Home / Topics / Network Security

Network Security

Explore firewalls, IDS, VPN, DoS attacks, and network protection mechanisms.

Introduction

Network Security involves protecting the underlying network infrastructure from unauthorized access, misuse, and attacks. Networks connect computers at distant locations, raising additional security challenges.

Key Challenge: Data in transmission must be protected, and network connectivity exposes each computer to more vulnerabilities than isolated systems.

Network Attacks

Types of Attacks

1. Interruption (Attack on Availability)

  • Denial of Service (DoS)
  • Distributed Denial of Service (DDoS)
  • Destroying hardware
  • Disabling file systems

2. Interception (Attack on Confidentiality)

  • Wiretapping
  • Packet sniffing
  • Illicit copying

3. Modification (Attack on Integrity)

  • Altering messages
  • Changing data files
  • Man-in-the-Middle attacks

4. Fabrication (Attack on Authenticity)

  • Inserting spurious messages
  • Message replay
  • IP spoofing

Passive vs Active Attacks

  • Passive: Eavesdropping, difficult to detect
  • Active: Modification, easier to detect

Firewalls

A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on security rules.

Types of Firewalls

Packet Filtering Firewall

  • Examines individual packets
  • Filters based on IP, port, protocol
  • Fast but limited

Stateful Inspection Firewall

  • Tracks connections
  • Remembers state of connections
  • More intelligent than packet filtering

Application Firewall (Proxy)

  • Operates at application layer
  • Understands specific protocols
  • Provides better inspection

Next-Generation Firewall (NGFW)

  • Combines traditional firewall with IDS/IPS
  • Application awareness
  • Threat intelligence integration

DMZ (Demilitarized Zone)

Isolated network segment for public-facing services:

Internet → Firewall → DMZ (Web Servers) → Internal Network

Intrusion Detection & Prevention

IDS (Intrusion Detection System)

  • Monitors network for suspicious activity
  • Alerts administrators
  • Does not take action

IPS (Intrusion Prevention System)

  • Monitors and prevents threats
  • Takes automatic action
  • Can block traffic

Detection Methods

Signature-Based Detection

  • Known attack patterns
  • Effective against known threats
  • Cannot detect new attacks

Anomaly-Based Detection

  • Detects deviations from normal
  • Can detect unknown attacks
  • May have false positives

Virtual Private Networks (VPN)

A VPN creates a secure, encrypted connection over a public network.

VPN Protocols

IPSec

  • Encrypts IP packets
  • Authentication header
  • Encapsulating Security Payload

SSL/TLS VPN

  • Uses SSL/TLS encryption
  • Browser-based access
  • More user-friendly

WireGuard

  • Modern, lightweight
  • Fast and secure
  • Simple codebase

VPN Types

  • Site-to-Site: Connects networks
  • Remote Access: Individual users