The field of network security is about how the bad guys can attack computer networks and about how we, soon-to-be experts in computer networking, can defend networks against those attacks, or better yet, design new architectures that are immune to such attacks in the first place. Given the frequency and variety of existing attacks as well as the threat of new and more destructive future attacks, network security has become a central topic in the field of computer networking in recent years. One of the features of this fourth edition of this textbook is that it brings network security issues to the forefront.
We'll begin our foray into network security in this section, where we'll briefly describe some of the more prevalent and damaging attacks in today's Internet. Then, As we cover the various computer networking technologies.We'll consider the various, security-related issues associated with those technologies and protocols armed with our newly acquired expertise in computer networking and Internet protocols, we'll study in-depth how computer networks can be defended against attacks, or designed and operated to make such attacks impossible in the first place. Since we don't yet have expertise in computer networking and Internet protocols, we'll begin here by surveying some of today's more prevalent security-related problems. So we begin here by simply asking, what can go wrong? How are computer networks vulnerable? What are some of the more prevalent types of attacks today? The bad guys can put malware into your host via the Internet. We attach devices to the Internet because we want to receive/send data from/to the Internet. This includes all kinds of good stuff, including Web pages, e-mail messages, MP3s, telephone calls, live video, search engine results, and so on. But, unfortunately, along with all that good stuff comes malicious stuff-collectively known as malware-that can also enter and infect our devices.
Once malware infects our device it can do all kinds of devious things, including deleting our files; installing spy ware that collects our private information, such as social security num-hers, passwords, and keystrokes, and then sends this (over the Internet, of course!) back to the bad guys. Our compromised host may also be enrolled in a network of thousands of similarly compromised devices, collectively known as a botnet, which the bad guys control and leverage for spam e-mail distribution or distributed denial-of-service attacks(soon to be discussed) against targeted hosts. Much of the malware out there today is self-replicating: once it infects one host, from that host it seeks entry into other hosts over the Internet, and from the newly infected hosts, it seeks entry into yet more hosts. In this manner, self-replicating malware can spread exponentially fast. For example, the number of devices infected by the 2003 Saphire/Slammer worm doubled every 8.5 seconds in the first few minutes after its outbreak, infecting more than 90 percent of vulnerable hosts within 10 minutes [Moore 2003). Malware can spread in the form of a virus, a worm, or a Trojan horse [Skoudis 2004]. Viruses are malware that require some form of user interaction to infect the user's device. The classic example is an e-mail attachment containing malicious executable cods. If a user receives and opens such an attachment, the user inadvertently runs the malware on the device.
Labels:
