Network & Internet Security

Network & Internet Security

Chapter 4

Information Technology

• Helps to produce, manipulate, store, communicate, and/or disseminate information

• Consists of Computers + Communications• Most computers today have Internet access

LANS, MANS, and WANS

• Local area network (LAN) - a network of computers and other devices that is confined to a relatively small space, such as one building or even one office.

• Metropolitan area network (MAN) - a network that connects clients and servers in multiple buildings in a region.

• Wide area network (WAN) - a network that connects two or more geographically distinct LANs

LAN (Short distance)

MAN (Usually within a city)

WAN (Large distance)

Seattle

San Diego

Chicago

Dallas

Washington

Boston

From the Analog to the Digital Age

• Tape recorders, voices, and musical instruments are analog.

• CDs are digital.

Going Digital

• Music CD’s• Computers• TVs• Web TV• Telephones• Movies (DVD)• Newspapers

Digital Television

• Clearer picture

• Supports HDTV

HDTV

Plymouth State College

Forms of Connectivity

• Videoconferencing• Virtual Private Networks• Telecommuting & virtual offices• Home networks (WiFi)• Cell Phones• Bluetooth


Videoconferencing

VPNs

• Virtual Private Networks– Private networks that use a public network, usually the

internet, to connect remote sites

VPN (Virtual Private Network)

Node

node

node

Nodenode

node

Node

Internet

Network Concerns and Protection

• Hackers

• Viruses

• Snooping

• Firewalls

Cyberthreats, Hackers, & Safeguards

• Problem: • Initially no security was built into the Internet.• The internet is used by some people who are

not trustworthy.• All it takes is one computer on a LAN that has

been compromised for all computers on it to be vulnerable.

Cybercrime

• Crimes committed with or against computers and networks

• Includes unauthorized access or use• Hacking

– Individual information– Business information– National security information

Plymouth State University


• Hackers– People who gain unauthorized access to computers or

networks, often for fun or to see if they can (not good)

• Crackers– Malicious hackers who break into computers for malicious

purposes

11/2/00 Plymouth State University 19

Threats to Computers & Communications Systems

• WormsA program that copies itself

repeatedly into a computer’s memory or onto a disk drive

• VirusesA is a “deviant” program, stored

on a computer hard drive, that can cause unexpected and undesirable effects.

Viruses & Worms

• How they spread– Via e-mail attachments– By infected floppies or CDs– By clicking on infiltrated websites– By downloading from infected files from

websites– Through infiltrated Wi-Fi hotspots– From one infected PC on a LAN to

another• What can you do about it?

– Install anti-virus software and subscribe to the automatic anti-virus update service


• Trojan Horses – Programs that pretend to be a useful program

such as a free game or screensaver.– Carry viruses or malicious instructions that

damage your computer or install a backdoor or spyware

– Backdoors and spyware allow others to access your computer without your knowledge

Backdoor

• Sometimes installed by a virus• http://www.youtube.com/watch?v=ahcVp8vIicI


http://www.youtube.com/watch?v=ahcVp8vIicI


Disgruntled Employees


Computer Criminals

• Hackers• Crackers• Employees

Protecting Your Computer

• Safeguards– Use antivirus software, and keep it current– Install a firewall to filter out undesirable traffic– Use robust passwords –

• Minimum 8 characters with letters, numbers, characters• 4cats is not a good password, but f0UrK@tTz is

– Install antispyware software– Encrypt financial and personal records – Back up your data, so if your PC is attacked and

must be reformatted, you can restore your data

Protecting Your Computer

• Encryption– The process of altering readable data into

unreadable form to prevent unauthorized access– Two forms:

• Private Key encryption means the same secret key is used by both the sender and receiver to encrypt and decrypt a message

• Public Key encryption means that two keys are used

Encryption

• Scrambles data before transmission• Uses encryption key• Plaintext versus cipher text

Proof of Authenticity

• Certificate Authority• Entity that issues digital certificates• Digital Certificate

– Provided by a Certificate Authority– Has an expiration date

• Digital Signature– Gives a recipient reason to believe that the

message was created by a known sender


http://en.wikipedia.org/wiki/Public_key_certificate

Validation


Vulnerable Communication

• Home WiFi Networks• Cellular phones• Bluetooth


Cellular Phones


Wireless Communications MediaShort-range Wireless

• Wi-Fi (802.11) networks– Wi-Fi b, a, and g correspond to 802.11b, 802.11a, and 802.11g– 802.11 is an IEEE wireless technical specification– 802.11b is older, transmits 11 megabits per second – 802.11a is faster than b but with weaker security than g– 802.11g is 54 megabits per second and transmits 50 ft

• Warning! Security is disabled by default on Wi-Fi

Wireless Communications MediaPersonal Area Wireless

• Bluetooth– Short-range wireless standard to link cellphones, PDAs,

computers, and peripherals at distances up to 30 ft– Named after King Harald Bluetooth, the Viking who unified

Denmark and Norway– Transmits 720 kilobits per second

– Bluetooth can also be used to eavesdrop on networks– Turn it off on your cell phone unless you need it at that time


SafeguardsIdentification & Access

• What you have– Cards, keys, signatures, badges, RFID,

USB key

• What you know– PINs, passwords, personal information

• Who you are– Physical traits

• Biometrics – fingerprints, iris, face recognition

Joe Smith

Stealing Passwords


http://www.youtube.com/watch?v=O68zx6xTubs

http://boingboing.net/2011/03/07/nevada-student-charg.html

http://www.youtube.com/watch?v=O68zx6xTubs

http://boingboing.net/2011/03/07/nevada-student-charg.html


Iris Scan


Safeguards

• Encryption• Protection of software & data

– Access, audit, & people controls• Disaster-recovery plans


Protection of Software & Data

• Security procedures– Control of access– Audit controls– People controls

• Disaster-recovery plan

What can a business do if there are no disaster-recovery plans in place and a disaster

occurs?

Attacks on Computers and Networks

• Botnet• Denial-of-Service attack• Logic bomb• Trojan Horse• Malware on cell phones• Virus on router• iPod infected during manufacturing


Identity / Information Theft

• Requests for information• Phishing (spoof E-mail)• Pharming (fake web site)• Auction fraud


Real Web Site


Fake Web Site


Protection at Work

• No floppy / USB use• Secure access

– Physical– Logical


Recent Problems

• Cyberbullying• Cyberstalking• Pornography• Child predators



Internet Predators

Legal Protection

• Laws changing due to changing technology


Network & Internet Security

Documents

network of computers

public network

computers memory

wanslocal area network

metropolitan area network

wide area network wan

internet access lans

protectionhackers viruses