Internet Security

sweetlipscasteSecurity

Nov 2, 2013 (4 years and 10 days ago)

109 views

Internet Security

By

Abdiasis Mohamud

What is Internet Security


Internet security is the practice of protecting and
preserving private resources and information on the
Internet.


Internet Security is keeping anyone from doing things
you do not want them to do, with on or from your
computers or any peripheral devices.


One of the Internet's key strengths is that no one
agency or organization is responsible for its overall
management, leaving it largely free of bureaucratic
control and burdensome regulation. From a security
standpoint, however, this could also be viewed as one of
its weaknesses.






Types Of Protocols



TCP/IP
-

It’s the usual shorthand phrase for a collection of
communications protocols. Originally developed by ARPANET.


IP
-

Packets are bundles of data from the foundation of TCP/IP
protocol suite.


ARP
-

Works by sending out the an Ethernet broadcast packet
containing the desired IP address.


TCP
-

Provides reliable virtual circuits to user processes.


UDP
-

Is used for large transmissions it tends to behave badly on
network. Its easier to spoof UDP than TCP packets, since there’s no
handshakes or sequence numbers.


Cont’d


ICMP
-

Its used to influence behavior of TCP and UDP
connections. To report trouble with route and terminate
connection because of network problems.


FTP
-

Supports the transmission and character set
translation of text and binary files.



Internet Security Problems


Securing the web server and data that is on it


Securing Information that travels between the web and
the user


Securing the end user’s computer and other devices that
people use to access the Internet.


Business Integrity
-

Credit card security is one of the
biggest issue of the Internet because the potential to
literally create a world wide commerce opens a very
large hole to credit card fraud.


Systems Disabled
-

Systems providing TCP
-
based services
(WWW, email, newsgroup, gopher, etc ...) to the
Internet community may be unable to provide those
services while under a hacker's attack and for some time
after the attack has ceased.




How Hackers Operate??


Hacker
-
is programmer who
hacks

or reaches a goal by
employing a series of modifications to exploit or extend
existing code or resources gain unauthorized access
through skill and tactics.


Password Cracking
-
are usually the first thing a hacker
will try to "break" to gain access to your system.


Packet and password sniffing
-

Hackers have programs
which do this, and then scan all the messages which
traverse a network looking for passwords.


IP spoofing
-

Hacker sends a client request to the server
using the source route.


Social Engineering
-

Phone, talk or Internet chat.

I need Security


Firewalls
-

is device that checks each packet against a list
rules to permit or deny that transmission.


It a system designed to prevent unauthorized access to
or from a private network. Firewalls can be implemented
in both hardware and software or a combination of both.


Proxy Firewall
-

User runs an application, then the
application connects to the firewall and

logs in.

Cont’d


Encryption
-

Encryption is the transformation of data into
a form unreadable by anyone without a secret
decryption key.


Symmetric Encryption
-
It is a type of encryption where
the same key is used to encrypt and decrypt the
message.



Authentication
-

is a process whereby the receiver of a
digital message can be confident of the identity of the
sender and/or the integrity of the message. Its
mechanism for users to change their passwords or
obtain new passwords.

What Can You Do??


Make sure network is guided against spoofing.


Secure your machines.


Make your password difficult, use Punctuations and
characters.


References


Firewalls And Internet Security

by William R. Cheswick
and Steven M. Bellovin


Web Security
by Simon Garfinkel and Gene Spafford.


Protect Your Privacy On The Internet,
by Byran
Bfaffenberger


http://www.nss.co.uk/WhitePapers/InternetSecurity.htm.