Design and Implementation of A Network Security Model For Cooperative Network PDF

Download as pdf or txt
Download as pdf or txt
You are on page 1of 11
At a glance
Powered by AI
The key takeaways from the paper are that network security is important to protect confidential information and assets from threats and vulnerabilities. The paper discusses designing a network security model using routers and firewalls to prevent attacks and unauthorized access.

Some common configuration weaknesses discussed are unsecured user accounts, system accounts with easily guessed passwords, misconfigured internet services, and misconfigured network equipment.

Some common security policy weaknesses discussed are the lack of a written security policy, politics interfering with security implementation, lack of continuity from personnel changes, and weak logical access controls.

26 International Arab Journal of e-Technology, Vol. 1, No.

2, June 2009

Design and Implementation of a Network Security


Model for Cooperative Network
Salah Alabady
Computer Engineering Department, University of Mosul, Iraq
Abstract: In this paper a design and implementation of a network security model was presented, using routers and firewall.
Also this paper was conducted the network security weakness in router and firewall network devices, type of threats and
responses to those threats, and the method to prevent the attacks and hackers to access the network. Also this paper provides a
checklist to use in evaluating whether a network is adhering to best practices in network security and data confidentiality. The
main aim of this research is to protect the network from vulnerabilities, threats, attacks, configuration weaknesses and security
policy weaknesses.

Keywords- Network security, network management, threats, security policy

Received December 17, 2008; Accepted March 2 2009

damage the network or to stealing the important


1. Introduction information, or network devices configuration. In this
paper a review of attacks on routers, and how can
Security on the Internet and on Local Area Networks is prevent, or mitigating it will be described. Routers and
now at the forefront of computer network related issues firewall are very critical parts of network operations
[1]. The evolution of networking and the Internet, the and network security. Careful management and
threats to information and networks have risen diligent audit of router and firewall operations, can
dramatically. Many of these threats have become reduce network downtime, improve security, prevent
cleverly exercised attacks causing damage or the attacks and hackers, network threats decrease, and
committing theft. The Internet continues to grow aid in the analysis of suspected security breaches.
exponentially. As personal, government and business-
critical applications become more prevalent on the
Internet, there are many immediate benefits. However,
2. Network Security and Protection
these network-based applications and services can pose Security has one purpose, to protect assets. With the
security risks to individuals as well as to the advent of personal computers, LANs, and the wide-
information resources of companies and government. open world of the Internet, the networks of today are
In many cases, the rush to get connected comes at the more open. As e-business and Internet applications
expense of adequate network security. Information is continue to grow, finding the balance between being
an asset that must be protected [2]. isolated and being open will be critical. With the
Without adequate protection or network security, increased number of LANs and personal computers,
many individuals, businesses, and governments are at the Internet began to create untold numbers of security
risk of losing that asset. Network security is the risks. Firewall devices, which are software or hardware
process by which digital information assets are that enforce an access control policy between two or
protected, the goals of security are to protect more networks, were introduced. This technology gave
confidentiality, maintain integrity, and assure businesses a balance between security and simple
availability. With this in mind, it is imperative that all outbound access to the Internet, which was mostly
networks be protected from threats and vulnerabilities used, for e-mail and Web surfing.
in order for a business to achieve its fullest potential. Network security is the most vital component in
Typically, these threats are persistent due to information security because it is responsible for
vulnerabilities, which can arise from mis-configured securing all information passed through networked
hardware or software, poor network design, inherent computers [3, 4]. Network security refers to all
technology weaknesses, or end-user carelessness. A hardware and software functions, characteristics,
router is similar to many computers in that it has many features, operational procedures, accountability
services enabled by default. Many of these services are measures, access controls, administrative and
unnecessary and may be used by an attacker for management policy required to provide an acceptable
information gathering or for exploitation. All level of protection for hardware, software, and
unnecessary services should be disabled in the router information in a network. Network security, in order
configuration to prevent the attacker from using it to for it to be successful in preventing information loss,
Design and Implementation of a Network Security Model for Cooperative Network 27

