Elements of a Network Profile
|Network Profile Element||Description|
|Session duration||This is the time between the establishment of a data flow and it’s termination.|
|Total throughput||This is the amount of data passing from a given source to a given destination in a given period of time.|
|Ports used||This is a list of TCP or UDP processes that are available to accept data.|
|Critical asset address space||These are the IP addresses or the logical location of essential systems or data.|
The table lists elements of a server profile.
|Server Profile Element||Description|
|Listening ports||These are the TCP and UDP daemons and ports that are normally allowed to be open on the server.|
|Logged in users and accounts||These are the parameters defining user access and behaviour.|
|Service accounts||These are the definitions of the type of service that an application is allowed to run.|
|Software environment||These are the tasks, processes, and applications that are permitted to run on the server.|
Network Anomaly Detection
The figure illustrates a simplified version of an algorithm designed to detect an unusual condition at the border routers of an enterprise.
For example, the cybersecurity analyst could provide the following values:
- X = 5
- Y = 100
- Z = 30
- N = 500
Now, the algorithm can be interpreted as: Every 5th minute, get a sampling of 1/100th of the flows during second 30. If the number of flows is greater than 500, generate an alarm. If the number of flows is less than 500, do nothing. This is a simple example of using a traffic profile to identify the potential for data loss.
Network Vulnerability Testing
|Risk analysis||Individuals conduct a comprehensive analysis of the impacts of attacks on core company assets and functioning||Internal or external consultants, risk management frameworks|
|Vulnerability Assessment||Patch management, host scans, port scanning, other vulnerability scans and services||OpenVas, Microsoft Baseline Analyzer, Nessus, Qualys, Nmap|
|Penetration Testing||Use of hacking techniques and tools to penetrate network defences and identify the depth of potential penetration||Metasploit, CORE Impact, ethical hackers|
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained includes staffs of Dangote Refinery, FCMB, Zenith Bank, New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.
I know you might agree with some of the points that I have raised in this article. You might not agree with some of the issues raised. Let me know your views about the topic discussed. We will appreciate it if you can drop your comment. Thanks in anticipation.
Fact Check Policy
CRMNAIJA Is committed to fact-checking in a fair, transparent and non-partisan manner. Therefore, if you’ve found an error in any of our reports, be it factual, editorial, or an outdated post, please contact us to tell us about it.