Potential Information Security Threats on Local Area Networks

Considering the object of protection from the standpoint of protecting the information circulating in it, in the general case, an autonomous local network can be represented as a network, the elements of which are small complexes of automation equipment – personal computers with a different set of external devices, and communication channels – cable lines. The only difference between local networks, given their relatively small territory of distribution, is the possibility of locating communication channels of local networks in a protected area, which significantly reduces the number of potential intruders and, in some less critical systems, reduces the security of information protection in cable communication lines in order to save. The small size of the computer allows you to place it on a table in a separate protected room and facilitate, on the one hand, the problem of access control to its internal communication lines and installation of devices.

On the other hand, the question arises of controlling the integrity of local networks, that is, the network connection diagrams, since a local network is a decentralized system. The question is quite natural: is such control always necessary? Experts believe that in very small local networks with a pair of computers that share a hard drive and a printer, diagnostics are an unnecessary excess. But as the network grows, it becomes necessary to monitor the network and its diagnostics. Most LANs have low-level self-test procedures that should run when the network is turned on. These tests usually cover the cable, hardware configuration, in particular the network interface card. As part of large local networks, complex systems with a dual purpose are provided – monitoring and diagnostics. The network control center is a passive monitoring device that collects data on message flows in the network, its characteristics, failures, errors, etc. Data on message flows shows who is using the network, as well as when and how it is used.

Network operating systems contain diagnostics of local networks. Typically, the console and monitor of this system work together as a small version of a network control center. Network diagnostics hardware is also used on the network; specialized chips are usually used for this.

However, the above-mentioned diagnostics tools for local networks do not detect unauthorized connection to the network of extraneous personal computers. Disconnecting a computer from the network is sometimes controlled intermittently at the request of the operator or at the request of the user.

In large local networks (up to 10 km), cable lines can go beyond the boundaries of the protected area or telephone lines can be used for communication with ordinary automated telephone exchanges, where information can be subjected to unauthorized access. In addition, messages on the local network can be read on all its nodes, despite the specific network addresses. Through user modifications of the latter, all nodes of the network can read data circulating in this local network.

Thus, you can list the maximum number of possible channels of intentional unauthorized access to information for local networks.

“Perimeter” side of the system

From the “perimeter” side of the system, they will be as follows:

  • access to the local area network from a regular personal computer;
  • access to the local network from the side of cable lines.

Unauthorized access to local networks from cable lines can occur through the following channels:

  • on the part of a regular user-violator of one personal computer when accessing information of another, including a file server;
  • when connecting an extraneous personal computer and other extraneous equipment;
  • with incident electromagnetic radiation and information pickups.

In addition, as a result of emergencies, hardware failures, errors of operators and software developers on the local network, information may be forwarded, displayed and displayed at workplaces not intended for it, loss of information as a result of accidental erasure or fire. Practice shows that most people do not pay serious attention to the protection of information, especially backup, until they have a serious loss of information.

Magnetic memory, and then laser recording, is the advantage of an automated system: the release of numerous papers has opened up great opportunities for the user. But storing data in this volatile environment significantly increases the likelihood of data loss: a few keystrokes can destroy the results of many hours and even years. The penetration of a software virus into a personal computer can also unpleasantly affect all the work and information of the local network, as well as other personal computers that make up the local network.