Factors that a small network administrator must consider when supporting real-time applications.

4.1 General Use and Ownership

While 's network administration desires to provide a reasonable level of privacy, users should be aware that the data they create on the corporate systems remains the property of . Because of the need to protect 's network, management cannot guarantee the confidentiality of information stored on any network device belonging to .

Employees are responsible for exercising good judgment regarding the reasonableness of personal use. Individual departments are responsible for creating guidelines concerning personal use of Internet/Intranet/Extranet systems. In the absence of such policies, employees should be guided by departmental policies on personal use, and if there is any uncertainty, employees should consult their supervisor or manager.

InfoSec recommends that any information that users consider sensitive or vulnerable be encrypted. For guidelines on information classification, see InfoSec's Information Sensitivity Policy. For guidelines on encrypting email and documents, go to InfoSec's Awareness Initiative.

For security and network maintenance purposes, authorized individuals within may monitor equipment, systems and network traffic at any time, per InfoSec's Audit Policy.

reserves the right to audit networks and systems on a periodic basis to ensure compliance with this policy.

Network Address

Your workstation is probably configured to get a network address via dynamic host configuration protocol (DHCP). But in this case, to keep things simple, we’re going to specify fixed IP addresses for both the workstation and the target.

The Fedora graphical menu for changing network parameters is accessed from Administration -> Network Configuration.4 In the Network Configuration dialog box, select the Devices tab (it’s the default), highlight eth0, and click Edit. In the Ethernet Device dialog, General tab, unselect the “Automatically obtain IP address settings with …” box. Now enter the fixed IP address. Network address 192.168.1 is a good choice here because it’s one of a range of network addresses reserved for local networks. Select node 2 for your workstation. Enter the Subnet Mask as shown in Figure 4.4. You may also want to set the Default Gateway Address and DNS nodes if you’re connected to a network.

The checkbox Controlled by NetworkManager can be a problem. If your network port is already active and this box is checked, it’s probably not an issue. But note when you exit back to the Network Configuration dialog, the Activate and Deactivate buttons are not “active.” If the network port is not active, you have no control over it and it’s unlikely to be auto-activated at boot time. What I have found to work through experimentation is to uncheck the NetworkManager box in the edit dialog, activate the port, then check the box again. The next time you boot, the port should auto-activate.

When you exit from the Network Configuration dialog, you’re asked if you want to save the changes. Yes you do. You’re also warned that you may have to restart the network. Click OK. My experience has been that you usually don’t have to restart the network.

Alternatively, you can just go in and directly edit the network device parameters file. Network configuration parameters are found in /etc/sysconfig/network-scripts/ where you should find a file named something like ifcfg-eth0 that contains the parameters for network adapter 0. You might want to make a copy of this file and name it something like dhcp-ifcfg-eth0. That way you’ll have a DHCP configuration file for future use if needed. Now open the original file with an editor (as root user of course). It should look something like Listing 4.1a. The lines shown here may be in a different order and interspersed with other lines.

Change the line BOOTPROTO=dhcp to BOOTPROTO=none and add the four new lines as shown in Listing 4.1b. Strictly speaking, the Gateway entry is only necessary if the workstation is connected to a network with Internet access.

Ubuntu users will find that the graphical network configuration dialog, if indeed it exists at all, is virtually impossible to access. So you’ll need to edit the appropriate configuration file, which is /etc/network/interfaces. Initially, this file has two lines describing the local loopback interface as shown in Listing 4.2a. Add the four new lines as shown in Listing 4.2b that describe eth0. Again, the Gateway entry is only necessary if the workstation is connected to a network with Internet access.

Backing Up Data

Performing regular backups of mail and other critical data is one of the basic tasks of network administration. Daily backups of Exchange Server as well as important business data should be scheduled and run to ensure availability and integrity of company information. Many administrators tell stories of how a good backup strategy has helped save entire organizations.

There are many brands of backup software to choose from and with them many options available for performing Exchange Server backups. Exchange can be backed up and restored via almost all of the major backup software packages as well as the Microsoft proprietary backup software, NTBackup. In fact, NT/2000 Backup comes with a built-in interface for Microsoft Exchange Server (see Figure 9.18). In this interface, the Exchange directory database and the Information Store can be backed up to tape and restored to any other server on the network.

There are two ways to perform a backup on Microsoft Exchange Server: offline backup and online backup.

