Unit-1:computer Network security introduction

What is Network Security?

Network security allows you to take preventive measures to help protect the networking infrastructure from malfunction, misuse, destruction, modification, unauthorized access, etc. While you are uploading your data on the internet and thinking it is safe and secure, attackers can breach this data and leak confidential information or steal money. This is why it is necessary to secure your network.

Network security, is an important part of cyber security and, helps in protecting your network and data stored in it from breaches, software and hardware intrusion, and more. Network security defines a set of important rules, regulations, and configurations based on threats, network use, accessibility, and complete threat security.

Physical Network Security

One often-overlooked network security element involves protecting hardware devices from theft and physical intrusion. Corporations lock network servers, network switches, and other core network components in well-guarded facilities. These measures aren’t practical for homeowners, but you can keep your password-protected broadband routers in a private location, away from neighbors and houseguests.

If you’re concerned about data theft through physical means, such as someone stealing a computer or router, consider not storing your data locally. Online backup services and cloud storage sites store sensitive files offsite at secure backup locations. Even if the local hardware is stolen or compromised, the files are still secure.

Mobile Physical Security

The widespread use of mobile devices has made physical security even more important. Smartphones fall out of pockets and are easy to leave behind, leaving them vulnerable to theft. Laptops and tablets are also frequently stolen. To keep your mobile devices safe, consider these precautions:

  • Be alert to your physical surroundings whenever you use mobile devices, and put them away safely when you’re finished.
  • Activate remote tracking software if possible, so you can track and even remotely erase a stolen device.
  • Use a password with all your mobile devices so they’re not easy for prying eyes to view.
  • Stay in visual contact with your phone if you loan it to someone. A malicious person can steal personal data, install monitoring software, or otherwise hack a phone in just a few minutes when it’s left unattended.

Password Protection

If applied properly, passwords are an extremely effective way to improve network security. Take password management seriously, and don’t use weak, easy-to-guess passwords such as 123456. A few other best practices in password management go a long way toward network and device security. Consider these precautions:

  • Set strong passwords or passcodes on all devices that join the network.
  • Change the default administrator password of network routers.
  • Don’t share passwords with others unless absolutely necessary.
  • Set up guest network access for friends and visitors, if possible.
  • Change passwords frequently, especially if you’ve shared them or they’ve been discovered.

To make it easier to find and use passwords, store them in a password manager.


Even without physical access to a device or knowing any network passwords, illicit programs such as spyware can infect computers and networks. This happens when you visit malicious websites accidentally or through a link in a phishing email.

Spyware takes many forms. Some types monitor computer usage and web-browsing habits to report the data to corporations, who then use it to create targeted advertising. Other kinds of spyware attempt to steal personal data.

One of the most dangerous forms of spyware, keylogger software, logs and sends the history of all keyboard actions, capturing passwords and credit card numbers along the way.

All spyware attempts to function without the knowledge of anyone who uses the infected computer, thereby posing a substantial security risk to the computer and the network to which it’s connected. Because spyware is difficult to detect and remove, security experts recommend installing and running reputable anti-spyware software on computer networks.

Online Privacy

Personal stalkers and identity thieves monitor people’s online habits and movements well beyond the scope of basic spyware.

Wi-Fi hotspot usage on commuter trains and automobiles reveal your location, for example. Even in the virtual world, much about a person’s identity can be tracked online through the IP addresses of their networks and their social network activities. Privacy protection tools include anonymous web proxy servers and VPN services.

What Is Attack?

A cyber-attack is an exploitation of computer systems and networks. It uses malicious code to alter computer code, logic or data and lead to cybercrimes, such as information and identity theft.

We are living in a digital era. Now a day, most of the people use computer and internet. Due to the dependency on digital things, the illegal computer activity is growing and changing like any type of crime.

Cyber-attacks can be classified into the following categories:

  • web based attacks
  • system based attacks

Web-based attacks

These are the attacks which occur on a website or web applications. Some of the important web-based attacks are as fo

1. Injection attacks

It is the attack in which some data will be injected into a web application to manipulate the application and fetch the required information.

Example- SQL Injection, code Injection, log Injection, XML Injection etc.

2. DNS Spoofing

DNS Spoofing is a type of computer security hacking. Whereby a data is introduced into a DNS resolver’s cache causing the name server to return an incorrect IP address, diverting traffic to the attacker?s computer or any other computer. The DNS spoofing attacks can go on for a long period of time without being detected and can cause serious security issues.

3. Session Hijacking

It is a security attack on a user session over a protected network. Web applications create cookies to store the state and user sessions. By stealing the cookies, an attacker can have access to all of the user data.

4. Phishing

Phishing is a type of attack which attempts to steal sensitive information like user login credentials and credit card number. It occurs when an attacker is masquerading as a trustworthy entity in electronic communication.

5. Brute force

It is a type of attack which uses a trial and error method. This attack generates a large number of guesses and validates them to obtain actual data like user password and personal identification number. This attack may be used by criminals to crack encrypted data, or by security, analysts to test an organization’s network security.

6. Denial of Service

It is an attack which meant to make a server or network resource unavailable to the users. It accomplishes this by flooding the target with traffic or sending it information that triggers a crash. It uses the single system and single internet connection to attack a server. It can be classified into the following-

Volume-based attacks- Its goal is to saturate the bandwidth of the attacked site, and is measured in bit per second.

Protocol attacks- It consumes actual server resources, and is measured in a packet.

Application layer attacks- Its goal is to crash the web server and is measured in request per second.

7. Dictionary attacks

This type of attack stored the list of a commonly used password and validated them to get original password.

8. URL Interpretation

It is a type of attack where we can change the certain parts of a URL, and one can make a web server to deliver web pages for which he is not authorized to browse.

9. File Inclusion attacks

It is a type of attack that allows an attacker to access unauthorized or essential files which is available on the web server or to execute malicious files on the web server by making use of the include functionality.

10. Man in the middle attacks

It is a type of attack that allows an attacker to intercepts the connection between client and server and acts as a bridge between them. Due to this, an attacker will be able to read, insert and modify the data in the intercepted connection.

System-based attacks

These are the attacks which are intended to compromise a computer or a computer network. Some of the important system-based attacks are as follows-

1. Virus

It is a type of malicious software program that spread throughout the computer files without the knowledge of a user. It is a self-replicating malicious computer program that replicates by inserting copies of itself into other computer programs when executed. It can also execute instructions that cause harm to the system.

2. Worm

It is a type of malware whose primary function is to replicate itself to spread to uninfected computers. It works same as the computer virus. Worms often originate from email attachments that appear to be from trusted senders.

3. Trojan horse

It is a malicious program that occurs unexpected changes to computer setting and unusual activity, even when the computer should be idle. It misleads the user of its true intent. It appears to be a normal application but when opened/executed some malicious code will run in the background.

4. Backdoors

It is a method that bypasses the normal authentication process. A developer may create a backdoor so that an application or operating system can be accessed for troubleshooting or other purposes.

5. Bots

A bot (short for “robot”) is an automated process that interacts with other network services. Some bots program run automatically, while others only execute commands when they receive specific input. Common examples of bots program are the crawler, chatroom bots, and malicious bots.