Network security is a key component of Cybersecurity. A big part of what you learn from Hack The Box Hacking Labs, Pro Labs, and HTB Academy is about finding security holes in computer networks. So let’s take a look at this topic in general!
Computer networks are formed when computers link together to exchange data. Every time two or more computers are set up to exchange data with each other, you form a computer network. Simple but right. Networks can be formed using physical cables, and they can also be formed through wireless technologies such as WiFi and Bluetooth. Many of the computer networks we use today use both physical and wireless connections. We are also seeing growth in the deployment of virtualized networks in the cloud.
There are many ways to classify networks according to their size. Most homes and small offices have a LAN, A Local Area Network connecting a few or several terminals (PCs, phones, tablets, consoles, printers and Internet of Things devices such as smart speakers and smart devices) with a central hub, usually a router. In most LANs, the router is connected to a much larger network, the Internet.
The Internet is the largest computer network in the world. But almost all networks that are hundreds of kilometers or more in length are classified as WANs, Wide Area Networks. The Internet is a WAN, and so are many other networks. Then we have other classifications like MAN, Metropolitan Area Networks that cover the area of a city. CAN or Campus Area Networks cover a school, hospital, or workplace campus. Smaller in size than a city, but larger than a LAN is a PAN or Personal Area Networks which are simply a new type of LAN with lower data transfer rates, usually for the purpose of solving problems. family mind. Sometimes the largest WAN, the internet, is called a GAN – Global Area Network.
Next, let’s get into the basics of cybersecurity.
What is network security?
Cybersecurity is cybersecurity or information security related to computer networks. Most cyber attacks are conducted through computer networks, especially the public internet. It’s the most common source of all kinds of malware, man-in-the-middle attacks, data breaches, and more. What all hackers and cybersecurity practitioners need to know is to understand cybersecurity well.
The relationship between computers and network security
The relationship between computers and network security is simple and straightforward. Computer security and network security mean exactly the same thing. If a threater steals a USB drive containing sensitive data, it is definitely a cybersecurity issue. But perhaps this is not a cybersecurity issue because unauthorized data is obtained without going through computer network mining. But if that threatman gets usernames and passwords to other people’s accounts and uses them to do all sorts of bad things, then it’s definitely a cybersecurity issue.
What you must know about network firewall security
In the context of cybersecurity, a firewall is a device or software application that filters network traffic according to measurable metrics and characteristics. The Internet and most other computer networks use a technology called TCP/IP, which is a way to organize network traffic into thousands of ports depending on the type of service they provide. There are a total of 65,535 TCP/IP ports and we hardly use them all. Some of the most commonly used ports include port 443 for HTTPS encrypted web traffic and ports 25, 465, 587, and 2525 for different types of SMTP email services.
One of the most common types of network firewalls is a firewall that blocks and filters TCP/IP ports. The common feature of these types of firewalls is to block any ports you never use and filter the ports you need. That way the attacker will have fewer ways to exploit you.
Some firewalls may also block or allow applications. Other firewalls block or allow network activity depending on how it works. Some firewalls can perform various types of blocking and filtering. Configuring a firewall for optimal network security can be a complex process. And no firewall or firewall configuration makes you invincible to cyberattacks. But it can greatly improve the security of the network.
Network security tools and devices
There are also other types of network security devices. Some can be found in your home, but most often they are found in academic, institutional, and corporate networks.
Intrusion detection systems or IDSs are commonly found in academic, institutional, and enterprise networks. But sometimes this feature also starts to appear in home network devices. These systems monitor network activity and report seemingly malicious activity so that cybersecurity professionals can address them. You will also sometimes hear about Intrusion Prevention Systems (IPS). This system will attempt to prevent any malicious network activity from being detected.
We should all have anti-virus software on our PCs, tablets, and phones. However, corporate networks sometimes have a computer or a specialized device that scans the network for malware and prevents it from executing on any machine on the network.
Honeypots in the context of cybersecurity are computers designed to be attacked by cybercriminals. Their purpose is to block attacks from the rest of the network and monitor how cyberattacks work to improve the network’s resilience to cyberattacks.
Really large data centers sometimes have SIEM, a Confidential Information and Event Management system. They can be configured with SIEM rules to scan all device logs in the network for anomalous or malicious behavior to prevent network attacks. They are most commonly used in an SOC, a security operations center that a lot of companies and larger organizations use to protect systems against cyberattacks.
Cybersecurity engineer and other roles
A cybersecurity engineer is trained in cybersecurity. They work every day to protect the network from cyber attacks. Here are some other roles in cybersecurity. An SOC analyst performs day-to-day work in the SOC. Network administrators operate networks with a number of security responsibilities. In smaller organizations, the network administrator may be the person in charge of the entire network security. In larger organizations, network administrators collaborate with cybersecurity professionals to perform ongoing network administration work.
Alternatively, you can also see how to start learning cybersecurity here.