must follow three fundamental precepts. First, a secure identification and authentication before an insider can
network must have integrity such that all of the access your in-house network.
information stored therein is always correct and
protected against fortuitous data corruption as well as 3. Weaknesses, Threats and Attacks on
willful alterations. Next, to secure a network there Router
must be confidentiality, or the ability to share
information on the network with only those people for When discussing network security, three common
whom the viewing is intended. Finally, network terms used are vulnerability, threat, and attack.
security requires availability of information to its Vulnerability is a weakness, which is inherent in
necessary recipients at the predetermined times without every network and device. This includes routers,
exception. The three principles that network security switches, desktops, servers, and even security
must adhere to evolved from years of practice and devices themselves. There are three primary
experimentation that make up network history.
vulnerabilities or weaknesses: [7, 8, and 9]
Real-world security includes prevention, detection,
and response. If the prevention mechanisms were 1. Technology weaknesses
perfect, you wouldn’t need detection and response. But 2. Configuration weaknesses
no prevention mechanism is perfect. Without detection 3. Security policy weaknesses
and response, the prevention mechanisms only have
limited value. Detection and response are not only Technological Weaknesses: Computer and
more cost effective but also more effective than piling network technologies have intrinsic security
on more prevention. On the Internet, this translates to weaknesses. These include TCP/IP protocol
monitoring. In Network Protection, there are weaknesses, operating system weaknesses, and
fortunately many preventative techniques to properly network equipment weaknesses.
secure network against threats. The first method of Configuration Weaknesses: Network administrators
protection is to address the actual physical layer of the or network engineers need to learn what the
network to assure that it is properly equipped. Next, configuration weaknesses are and correctly configure
three network administrative guidelines should be their computing and network devices to compensate.
adhered to [5, 6]. Some common configuration weaknesses are listed in
Additionally, firewalls and encryption should be Table 1. [10, 11]
incorporated into a network to heighten its security. Security Policy Weaknesses: Security policy
Finally, several other passwords, variations of capital weaknesses can create unforeseen security threats. The
and small letters further increase the strength of a network may pose security risks to the network if users
password. Proper authentication is an integral part of do not follow the security policy. Some common
the administrative step in securing a network. Firewalls Security Policy Weaknesses are listed in table 2.
are yet another measure used in increasing the level of Threats are the people eager, willing, and qualified to
security in a network. A firewall is in essence a portal take advantage of each security weakness, and they
through which information enters and exits. continually search for new exploits and weaknesses.
On one side of the portal is the internal network that Finally, the threats use a variety of tools, scripts, and
must remain secure, and on the other is the information programs to launch attacks against networks and
needed from the outside world combined with the network devices. In this paper we will discuss the two
undesirable threats of external networks. Three of the primary classes of threats to network security, there are
major types of firewalls, listed in order of increasing internal threats and external threats. Internal threats to
quality and price, are packet-filtering routers, a network are a major source of strain on the level of
application-level gateways, and circuit-level gateways. security attained by that network.[10] These threats
Although it is not the best available firewall, a positive generally stem from either disgruntled or unethical
step in increasing network security is the use of packet- employees.
filtering routers. A packet filtering router allows the External threats to network security, generally
network to determine which connections can pass referred to as hackers, can be equally and sometimes
through the router into the local area network and more dangerous than internal threats. To obtain entry
which connections will be denied. The application- into a network or view sensitive information, hackers
level gateway is designed specifically as a firewall that must use some tools such as: 1- password sniffers, 2-
authenticates the user for individual applications. Its IP snooping, 3- E-Mail attacks. Password sniffers
primary function is to identify and validate the user actually work with the execution of a packet sniffer
and then provide access to specific applications such as that monitors traffic on a network passing through the
E-Mail or file browsers depending on which one the machine on which the sniffer resides. The sniffer
user is requesting. Finally, a circuit-level gateway acquires the password and log-on name used when the
performs all of the packet-filtering that a router does source machine attempts to connect to other machines
and a bit more. The primary enhancement is the use of and saves this information in a separate file later
28 International Arab Journal of e-Technology, Vol. 1, No. 2, June 2009

