Once upon a time, Ben decided to stalk on Clara. Ben would definitely search for Clara through the web. Gathering information from her Facebook, personal blog, and even from her friend's posts. Unfortunately, Clara has not been exposing herself quite much. Ben could not find Clara's email, home address, and let alone phone number. Clara has only a few friends on the internet. Neither of them are Clara's family, nor they like to talk about Clara.
Ben is considered Clara's friend in class. But they do not talk to each other because Clara is such a nervous girl. One day, Ben saw Clara entering the library. After three days in a row, Ben came to the conclusion that Clara loved being there for two hours after school.
The school has required everyone to log in using their own credentials. Once they log out from the system, all browser history will be deleted. Ben has no chance to recover Clara's history.
From what Ben has read from a book, Ben more or less knows how the computers in the library communicate with each other. So, Ben decided to look for network security holes. We are here, as Clara's relatives, about to hear Ben's explanation of his bad deeds.
Ben's Story
Ben said that Clara did not have a supportive network of close friends. But Clara had a network of classmates and Ben was in that network. Ben could say words to Clara and Clara could listen to Ben. Vice versa. They would either use tin can telephone or talk directly. But they preferred the second option. The first conversation with Clara happened on January 17th.
"At the time, I had no inclination to commit any crimes. I just wanted to have a nice chat with her."
Computers have no difference. To be able to communicate with other computers, they need connectivity and have to be within the same network. They use either physical media—e.g. cables—or aerial medium as Ben and Clara preferred.
A good network is supposed to have four basic characteristics:
Fault tolerance. When Ben needed to communicate with Roy in the middle of class, Ben would pass a piece of paper to a friend, Sam, sitting on the back. But once Sam refused because did not want to be caught by the teacher, Ben would pass it to someone sitting nearby before passing it backward. Thereof, Ben must be friends with more than one person around him.
It ensures that if any of the intermediary network components fail, the network should still be of use despite any performance degradation. Intermediary components are agents that only lets communication data pass through, while agents that sends or receives communication data is called end-devices—e.g. computer, printer, facsimile, and telephone—.
"Clara had no friends but me. When she left me, she had made a big mistake. Because she no longer had middleman to talk with other people in class. She had pretty unreliable network."
Scalability. When Roy joined and left Ben's gang network, it should not cause any significant side effects. The gang must still be able to run as before.
"Even though Roy was my right hand, Roy's exit had no effect on my businesses at all but it hurt me a lot."
As for Clara's network, it was never stable. Before Ben joined, Clara had only a friend to talk about lessons in class. Ben's presence has brought about two-thirds of the girls in the class into Clara's network. Clara could not afford to listen and talk to all the girls at the same time, but the girls still enjoyed being around Clara. Not only did they speak for themselves, they also involved Clara.
A good network knows what to do when it suddenly receives significant increase in network data traffic, it has been anticipated by preliminary analysis and routine evaluations as to:
- How many devices will be connected, both on weekdays and on certain events; and
- How much bandwidth will be needed, which is about how frequently and how much network data will be transferred.
This is where Ben has come in by making the network traffic in the library so high that the server went down. So Clara could not log out of her account which made her desperate and left the computer as is. If only Clara was not so upset that she forgot to close the browser.
"Load balancers can help provide scalability."
Quality of service (QoS). It is designed so that high priority network packet data will take precedence over others. So that business-critical application can still be processed even on the saturated bandwidth. But what if there are so many network packet data with the same priority being sent at the same time?
If Ben only sent a bunch of emails, it would not be able to take down the network. Instead, Ben sent lots of huge files from many coordinated malware-infected devices. It is known as Distributed Denial-of-Service (DDoS) attack.
Ben was once responsible for being the leader of the undetected action. More than half of the students at the school received the same text message at the same time from a masked number asking them to go on a call from counseling teachers. The teachers were busy checking their notebooks to see if the students were the ones who had actual appointments, but they were just too many. The incident was closed without succeeding in finding the culprit.
A DDoS attack may not causes any damage to the server at all, but it can deliberately prevent the server from being able to handle requests from legitimate sources until the congestion is restored.
Security. Ben, as the leader of the gang, must have wise decisions to whom Ben can give trust to share Ben's comprehensive plans. Someone who would not betray Ben when caught by teachers, someone who would believe in Ben to set him free.
But it would not be easy for Ben when there was no other option but to get someone who could not be trusted a hundred percent to deliver the coordinating messages. Because that person could read the confidential messages for his own sake, regardless it is merely for personal pleasure, to be misused, or to be falsified.
"I couldn't believe it, I had appointed the wrong person as my right hand. I'm more disappointed by the fact that I'm not a good leader than the fact that I've been betrayed."
Instead of writing as:
"please make sure you get the key to the teacher's room before 11:30 AM"
Ben could write it as:
"leasep akem ures ouy etg het eyk ot het eacher'st oomr eforeb 03:11 MA"
Or use more advanced encryption. The recipient must be the only one who can read it.
On the other hand, encryption can also be used to bypass blocked access to problematic websites. By using DNS over TLS, Ben admitted that he could access www.reddit.com which is blocked by the Indonesian Ministry of Communication and Information Technology.
To be continued ...
P.S. I am not a network expert, instead I am learning. If you find some errors, please let me know. I would definitely appreciate it.
References
- https://www.youtube.com/playlist?list=PLBlnK6fEyqRgMCUAG0XRw78UA8qnv6jEx
- https://www.researchgate.net/publication/220049933_Vulnerabilities_of_LDAP_As_An_Authentication_Service
- https://www.xbase.com/2020/01/how-can-i-make-my-network-scalable/
- https://us.norton.com/internetsecurity-privacy-what-is-a-ddos-attack.html
Top comments (0)