Posted: August 15th, 2022

Modern Day Attacks against Firewalls and VPNs

Modern Day Attacks against Firewalls and VPNs
Introduction
Network security has become an essential factor in the functionality of an entire network system, ensuring that the system is not exploited by vandalism activities initiated from both inside and outside the organization. The network security should focus on network, server, database, and encryption to avoid intrusion, information theft, illegal or unauthorized access to resources, and activities aimed at sabotaging the system. This paper covers the modern-day attacks against firewalls and VPNs, the occurrence mode, and different measures that can be applied to mitigate or prevent the attacks.
Firewalls
Firewalls are systems that enforce access control policies between two networks, such as a public internet and a private LAN (Nguyen, 2016: 2024 – Do my homework – Help write my assignment online). A firewall is significant in network protection by providing access protection for incoming and outgoing data, blocking data with a malicious aim, conducting Network Address Translation (NAT) to hide the network information, and screening outgoing traffic limiting the use of the internet or remote site access. Firewalls, as the primary protector of the network, experience different types of attacks.
The attacks against the firewall are conducted using three techniques. The first is attacks conducted through external systems, which explore the vulnerabilities that exist between the internal network system and external systems. External system attacks might be administered through an employee home system connected to the company, third party network with access to the company, or through the organization’s office in another location (Gowdiak, 2003). Another attack technique against the firewall is attacking through content, also known as passive attacks. The content attacks are conducted by providing the user with content that, when opened it executes code that launches an attack. The last attack technique used against the firewall is the main in the middle attacks. The man in middle attacks involves injecting malicious content into user traffic.
Common types of attacks against firewalls include social engineering, which explores the users to obtain confidential information. The security policy, if not well followed, could result in social engineering. To prevent social engineered-related attacks, the organization has to conduct employee training on security policy, how to maintain identity security, and strictly following security protocols. Source routing attacks can also be used against the firewall. The source routing attack involves the attacker sending a packet with malicious codes through a specified route in an attempt to fool the firewall. The prevention of the source routing attacks can be managed by the firewall discarding all packets that use the path addressing or source routing option (Nguyen, 2016: 2024 – Do my homework – Help write my assignment online). Another type of attack is the Denial-of-Service (DoS) attacks and the Distributed DOS (DDoS). DoS and DDoS attacks are conducted by the attacker flooding a host with huge packets of data or programs that overwhelms the system’s capacity to respond, causing the denial of service or ability to function. Since the attackers have to know the target system IP address to launch the DoS or DDoS attacks, the Network Address Translation (NAT) can be used to hide the IP address of the system preventing the attacks. Prevention can also be done by the installation of DoS and DDoS detection in firewalls capable of identifying, alerting, rejecting, and tracking incoming attacks. IP address spoofing attack is where a hacker attempts to insert illegal data packets into a network session with a source IP address set equal to that of the internal user. Preventing IP address spoofing is conducted by implementing a firewall input filter or ingress filter, which blocks the packets from outside sources that have the same IP address to an internal one.
VPNs
Virtual Private Networks (VPNs) is a private network that acts as an interconnect of remote sites and users using a public network system. VPN’s role is to ensure a secure sharing of public resources for data through encryption techniques to prevent unauthorized users from accessing the organization’s private network. VPN also uses tunneling and authentication to secure the system.
Types of attacks used against VPNs include viruses, Trojans, worms, spyware, key-loggers, spam emails, and other malware. To prevent such attacks, the VPN traffic uses auto-updating anti-virus, anti-spam, and anti-spyware features that ensure the VPN is not subverted to attacks. Denial-of-Service (DoS) attacks can also be used against the firewall. The DoS attacks are prevented by the Intrusion Prevention System (IPS), which scans the VPN traffic to detect and eliminate DoS threats (Cyberoam, 2011). To prevent unauthorized access attacks, the identity-aware firewall such as the Layer 8 driven TFT can be implemented to provide verification of each user and enforcing the custom security policies. The mode of occurrence of the VPNs attacks includes setting a set of codes that are infected by virus, worm, and Trojans to the computer system or through a network system. The code is designed to self-clone and copy itself to the targeted data files, directories, and folders. The occurrence of the attacks against VPNs can also be conducted through malicious content such as infected software application programs, and websites link that hackers use to obtain permission to attack the system. The spam mails are another technique used by attackers to launch attacks against VPNs.
In conclusion, attacks against firewalls and VPNs are very real and dangerous to the functioning of a system. Therefore, understanding different types of attacks and their occurrence enhances the chances of implementing the best measures that can mitigate or prevent the attacks.
References
Cyberoam. (2011). Threat Free Tunneling: Securing the VPN Traffic. Retrieved from https://www.cyberoam.com/downloads/Whitepaper/SecuringYourVPN.pdf
Gowdiak, A. (2003). Techniques used for bypassing firewall systems. Poznan Supercomputing and Networking Center. Retrieved from https://www.terena.org/activities/tf-csirt/meeting9/gowdiak-bypassing-firewalls.pdf
Nguyen, B. (2016: 2024 – Do my homework – Help write my assignment online, April 29). Network Security and Firewall. Helsinki Metropolia University of Applied Sciences. Retrieved from https://www.theseus.fi/bitstream/handle/10024/105907/Nguyen_Binh.pdf?sequence=1

Order | Check Discount