NETWORK OS AND SECURITY


Submit Article(s) Benefits Editorial Guidelines Author TOS Home Blog Forum Article Directory About Us FAQ's Contact Us Link To Us Privacy Policy SiteMap

PLEASE DONATE TO KEEP THIS SITE ALIVE

NETWORK OS AND SECURITY

One reason why LANs are becoming accepted today is the easy-to-use operating system. The network operating system simply picks up from where the local operating systems on the PCs leave off. It supplies all the missing bits and pieces required for operating in a networked environment. Operating systems are available for the IBM PCs and OS/2s, UNIX, and the Apple Macintosh systems, to name a few types of desktop systems under LAN.

The major function of the network operating system is to set up one or more computers as the file server(s) and others as the clients. The file server provides various services to the clients such as file sharing, printer sharing and communicating to other clients.

One of the facts of life is that every invention has both, a blessing and a curse. The greatest example of such an invention is the famous equation created by Einstein, E = MC 2 . While it fuelled the creation of atomic energy for power generation, it created even earlier, the atomic bomb. Einstein was reported to have died a very sad man.

With the tremendous advantages that a network thus offers, it has also created the problem of network security. Data is vulnerable since there are multi users on a LAN. Almost all LANs come with fairly sound security features, which sadly are not tamper-proof.

Every user is assigned a separate Login ID and the user can create his own password. It is up to the user thereafter, to protect his password. He should not let it lying around on a piece of paper or select a very simple password that can be found out or cracked by anybody.

The LAN administrator or supervisor performs the functions of creating users, deleting users, assigning users to different devices and securing certain tiles by preventing common access.

The LAN supervisor can decide which user can access which server or printer. An attempt to access a printer, for example, by an unauthorized user will be thwarted. This is necessary because certain printers are very expensive. The same rule applies to other devices also.

Users can be provided with access to only limited number of files and subdirectories. An attempt to access other subdirectories or files then those allocated to a user will be negated. Some LAN software also records all such attempts, thus creating documentation than be used to enforce discipline among the LAN users. Many LAB supervisors also follow the practice of changing the login IDs and passwords periodically. Suitable messages are displayed on the LAN a few days before the current ID and password is about to expire.

File locking is another security feature on a LAN. When a user is working with a file the LAN software locks it up so that other users cannot access it. By the-same token, files can be accessed by multiple users simultaneously, by declaring them shareable.

Network admin and user organizations worry a lot about security these days, whether or not they connect to the outside world. Stories abound of hackers (crackers, to be more accurate) breaking into networks and causing all kinds of damage, or stealing data.

Just as breaking into an unprotected network is easy, ensuring basic protection is not difficult, if you know where to focus.

Most Indian corporate networks today are independent, without links to the outside world. Some are beginning to provide Internet gateways. But whether or not your network is connected to the Internet or to other networks, it remains susceptible to attack. The weakest link in your security is the one that will most likely cause a break-in.

The easy part for basic security is the technology. The tough part is "securing" the users: making them aware of the seriousness of the problem. Many network users don't quite realize the power of the network-resource, taking it for granted.

The Password

This is the most basic form of security, and it is often the weakest link in the chain.

Several networks that we've seen have admin passwords set to "admin", which is the first thing a hacker would try. That's like leaving your front door wide open when your whole family goes off on vacation. The solution's simple. First, tell users about the importance of the password, and set a smart system policy for the password: longer than 8 characters, mixed case, special characters like @#$%, and frequent changes (every 45 days) are good things to impose (the system should reject a password unless it's long enough, and has both letters and numbers, etc).

Second, get rid of commonly used account. All NT systems have an account called Administrator".

Cripple that account and use another name for it. You won't believe the results you get just by doing a simple thing like this. Similarly, disable common accounts on other operating systems.

[Previous Page | Next Page]