Question

what can be the impact of a computer network attack?

Where in your networks would you place a router, compared to a switch and how do the two devices work with an IDS and a firewall to protect the LAN from attack? Why?

Answer 1

Serial A)

The problem is that defining information warfare and information operations in these broad terms does little to focus defenses against current and new threats that take advantage of new weapons systems opportunities -- the threat and use of Computer Network Attacks ("CNA"). When the Countries addresses certain "strategic" centers-of-gravity such as a country power grid, stock market or banking system, are you able to actually target centers-of-,mvity that can approach strategic devastation.

"weapons" and targets include hack attacks, malicious software, back doors, destructive microbes, attacks on the banking system, denial of service, and disruption of national systems such as the air traffic control system, power grid or telephone systems, that could result in the "electronic Pearl Harbor" .

CNA targets in four distinct types of vulnerabilities

Major physical infrastructure elements such as bridges, dams, canals, pipelines, and rail switching points. Obvious military "Achilles' Heels", such as submarine communications antennas, military sea departure channels, electrical power and communications supporting commands Vulnerability of core data streams such as military logistics, transportation status, financial accounts and financial transfers Vulnerability of the Intelligence Community to physical and cyber attacks against communications downlinks, Joint Intelligence Centers, global geo-spacial data.

Serial B)

Intrusion Detection System (IDS)

Intrusion Detection (ID) is the process of monitoring for and identifying attempted unauthorized system access or manipulation. An ID system gathers and analyzes information from diverse areas within a computer or a network to identify possible security breaches which include both intrusions (attack from outside the organization) and misuse (attack from within the organization).

An Intrusion Detection System (IDS) is yet another tool in the network administrator’s computer security arsenal. It inspects all the inbound and outbound network activity. The IDS identifies any suspicious pattern that may indicate an attack the system and acts as a security check on all transactions that take place in and out of the system.

Types of IDS

Network intrusion detection system (NIDS)

Host-based intrusion detection system (HIDS)

Perimeter Intrusion Detection System (PIDS)

VM based Intrusion Detection System (VMIDS)

Serial C)

Comparison with Firewall

Though they both relate to network security, an intrusion detection system (IDS) differs from a firewall in that a firewall looks outwardly for intrusions in order to stop them from happening. Firewalls limit access between networks to prevent intrusion and do not signal an attack from inside the network. An IDS evaluates a suspected intrusion once it has taken place and signals an alarm. An IDS also watches for attacks that originate from within a system. This is traditionally achieved by examining network communications, identifying heuristics and patterns (often known as signatures) of common computer attacks, and taking action to alert operators. A system that terminates connections is called an intrusion prevention system, and is another form of an application layer firewall.