ابدأ بالتواصل مع الأشخاص وتبادل معارفك المهنية

أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.

متابعة

What are the common Network security threats and what are the best Security countermeasures or Security software to overcome this threats?

user-image
تم إضافة السؤال من قبل Maalik Muhamed , Deputy Mill Manager , AZANIA GROUP OF COMPANYS
تاريخ النشر: 2014/04/21
Abdul-Hameed Deeb Al-Sawadi
من قبل Abdul-Hameed Deeb Al-Sawadi , IT Manager , Masaneed Commercial Group (MCG)

If you are asking about physical threats, there are four types of physical threats:

Hardware threats-Physical damage to servers, routers, switches, cabling plant, and workstations or PCs.

Electrical threats-Voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss.

Environmental threats-Temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry).

Maintenance threats-Poor handling of key electrical components (electrostatic discharge), lack of essential spare parts, poor cabling, and labelling.

 

Ref: http://www.orbit-computer-solutions.com/Threats-to-Physical-and-Network-Infrastructure.php#sthash.xwhKEbvC.dpuf

 

Ibrahim Abu Elnaga
من قبل Ibrahim Abu Elnaga , PMO Manager , Barkotel Communications

1-spoofing

2-sniffing

3-DoS and DDos

4-role escalation

5-man in the middle

6-botnet attacks. 

7-zero day attacks.

8-file based attackes (viruses, worms and so on)

9-Password attackes (bruteforce attacks,dictionary attackes and so on)

.

.

.

and the list continues.

Security threats cannot be counted and of course no single countermeasure can stop this.

the answer needs book not just some few lines here. it needs study of the following:

1- a feasible study of the entity you are going to protect (i.e. of course you are not going to pay10,000$ for a security system to protect a property of value of20,000$)

2-it depends on the nature of the data and applications used in your network (primarily, you should not degrade the performance of stop an application from functioning properly because of misconfiguration or security policies that are too strict).

3-use layered security.

4-don't make data path that might bypass your firewall.

and the list continues as well.

 

 

Omid Raghimi
من قبل Omid Raghimi , Senior Cyber Security Engineer - Incident Response (DFIR) , Lloyds Banking Group

Trust everyone is well, 

in terms of Security Threats, it mostly depends on the area of the data information (i.e Financial services -Banks, telecommunication companies, government etc.) in line with the essential assets related to that company but generally speaking and with respect to your question which is targeting computers and related software: 

the most Threat comes as attacks like:  (be advised that not all attacks can be threats)

Phishing, Spam - occures to normal people with basic level of IT knowledge 

Counter Measurements: Spam Filtering, Phishing monitoring using updated threat intelligence \\

Tools: Symantec Message Labs , Iron Port, McAfee Email scanning

 

then Dos and in a wider area DDoS attacks (Distributed - Denial of Service), the cause can be Environmental (the vulnerability occurs), physical or using deliberated techniques and software:

Counter Measurements: Running adequate Backup and Failover Servers ideally not in the same location and geographical area, using different attack monitoring tools and techniques 

Some Related tools: F5 Firewalls (hardware)/Microsoft ForeFront TMG (software), IPS/IDS System (Intrusion Detection/Prevention) 

it should be taken to consideration that DoS and DDoS attacks can occur in different form even can be started with malwares and viruses. ... These are not the only as the list goes on and I'm happy to share ideas and inf if you need more detailed inf.

It is vital to know that for any Autonomous System (AS) a Security Assessment & Analysis is required to define the assets of the AS and according to that, Vulnerabilities available to those assets should be defines and also Threats to those assets with the found vulnerabilities can be analysed. and as a result the Risks will show up which the Security Discipline can be designed using those figures and outcomes.  Important to know that

Threats + Vulnerabilities = Risks 

Hope that helps

Omid

 

Muhammad Iqbal
من قبل Muhammad Iqbal , IT Officer System Administrator , COMSTECH

Although Brother Ibrahim Abu Elnaga  has explained very well. To add more to his answer, since you only asked for common network threats Symantec Norton has sorted out eleven most common security threats already. You can not only have view of them but also find their danger level, damage these can cause, detection and prevention methodologies for your information and reference at http://www.symantec-norton.com/11-most-common-computer-security-threats_k13.aspx.

Moreover, practically, as an IT administrator you must also consider these three important aspects of Network Security. First, equipment and devices we use have adherent weaknesses at the time the product release and these vulnerabilities are found lately when deployed. You must update, patch and sometime upgrade to avoid such technological security threats or atleast be aware of such holes.

Second and most important from IT administrator point of view is configuration. Lazy doing, misconfiguration, improper settings can open the doors for malicious programs/people. You must always monitor, test your settings.

 

Third and equally important is how your organization operates i.e security policy enforcement and setting usage baselines. Threats like insider threats can only be avoided if procedures are inline.    

Biruk Hailemariam
من قبل Biruk Hailemariam , System and Network Administrator , Yencomad Construction

this are some commone network attack

1.Spoofing.

2. Sniffing.

3. Mapping.

4. DoS and DDoS.

5. Social engineering.

المزيد من الأسئلة المماثلة