• Home
  • InfoBase
  • Dictionaries
  • Member
  • News
    • 中文网站
     Advanced Search
    Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
    HomeHow to

    How to Address Network Vulnerabilities ?

    Network vulnerabilities are present in every system. Network technology advances so rapidly that it can be very difficult to eradicate vulnerabilities altogether; the best one can hope for, in many cases, is simply to minimize them. Networks are vulnerable to slowdowns due to both internal and external factors. Internally, networks can be affected by overextension and bottlenecks, external threats, DoS/DDoS attacks, and network data interception. The execution of arbitrary commands can lead to system malfunction, slowed performance, and even failure. Indeed, total system failure is the largest threat caused by a compromised systemunderstanding possible vulnerabilities is critical for administrators.

    Internal network vulnerabilities result from overextension of bandwidth (user needs exceeding total resources) and bottlenecks (user needs exceeding resources in specific network sectors). These problems can be addressed by network management systems and utilities such as traceroute, which allow administrators to pinpoint the location of network slowdowns. Traffic can then be rerouted within the network architecture to increase speed and functionality.

    External Network Vulnerabilities

    DoS and DDoS are external attacks as the result of one attack or a number of coordinated attacks, respectively. Designed to slow down or disable networks altogether, these attacks are among the most serious threats that networks face. Administrators must use tools to monitor network performance in order to catch these threats as soon as possible. Many monitoring systems are configured to send alarms or alerts to administrators when such attacks occur, allowing for network access by intruders to be quickly terminated.

    Data interception is another of the most common network vulnerabilities, for both LANs and WLANs. Hackers within range of a WLAN workstation can infiltrate a secure session, and monitor or change the network data for the purpose of accessing sensitive information or altering the operation of the network. User authentication systems are used to keep such interception from occurring. Firewalls can keep unauthorized users from accessing the network in the first place, while base station discovery scans allow for the rooting out of intruders on a given network.

    There are many solutions available to address various types of network vulnerabilities . However, there is no perfect solution for all problems yet. People often use a combination of different tools to guard their network under different possible attacks. These tools are:

    • Firewall: Deployed at the boundary to the Internet to protect the network from external un-authorized access
    • Intrusion Detection System (IDS): Scan network to find possible intrusions and stop them timely
    • nti-virus and anti-spyware systems: Detect and remove viruses and spywares.
    • Forensic Analysis Tools: Tools to record and analyze data to find out abnormal user behavior and traffic activities

    How to Address Network Vulnerabilities?

    How to Address Network Vulnerabilities?

     

    ‹ How Does VOIP using H.323 Protocol Work?upHow to apply the US schools in the fields of IT, Computing, networking and telecom? ›