Modern-day attacks against firewalls and VPNs
Introduction
The definition of firewall and virtual private network
A firewall is a network of computer protection that safeguards against external intrusion. VPN defines applications that allow people to access systems anonymously
The importance of virtual private network and firewalls as used in technology today
Firewalls protect computers or networks from external cyber-attacks or malicious or unnecessary network traffic. On the other hand, VPN helps an individual browse the internet without any trace; it allows the access of websites and web applications anonymously.
Relationship between firewalls and VPN
The advantages of using VPNs and firewalls
Use of both firewalls and VPN
Stewart (2013) asserts that most consumers who use VPNs also tend to install hardware firewalls to enhance the security of their internet connection further. They use different combinations based on the location of the VPN, firewall, the remote network, and internet connections arranged in the attachments.
The cons of VPNs
Opportunities for passing through firewalls and secure connections
The correct use of VPN provides numerous advantages to organizations and individuals using computer systems and networks. However, Jingyao et al. (2019) argue that the improper use of VPN negates these positive uses and advantages of VPN. One of the most widely applied improper use of VPN is bypassing firewalls and secure connections for malicious reasons.
Countermeasures
Having discussed the adverse effects using VPNs for malicious reasons, it is also essential to note the countermeasures that organizations and individuals can use to protect themselves from external attacks. Organizations and individuals can use the following measures and protect their data from external unauthorized intrusion:
Two-factor authentication
Two-factor authentication is a series of security measures that are aimed at providing checks and balances type of security when a user attempts to access a service. The two-factor authentication, occasionally known as the 2FA model, works using two separate elements, which may include something that the user possesses, uses, knows, or is familiar with. The two-factor authentication system will then ask for authentication of two different sets of factors, both of which have already been predetermined by the user and grants access only when both have been fulfilled. In most cases, one would require a password and another authentication factor like biometrics or a security question or authentication using a separate device by the user (Moerel, 2017).
Two-factor authentication offers a higher security level than single-factor authentication methods that mostly rely on passwords. Adding a different factor to authentication enhances security since hackers will not only require the password to gain access, thereby preventing users from attacks through phishing strategies aimed at retrieving passwords. With the recent growth in technology, two-factor authentication has grown to accommodate new security factors like location and time elements, are aimed at granting access only when a user is it a specified location or locations and a time window that is aimed at ensuring that access is only granted when requested for a particular duration of time.
Encryption technology
Encryption is the course converting ordinary data into a state that is unintelligible for healthy people. It is done to protect the confidential nature of the data encrypted, whether stored in a local computer, while transmitting over the internet or when stored on the cloud. Most times, the conversion is done using codes and symbols that are only familiar with the parties sharing the data. The method used to encrypt information is known as the encryption key, which can either be created manually or by the use of computer software (Li, 2020). Two types of encryption formats exist, Symmetrical encryption, where the data is converted using a single encryption key, which is then shared with whoever is to access it. The second form of encryption is the Asymmetrical, whereby there are two separate keys, one is specifically used for encrypting the data, and the second key is used by the end-user to decrypt the data. This form of encryption is also known as public-key encryption. In the asymmetrical format, one key remains confidential, while the other key is shared.
Data encryption is essential in maintaining data integrity since the data is secured from access and interference from unauthorized parties, and in the event of loss, the data remains secure.
Host-based intrusion detection systems
A host-based intrusion detection system (HIDS) is set up to check and evaluate the different components of an order and the various networks connected to and the communications taking place. The HIDS has different programs that monitor individual aspects of the host systems and checks for anomalies in communications as access to the system. The system looks at the various login attempts, system registry and logs, and installation of potentially harmful programs that can give access to third-party applications (Zaidi et al. 2015). HIDS systems help to alert on impending attacks and those that may have already taken place.
Conclusion
We are often exposed to several threats when dealing with data, and every person and organization should take steps to protect themselves against data theft. From ensuring that firewalls are routinely updates to preserve the different computer systems from attack and also using Virtual private networks to conceal identity while sharing sensitive information over the internet, a user can also include several measures to offer themselves even further protection from malicious attacks. These include encryption, use of host-based intrusion detection systems, and also using two-factor authentication on the different devices on methods to access the internet.
References
Jingyao, S., Chandel, S., Yunnan, Y., Jingji, Z., & Zhipeng, Z. (2019, March). Securing a Network: How Effective Using Firewalls and VPNs Are?. In Future of Information and Communication Conference (pp. 1050-1068). Springer, Cham.
Li, X. (2020, June). Application of data encryption technology in computer network communication security. In Journal of Physics: Conference Series (Vol. 1574, No. 1, p. 012034). IOP Publishing.
Moerel, L. (2017). We can only solve the problem with coordinated action: Two-factor authentication is a must. Magazine BDO Scope.
Stewart, J. M. (2013). Network Security, Firewalls and VPNs. Jones & Bartlett Publishers.
Zaidi, K., Milojevic, M. B., Rakocevic, V., Nallanathan, A., & Rajarajan, M. (2015). Host-based intrusion detection for vanets: a statistical approach to rogue node detection. IEEE transactions on vehicular technology, 65(8), 6703-6714.