The Internet is vulnerable to myriads kinds of attacks, due to vulnerabilities in the TCP-IP protocol, and no global flow control mechanisms. The two problems lead to many TCP exploits and the horrible DDoS attacks. We have devised a method of incrementally upgrading the network infrastructure at the transport level that solves the above problems and makes the network significantly more resilient to attacks, particularly the DDoS attack. The approach uses "hardened routers", routers that can do simple cryptographic functions (encryption, signatures) on all packets flowing in the network, as well as to participate in a hierarchical control network. We show how incremental deployment of such routers can make the Internet safer. Like all things dynamic, change is inevitable. Such is the case with your network environment. Upgrades and modifications to the network architecture can sometimes expose, or create security holes. Hardening a network does not always mean spending large amounts of money. Whether that means spending it on new hardware, software, or man hours really depends on what needs to be addressed. It may include all of the above. The time may come when a cost/benefit analysis will be required by those in charge before hardening activities can move forward. As such it's important to point out some of the non-technical benefits of network hardening for the business as a whole. The more time you spend hardening your network, the safer it will be for not only your customers but your employees as well. Your Human Resources department will undoubtedly have confidential personal information on file for every employee. This could include social security numbers, information on dependents, emergency contacts, home addresses and telephone numbers, etc. That information will most likely be stored in an electronic format somewhere on your network. Keeping that information safe and secure from prying eyes should be a priority.
Please join StudyMode to read the full document