8/9/2019 Protecting From Network Threats

1/4

8/9/2019 Protecting From Network Threats

2/4

Group wnfaqmufxm;&efjzpfonf/ wpfOD;csif;tvdkuf OD;pGmUser Account rsm; wnfaqmuf &rnf/ Permissions ^ Rights ( Read, Write, Execute, Modify, Full Control ) rsm;aqmifGuf ay;&rnf/ ,if; User Account wlnDolrsm;udkNetwork Operating Systems rsm;rS oabmwlnDpkzGJYxm;jcif;tm; aygif;pyf^yl;aygif;onf(Combined )[kac:onf/ xdkodkYUser rsm;rS

Data t&if;tjrpfrsm; tm; 0ifa&mufoHk;pGJEdkifjcif;udkEffective

Permissions [kac:ygonf/Network Operating system rsm;onf Organization - based Security aqmifGufEdkifygonf/ ,if;udk Organizational Unit (OU ) [kac:ygonf/ Windows 2000 Server, Windows 2003

Server wdkY jzpfNyD;Computers, Groups, Printers, Users, Shared Resources rsm;tm; wpfck wnf;wGifBig Directory Tree tjzpfwnfaqmufxm;Edkifygonf/ Active Directory Users and

Computers [kvnf;ac:ygonf/ xdkodkY aqmifGufjcif;onf MuD;rm;aom pDrHcefYcGJrIjzpfayonf/ ,cifNetwork

Size MuD;rm;vmaomfvnf;One Big Directory Tree wGifxm;Sdjcif;jzifh us,fjyefYMu

vmjcif;rSday/Organizational Unit onf xdkodkYtajctaersm;tm; taxmuftuljyK&efTool yifjzpfygonf/ Organizational Unit onf Users ESifhGroups rsm;twGuf odrf;qnf;&efae&m wpfcktjzpfomaqmifGufjcif;jzpfNyD;Rights ^ Permissions rsm;twGuf &,lEdkifjcif;rSdyg/

Policies

Policy onf User Account, Computer, Group odkYr[kwfOrganizational Unit rsm;twGuf rsm;pGmtaxmuftyHhjzpfygonf/ odkYaomf(Network Operating System rsm;ay:wGifwnfrSD aqmifGuf&jcif;jzpfygonf/Windows 2000 System rsm;ay:wGifLocal Policies rsm;toHk;jyKyg u Local Security Settings [kac:ygonf/

Protecting a Network from External Threats

Physical Protection

xdkodkUaqmifGuf&mwGif tydkif;(2)ydkif;jzifhaqmifGufygonf/Servers Site ESifhClients

Site [laqmifGufEdkifygonf/Server ydkif;aqmif&Guf&mwGif vG,fulpGmaqmifGuUnauthorized Person rsm;twGufLock up wm;jrpfumuG,faqmifGufxm;&efomjzpfo BuD;rm;aom tzGJUtpnf;rsm;wGifSpecial Server Room rsm;tjzpfwnf&SdNyD; jynfhpkHaomCard -

Key Locks rsm;jzifhaqmifGufxm;ygonf/ 0if^xGuf aqmifGufolrsm;udkvnf; p apmifhMunfhaompepfxm;&Sdygonf/ ao;i,faomtzGJUtpnf;rsm;wGif tNrJwapydw umuG,fxm;ygonf/ rarhravsmhaqmifGuf&efrSmNetwork Switches rsm;\ vkHNcHKa&;jzpf onf/ Hackers rsm;onf Network twGif;0ifa&mufEdkif&efrSm ,if;Switches yifjzpfojzifh tvG,fwulcsdwfqufr&Edkif&ef umuG,fxm;&rnfjzpfonf/Server Protection aqmifGuf&m

wGif wpfcgw&HTechs onf Server Log in aqmifGufxm;csdefwGif ta0;a&mufaew ojzifh Screensaver tm; Password Protected aqmifGufxm;&onf/

8/9/2019 Protecting From Network Threats

3/4

Clients ydkif;aqmifGuf&mwGifcufcJaomfvnf;Users rsm;rS tcsdKUaomPhysical Security rsm;udkaqmifGufEdkifayonf/ yxraqmif&Guf&efrSmScreenSaver Password rsm; tokH;jyK& rnfjzpfonf/ Hacker rS Network twGif;0ifa&muf&ef BudK;yrf;rI&,lEdkifrnfr[kwfay/ tcsuftaejzifh okH;pGJaompmGufpmwrf;rsm;tm; rvdktyfonfhtcgtvG,fwultrdIu

pGefUypfonfhtavhtxr&Sdap&ef ESifh tydkif;tprsm;tjzpfjzwfawmufypfEdkifaomPaper Shedder xm;&Sd&efvdktyfygonf/ aemufqkH;tcsuftaejzifh kH;cef;wpfcktwGif;0ifa&m rsm;zGifhMunfhygu t0ga&mifSticky Notes jzifhUser names ESifhPasswords rsm;tm;awGU& avh&Sdygonf/Users rsm;taejzifhNote Down aqmifGufygu vkHNcHKpGmaomhcwf &ayonf/