obtained by the hacker. IP spoofing involves the 7. Smurf Attack, this attack involves sending a large
capturing of the information in an Information Packet amount of ICMP echo packets to a subnet's
(IP) to obtain the necessary address name of a broadcast address with a spoofed source IP address
workstation that has a trusted relationship with yet from that subnet. If a router is positioned to forward
another workstation. In doing so, a hacker can then act broadcast requests to other routers on the protected
as one of the workstation and use the trusted network, then the router should be configured to
relationship to gain entry into the other workstation prevent this forwarding from occurring. This
where any number of actions can be performed. blocking can be achieved by denying any packets
Finally, E-Mail is extremely vulnerable and quite destined for broadcast addresses.
susceptible to a number of different attacks. 8. Distributed Denial of Service (DDoS) Attacks,
Regardless of the method used to gain entry onto a several high-profile DDoS attacks have been
network or view communications therein, hackers can observed on the Internet. While routers and firewall,
truly jeopardize a network, security and potentially do cannot prevent DDoS attacks in general, it is usually
severe damage to the data and systems within. sound security practice to discourage the activities
Additional forms of malicious software, such as Trojan of specific DDoS agents by adding access list rules
horses, worms, and logic bombs exist as threats to that block their particular ports. But some of these
network security. Table 3, shows identify the potential rules may also impose a slight impact on normal
“threats” to each of these elements. The general threats users, because they block high-numbered ports that
on router or firewall network device include but are not legitimate network clients may randomly select.
limited to: unauthorized access, session hijacking, Therefore, you may choose to apply these rules only
rerouting, masquerading, denial of service (DoS), when an attack has been detected. Otherwise, these
eavesdropping, and information theft. While Attack rules would normally be applied to traffic in both
techniques include: password guessing, routing directions between an internal or trusted network
protocol attacks, simple network management protocol and an untrusted network examples of denial of
(SNMP) attacks, IP fragmentation attacks – to bypass service attacks are (Ping of death, SYN flood attack,
filtering, redirect (address) attacks, and circular Packet fragmentation and reassembly, E-mail
redirect – for denial of service. Here we will explain bombs, CPU hogging, Malicious applets,
the action of some attacks. Misconfiguring routers, The chargen attack, Out-of-
band attacks such as WinNuke, Land.c, Teardrop.c,,
1. The session replay attacks use a sequence of packets
Targa.c, Masquerade/IP Spoofing).
or application commands that can be recorded,
possibly manipulated, and then replayed to cause an
unauthorized action or gain access. 4. Router and Firewall Security Policy
2. Rerouting attacks can include manipulating router Routers perform many different jobs in modern
updates to cause traffic to flow to unauthorized networks, forwards traffic between two or more local
destinations. These kinds of attacks are sometimes networks within an organization or enterprise routes.
called “route injection” attacks. Interior routers may impose some restrictions on the
3. Masquerade attacks, these attacks occur when an traffic they forward between networks. Forwards
attacker manipulates IP packets to falsify IP traffic between different enterprises (sometimes called
addresses. Masquerades can be used to gain different ‘autonomous systems’). The traffic between
unauthorized access or to inject bogus data into a the different networks that make up the Internet is
network. directed by backbone routers.
4. Session hijacking attack: this attack may be occur if The level of trust between the networks connected
an attacker can insert falsified IP packets after by a backbone router is usually very low. Typically,
session establishment via IP spoofing, sequence backbone routers are designed and configured to
number prediction and alteration, or other methods. forward traffic as quickly as possible, without
5. Land attack, the land attack involves sending a imposing any restrictions on it. The primary security
packet to the router with the same IP address in the goals for a backbone router is to ensure that the
source and destination address fields, and with the management and operation of the router are conducted
same port number in the source port and destination only by authorized parties, and to protect the integrity
port fields. This attack may cause denial of service of the routing information it uses to forward traffic.
or degrade the performance of the router. Backbone routers typically employ Exterior Gateway
6. TCP SYN Attack, the TCP SYN attack involves Protocols to manage routes [5].
transmitting a volume of connections that cannot be Configuring backbone routers is a very specialized
completed at the destination. This attack causes the task. The border router forwards traffic between an
connection queues to fill up, thereby denying enterprise and exterior networks. The key aspect of a
service to legitimate TCP users. border router is that it forms part of the boundary
between the trusted internal networks of an enterprise,
Design and Implementation of a Network Security Model for Cooperative Network 29

