Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
0Activity
0 of .
Results for:
No results containing your search query
P. 1
CBSN4103 Answer

CBSN4103 Answer

Ratings: (0)|Views: 2 |Likes:
Published by Kreatif Tuisyen
Sains
Sains

More info:

Categories:Types, School Work
Published by: Kreatif Tuisyen on Aug 13, 2014
Copyright:Traditional Copyright: All rights reserved

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less

08/13/2014

pdf

text

original

 
1.0The Introduction to Virtual Private Network (VPN)
According to
 Lewis, Mark (2006),
virtual private network (VPN) can be described as theextended private network as well as the resources that consist in the network across the publicnetworks like the Internet. The implementation o the Virtual Private Network (VPN) will pla! an important role to allow the host computer to send as well as received the data acrossshared or public networks. It can emulate the properties o the private network such as shares"server access" as well as printer b! establishing and maintaining the securit! as well asmanagement policies o the respective private network in the organi#ation. $bviousl!" theVirtual Private Network (VPN) can be done b! establish the point % to % point connection viathe uses o either the dedicated connection or via the encr!ption or even combining both o the methods. According to the explanation rom & 
. Morris and K. Thompson (1979),
 the Virtual Private Network '!stem can be classiied according to
The protocols used to tunnel the traic
The tunnels termination point"
*hether the! oer site+ to+site or remote access connectivit!
The levels o securit! provided
The $'I la!er the! present to the connected network. ,iagram -. The example o Internet Virtual Private Network (VPN)
2.0Evaluation of the Encryption ethod! and "ecurity I!!ue!
According to
 H. Krawczk, M !e""are and #. $ane%%i (1997),
encr!ption is an importantmethod to use in the virtual private network (VPN). It is to ensure the virtual private network (VPN) is secure and limiting user access so that the data is protected and onl! can be
 
accessed b! the authenticated person onl!. As in virtual private network (VPN)" it uses thecr!ptos!stem to scramble the data into the cipher text" then decr!pted back into readable text b! the recipient. There are two t!pes o cr!ptos!stem that been used in virtual privatenetwork (VPN)" namel! s!mmetric and as!mmetric. $verall" the s!mmetric cr!ptograph! isver! likel! to be much aster to deplo! and used in the Virtual Private Network. $bviousl!" itis commonl! used to exchange large packets o data between two parties who know eachother" and use the same private ke! to access the data. /owever" the as!mmetric s!stems that been used to encr!pt the data that send via the VPN server and client are ar more complex. Itis because the users are re0uiring a pair o mathematicall! related ke!s to do the decr!ption.The ke!s are public and one private % in order to be accessed. This method is oten used or smaller" more sensitive packets o data" or during the authentication process in the virtual private network (VPN).$bviousl!"
 &. Harkins and &. $arre" (199')
explained that the longer encr!ption ke!" thestrongest it was. It is because the bit length o the algorithm determines the amount o eortre0uired to crack the s!stem using a 1brute orce2 attack" where computers are combined tocalculate all the possible ke! permutations. 'o" the users are advised to use the longer encr!pted ke! so that the data that been transmitted rom the virtual private network (VPN)server and clients are save. /owever" the Virtual Private Network (VPN) data encr!ption does not provide the end % to % end data encr!ption. According to
 #. ereira and . !ea*"ie* (1999) ,
 the end+to+endencr!ption is the data that encr!pted between the client applications and server hosting theresources or even the services that is accessed b! the client application. $n the other hand"
 &. Harkins and &. $arre" (199')
 explained that there are man! relevantsecure VPN protocols are used to transer or transmit the data rom the Virtual Private Network (VPN) server to the clients. Among the Virtual Private Network (VPN) protocolsthat been used are
IP'ec (Internet Protocol securit!)
Transport 3a!er securit! (''3)
,atagram Transport 3a!er securit!
4icrosot Point % to % point encr!ption
'ecure 'ocket Tuning protocol
4PVPN
 
'ecure 'hell/owever" there are still man! securit! related issues occurred in the Virtual Private Network (VPN). 5ach o the securit! issues will be discussed clearl! and relevant examples will be  provided to support the discussion.
(#) any #uthentication ethod! are too weak to Provide #de$uate "ecurity for %o!tor&ani'ation!
As explained b!
 H. Krawczk, M !e""are and #. $ane%%i (1997),
the irst securit! issues thathappened in the Virtual Private Network (VPN) is the authentication methods that been usedis too weak and easil! broken b! the unauthori#ed person. It is simpl! because there are man!organi#ations use authentication methods that expose their network to a variet! o securit!attacks. The most secure method o authentication is 5xtensible Authentication Protocol+Transport 3evel 'ecurit! (5AP+T3') when used in con6unction with smart cards. /owever"5AP+T3' and smart cards re0uire a public ke! inrastructure (P7I)" which can becomplicated to deplo!. Thereore" it will become a serious threat or the users o VirtualPrivate Network (VPN) in the oice.
() e%ote #cce!! #ccount *o&out can +eny Network acce!! to authori'ed u!er!.
According to
 #. Morris and K. Thompson (1979),
 the authori#ed users might be blocked romaccess the network" It Is because i a malicious user attempts a dictionar! attack with thelogon name o an authori#ed user" both the malicious user and the authori#ed user are lockedout o the account until the account lockout threshold is reached. Thereore" it will cause ver!inconvenience or the authori#ed users especiall! when the! wish to access the Virtual Private Network (VPN) to get some data or resources. Thereore" it is a securit! related issue thathappens in the Virtual Private network (VPN).
(,) an-in-the-iddle #ttack!
As or the third securit! issues that occurred in the Virtual Private Network (VPN)" it is callman+in+the+middle attacks.
 H. Krawczk, M !e""are and #. $ane%%i. (1997)
 explained that thesecurit! issue happens when the Virtual Private Network (VPN) server is using I75Aggressive 4ode" and it is possible to determine a valid username and password" then an

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->