PostHeaderIcon TCP/IP Exploit Countermeasures

December 24th, 2009

TCP/IP Exploit Countermeasures

Increasingly, offenders and network intruders are using highly advanced tools and techniques to facilitate their offenses and evade apprehension, inventing new challenges for law enforcement, security professionals and computer forensic examiners. However, a TCP packet is a data structure comprising of a sequence number, an acknowledgement number for connecting the packets of a communication session, flags, source and destination port numbers.

There are varieties of countermeasures and security technologies that can be used to mitigate TCP/IP security flaws. These countermeasures range from Firewalls, Data Encryption, Network Intrusion Detection Systems (NIDS), High Interaction Honeypots and VPN.

Firewall

Firewalls are network security devices designed to direct data traffic from one network to another. However these security devices, by default, are designed to block suspected packets and must be configured to permit traffic that meets security policies of that organisation. When a TCP packet is sent from one network to another it passes through a Firewall. The Firewall will use its configuration mechanisms to decide whether to permit or deny the data packet access to the destination host. In addition, Firewalls can keep complete logs of successful and unsuccessful attempts to reach the hosts that it protects and can be a valuable basis of digital evidence. The main purpose of a Firewall is packet filtering and auditing. Most Firewalls can examine the full content of a packet, including the data portion. To accomplish that, Firewalls are configured with a set of security policy rules specifically designed to address what threat the network infrastructure could face. For instance, the security policy could be designed to prevent access from outside connections. Furthermore, the policy might permit access only for certain number of users, groups, organizational units (OU) or certain system activities.

There are different types of firewalls that can help organizations to maintain the data Confidentiality, Integrity and Availability (CIA) of their information systems.

To read the second half of this article, please visit our network security website at http://www.honeyjet.co.uk/NetworkSecurityArticles.html.

Firewalls alone cannot fully mitigate the threat of network intrusion. Firewall need to be supported with network monitoring tools. GFI Languard has highly sophisticated network monitoring tools. For more on this visit http://www.honeyjet.co.uk/GFI.html.

Article Source:http://www.articlesbase.com/security-articles/tcpip-exploit-countermeasures-1619526.html

Posted in Information Technology

Comments are closed.

Search
Categories
Archives
Links:

Copyright © 2009 TAP | Tech A Peep. All Rights Reserved.

Powered by WordPress, theme flowers4u created by florist4us.