and untrusted external networks (e.g. the Internet). It legacy or specialized configurations, which are
can help to secure the perimeter of an enterprise detrimental to security. Some of these services can be
network by enforcing restrictions on the traffic that it restricted or disabled to improve security without
controls. A border router may employ routing degrading the operational use of the router and the
protocols, or it may depend entirely on static routes. network performance. Also attacks and hackers can
Security policy is the definition of security function utilize these services to find the weakness point in the
against a network intrusion. Security engine provides network. General security practice for routers and
security functions of a packet filtering, an firewall should be to support only traffic and protocols
authentication, an access control, an intrusion analysis a network needs. Examples for these services are:
and an audit trail in the kernel region of router [10, 12].
1. CDP, the Cisco Discovery Protocol is a proprietary
Router is a key component of the Internet, and an
protocol that Cisco routers use to identify each
important part of networks that controls a data packet
other on a LAN segment. It is useful only in
flow in a network and determines an optimal path to
specialized situations, and is considered deleterious
reach a destination, and their security is a vital part of
to security.
the overall security for the networks they serve. An
2. TCP and UDP Small Servers, the TCP and UDP
error of the router or an attack against the router can
protocol standards include a recommended list of
damage an entire network. Since the router is
simple services that hosts should provide. In
connected to at least two networks and manages
virtually all cases, it is not necessary for routers to
network traffic, the security is necessary to control of
support these services, and they should be disabled.
an unauthorized router access and an illegal network
3. Finger Server, the IOS finger server supports the
intrusion. Secure router technology has security
Unix ‘finger’ protocol, which is used for querying a
functions, such as intrusion detection, IPsec and access
host about its logged in users.
control, are applied to legacy router for secure
4. HTTP Server, most router and firewall support web-
networking. A router may be responsible for filtering
based remote administration using the HTTP
traffic, allowing some packets to pass through and
protocol. While the web access features are fairly
rejecting others [13]. Filtering can be a very important
rudimentary on most routers, they are a viable
function of routers; it allows them to help protect
mechanism for monitoring, configuring, and
computers and other network components. It is also
attacking a router. If web-based remote
possible that at the destination end a router may have
administration is not needed, then it should be
to break large packets up to accommodate the size
disabled as shown below. Web-based remote
limits of the destination LAN. Modern routers do not
administration is useful primarily when intervening
only perform relaying functions, but also filtering,
routers or firewalls prevent use of Telnet for that
separation, encryption and monitoring of data streams.
purpose. However, it is important to note that both
Furthermore, they provide various management
Telnet and web-based remote administration reveal
interfaces for configuration, (remote) maintenance, and
critical passwords in the clear. Therefore, web-
monitoring. All these functions potentially affect the
based remote administration should be avoided.
availability, integrity, and confidentiality of data
5. Bootp Server, Bootp is a datagram protocol that is
connections, thus making routers highly security-
used by some hosts to load their operating system
critical network components. However, configuring a
over the network. Cisco routers are capable of
router is a difficult and error prone task.
acting as bootp servers, primarily for other Cisco
A firewall can protect a network from external
hardware. This facility is intended to support a
attacks by examining all packets of a message
deployment strategy where one Cisco router acts as
attempting to pass through the network and rejecting
the central repository of IOS software for a
the packets that do not meet the security restrictions.
collection of such routers. In practice, bootp is very
However, it does not protect the data as it is
rarely used, and offers an attacker the ability to
transmitted from one network to another. Data
download a copy of a router’s IOS software.
transmitted from one network to another via the
6. Configuration Auto-Loading, some routers such as
Internet is susceptible to access at many points
Cisco routers and Linksys routers, are capable of
between the source and destination. The secure socket
loading their startup configuration from local
layer (SSL) is one means of providing secure
memory or from the network. Loading from the
communications between points connected via the
network is not secure, and should be considered.
Internet.
7. IP source routing, source routing is a feature of IP
Routers and firewall support a large number of
whereby individual packets can specify routes. This
network services at layers 2, 3, 4, and 7 [14]. Some of
feature is used in several kinds of attacks. Cisco
these services are application layer protocols that allow
routers normally accept and process source routes.
users and host processes to connect to the router,
Unless a network depends on source routing, it
firewall and others network devices. Others are
should be disabled on all the net’s routers.
automatic processes and settings intended to support
30 International Arab Journal of e-Technology, Vol. 1, No. 2, June 2009

