Understanding Network Security
Network security is a process that protects digital information assets. The main aim of network security is to protect confidentiality, maintain integrity and ensure the availability of computer network. Hardware and software are the two major components of a computer network. Both the components are susceptible to threats and vulnerabilities. The software threats and vulnerabilities harm only the data but the hardware threats and vulnerabilities can damage both, the system and data. Thus, hardware threats and vulnerabilities are more dangerous than the software threats and vulnerabilities.
Security threats and vulnerabilities arises due to various reasons such as poor networking designs, misconfiguration in hardware/software, carelessness of the end-users, weaknesses in Internet technology and Intentional acts of malicious end-user.
Network threats, attacks and vulnerabilities are related to each other but they have a different meaning in terms of computer/network security. In terms of network security, the definitions of threats, attacks and vulnerabilities are as follows:
- “An attack is an attempt by which the unauthorised users try to access the resources of a network without any authorisation or bypassing the security measures.”
- “A threat is a potential danger to the data or systems of the network, which can be either virus, malware or any other similar danger.”
- “A vulnerability is a type of weakness in the hardware, software or in security policies, which leaves the computer network open to the different types of threat of unauthorised access that can damage the data.”
Exploit vs Vulnerability
Vulnerability is the weak point or loop holes in a computer or a network which affects the confidentiality, availability and integrity of the data. Vulnerability scanners can scan computer or network and generate a report including all the security vulnerabilities on the basis of their acuteness. Some commonly used scanners are Nessus, Nexpose and OpenVAS.
Exploit is the step after finding the vulnerability in any computer or as network. An attacker exploits the vulnerabilities of a network to access confidential data.