An offline backup is basically a file copy procedure. The Exchange server and its services are stopped and the system files are backed up to tape or other media (see Figure 9.19). Online backups are considerably better than offline backups for a number of reasons. The most important is that the Exchange Server does not have to be shut down to perform the backup. This means that users can still be connected and communicating while the Information Store and Directory Service databases are being backed up.

Backups should be done via the incremental or differential rotation strategy where a full backup is performed at the beginning and the end of the cycle, and incremental or differential backups are performed in between. This ensures that the most up-to-date copy of the server is available. When performing backups using this strategy, the circular logging feature in Exchange should be disabled. Circular logging is the feature in Exchange that minimizes the amount of disk space used by the transaction logs of the activity in the Information Store and Directory Service databases. It is usually a good idea to disable this feature (see Figure 9.20) because then we can have a snapshot of Exchange Server database activity in our backup. Some Exchange experts even recommend disabling the feature altogether.

Review Administrative Documentation

Each system should be documented to ensure consistent processing. Some of the areas of concern include:

Description of the logon process

Written operations procedures

List of available software, including version numbers

Security requests and authorizations

Application documentation availability

Network administration documentation

Documentation should also remain and be kept secured such that only authorized personnel can gain access to it.

Identify level of vendor support

As a part of the audit, an investigation of system maintenance agreements with both internal and external parties should be conducted. This will generally involve interviews with administrators and possibly legal teams. One often overlooked area is the analysis of contractual statements in support agreements with venders.

Some areas to consider include:

Extent of multivendor hardware involvement on the network

Extent of multivendor software involvement on the network (IBM, Apple, Microsoft, Claris, Fox, Lotus, etc.)

Extent of vendor support (on-site or off-site, warranty coverage, extended hours, system maintenance agreements, etc.)

Gather information on vendor access to the network for diagnostic purposes

Not only outsource providers but also application venders often have requirements to access systems. It is necessary to review this access with systems administrators to determine the implementation process of workstations and servers for completeness.

Review duties and responsibilities of administrators for proper network security

By interviewing system and network administrators, it is possible to determine the adequacy of personnel resources. To do this, it is necessary to attempt to identify the administrator(s).

Knowledge of the systems they manage

Background and training

Duties of the administrator

The training provided for administrative staff should be adequate to ensure that they can perform their role. Also (in all but the smallest of organizations), it is necessary to ensure periodic rotation of job duties to provide for cross-training and limit questionable practices. This practice will ensure that segregation of duties performed limits opportunities for fraud and malpractice.

Network Maintenance

The auditor should obtain a basic understanding of the software and applications supported across the network. Some the areas to consider when researching the network include:

File server maintenance (preventive maintenance, monitoring, file cleanup, etc.)

How problems on the network are documented and reported to the network administrator

Network problems investigation

How modifications to the network are tested

Use of sniffers (hardware and software) and promiscuous mode to monitor the network

Review system documentation

System documentation should exist not only for server applications but for the user environment as well. There are many reasons for this as simple as improving support and going through to ensuring licensing requirements. An organization should have an understanding of what software it is running and how. This not only includes general client applications, but in many instances legacy software as well. Some examples of software applications that should be considered include:

Word processing or Office productivity software used

Spreadsheet software

Database software

Virus protection software

Electronic mail facilities

File transfer software

Mainframe gateway software

Security software

Drawing software

Scheduling software

Other applications software

In-house developed applications

Understand Network Operations

In order to obtain an understanding of the network operations, the auditor should conduct through discussions with the network and system administrators. Some areas that should be considered include:

Hours of normal operation (staffed and unattended)

Off-hours use–controls, restrictions, and monitoring

Network operations: automated and those requiring operator responses

Automatic log off (time-out) after a certain period of inactivity

Automatic lockout after a certain number of invalid logon attempts—an invader detection feature

Automatic testing of network lines

Automatic switching of network lines in case of line failure

Policy regarding placement of data files on the server

Policy regarding removal of files no longer needed from the server

Authorization to approve and install new software on the network

Approval and installation process for new software

Testing and verification of new applications, especially spreadsheets

Identify functions performed only by the system administrator

Identify functions performed by the system administrator that should be done by others

Many organizations have deployed network monitoring tools (such as Nagios, HP Openview etc.). The auditor should also seek to obtain data from these sources. These can be used to create a network baseline and also to analyze data for unusual occurrences.