8. Proxy ARP, network hosts use the Address may support a network where the bootp protocol is
Resolution Protocol (ARP) to translate network employed, but some other host is acting as the bootp
addresses into media addresses. A router can act as server. In this case, the router’s bootp server should be
intermediary for ARP, responding to ARP queries disabled. Turning off an automatic network feature
on selected interfaces and thus enabling transparent usually prevents a certain kind of network traffic from
access between multiple LAN segments. This being processed by the router or prevents it from
service is called proxy ARP. Because it breaks the traversing the router. For example, IP source routing is
LAN security perimeter, effectively extending a a little-used feature of IP that can be utilized in
LAN at layer 2 across multiple segments, proxy network attacks. Unless it is required for the network
ARP should be used only between two LAN to operate, IP source routing should be disabled. Figure
segments at the same trust level, and only when (1) shows the structure of the suggested network
absolutely necessary to support legacy network security model.
architectures. In this section of paper we will mention some setups,
9. IP Directed Broadcast, directed broadcasts permit a that must be considered to applied in configuration
host on one LAN segment to initiate a physical mode for the router and firewall in the network to
broadcast on a different LAN segment. This achieve the best security and to prevent several kinds of
technique was used in some old denial of- service attacks, and to protect against the mentioned types of
attacks. Therefore it must disable this function. vulnerabilities, threats and attacks on the network. The
10. IP Unreachable, Redirects, and Mask Replies: the philosophy of the suggested security solutions is based
Internet Control Message Protocol (ICMP) supports on using multiple tips of protection and it could be
IP traffic by relaying information about paths, explained as followed:
routes, and network conditions. Cisco routers 1. The first is to build physical security by creating
automatically send ICMP messages under a wide security policy, considered who is authorized to
variety of conditions. Three ICMP messages are install, de-install, move both the router and firewall,
commonly used by attackers for network mapping and to change the physical configuration or physical
and diagnosis: ‘Host unreachable’, ‘Redirect’, and connections to the router or firewall. Designates who
‘Mask Reply’. Automatic generation of these is authorized to log in directly to the router via the
messages it is important to be disabled on all console or other direct access port connections.
interfaces, especially interfaces that are connected to Also, define the password policy for user/login
untrusted networks. passwords, and for administrative or privilege
11. SNMP Services, the Simple Network Management passwords.
Protocol (SNMP) is the standard Internet protocol 2. Designates who is authorized to log in to the router
for automated remote monitoring and remotely (Telnet, SSH) and limits on use of
administration. There are several different versions automated remote management and monitoring
of SNMP, with different security properties. If a facilities (e.g. SNMP).
network has a deployed SNMP infrastructure in 3. Configure and enable secret password for console,
place for administration, then all routers on that auxiliary port, and VTY ports on each network
network should be configured to securely participate device. This will prevent unauthorized from access
in it. As example a Cisco router can be configured direct to any network devices.
to act as a client for SNMP. When SNMP service is 4. Encrypting all passwords by using service
enabled on a router, network management tools can password-encryption command to prevent the
use it to gather information about the router attacks and hacker from recovery the secret
configuration, route table, traffic load, and more. In password. Also it is important to disable the service
the absence of a deployed SNMP scheme, all SNMP password-recovery, to deny the attack from recover
facilities on all routers should be disabled using the password or to erase the password when reboot
these steps: the router.
5. Set the minimum character length for all routers,
1. Erase all existing community strings.
firewall passwords. This provides enhanced security
2. Disable SNMP system shutdown and trap
access to the router by allowing you to specify a
features.
minimum password length.
3. Disable SNMP system processing.
6. Controlling the virtual terminal lines (VTYs), any
VTY should be configured to accept connections
5. Creating and Implementing a Security only with the protocols actually needed. Also the
Policy. last VTY might be restricted to accept connections
Turning off a network service on the router or firewall only from a single, specific administrative
itself does not prevent it from supporting a network workstation, whereas the other VTYs might accept
where that protocol is employed. For example, a router connections from any address in a corporate
Design and Implementation of a Network Security Model for Cooperative Network 31

