C H A P T E R51
• Understand the types of attacks that may be used by hackers to undermine network security.
• Understand the types of vulnerabilities that may be present in your network.
• Learn to classify the different types of networks and users that may interact with your own, and
evaluate their risk factors.
• Learn to evaluate your network topology and requirements, and develop a suitable security policy
• Become familiar with the tools available for protecting confidential information and your network.
With the rapid growth of interest in the Internet, network security has become a major concern to
companies throughout the world. The fact that the information and tools needed to penetrate the security
of corporate networks are widely available has increased that concern.
Because of this increased focus on network security, network administrators often spend more effort
protecting their networks than on actual network setup and administration. Tools that probe for system
vulnerabilities, such as the Security Administrator Tool for Analyzing Networks (SATAN), and some of
the newly available scanning and intrusion detection packages and appliances, assist in these efforts, but
these tools only point out areas of weakness and may not provide a means to protect networks from all
possible attacks. Thus, as a network administrator, you must constantly try to keep abreast of the large
number of security issues confronting you in today’s world. This chapter describes many of the security
issues that arise when connecting a private network to the Internet.
Security Issues When Connecting to the Internet
When you connect your private network to the Internet, you are physically connecting your network to
more than 50,000 unknown networks and all their users. Although such connections open the door to
many useful applications and provide great opportunities for information sharing, most private networks
contain some information