Deric Law CGS00479903
1. Improving Network Topology Draw the topology of the network that you are currently using. Be sure to include addressing structures, network architecture, and include devices such as core switches, workgroup switches, firewalls, routers, and other network devices. Analyze the security of the topology and then draw a proposed new topology. Be sure to include security detection systems as well as security zones. Kazakhstan International School had implemented their network infrastructure since 2007. The school had around 100 computers and every computer is connected to Internet, serving more than 200 users. The school uses 3 subnets to divide the general administration, computer laboratory and Classrooms. Internet service provider (ISP) of the school is Corporate Telecommunication System (CTC), provided the Fibre Optic network connection for the school. The internal network IP addresses make up of 192.168.1.1 - 192.168.1.254, (General Administration) 192.168.2.1 – 192.168.2.254, (Classroom PC) 192.168.3.1 – 192.168.3.254 (Computer Laboratory) With the subnet 255.255.255.0 Majority of the network topology in the school are makeup of star topology. The figure below shows a section of the network topology (Star Topology) in Kazakhstan International School.
The school do not have managed switch, all of the switches in the school are of unmanaged switches. The number of ports of the switch range from 4 to 24. The models of the switches are D-Link DES-1024D, D-Link DES-1008D, and D-Link DES-1005D. They support the network speed up to 100 Mbps.
Deric Law CGS00479903
As of the internet connection, the school had setup a proxy server with the firewall software in between the ISP and the user. The Router from the ISP provides two external connections for the school through its fibre optic network: 1. External IP address 172.25.146.1 Subnet Mask 18.104.22.168 Connection within
References: Scarfone, Karen; Mell, Peter (February 2007). "Guide to Intrusion Detection and Prevention Systems (IDPS)". Computer Security Resource Center (National Institute of Standards and Technology) (800-94). http://csrc.ncsl.nist.gov/publications/nistpubs/800-94/SP800-94.pdf. Retrieved 1 January 2010. Whitman, Michael E.; Mattord, Herbert J. (2008). Principles of Information Security. Course Technology. pp. 290–301. ISBN 9781423901778. Anderson, Ross (2001). Security Engineering: A Guide to Building Dependable Distributed Systems. New York: John Wiley & Sons. pp. 387–388. ISBN 9780471389224. Anderson, James P., "Computer Security Threat Monitoring and Surveillance," Washing, PA, James P. Anderson Co., 1980. Denning, Dorothy E., "An Intrusion Detection Model," Proceedings of the Seventh IEEE Symposium on Security and Privacy, May 1986, pages 119–131 Lunt, Teresa F., "IDES: An Intelligent System for Detecting Intruders," Proceedings of the Symposium on Computer Security; Threats, and Countermeasures; Rome, Italy, November 22–23, 1990, pages 110–121. Lunt, Teresa F., "Detecting Intruders in Computer Systems," 1993 Conference on Auditing and Computer Technology, SRI International Sebring, Michael M., and Whitehurst, R. Alan., "Expert Systems in Intrusion Detection: A Case Study," The 11th National Computer Security Conference, October, 1988 Smaha, Stephen E., "Haystack: An Intrusion Detection System," The Fourth Aerospace Computer Security Applications Conference, Orlando, FL, December, 1988 Vaccaro, H.S., and Liepins, G.E., "Detection of Anomalous Computer Session Activity," The 1989 IEEE Symposium on Security and Privacy, May, 1989 Teng, Henry S., Chen, Kaihu, and Lu, Stephen C-Y, "Adaptive Real-time Anomaly Detection Using Inductively Generated Sequential Patterns," 1990 IEEE Symposium on Security and Privacy 10 CMCN6103 Deric Law CGS00479903 Heberlein, L. Todd, Dias, Gihan V., Levitt, Karl N., Mukherjee, Biswanath, Wood, Jeff, and Wolber, David, "A Network Security Monitor," 1990 Symposium on Research in Security and Privacy, Oakland, CA, pages 296–304 Winkeler, J.R., "A UNIX Prototype for Intrusion and Anomaly Detection in Secure Networks," The Thirteenth National Computer Security Conference, Washington, DC., pages 115–124, 1990 Dowell, Cheri, and Ramstedt, Paul, "The ComputerWatch Data Reduction Tool," Proceedings of the 13th National Computer Security Conference, Washington, D.C., 1990 Snapp, Steven R, Brentano, James, Dias, Gihan V., Goan, Terrance L., Heberlein, L. Todd, Ho, Che-Lin, Levitt, Karl N., Mukherjee, Biswanath, Smaha, Stephen E., Grance, Tim, Teal, Daniel M. and Mansur, Doug, "DIDS (Distributed Intrusion Detection System) -- Motivation, Architecture, and An Early Prototype," The 14th National Computer Security Conference, October, 1991, pages 167– 176. Jackson, Kathleen, DuBois, David H., and Stallings, Cathy A., "A Phased Approach to Network Intrusion Detection," 14th National Computing Security Conference, 1991 Paxson, Vern, "Bro: A System for Detecting Network Intruders in Real-Time," Proceedings of The 7th USENIX Security Symposium, San Antonio, TX, 1998 Amoroso, Edward, "Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Trace Back, Traps, and Response," Intrusion.Net Books, Sparta, New Jersey, 1999, ISBN 0-9666700-7-8 Kohlenberg, Toby (Ed.), Alder, Raven, Carter, Dr. Everett F. (Skip), Jr., Esler, Joel., Foster, James C., Jonkman Marty, Raffael, and Poor, Mike, "Snort IDS and IPS Toolkit," Syngress, 2007, ISBN 978-1-59749-099-3 Barbara, Daniel, Couto, Julia, Jajodia, Sushil, Popyack, Leonard, and Wu, Ningning, "ADAM: Detecting Intrusions by Data Mining," Proceedings of the IEEE Workshop on Information Assurance and Security, West Point, NY, June 5–6, 2001 Intrusion Detection Techniques for Mobile Wireless Networks, ACM WINET 2003 11