network. Another useful tactic is to configure VTY encryption. SSH also prevents session hijacking and
timeouts using the exec-timeout command. many other kinds of network attacks.
7. Enabling Transmission Control Protocol (TCP) keep 14. No local user accounts are configured on the
lives on incoming connections, this can help guard router. Routers must use Terminal Access
against both malicious attacks and orphaned Controller Access Control System Plus
sessions caused by remote system crashes. (TACACS+) or Remote Authentication Dial In User
8. Disabling all non-IP-based remote access protocols, service (RADIUS) protocols for all user
and using SSH, SSL, or IP Security (IPSec) authentications.
encryption for all remote connections to the router 15. Configure local AAA (Authentication
instead of TELNET, this can provide complete Authorization Account) on router and firewall, the
VTYs protection. Remote administration is local data base, and Authentication using AAA,
inherently dangerous because anyone with a additionally configure Authentication proxy. This is
network sniffer on the right LAN segment can Cisco’s new access control facility for controlling
acquire the router passwords and would then be able access, privileges, and logging of user activities on a
to take control of the router. router. Authentication is the mechanism for
9. Disable unneeded features and services on route identifying users before allowing access to a
such as: CDP, http server, bootp server, IP directed network component. Authorization is the method
broadcasts, TCP small services, UDP small services, used to describe what a user has the right to do once
IP source routing. he has authenticated to the router. Accounting is the
10. Disable (shut down) unused interfaces on all component that allows for logging and tracking of
routers and firewall, this helps discourage user and traffic activities on the router which can be
unauthorized use of extra interfaces, and enforces used later for resource tracking or trouble shooting.
the need for router administration privileges when 16. Using NAT, a router can hide the structure of the
adding new network connections to a router. trusted network, by transparently translating all IP
11. Set up usernames and passwords for all addresses and coalescing distinct IP addresses into a
administrators. Or one can use AAA user access single one.
control, AAA will give more control and better 17. Using Cisco IOS firewall Intrusion Detection
audit. AAA is the acronym for authentication, System (IDS) is a real-time IDS designed to
authorization, and accounting. enhance border router security by detecting,
12. Applied access control lists, to filtering the reporting, and terminating unauthorized activity.
malicious traffic packets, and to rate limiting, this This facility is available in IOS releases for many,
filtering can usually be done based on two criteria: but not all, Cisco routers. A unique benefit of
implementing an IDS on a router, especially a
• The source and destination IP addresses of the
border router, is that all network traffic flows
traffic.
through it and may be examined.
• The type of traffic. 18. A poor router filtering configuration can reduce the
The access control lists can reject all traffic from overall security of an network, expose internal
the internal networks that bears a source IP address network components to scans and attacks, and make
which does not belong to the internal networks, it easier for attackers to avoid detection. Careful
reject all traffic from the external networks that router configuration can help prevent a
bears a source address belonging to the internal (compromised) site from being used as part of a
networks and reject all traffic with a source or distributed denial of service (DDoS) attack, by
destination address belonging to any reserved, blocking spoofed source addresses. DDoS attacks
unroutable, or illegal address range. use a number of compromised sites to flood a target
13. It is important to allow only local access because site with sufficient traffic or service requests to
during remote access, all telnet passwords or SNMP render it useless to legitimate users.
community strings are sent in the clear to the router. 19. Apply port security on the switch to mitigate CAM
If an attacker can collect network traffic during table overflow attacks. once can apply port security
remote access then he can capture passwords or in three ways: Static secure MAC addresses,
community strings. However, there are some Dynamic secure MAC addresses and Sticky secure
options if remote access is required. Establish a MAC addresses. The type of action taken when a
dedicated management network. The management port security violation occurs falls into the following
network should include only identified three categories: Protect, Restrict, Shutdown.
administration hosts and a spare interface on each 20. Using PacketShaper, it is a traffic management
router. Another method is to encrypt all traffic appliance that monitors and controls IP network
between the administrator’s computer and the traffic going over wide-area networks (WAN) links.
router, by setting up IPSec encryption or SSH It keeps critical traffic moving at an appropriate
pace through bandwidth bottlenecks and prevents
32 International Arab Journal of e-Technology, Vol. 1, No. 2, June 2009

