Introduction Of Computer Network Security

Computer network security is important and should be learned by experts network for the convenience of the user while accessing the internet. With the construction of computer networks, a computer will be easier and more frequently accessed. With the increasing number of access, automated computer security is increasingly vulnerable, especially if there are users who have bad intentions. Security settings on the computer network at its core is the set access software or hardware. Security software / hardware security should always be checked so as not to cause disruption in the system. 

4.1. Security hardware 

Security hardware is often forgotten but is usually the main thing to keep the network from the destroyer. In security hardware, servers and data storage should be a major concern. Physical access to servers and critical data should be limited as much as possible. It would be easier for thieves to take the hard drive data or tape backup of the server and the storage of data rather than having to tap the software from the network. Garbage should also be considered because a lot of hackers who come to the garbage company to find information on its computer network. One way of securing hardware is placed in a room that has good security. Airways holes need to be given attention because people can just enter the server room through the channel. Network cables must be protected so as not easy for a hacker to cut the cable and then connect to the computer. 

Access to computers can also be restricted by setting security on BIOS level that would prevent access to a computer, format the hard drive, and change the contents of the Main Boot Record (where information partition) hard drive. The use of hardware autentifikasiseperti smart card and finger print detector is also worth considering to improve security. 

4.2. Security software 

As already mentioned in the previous chapter that the first step to reduce the security risk is not to install unnecessary things on the computer, especially on the server. For example, if the server is only assigned to the router, do not need web server software and an FTP server installed. Limit the software that is installed will reduce the conflict between the software and limit access, for example if the router is also fitted with an FTP server, then the people from the outside with anonymous logins may be able to access the router. Software to be installed should also have good security settings. The ability of encryption (data scrambling) is a specification that must be owned ooleh software that will be used, especially because 128-bit encryption with a consistent 56-bit encryption has to be solved easily at this time. Some software that has a security hole is the sendmail mail server and telnet applications. Sendmail has a disadvantage that can ditelnet without logging in port (25) and accessor can create an email with a fake address. Telnet application has deficiencies transmit data without encrypting (scrambling the data) so that when it can be tapped will be very easy to get the data. 

The second thing to note is the password. Should set the minimum password length fatherly complicate memcahkan password hacker. Password will also be better if not composed letters or angak course, small or all capital letters, but should be combined. Encryption can increase network security by randomizing passwords and usernames, either in the record in the host as well as password and username that is passed the current network to log into another computer. 

For users who do not need to physically access the server, also need to be set so that user can only access from the client computer. In Windows NT, the term is a logon locally. Users also need to be restricted so as not to be shut down or reboot the computer. On UNIX systems by default, pressing ontrol-Alt-Delete will cause system reboot. 

Limiting traffic TCP / IP is the most widely used. Limiting traffic here, for example do not allow a host or network packets passing through the router, especially if the host has to know is owned by hackers. The most widely performed is to shut down certain ports that are not needed, such as telnet port (23) and FTP port (21). 

Routing is not apart from the security breach. Disorder that often arises is the provision of false information about path routing (source routing in the IP header). Giving false information is usually intended to be datagram-datagram can be tapped. To prevent such a thing, the router must be set to not allow source routing and the routing protocol diseertakan password authentication or some sort of order routing information is only obtained from a trusted router. Authentication is contained in the RIP version 2 and OSPF version 2.