOIS
tool an attacker is able to get information about a registered domain like the domain owner
contact and domain availability status of the organization. It also provides expiration and
registration dates of the domain and the nameservers that the domain is using.
Question seven
How to block user computers from accessing the internet
Most of the organizations spend a lot of time protecting their network. From definition
network, security is the art of integrating the multiple layers of defenses in the organization
network. Some of the reasons as to why network security is important are to protect the
organization crucial assets such as computers. Second, is so as to comply with ethical and
regulatory requirements (Kizza, 2005).
Tools used in footprinting
One of the tools used in footprinting includes Sam Spade. This is a tool which is used to
track down sources of e-mail spams. This tool was authored by Atkins steve in 1997. Some of
the features which make Sam Spade a key footprinting security tool are advanced DNS, Search
IP block which finds the IP block for an organization, Zone transfer which asks the DNS server
information about an organization domain, scan addresses; a feature used to scan a range of IP
addresses to look for open ports, and SMTP relay check; a feature used to check whether an
email server knows about third party (Kahate, 2010).
Nslookup is another footprinting tool. The tool is specifically used to query Domain
Name System so as to obtain the domain name of a certain organization. It is also used for IP
address mapping. WHOIS is another footprinting tool used for querying databases which store
the registered users. The tool delivers database content in human-readable format. With WHOIS
tool an attacker is able to get information about a registered domain like the domain owner
contact and domain availability status of the organization. It also provides expiration and
registration dates of the domain and the nameservers that the domain is using.
Question seven
How to block user computers from accessing the internet
Most of the organizations spend a lot of time protecting their network. From definition
network, security is the art of integrating the multiple layers of defenses in the organization
network. Some of the reasons as to why network security is important are to protect the
organization crucial assets such as computers. Second, is so as to comply with ethical and
regulatory requirements (Kizza, 2005).
NETWORK SECURITY 4
There are various ways one can do this; one way is blocking user computers from internet
access. One of the methods which has been widely employed by most of the organizations is
using internet access control tool. With this tool, one can block any website with ease. With the
tool, one can also block a certain IP address from accessing the internet. The tool also contains
an application blocker. One can also use a proxy server to block certain IP addresses from
accessing the internet. Another method is navigating through the user computer control panel and
under network and settings of the computer one can disable internet access capability of the user
computer
Creating web access security policy
To create web access security policy starts by login into the SonicWall management
interface. This followed by navigating in the security policies and then clicking the configure
button. One then clicks add a new policy where add CFS policy window is displayed. This is
followed by scrolling down the CFS Policy per IP address Range section and selecting enable
policy per IP address Range check box. One then enters the IP address range and the last IP
address to. This is then followed by selecting CFS policy to apply the IP address range in the
CFS policy.
Apply rules for windows services
Windows services were initially known as NT services. This enables one to create long-
running executable applications which run on their own sessions. The services can be started
when computer boots. They can also be restarted and paused. To apply rules for windows
services one needs to apply them via service control manager. In here a list of services are listed
for each one of them with their status, description, and name. By double clinking a service it
reveals its properties in detail. One can pause, delay start, and resume each service by right-
There are various ways one can do this; one way is blocking user computers from internet
access. One of the methods which has been widely employed by most of the organizations is
using internet access control tool. With this tool, one can block any website with ease. With the
tool, one can also block a certain IP address from accessing the internet. The tool also contains
an application blocker. One can also use a proxy server to block certain IP addresses from
accessing the internet. Another method is navigating through the user computer control panel and
under network and settings of the computer one can disable internet access capability of the user
computer
Creating web access security policy
To create web access security policy starts by login into the SonicWall management
interface. This followed by navigating in the security policies and then clicking the configure
button. One then clicks add a new policy where add CFS policy window is displayed. This is
followed by scrolling down the CFS Policy per IP address Range section and selecting enable
policy per IP address Range check box. One then enters the IP address range and the last IP
address to. This is then followed by selecting CFS policy to apply the IP address range in the
CFS policy.
Apply rules for windows services
Windows services were initially known as NT services. This enables one to create long-
running executable applications which run on their own sessions. The services can be started
when computer boots. They can also be restarted and paused. To apply rules for windows
services one needs to apply them via service control manager. In here a list of services are listed
for each one of them with their status, description, and name. By double clinking a service it
reveals its properties in detail. One can pause, delay start, and resume each service by right-
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents