ITU X.800 is a security/threat model for end to end communication.
Standard consists of Planes and Layers as well as security dimensions to provide very efficient Architecture and security for end to end communication.
There are eight security dimensions addresses to network vulnerability which are listed below with brief explanation and a way of how can they be implemented:
• Access Control – as it can be understood by its name it controls the access to services such as routers, switches, firewalls etc. Implementation can be done in the configuration of such network element or host and for example linking authentication server with these elements.
• Authentication – request of proving subjects identity by for instance digital certificate.
• Non-repudiation – as far as I understand this section keeps the logs and has abilities to do some actions.
• Data Consistency – Provides for instance encryption based on our organization file classification to make sure that our sensitive data is protected.
• Communication Security – that’s security between point A and B. Uses of non-obscured protocols such as VPN so that sniffing or eavesdropping becomes very unlikely.
• Data integrity – checks that both incoming and outgoing data is correct – means for instance if we request 308kb we should receive the same size file on the destination host.
• Availability – makes sure that legitimate users have got access to all necessary network elements and application according to what they suppose to do (role).
• Privacy – provides again encryption of data as one way of implementation but also for instance Network Address Translation (NAT) to protect internal hosts and redirect all the incoming traffic to the border firewall.
Zachary Zeltsan,. (2005*). ITU/IETF Workshop on NGN
Wednesday 19 January 2011
Java IpAddressLookup simple class
import java.net.*;
import java.util.*;
public class IpAddressLookup {
public static void main(String[] args) {
try
{
System.out.print("Please enter the address : ");
Scanner Sc = new Scanner(System.in);
String host= Sc.next();
InetAddress PC = InetAddress.getByName(host);
String hostname = PC.getHostName();
byte[] signed = PC.getAddress();
System.out.println("Hostname is : " + hostname);
System.out.println("Signed address is " + signed);
int unsigned;
System.out.println();
System.out.print("IP Address is : ");
for(int i=0; i
unsigned = signed[i] < 0 ? signed[i] + 256 : signed[i];
System.out.print(unsigned + ".");
}
System.out.println();
}
catch (UnknownHostException e){
System.out.println("Can't find the IP Address or the hostname");
}}}
import java.util.*;
public class IpAddressLookup {
public static void main(String[] args) {
try
{
System.out.print("Please enter the address : ");
Scanner Sc = new Scanner(System.in);
String host= Sc.next();
InetAddress PC = InetAddress.getByName(host);
String hostname = PC.getHostName();
byte[] signed = PC.getAddress();
System.out.println("Hostname is : " + hostname);
System.out.println("Signed address is " + signed);
int unsigned;
System.out.println();
System.out.print("IP Address is : ");
for(int i=0; i
unsigned = signed[i] < 0 ? signed[i] + 256 : signed[i];
System.out.print(unsigned + ".");
}
System.out.println();
}
catch (UnknownHostException e){
System.out.println("Can't find the IP Address or the hostname");
}}}
Wednesday 12 January 2011
E-mail spoofing - brief
How easy is to spoof a e-mail address. All can be achieved by a simple PHP code accessible in many places across the internet. It often contains a html website layouts and signatures therefore it becomes even harder to detect. Most of the times it's being broadcast-ed to thousands at the time. Its a great tool to get some credentials or other personal information. It can also be used as a small clever denial of service attack depends on the target and aims.
$frm = "John@microsoft.com";
$attn1 = "Steve@bbc.co.uk";
$subject = 'Hi Steve';
$message = "
Hello x,
info,
malicious link
John \n
";
$from = "From: $frm\r\n";
mail($attn1, $subject, $message, $from);
?>
$frm = "John@microsoft.com";
$attn1 = "Steve@bbc.co.uk";
$subject = 'Hi Steve';
$message = "
Hello x,
info,
malicious link
John \n
";
$from = "From: $frm\r\n";
mail($attn1, $subject, $message, $from);
?>
Friday 7 January 2011
ISO 27001 (17799) - brief Overview
Security of information is essential for reliability, and perhaps even the survival of the organisation. Every IT infrastructure uses data clusters for storing the information and they are often being targeted by attackers who want to infiltrate their resources for many different reasons, quite often financial. It’s not as it use to be years ago where we had to deal with individual or group of individuals who where gaining access to classified documents for fun. Nowadays there are organisation having a proper managers and directors who hire programmers and make business by breaking into systems and stealing personal data. The security became even more important as much as complicated to fight as what we call now cybercrime.
ISO 27001/2 helps to manage a valuable resource of information and protects it.
ISO 27001/2 is the international standard that specifies requirements for information security management systems (ISMS) and it has been developed to ensure the selection of adequate and organised security measures are implemented at least at minimum level.
This helps in protecting information and give confidence to users, managers and directors of company that has implemented it. The standard process is based on the method of establishing, implementing, operating, monitoring, testing, maintaining and improving Information systems.
(Calder A., et al. Information Security Risk Management for ISO 27001/ISO 17799 ,2007)
ISO 27001 areas
• Security policy – controls the security structure with law and business requirements, it’s including two parts: information security policy document which shows overall approach and dedication of the organisation to their information security. Second part is the review of information security policy which is based on the first document and shows ongoing progress.
• Organization of information security – is quite detailed and important as it has ability to manage the information security within the company. It’s based on authorisation and accountability – rights are assigned to the job descriptions. Documents the rights for external services like auditors and provides user agreements and risk assessment for both internal and external authorities.
• Asset Classification and Control – is a set of policies which helps with protecting company assets. Provides some classification for the assets so it is obvious which information should be protected more than the other and also policies on which some assets may need to be disposed.
• Personnel Security – addresses a ways to reduce a risk based on human interactivity with the system. As nowadays we refer to code of conduct or terms and conditions of employment that are some of its implementation. It also defines rules in case of violation of its implemented policies.
• Physical and Environmental Security –as it can understood by its name controls the risk based on the premises of the organisation. All sets of health and safety tests, environmental hazards and most importantly it need to be classified so that for instance a payroll officer hasn’t got physical access to Data Centre unless his job description entitles him to. It contains a mechanism which should be triggered in case of a security breach.
• Communication and Operation Management – includes a general ability to control proper functionality of all the assets and operations. Sets of operational procedures, rules to reduce the risk in case of malicious software being detected and network management. It should also contain information about incident management and ways to evaluate the security of current state of the system.
• Access Control – it simply means user and host control. Mechanisms to register and review user accounts, define network routing and segmentation which is also a form of access control for instance you can listen to the network traffic if you are on different subnet. Its host access control is for instance implementation of connection timeouts. One of the most modern sets of policies are set towards mobile computing due to its growth over the years.
• System Development and Maintenance – addresses set of rules to make sure that appropriate security controls are implemented and maintained. Few sub components are cryptography, software integrity and development security all of which are ensuring the integrity and reviewing the development process.
• Business Continuity Management – includes set of policies in case of service interruptions, set of strategies and counteraction in case of that happening.
• Compliance – as it can be understood by its name is a set of policies in place to make sure that everything is up to some sort of standard, it includes things like Data privacy often seen on commercial websites as well as many internal documents such as intellectual property rights.
(audit-is.com.ISO 27002 (ISO 17799), 2006)
ISO 27001/2 helps to manage a valuable resource of information and protects it.
ISO 27001/2 is the international standard that specifies requirements for information security management systems (ISMS) and it has been developed to ensure the selection of adequate and organised security measures are implemented at least at minimum level.
This helps in protecting information and give confidence to users, managers and directors of company that has implemented it. The standard process is based on the method of establishing, implementing, operating, monitoring, testing, maintaining and improving Information systems.
(Calder A., et al. Information Security Risk Management for ISO 27001/ISO 17799 ,2007)
ISO 27001 areas
• Security policy – controls the security structure with law and business requirements, it’s including two parts: information security policy document which shows overall approach and dedication of the organisation to their information security. Second part is the review of information security policy which is based on the first document and shows ongoing progress.
• Organization of information security – is quite detailed and important as it has ability to manage the information security within the company. It’s based on authorisation and accountability – rights are assigned to the job descriptions. Documents the rights for external services like auditors and provides user agreements and risk assessment for both internal and external authorities.
• Asset Classification and Control – is a set of policies which helps with protecting company assets. Provides some classification for the assets so it is obvious which information should be protected more than the other and also policies on which some assets may need to be disposed.
• Personnel Security – addresses a ways to reduce a risk based on human interactivity with the system. As nowadays we refer to code of conduct or terms and conditions of employment that are some of its implementation. It also defines rules in case of violation of its implemented policies.
• Physical and Environmental Security –as it can understood by its name controls the risk based on the premises of the organisation. All sets of health and safety tests, environmental hazards and most importantly it need to be classified so that for instance a payroll officer hasn’t got physical access to Data Centre unless his job description entitles him to. It contains a mechanism which should be triggered in case of a security breach.
• Communication and Operation Management – includes a general ability to control proper functionality of all the assets and operations. Sets of operational procedures, rules to reduce the risk in case of malicious software being detected and network management. It should also contain information about incident management and ways to evaluate the security of current state of the system.
• Access Control – it simply means user and host control. Mechanisms to register and review user accounts, define network routing and segmentation which is also a form of access control for instance you can listen to the network traffic if you are on different subnet. Its host access control is for instance implementation of connection timeouts. One of the most modern sets of policies are set towards mobile computing due to its growth over the years.
• System Development and Maintenance – addresses set of rules to make sure that appropriate security controls are implemented and maintained. Few sub components are cryptography, software integrity and development security all of which are ensuring the integrity and reviewing the development process.
• Business Continuity Management – includes set of policies in case of service interruptions, set of strategies and counteraction in case of that happening.
• Compliance – as it can be understood by its name is a set of policies in place to make sure that everything is up to some sort of standard, it includes things like Data privacy often seen on commercial websites as well as many internal documents such as intellectual property rights.
(audit-is.com.ISO 27002 (ISO 17799), 2006)
Subscribe to:
Posts (Atom)