any single type of traffic from monopolizing the 3. Nmap program which is used to scan for open TCP
link. Also PacketShaper identifies and analyzes and UDP ports on a router and firewall interface
inbound and outbound WAN traffic up to and ports. The attack and hacker use a port scanner tools
including the OSI Application Layer (Layer 7). to estimate the network map then he can find how
PacketShaper manages WAN link utilization and the network structured and what software is running
throughput based on the bandwidth reservations and on it. This action was prevented and denies by the
policies applied to the identified traffic classes. In disable unneeded features and services on route and
addition,PacketShaper provides a comprehensive firewall such as: CDP, http server, bootp server, IP
view of the applications that are running on your directed broadcasts, TCP small services, UDP small
network. And by using PacketShaper, once can: services.
4. Nessus program, this program used to search the
• Determine what is running on the network and
vulnerabilities in the network. This action was
traversing the link
prevented by disable (shut down) unused interfaces
• Find out how each application is performing on all routers and firewall, Disable unneeded
• Determine how much bandwidth each application features and services on route such as: CDP, http
is using server, bootp server, IP directed broadcasts, TCP
• Guarantee bandwidth to mission-critical small services, UDP small services, IP source
applications and keep non-critical applications routing. Also the network address translation (NAT)
from overwhelming the link. is hides information about the network by making it
seem that all outgoing traffic originates from the
6. Test Bed and Performance Testing firewall rather than the network.
In order to test the security and performance of the 5. Trying to use the TELNET service to access to the
suggested network model, a test bed was build and router and firewall. This action was prevented
establish as shown in Figure (2). The test bed is because disabling all non-IP-based remote access
consisted from the two Cisco router 2811, Cisco protocols, and using SSH, SSL, IP Security (IPSec)
firewall (PIX) 516E , Cisco switch 2960, AAA server encryption for all remote connections, there are
with TACACS+ protocol and two workstation work as secret password for console, auxiliary port, and
real attacker and hacker. VTY ports on each network device, also the routers
The following procedures were taken to examine the use TACACS+ protocols for all user
network operation to test the network security authentications.
robustness against different types of attacks. Also some 6. Used Dsniff programs (a collection of tools to do
scanning tools are used to simulate real network ARP spoofing) to simulate a DoS attacks , this
attacks and intrusions on the target system. action was stopped and prevented by applied access
control lists on router and firewall to filtering the
1. Ethereal program (network traffic capture and malicious traffic packets, and reject all traffic from
analysis tool) was used to simulate real the internal networks that bears a source IP address
reconnaissance network attacks on the target which does not belong to the internal networks.
network. This program used to see what is on the 7. Unauthorized attempts to access to the network
network (as the hacker does before his attack), also resources and devices, this action was detected and
this program is an effective "sniffer". Try to obtain prevented by AAA server and firewall network,
the password for network devices and other because the firewall and AAA server and screen
information in the network such as routing table or both incoming and outgoing traffic in the network.
CAM table, but because encrypting all passwords 8. Kiwi Syslog program, which is used to capture and
by using service password-encryption command, preserve log messages from Cisco routers and many
and disable the CDP on the routers, and using SSH, other network devices, this action prevented by
SSL, IP Security (IPSec) encryption for all remote Disabling some protocols on the network devices, to
connections instead of TELNET, the attacks and prevent attacks and hackers used it, but without
hacker prevent from recovery the secret password affects on the performance of the networks, such as
and theft the information. finger protocol requests, Network Time Protocol,
2. Super Scanner program used to simulate a real Cisco Discovery Protocol (when used Cisco
access attacks to find which the IP address is active network device), Internet Control Message Protocol
or which port is active and open in the network, the (ICMP), multicast route caching Protocol , proxy
purpose to obtain the network IP address of a ARP Protocol.
workstation or IP address of a network device, port 9. Used Macof tools program to do MAC spoofing and
scanner to discover which port is used and open. CAM table overflow attacks. This action was
This action was detected and prevented by the prevented by apply port security on the switch in
firewall, techniques security and the accesses three ways: static secure MAC addresses, dynamic
control list that applied on the router and firewall.
Design and Implementation of a Network Security Model for Cooperative Network 33

secure MAC addresses and sticky secure MAC [7] Q. Ali., and Alabady S., "Design and
addresses. Implementation of A Secured Remotely
Administrated Network," In Proceedings
After doing the previous several tests, the proposed
International Arab Conference on Information
configuration showed a very efficient security
Technology, ACIT'2007.
performance keeping a high performance of the
[8] Alabady S. , "Design and Implementation of a
network speed and services. Also from the test results,
Network Security Model using Static VLAN and
we can protect the network from various types of
AAA Server," In Proceedings International
attacks such as Access attacks, Password Attacks,
Conference on Information & Communication
Denial of service attacks and make it easier for
Technologies: from Theory to Applications,
attackers to avoid detection.
ICTTA’2008
[9] Shastry Y., Klotz S., and Russell R., "Evaluating
7. Conclusion the effect of iSCSI protocol parameters on
This paper deals with and discusses the security performance, " In Proceedings of the Parallel
weakness in router and firewall configuration system and Distributed Computing and Networks, 2005
and risks when connected to the Internet .Also this [10] " Network Security 1 ", Cisco system,Inc. 2006
paper presented the tips and recommendations to [11] Eld G., and Hundley K., "Cisco Security
achieve a best security and to protect the network from Architectures", McGraw-Hill, NewYork, 1999.
vulnerabilities, threats, and attacks by applying the [12] Wa Y., "The design and implementation of router
security configurations on router and firewall. Also one security subsystem based on IPSEC,"
can use this suggested security policy as a checklist to proceedings of IEEE TENCON'2002
use in evaluating whether a unit is adhering to best [13] Riedmuller S., Brecht U., and Sikora A., " IPsec
practices in computer security and data confidentiality. for Embedded Systems, " in: H. Weghorn (Ed.),
This work appears the firewall provides additional Proceedings of the 2nd Annual Meeting on
access control over connections and network traffic Information Technology & Computer Science at
and perform user authentication. Using a firewall and a the BA-University of Cooperative Education,
router together can offer better security than either one ITCS 2005.
alone. A poor router filtering configuration can reduce [14] Chapman D., Cooper S., and Zwicky, E.,"
the overall security of a network, expose internal Building Internet Firewalls," 2nd Edition,
network components to scans and attacks. O’Reilly & Associates, 2000.

