LAN SECURITYBY
SYED UBAID ALI JAFRI
Information Security ExpertCEOUJ Consultant & Solution Providerhttp://www.ujconsultant.com
CONSIDERATIONS
•INTRODUCTION TO LAN•WHAT TO KNOW ABOUT LAN•WHY SECURITY?•THREATS•COUNTERMEASURMENT•MINIMIZING RISK•EVALUATE PERFORMANCE
INTRODUCTION TO LAN
Any network that is connected on a same subnets lies under the category of LANLAN Share resources of computer which includes:1) File Sharing2) Voice chatting3) Message Sending4) Desktop Sharing
WHAT TO KNOW ABOUT LAN
•Information about host•Devices that are connected on the subnet•IP Address of the system•Remote Services•Events Logs
WHAT TO KNOW ABOUT LAN
Information about host
WHAT TO KNOW ABOUT LAN
Devices that are connected on the subnet
WHAT TO KNOW ABOUT LAN
IP Address of the system
WHAT TO KNOW ABOUT LAN
Remote Services
WHY SECURITY
Any medium whether it is wired or wireless must have some strong security consideration.Using LAN, security can be helpful for the user who have a large network connected on a LAN, they must go through the process of analysis that interacts with LAN
THREATSFollowing are the list of threats that a LAN Network faces:
•MAN IN THE MIDDLE ATTACK•SMURF ATTACK•IP SPOOFING•DENIAL OF SERVICES•ARP POISONING
THREATSMAN IN THE MIDDLE ATTACK:
The man-in-the middle attack intercepts a communicationbetween two systems.
THREATS
SMURF ATTACK
The Smurf attack is a way of generating significant computernetwork traffic on a victim network.
THREATS
IP SPOOFING
IP address spoofing or IP spoofing refers to the creation ofInternet Protocol (IP) packets with a forged source IP address,called spoofing.
THREATS
DENIAL OF SERVICES
A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer or network resource unavailable to its intended users
THREATS
ARP POISONING
ARP spoofing may allow an attacker to intercept data frames on a LAN, modify the traffic, or stop the traffic altogether
COUNTERMEASUREMENTS
•Denying Unusable services•Checking people currently connect with this network•Closing Default operators of windows•Saving external resources•Making Log files•Updated Virus Definitions
COUNTERMEASUREMENTSDenying Unusable services
RUN>Services.mscClose these services
Automatic UpdatesLive UpdateTelnet
COUNTERMEASUREMENTS
Checking people currently connect with this network
COUNTERMEASUREMENTS
Closing Default operators of windows
COUNTERMEASUREMENTSHKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ExplorerHKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Operating system Default settingWindows 7 0x91
Windows Server 2008 0x91
Windows Vista 0x91
Windows Server 2003 0x95
Windows XP 0x91
Windows 2000 0x95
Windows 95/98 0x95
COUNTERMEASUREMENTSMaking Log files
RUN > eventvwr
MINIMIZING RISK•Making Remote Connectivity disabled•Services Like Telnet, SSH, VNC should be stopped forcefully•Changing Values from Registry•Releasing and Renewing IP Addresses
MINIMIZING RISK•Services Like Telnet, SSH, VNC should be stopped forcefully
•Net stop telnet
•Net start telnet
MINIMIZING RISK•Releasing and Renewing IP Addresses:
•Ipconfig /release
•Ipconfig /renew
EVALUATE PERFORMANCE
By Default Windows Xp, 7 , Vista enble the services that are not used under he scope of a home userOperating system performance can be cutomized from1) Windows Services.2) Windows Registry3) Windows Effects4) Monitoring Services
EVALUATE PERFORMANCE
Recommended
