Types of Network Security

Network scanning is a scanning used to define vulnerabilities in a network. A scan can be used by security experts to shield the security of a network from an external attack. Hackers may use a scan to find vulnerabilities. Different types of scanning are as under,

Three–Way Handshake

TCP is connection-oriented, which indicates connection establishment is principal prior to data transmission between applications. This connection is possible using the process of the three-way handshake. The three-way handshake is applied for establishing the connection between protocols.

The three-way handshake procedure goes as follows:

• To launch a TCP link, the source sends a SYN packet to the destination (10.0.0.3:21).
• The destination, on getting the SYN packet, i.e., sent by the source, responds by referring a SYN/ACK packet back to the source.
• This ACK packet checks the arrival of the first SYN packet to the source.
• The source sends an ACK packet for the ACK/SYN packet sent by the receiver.
• This triggers an "OPEN" connection agreeing communication between the source and the destination, until any of them send a "FIN" packet or a "RST" packet to close the connection.

The TCP protocol keeps stateful connections for all connection-oriented protocols across
the Internet, and works the same as a normal telephone communication, in which one picks up a telephone receiver, hears a dial tone, and dials a number that generates ringing at the receiver end until a person picks up the receiver and tells, "Hello."

Stealth Scan(Half-Open Scan)

Stealth scan sends a single frame to a TCP port without any TCP handshaking or extra packet transfers. This is a scan type that leads a single frame with the expectation of a single response. The half-open scan partly opens a connection, but stops midway. This is also known as a SYN scan because it only directs the SYN packet. This stops the service from ever being reported of the incoming connection. The three-way handshake approach is also implemented by the stealth scan. The variation is that in the last stage, remote ports are recognized by examining the packets entering the interface and dismissing the connection before a new initialization was activated.

The process preludes the following:

• To start initialization, the client forward a single "SYN" packet to the destination server on the matching port.
• The server initiates the stealth scanning process, depending on the response sent.
• If the server forwards a "SYN/ACK" response packet, then the port is in "OPEN" state.
• If the response is advanced with an "RST" packet, then the port is in a "CLOSED" state.

NULL Scan

NULL scans direct TCP packets with all flags turned off. It is expected that closed ports will return a TCP RST. Packets received by open ports are rejected as invalid. It sets all flags of TCP headers, such as SYN, ACK, FIN, RST, URG and PSH, to NULL or unassigned. When any packets reach at the server, BSD networking code notifies the kernel to drop the incoming packet if a port is open, or sends an RST flag if a port is closed. This scan uses flags in the opposite fashion as the Xmas scan, but gives the similar output as FIN and Xmas tree scans. Many network codes of major operating systems can behave inversely in terms of responding to the packet, ex, Microsoft versus UNIX. This method does not helpful for Microsoft operating systems. Command line for null scanning with NMAP is " -sN"
Advantage:
It evades IDS and TCP three-way handshake.
Disadvantage:
It is helpful only for UNIX.

Network scanning scans networks for vulnerabilities in the security of that network. If there is a vulnerability with the safety of the network, it will give a report back to a hacker who may use this information to exploit that network bug to gain entry to the network or for other malicious actions.

Legal steps you must take before outsourcing content creation

With the growth of the Internet and the need to create steady content, outsourcing has become incredibly common. In fact, [ CITATION Pat16 \l 1033 ] cites research that shows 79 percent of software development companies are embracing content marketing, while [ CITATION Sta14 \l 1033 ] reported that the global market size of outsourced services in 2014 was $104.6 billion dollars.

Being at the top in your market with content is crucial, as the value of great content drives leads and results in more sales. But before you jump to the abysmal of outsourcing content creation, there are a few things you’ll want to ponder, so that you can not only approach it the correct way but also protect you and your business from any negative effects down the road.

Recognize your content needs

In order to recruit great content creators you have to first delineate what type of content you need.

For instance, you could include:

• Weekly blog posts
• Social media updates
• Guest blogging
• Email marketing
• Pay-per-click ad copywriting

Finding the specific types of content needed may not appear to be a legal step. However, at the kickoff, these are extremely essential things to ponder, all of which will enable you to sketch both your job advertisement and various aspects of your binding agreement.

Assign copyright

The act of simply compensating someone does not automatically turn over copyright of that content to the end user. Unless you explicitly list the terms of use in your agreement, the content creator maintains ownership of that content. In this case, you only have an implicit license, therefore, you’ll need definite permission to re-purpose any of that content for other stuffs, such as turning a blog post into an e-book or social-media posts.

It’s also essential that you consider safeguarding against the indemnification for images or content that may be the property of others. At the end of the day, you will be accountable if the content published on your site or in your materials is found to break the copyright law.

