Vu Manh Cuong VASC Software Development Company
(firewall)
Question
In parallel with building the foundation of information technology, as well as developing computer applications in production, business, science, education, society, etc., the protection of those achievements is an indispensable thing. Using firewalls to protect your intranet, avoiding external attacks is a good solution to ensure that:
Safe for the operation of the entire network
High security in many ways
Highly controllable
Guaranteed fast speed
Flexible and easy to use
Transparent with user
Ensure the architecture is open
As part of this article, let's pause at the issues that need to be protected online and the forms of attacks on the network. It provides specific protection methods.
The need to protect information
Reason
Today, the Internet, an enormous information treasure, has served as a platform for many businesses to strike for different purposes. Sometimes, it's just to try it out or play it with someone else.
With the continued growth of Internet and Internet services, the number of cyber attacks has grown exponentially. While mass media has increasingly come to the Internet with its seemingly endless possibilities of accessing information, professional literature has begun to address security and safety issues. Data for computers connected to the Internet.
According to CERT (Computer Emissions Response Team) data, the number of Internet attacks reported to the organization was less than 200 in 1989, about 400 in 1991, 1400 in 1993, and 2241 in 1994. These attacks targeted all computers on the Internet, computers from all major AT & T, IBM, universities, government agencies, military organizations, banks, etc. Some attacks are huge (up to 100,000 PCs are attacked). Moreover, these numbers are just the tip of the iceberg. A large part of the attacks are not reported, for various reasons, including the fear of losing credibility, or simply the system administrators are unaware of the attacks on their system.
Not only did the number of attacks increase rapidly, but the attack methods continued to improve. This is partly due to the increased awareness of system administrators connected to the Internet. According to CERT, attacks in the period 1988-1989 mainly guessed the UserID-password or used some of the security holes and programs to disable the system. However, recent attacks include IP address spoofing, network traffic tracking, remote telnet sessions, or rlogin.
The need to protect information on the Internet can be divided into three categories: Data protection; Protect your online resources and protect your reputation
Data protection
The information stored on the computer system should be protected due to the following requirements:
Confidentiality: Information that is of economic, military or policy importance should be kept confidential.
Integrity: Information is not lost or modified, exchanged.
Timeliness: Requires access to information at the right time.
In these requirements, the security requirement is considered the # 1 requirement for information stored on the network. However, even if this information is not kept confidential, the integrity requirements are also important. No individual or organization wastes material resources and time to store information without knowing the correctness of such information.
Protect the resources used on the network
In fact, in attacks on the Internet, attackers, after having mastered the internal system, can use these machines to serve their purposes by running password-checking programs. The use of existing network links to further attack other systems, etc.
Protect the reputation of the agency
The vast majority of attacks are not widely reported, and one of the causes is the fear of losing the credibility of the agency, especially the large companies and important bodies in the state apparatus. In the case of system administrators only known after the system itself is used as a springboard to attack other systems, the loss of credibility is huge and can have long-term consequences. .