4.2 ARPANET

About the same time that SABRE was coming into use, the Defense Advanced Research Projects Administration (DARPA) began a project to interconnect its main computers around the United States (Cheyenne Mountain, SAC Headquarters, and the Pentagon). Licklider was the leader of that effort [17]. Their product was rolled out in 1968 as the Advanced Research Projects Administration Network (ARPANET). Numerous luminaries in the existing field were involved in the initial development, but Paul Baran's packet-switching concepts were at the heart of the construction of ARPANET [18].

Initially, ARPANET and other seminal packet-switching networks had a very minimal footprint in common use. ARPANET first involved just two nodes (in October 1969) and then four nodes (in December 1969) [18]. Nevertheless, the genie was out of the bottle and expansion into the commercial world was achieved by the early 1970s. All that were required to get the foundation completed for the Internet was the creation of TCP/IP in 1975 [19].

Network Servers

Servers are connected to LANs and provide a variety of resources to both network users and network administrators. A common application provides network users with connectivity to the Internet and shared Internet firewalls. Servers have many other uses including hosting web pages and email applications, centralized databases or software applications, printing applications and network administration capabilities. Thus the categories for servers are database servers, applications servers, communications servers, file servers, print servers, proxy servers, and web servers.

From a hardware perspective servers must operate under the heavy demand of a network environment. Their configurations can vary from a desktop PC to a mainframe computer. Most servers are built for a production environment with fast CPUs, multiple processors, hardware redundancy in disks and power supplies, large storage capacity and specialized operating systems and software applications. A server may be installed in an equipment rack or for high density may be a “blade” in a server chassis mounted in an equipment rack.

40.6.1 The benefits of X.25

The advantages of using X.25 are as follows:

Flexibility. A user can make and break communication sessions with many destinations.

Economical. A user only pays for the resources used. It is possible for a user to establish many concurrent communication sessions with the same or different destinations over one physical connection to the network. A network administration can produce a cost reduced system because not every user wishes to communicate at the same time, or continually.

Reliability. The probability of a fault occurring on a relatively short leased line is far less than for a long distance line. If an inter-node link fails within the network the communication sessions can be re-routed and data recovered with little or no inconvenience to the end users.

Maintainability. The node or network is intelligent and can provide statistical and diagnostic information to aid fault tracing.

OSI Compatible. X.25 is part of the OSI model and as such can be used as part of an OSI networking strategy.

The disadvantages of X.25 are:

Network Delay. Although networks can provide the same (or very close) throughput figures to private wires, there is always a finite delay caused as packets are routed (stored and forwarded) through the network. This is a product of the number of nodes in the route across the network, the traffic load on different parts of the network and various other factors.

Poor efficiency with interactive traffic. Because of the way in which packets are built up with the data from a single user per packet, X.25 tends to become inefficient with network bandwidth if a predominance of single character enquiry traffic is being sent. (Compare this with the statistical multiplexer frame with multiple users per frame). However X.25 becomes very efficient for file transfer type applications where the packets can be filled to a maximum. It should be pointed out that in OSI, the layer 4 functionality does include the facility for enveloping multiple channels into a single packet.

Network Congestion. It is not economically viable for a network administration to run a network sized to provide enough bandwidth for the worse case traffic load. Therefore at peak times network congestion conditions occur causing existing sessions to slow down and preventing new sessions from starting. This is analogous to the public telephone networks i.e. “All lines to Cityville are engaged please try later”.

Wrong Numbers. Expensive as generally all outgoing calls are billed.

Network Variance. Not all networks obey the protocol in the same way. This is due to grey areas in the CCITT X.25 Recommendations and to individual manufacturer's interpretations on how to handle exception conditions.

Bureaucracy. Most PTTs insist that X.25 products must pass a set of certification or conformance tests in order to gain permission to connect to their network. This can take a considerable period of time and money. This problem will be resolved to a certain degree in EC countries as the NETs attachment testing regime becomes law.

3.1 Source of Attack

For regular office communication systems there are various sources available concerning security, e.g., CERT Coordination Center (www.cert.org); generally information about recent attacks becomes public quite fast. For automation systems the situation is different and information is hardly made public. The industrial security incident (ISI) database maintained by the British Columbia institute of technology (British Columbia Institute of Technology, 2005) and the reports of the U.S. nuclear regulatory commission are two of the rare yet restricted sources for information.

Owing to the fact that automation systems have been located in restricted areas and that knowledge about the systems was not made public, attacks from insiders have been a major source of threat. In the last years this situation changed and attacks from the outside are becoming more frequent.

Two trends caused this increase of external attacks: first, automation systems became interconnected with other automation networks (horizontal integration) as well as with management and administration networks (vertical integration) – automation networks are no longer island solutions. Second, standardized components are replacing proprietary solutions. Typical examples are operator stations which are based on common operating systems such as MS Windows or Linux.

