Network Access Policies and Protocols & Ports

Each device that links to a network has the potential to cause a security problem or to be infected by viruses. Network administrators have to clearly define network access policies. The devices on the network and the users who use the devices must comply with the network access policies. When setting up the online computer lab for a class, the network administrator must decide who can access what devices and use which applications, and make sure that only authorized users can access the dedicated devices. Once a user successfully logs on to a device, further access policies will be enforced to specify which servers the user can communicate with, which protocols are allowed in a communication, which network can be accessed, and which network services can be used by the user. A wrongly configured network can cause security holes. Later, we will take a closer look on network access policies.

Protocols and Ports

Many of the network protocols, such as the commonly used tabular data stream (TDS), Internet inter-ORB protocol (IIOP), and hypertext transfer protocol (HTTP), transmit information in clear text without encryption. It is easy to capture the data while the packets are transmitted over a network. A hacker can install a free network monitoring program such as Ethereal to capture the network traffic. The clear text does not stop anyone who captures data to read the transmitted information including
user names and passwords. Even worse, a hacker may capture more sensitive information such as credit card numbers and bank account information from the clear text. The following are descriptions of these unsecured protocols.

• Tabular data stream is a protocol that is used for transmitting data between two computers. TDS was designed and developed by the Database Management System (DBMS) company Sybase and was also used by the early version of Microsoft SQL Server.
• Hypertext transfer protocol is a protocol used to transfer information on the Internet. HTTP was designed to publish and receive hypertext markup language (HTML) pages.
• Internet inter-ORB protocol is a transport protocol used for the communication between CORBA object request brokers (ORBs). Developed by the Object Management Group, IIOP is more powerful than HTTP. In addition to transmitting text over the Internet, it also enables browsers and servers to
exchange integers, arrays, and more complex objects. When used in data transmission over the Internet, these protocols do not use secure sockets layer (SSL) which uses a two-key cryptographic system. Therefore, these protocols are not secure.

There are other types of unsecured network protocols that provide services such as file transfer and network management. When these network protocols were developed, there was little or no security concern in mind. Therefore, network services supported by these protocols have no security protection. Examples of such types of protocols are file transfer protocol (FTP), Telnet, and simple network management protocol (SNMP). The following are descriptions of these protocols.

BIO:

This content is brought to you by Exam Key. Are you seeking for this pk0-003 Exam assistance? Let’s get the advantage of Cisco Specialist 642-991 and pass your IT certification exam on first attempt with 100% money back guaranty.