Security and Transmission Media
...ecurity/WirelessInSecurity.php talks about wireless security very succinctly. “Most access points these days have a number of security features available, but by default, they are almost always turned off. This is one of the main reasons wireless networks can be so insecure. More often than not, they are configured with default out-of-the-box settings, which mean there is no security at all. Each feature has a weakness, but by using a combination of some or all of the features, you can make a wireless network very secure—secure enough for almost any library environment. The type of wireless security features implemented can widely vary depending on the size and needs of a library. Many of the out-of-box solutions in this section are optimal for smaller libraries with limited IT staff. Please see the section on "Public Wireless Access for Enterprise Solutions" for larger scale solutions.“ Regardless of the measures in place the lack of security in the air is inherent in that the air is the most accessible space near any network or system. A hacker with a laptop and a wireless network card could drive down any street in America and hack into multiple home LANs. The International Organization for Standardization (ISO), and the International Telecommunication Union Telecommunication Standardization Sector (ITU-T), The OSI reference model; a network architectural model developed consists of seven layers, each of which specifies particular network functions, such as addressing, flow control, error control, encapsulation, and reliable message transfer. The lowest layer (the physical layer) is closest to the media technology. The lower two layers are implemented in hardware and software whereas the upper five layers are implemented only in software. The highest layer (the application layer) is closest to the user. Dedicated services, also known as private lines, are somewhat like having two tin cans and a string between sites. The "string" and "tin cans" are for the exclusive use of the organization that leases them. The "string" portion is the medium over which the voice or data transmission is sent. The medium is generally copper, microwave or fiber optics. The "tin cans" are the devices, such as a telephone, modem, cable modem or terminal adapter, that allow sites to transmit computer-generated or voice signals between locations. Some organizations have such a high volume of voice, video or data calls between locations that they opt to use dedicated, private lines to connect sites together. These dedicated, private lines are available for the exclusive use of the customer that leases them from a carrier or local telephone company. A retail chain in the Boston area has sufficient data communications traffic between its headquarters, warehouses and stores that it has 90 dedicated links connecting end-sites to headquarters for the purpose of inventory status and updates on store sales. This is the chain's own private network. These dedicated links may be cheaper than paying by the minute for multiple calls to the same sites. Private, dedicated links cost a flat fee per month. Costs are not based on the amount of voice or data transmitted or the amount of time the dedicated links are in use during the month. Another factor in the decision to use dedicated services is the desire for secure transmissions. Some firms believe that public network services such as frame relay are too public or open to hacking for applications such as funds transfer. Large firms may have private networks made up of multiple "strings and tin cans" connecting sites together. These are private networks, available only to the particular company that leases or builds them; outsiders simply dialing into them cannot access them. The example above of a retail chain with 90 dedicated links is also a wide area network or WAN service. The dedicated links connect sites that are located outside of the immediate building or campus area. Organizations with private networks lease these dedicated lines to interconnect their various sites. Examples of private lines are DATAPHONE Digital Service (DDS), Accunet Spectrum of Digital Services from AT&T and Clearline from Sprint. All local telephone companies also sell private lines. Because of the high maintenance and monthly telephone company fees associated with dedicated private lines, many companies now use managed data services from network service providers. These services act like private lines but are shared by multiple customers. Because they act like private lines they are called virtual private networks, or VPNs. They are virtually private. Examples of VPNs are frame relay services covered in Chapter 6 and VPNs that use the Internet Protocol, covered in Chapter 9. a. Which transmission media are the most secure? Fiber is the most secure since it can’t be hacked into. b. Which transmission media are least secure? Wireless is the least secure…cell phone etc. c. What type of security is associated with each level of the Open Systems Interconnect (OSI) Model? Only care about 1-4 Physical: Locked Doors and Armed guards Data Link: Fast Lane…ATM Encrypted Network: Firewalls Transport: Firewalls Session: (SSL????) Really isn’t one Presentation: Codes???? Application: Passwords for programs etc. Network Working Group D. Waitzman Request for Comments: 1149 BBN STC 1 April 1990 A Standard for the Transmission of IP Datagrams on Avian Carriers Status of this Memo This memo describes an experimental method for the encapsulation of IP datagrams in avian carri...