References
Salah Alabady was born in Mosul, Iraq, on October
[1] Akin T.," Hardening Cisco Routers," O’Reilly & ,1972, he received the B.Sc. degree in
Associates, 2002. Electronic and Communications
[2] Kim J., Lee K., Lee C.," Design and Engineering from the University of
Implementation of Integrated Security Engine for Mosul, Iraq in 1996, and in 2004 he
Secure Networking," In Proceedings received the M.Sc. degree in Computer
International Conference on Advnaced Engineering from University of Mosul.
Communication Technology, 2004. From 2004 till now he is being a
[3] Chen S., Iyer R., and Whisnant K., " Evaluating lecturer in Computer Engineering Department, Mosul
the Security Threat of Firewall Data Corruption University. His research interests include optical fiber
Caused by Instruction Transient Errors," In communications, optical network architecture, network
Proceedings of the 2002 International security and computer networks design. Alabady gets
Conference on Dependable Systems & Network, 10 certifications from Cisco Networking Academy,
Washington, D.C., 2002. and he is working as Instructor, Curriculum Leader,
[4] Kim H., "Design and Implementation of a Private and Legal Main Contact in Mosul University Regional
and Public Key Crypto Processor and Its Academy for Cisco Networking Academy program.
Application to a Security System," IEEE
Transactions on Consumer Electronics, vol. 50,
no. 1, FEBRUARY 2004
[5] Rybaczyk P., "Cisco Router Troubleshooting
Handbook ", M&T Books, 2000
[6] Jo S., "Security Engine Management of Router
based on Security Policy," proceedings of world
academy of science, engineering and technology,
volume 10, ISSN 1307-688, 2005.
34 International Arab Journal of e-Technology, Vol. 1, No. 2, June 2009

Table 1. Common configuration weaknesses Table 2. Common security policy weaknesses


Weakness How the weakness is exploited Weakness How the weakness is exploited

User account information may Lack of written An unwritten policy cannot be


be transmitted insecurely across security policy consistently or enforced.
Unsecured user
the network, exposing
accounts Political battles and turf wars can
usernames and password to
snoopers. Politics make it difficult to implement a
consistent security
System accounts This common problem is the
with easily guessed result of poorly selected and Frequent replacement of
passwords easily guessed user password. Lack of continuity personnel can lead to an erratic
approach to security
A common problem is to turn on
JavaScript in Web browsers, Poorly chosen, easily cracked, or
Logic access
enabling attacks by way of default passwords can allow
Misconfigured controls not
hostile JavaScript when unauthorized access to the
Internet services applied
accessing untrusted sites, network.
IIS,FTP, and Terminal Services
also pose problems. Software and
Unauthorized changes to the
hardware
network topology or installation
Unsecured default Many products have default installation and
of unapproved application create
settings within settings that enable security changes do not
security holes.
products holes. follow policy

Misconfigurations of the The lack of a disaster recovery


equipment itself can cause Disaster recovery plan allows chaos, panic, and
Misconfigured plan is nonexistent confusion to occur when
significant security protocols, or
network equipment someone attacks the enterprise.
SNMP community strings can
open up large security holes.

Table 3. Identify the threats

Threat Internal \ External Threat consequences


e-mail with virus External origination, Could infect system reading email and subsequently
internal use spread throughout entire organization.
Network virus External Could enter through unprotected ports, compromise
whole network.
Web based virus Internal browsing to Could cause compromise on system doing browsing
external site and subsequently affect other internal systems.

Web server attack External to web servers If web server is compromised hacker could gain access
to other systems internal to network

Denial of service External External services such as web, email and ftp could
attack become unusable. If router is attacked, whole network
could go down

Network User Internal to anywhere Traditional border firewalls do nothing for this attack.
Attack Internal segmentation firewalls can help contain
(internal damage.
employee)
Design and Implementation of a Network Security Model for Cooperative Network 35

WAN Gateway Router


Router
ISP

E-mail server SQL server Switch

Management
server

Web, DNS server


DMZ
Firewall

Internal or local net


router
AAA server

Main Site
Switch

Core switch

WAN
DHCP Server

Router
Router

Packet Shaper Packet Shaper

Branch
Branch

Figure 1. Structure of the suggested network security model


36 International Arab Journal of e-Technology, Vol. 1, No. 2, June 2009

Figure 2. Router with firewall configuration for a network test bed

You might also like