Understanding the Internet Connectivity and Vulnerabilities- Routers, ISPs, DNS, and Security Exploits
Internet Connections around the World
The internet is an interconnection of many small networks. This interconnection forms an extensive interconnection that requires several network devices configured for different purposes (Greenstein, 2020). One of the network devices used in the interconnection is a router. Routers are layer three devices used to forward packets from one network to another (Greenstein, 2020). Therefore, a router would be required for two or more networks to communicate. A router is placed at the gateway of each internal network. For security purposes, routers are configured with access control lists to ensure that only authorized packets can flow in and out of a network (Greenstein, 2020).
The Domain Name Service (DNS) converts IP addresses into domain names and vice versa (Greenstein, 2020). Accordingly, this enables users to type names on web browsers and transfer them to the intended resources. For example, a user would type google.com, and the DNS would convert that into an IP address locating the Google resources. Therefore, users do not have to know or memorize IP addresses for sites they would like to visit.
Internet Service Providers (ISPs) are organizations that provide clients with internet connection services (Greenstein, 2020). Internet users can manage their internal network or LAN, but when they are required to connect with an external network, they need third-party management. The internet is an external network; therefore, internet users require ISPs to provide internet services. This would be in the form of a wired or wireless connection (Greenstein, 2020). Therefore, ISPs, routers, and DNS are a significant part of connecting networks over the internet.
Internet’s Structure Weak Points
The internet’s structure contains various devices used for different purposes (Rabbi et al., 2019). Hackers constantly check for weak points in the internet infrastructure to exploit. The main vulnerable points are heterogeneity and authentication (Rabbi et al., 2019). By having diverse devices on a network that require communication, interoperability becomes a basic need. For two different devices to communicate, a mechanism of data exchange is implemented (Rabbi et al., 2019). A common set of protocols must be used for the different devices to communicate. Accordingly, these protocols become a target for hackers (Rabbi et al., 2019). Manufacturers of the different devices make the devices with high-security measures; therefore, hackers find it challenging to target different devices. But because the communication protocols are common, hence, used on all devices, they become the target. Authentication for network devices is vital in keeping the network safe (Rabbi et al., 2019). However, users tend to weaken authentication by using simple passwords, sharing passwords, or leaving their sessions running. Using simple passwords such as people and pet names makes it easy for hackers to crack passwords. Leaving network sessions running unattended would allow a hacker to access the account unmonitored and masquerade as a legal user.
Exploiting the Internet’s Weak Points
Hackers and other cyber attackers start by identifying a network’s weak points (Rabbi et al., 2019). For example, if an attacker identifies a weak password combination, they would perform a brute force attack. Consequently, this would enable them to try different password combinations until they get the correct password. An attacker can access network resources such as files storing sensitive data with a valid password. The data could be used to ask for ransom from the attacked company or be used to sabotage the company by sharing business secrets. When users are accessing the internet, malicious links could be sent to them by attackers. If the links are opened, attackers could acquire users’ information such as passwords and usernames. The attackers would then pose as genuine users and defraud other unsuspecting internet users (Rabbi et al., 2019). When devices on a network are not adequately secured, attackers can run a JavaScript code on the user’s device. For example, a web server could be compromised by cross-site scripting (Rabbi et al., 2019). As a result, this would enable attackers to send malicious links to other users enticing them to click. Their internet connection to the website would then be compromised, leading to the collection of their personal information.
Zone Transfers on DNS
Domain Name Service servers store domain names and are used to translate domain names to IP addresses (Dimitrov & Panayotova, 2020). Exchange protocols rely on DNS to facilitate communication on digital platforms. The protocols include file transfer protocol, hypertext transfer protocol, and simple mail transfer protocol (Dimitrov & Panayotova, 2020). The DNS system is distributed and redundant to ensure it is robust (Bojović & Gajin, 2014). Essentially, this is achieved through setting up secondary DNS servers that contain copies of a primary DNS server. The file copies include domain definitions known as zone files (Bojović & Gajin, 2014).
Furthermore, this makes primary and secondary DNS servers equally competent in resolving domain names. Therefore, if the primary DNS server fails, secondary DNS servers will handle name resolution (Dimitrov & Panayotova, 2020). Specifying secondary DNS server IP addresses should be done when authorizing zone transfers from the primary DNS server to secondary DNS servers. Consequently, this would ensure that unauthorized DNS servers do not obtain copies of the zone transfer (Dimitrov & Panayotova, 2020). Attackers could have network devices or fake DNS servers that could illegally obtain zone files for malicious purposes if IP addresses for legal secondary DNS servers are not listed.
References
Bojović, P. D., & Gajin, S. (2014). An approach to evaluation of common DNS misconfigurations [Doctoral dissertation]. https://www.researchgate.net/publication/321095708_An_approach_to_evaluation_of_common_DNS_misconfigurations
Dimitrov, W. A., & Panayotova, G. S. (2020). The Impacts of DNS Protocol Security Weaknesses. Journal of Communications, 15(10), 722-728. http://www.jocm.us/uploadfile/2020/0911/20200911052236524.pdf
Greenstein, S. (2020). The Basic Economics of Internet Infrastructure. Journal of Economic Perspective, 34(2), 192-214. https://www.hbs.edu/ris/Publication%20Files/jep.34.2.192_ae3b56d6-86a0-4cb2-af5c-e10413ac0068.pdf
Rabbi, F., Jubayer, A., & Hossain, S. M. (2019). Vulnerabilities to the Internet of Things and Current State of the Art of Security Architecture. International Journal of Recent Technology and Engineering, 8(4), 1758-1764. https://www.ijrte.org/wp-content/uploads/papers/v8i4/
ORDER A PLAGIARISM-FREE PAPER HERE
We’ll write everything from scratch
Question
IT390-5: security analytics
How does the Internet connect networks around the world? Explain the role of routers, network access points ISPs, and DNS in your answer. (Minimum 250 words)
Describe two weak points in the Internet’s structure. (Minimum 200 words)
Name and describe how attackers exploit weaknesses in the Internet. (Minimum 200 words)
In what way does allowing zone transfers only between primary and secondary DNS servers harden DNS servers? (Make sure to describe DNS servers and explain how zone transfer affects DNS servers). (Minimum 2000 words)