FireWalls Firewall onf Network tm; umuG,fEdkif&ef enf;vrf;rsKd;pkHjzifhtokH;jyK

Hiding IP Adresses ESifhBlocking TCP/IP Ports rsm;jzpfygonf/

1. Hiding IP AdressesNetwork rsm;udk umuG,f&ef trsm;qkH;tokH;jyKaomenf;ynmrSmInternal Network

twGif;wGif trSefwu,ftokH;jyKaeaomReal IP rsm;tm;Internet rSrjrifap&efHide vkyf xm;jcif;jzpfygonf/Hacker onf Real IP &&SdyguNetwork System tm; vG,fulpGm&SmazG EdkifrnfjzpfojzifhReal IP rsm;tm;rjrifEdkif&efHide vkyfxm;jcif;jzpfonfHacking Techniques rsm;twGuftvG,fulqkH; umuG,fwm;qD;EdkifrIyifjzpfygonf/ xdkodkUaqmifGufNetwork Address Translation (odkUr[kwf)Proxy Server rSwqifhInternal Network wnfaqmuf&ef

jzpfygonf/ Network Address Translation ESifhProxy Server tm; rnfonfudkaqmifGuf&ef aG;cs,f&onfrSm okH;pGJrnfhNetwork ay:rIwnfaG;cs,f&onf/ tb,faMumifhqdkaomf wpf csif;pDwGif&Sd pGrf;aqmif&nfrsm;wGif aumif;usKd;^qdk;usKd;rsm; ,SOfwGJ onf/

NATs onf IP Addresses udkTranslate vkyfjcif;omaqmifGufjcif;jzpfNyD;TCP Ports odkUr[kwfInformating ESifhvkH;0roufqdkifay/Proxy Server onf Port Number ajymif;vJjcif; ESifhReal IP Address tm; Hide vkyfjcif;aqmifGufEdkifonf/ xdkodkUProxy Server okH;pGJjcif;jzif

Security Level jrifhrm;oGm;rnfjzpfaomfvnf; wefzdk;jrifhrm;oGm;rnfjzpfonf/ ,if aMumifhNetworks rsm;onf NATs udkomokH;pGJavh&Sdygonf/Proxy Server onf Web Service om aqmifGufEdkifNyD;Port ESifhIP ajymif;vJwdkif;Network twGif;&SdClient Application rsm;Update aqmifGufay;&onf/

2. Port Filtering

'kwd,tokH;trsm;qkH;Firewall Tool rSmPort Filtering jzpfonf/ Port Blocking [k vnf;ac:ygonf/ Hackers rsm;onf pkaygif;okH;pGJvQuf&Sdonfhtenf;i,faomPort rsm;rS 0ifa&muf&efBudK;yrf;avh&Sdygonf/Port Filtering qdkonfrSm rnfonfhTCP odkUr[kwfUDP

Packets onf rvdktyfonfh Port rsm;odkUjzwfoef;jcif;rS wm;qD;umuG,fNyD; okH;vdPort wpfckodkUomoGm;&efSystem Administrator rSaqmifGufay;jcif;jzpfonf/Port Filtering onf

8/9/2019 Protecting From Network Threats

4/4

rsm;pGmxda&mufrI &Sdygonf/ odkUaomfvkyfief;aqmifGuf&mwGif qDavQmConfiguration tm;tav;teufxm;jyKvkyf&efvdktyfygonf/ rnfolrqdkjyoemr&SdEdkifonfrSmWell - Known

Port rsm;jzpfonfh80(HTTP) ? 20/21(FTP) ? 25(SMTP) ? 110(POP) jzpfNyD; tNrJwap xdktenf;i,faom Lesser-known ports rsm;onfNetwork rsm;wGifyGifhaewwfygonf/

rMumrDu rdrd\Personal Firewall twGif; Port Filtering udkwnfaqmufcJh&m t&m&m aumif;rGefpGmvkyfaqmifEdkifcJhygonf/ rdrdrSInternet Game jzpfonfhHalf - Life udk upm;&ef qkH;jzwfcJh&m ,if;Game wGifvdktyfaomTCP ports rsm;jzpfaom27010 ESifh27015 rsm;

Internet ay:wGif yGifhaernfjzpfygonf/ xdktjyifMicrosoft Netmeeting tokH;jyKvdkyguPorts 389 ? 522 ? 1503 ? 1720 ESifh1731 wdkUyGifhrSomaqmifGufEdkifrnfjzpfygonf/

aom Ports rsm;rS0ifa&mufvmEdkifojzifh apmifhMuyfMunfhIae&rnfjzpfonf/ x udk netstat - an command jzifhMunfhIUEdkifygonf/Linux wGifIPFILTER/NETFILTER jzifh

Firewall \vkyfaqmifcsufrsm;udkMunfhIEdkifonf/

aemufydkif;Garteway Router rsm;onf NAT ESifhPort Filtering ESpfckvkH;udk wpfN wnf;aqmifGufvmEdkifNyDjzpfygonf/

3. Packet Filtering

Port Filtering onf Port Number rsm;udkomqufqHaqmifGufNyD;IP Address tm; vkH;0 tav;*krjyKay/IP Packet rsm;0ifa&mufvmjcif;udkFiltered vkyfxm;aomPort Number rsm;ESifhawGUygu ,if;Packet rsm;Block jzpfoGm;rnf/IP Address tm; tav;*kjyKjcif; awmhr[kwfay/Packet Filtering onf IP Address wpfckwnf;om apmifhMunfhjcif;jzpfon

xdkaMumifhPacket Filtering udkIP Filtering [kvnf;odMuNyD; owfrSwfxm;aomIP odkUr[kwfIP Address Range twGif; 0ifvmaom^xGufoGm;aomPacket rsm;tm;Block vkyfEdkifygonf/Packet Filtering onf Outgoing IP Address rsm;tm;Block vkyf&efNetwork Administrator rSInternal System rsm;jzpf odNyD;Specific IP rsm;udkaqmif&Guf&ojzifh usefonfxufFiltering

vkyf&jcif;ydkrdkaumif;rGefygonf/Internet 0ifa&muf&ef wm;jrpfxm;aomUsers rsm;twGufOutgoing Packet rsm;tm;Block vkyfxm;jcif;onf aumif;rGefaomenf;vrf;wpfckjzpfygonf/