Both facts allow for electronic remote – no physical presence in a restricted area is necessary – and automated attacks such as worms or viruses. Nevertheless it must be clearly stated that standardized components are not less secure than proprietary ones. In general, standardized and wide spread components undergo a better security audit, but once a weakness is discovered it can be used more easily since it can be applied not only to one system but to multiple ones. As an example the misuse of the Maroochy Shire sewage system [14] – the attacker flooded parks and a river in an Australian town with sewage – was based on an exploit of a weakness of the WEP encryption algorithm of the IEEE 802.11b wireless LAN used in the system. For the intrusion a tool available from the Internet was used.

Another important issue is whether an attack was done intentionally or accidentally. Especially in view of remote maintenance this is a critical issue since the majority of systems, once access is granted, do not apply any further security measures such as restricting access to units that an engineer is responsible for. Fig. 2 shows clearly that the number of accidental attacks is already beyond the number of malicious insider attacks. Since the estimated number of not reported incidents is around 90% (for all kind of attacks) the share of accidental wrong operation will most likely be much higher.

Physical Access Security Methods

Physical security involves protecting systems from bodily contact and requires controlling access to hardware and software so that people are unable to damage devices and the data they contain. If people are unable to have physical access to systems, they will not be able to steal or damage equipment. Physical security also limits or prevents their ability to access data directly from a machine, or create additional security threats by changing account or configuration settings.

Physical security also requires protecting systems from the environmental conditions within a business. Environmental conditions such as floods, fires, electrical storms, and other natural disasters can result in serious losses to a business. These conditions can also leave a business exposed to situations such as power outages, leakage of data due to poor shielding, and other potential threats. Without strong physical security in place, unauthorized persons can access information in a variety of ways. When designing physical security, the first step is to identify what needs to be protected and what it needs to be protected from. Inventories should be made of servers, workstations, network connectivity devices, and other equipment within an organization.

When you are designing security, it is important to strike a balance between the cost of security and the potential loss. Servers are costly and may contain valuable data, so a higher level of security is needed to protect them. On the other hand, an old computer in the Human Resources department that is used for keyboarding tests given to prospective employees needs little or no protection. When determining value, it is important to not only consider the actual cost of something, but also how difficult it is to replace or what the cost to the organization’s credibility would be. While certain data may be of relatively low cost value, it may still be important to a company and difficult to replace.

When you are creating measures to protect systems, it is important to note that threats are not limited to people outside the company. One of the greatest challenges to physical security is protecting systems from people within an organization. Corporate theft is a major problem for businesses, because employees have easy access to equipment, data, and other assets. Because an employee’s job may require working with computers and other devices, there is also the possibility that equipment may be damaged accidentally or intentionally. Physical security must not only protect equipment and data from outside parties, but also those within a company.

A good way to protect servers and critical systems is to place them in a centralized location. Rather than keeping servers in closets throughout a building, it is common for organizations to keep servers, network connectivity devices, and critical systems in a single room. Equipment that cannot be stored in a centralized location should still be kept in secure locations. Servers, secondary routers, switches, and other equipment should be stored in cabinets, closets, or rooms that are locked, have limited access, are air-conditioned, and have other protective measures in place to safeguard equipment.

Did You Know?

Even if the physical security of a location is suitable when a server was installed, it may not be at a later date. In an office environment, people will move to different offices, renovations will be made to facilities, and equipment will be moved. Even though a server was initially placed in a secure location, the server could be moved or the location could become insecure as changes are made.

Unfortunately, many of the decision makers in a company may be unaware of the importance of physical security for network equipment, and make changes without considering implications. In a large organization where much of the network administration is done remotely, IT staff may be unaware that such changes have even occurred.

2.3.2 Network layer

Addressing, network administration, communication channels, and interfaces are the main parts of the network layer. This layer is also responsible for all communications and connectivity for all devices in the network using multiple communication protocols [133]. Unlike the Internet, no well-established or standard protocol exists for the network layer in IoT devices. However, Constrained Application Protocol (CoAP) [140] and Message Queuing Telemetry Transport (MQTT) 3.1 [141] are two common protocols for the IoT networks. This layer transmits information within the network (other nodes) or outside of the network (e.g., the Internet or a sensor network). Since devices in an IoT network have a limited amount of energy and computation, the role of addressing, forwarding, and routing is pivotal in such networks.