For text-based copy, using a service such as Copyscape is standard practice. But with image attribution, this is particularly tough, since there’s no good way to test the copyright short of either buying the rights or waiting for an angry copyright act warning from the owner who feels intruded.

Be clever and understand copyright upfront so you can evade any negative consequences.

Explicitly sketch outsourcing requirements.

Be as specific as possible when delineating requirements so that freelancers know your expectations, including benchmarking and measuring triumph or disaster. You may also want to include a SLA that clearly outlines performance details, measurements and standards. 

Cogitate on legal liabilities in your content.

You may need to take further provisions if the content you’ll be outsourcing is subjected to any regulatory requirements. For example, if you’re publishing medical content or financial advice, you may need to include relevant disclaimers or ensure materials produced meet certain standards to protect yourself lawfully.

If the content you publish on your website is such that you could be held legally liable for, be sure your outsourced creators are able to meet any essential requirements.

Preparing in advance for closure.

Ideally, you’ll find in a freelancer a long-term association for your content creation needs. But since turnover is unavoidable, it’s far better to protect yourself from start. Your termination clause is immensely important, as it sets forth the conditions under which the customer may exit the outsourcing association.

The termination clause needs to state the common reasons that give rights to you and your software development company to exit the clause along with the rights of the contractor. It’s also advisable to include both party’s respective privileges upon termination with regards to ongoing privacy and protection here as well.

Put everything in the contract.

Now that you’ve enclosed all your legal bases, document them in a formal written contract that both you and your freelancers will agree on. In most cases, it’s advisable to consult with an actual lawyer to do this. However, you can get started by finding similar contract agreements to work from. 

Take out an insurance policy.

Last, but not the least -- and let’s keep it short and simple -- it’s definitely worth investing in an insurance policy when it comes to defending your legal rights as a content creator and purchaser. At the end of the day, you need to be prepared for any legal complications that could occur from the content you publish -- or, at the very least, be fully aware of who’s liable for anything that may happen.

Conclusion

Though the Internet has distorted the rules and lines of outsourcing somewhat, it’s advisable to stick to guidelines and follow the rules to protect yourself. If you have any doubts, consult a lawyer.

Bibliography

Robles, P. (2016). Patricio Robles. Patricio Robles. Patricio Robles.

Statistica. (2014). Statistica. Statistica.

Computer & Network Policies in Information Security : Part-2

Network Policies

This group of policies applies to the network infrastructure to which computer systems are attached and over which data travels in a software development organization. Policies relating to network traffic between computers can be the most variable of all, because an organization’s network is the most unique component of its computing infrastructure, and because organizations use their networks in different ways. These example policies may or may not apply to your particular network, but they may provide inspiration for policy topics you can consider. 

• Extranet Connection Access Control: All extranet connections (connections to and from other organizations’ networks outside of the organization, either originating from the external organization’s remote network into the internal network, or originating from the internal network going out to the external organization’s remote network) must limit external access to only those services authorized for the remote organization. This access control must be enforced by IP address and TCP/UDP port filtering on the network equipment used to establish the connection. 

• System Communication Ports: Systems communicating with other systems on the local network must be restricted only to authorized communication ports. Communication ports for services not in use by operational software must be blocked by firewalls or router filters. 

• Inbound Internet Communication Ports: Systems communicating from the Internet to internal systems must be restricted to use only authorized communication ports. Firewall filters must block communication ports for services not in use by operational system software. The default must be to block all ports, and to make exceptions to allow specific ports required by system software. 

• Outbound Internet Communication Ports: Systems communicating with the Internet must be restricted to use only authorized communication ports. Firewall filters must block communication ports for services not in use by operational system software. The default must be to block all ports, and to make exceptions to allow specific ports required by system software. 

• Unauthorized Internet Access Blocking: All users must be automatically blocked from accessing Internet sites identified as inappropriate for the organization’s use. This access restriction must be enforced by automated software that is updated frequently.

• Extra net Connection Network Segmentation: All extranet connections must be limited to separate network segments not directly connected to the corporate network.

• Virtual Private Network: All remote access to the corporate network is to be provided by virtual private network (VPN). Dial-up access into the corporate network is not allowed. 

• Virtual Private Network Authentication: All virtual private network connections into the corporate network in an IT software development company require token-based or biometric authentication.  Employee and contractor home systems may connect to the corporate network via a virtual private network only if they have been installed with a corporate-approved, standard operating system configuration with appropriate security patches as well as corporate-approved personal firewall software or a network firewall device.

Author Signature: Venu Majmudar