INTERNET SECURITY

Internet security is a branch of computer security specifically related to the Internet, often involving browser security but also network security on a more general level as it applies to other applications.  Different methods have been used to protect the transfer of data, including encryption.

INTERNET SECURITY

Encryption Cryptosystems

Data◦ Information we keep on computers (product

design, financial records, personnel data)◦ Lost time, lost sales, lost confidence

Resources◦ Unauthorized use of computer time & space

Reputation◦ Misrepresentation, forgery, negative publicity

What do we Need to Protect?

All internet traffic routed via proxy server Acts as an internet gateway Once proxy is secure, so is network Can filter content Can cache content Often used with a firewall in a corporate

environment

Proxy servers

Users are often the weakest link in security

Email attachments containing trojan horses

Account stealing (via key logging) Scams (‘I have $10 million to import’,

‘You have just won the lottery’, …)

Tricking the user

Spyware is a software that aids in gathering information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or control over a computer without the consumer's knowledge.

Spyware

Virus: self-replicating program that attaches itself to files and is spread when they are transferred

Worm: self-replicating program that pro-actively spreads itself

Trojan horse: a program that appears legitimate but is in fact malicious

Viruses,Worms,TrojansTypes of Spyware:-

ProfitA challengeMaliceBusiness

Why do people make Spyware?

Computer is running slower than normal Popups (on or off the internet) New toolbars Home page changes Search results look different Error messages when accessing the web

How do I know if I’ve got Spyware?

What does Spyware look like?

What does Spyware look like?

Use a legitimate spyware removal programWe suggest Spybot Search and Destroy in

combination with Microsoft Antispyware (now called Defender)

Ad-aware is a good program and is free for home use but is no longer free for educational use.

How do I get rid of Spyware?

1. Reboot2. Run a Spybot Scan3. Run a Microsoft Antispyware Scan4. If still having problems manually

remove registry and startup entries (Do NOT do this yourself)

Steps in Spyware Removal

Keep up to date with patches (Windows update, Software update)

Use anti-virus software and keep it up to date

Filter email for spam and suspicious messages

Be aware of ‘fake alerts’

Protecting your system

Should be: Long (8 characters or more) Not obvious or from a dictionary Contain capitals, numerals and non-

alphanumeric characters (!&^*$@.,’[]{}? …)

Transmitted in encrypted form only…

Passwords

Definition - hardware &/or software components that restrict access between a restricted network & the Internet or between networks◦ Restricts people to entering at a controlled

point◦ Prevents attackers from getting close to other

defenses (host controls)

Firewall Solutions

Focus security decisions - single point to leverage control

Enforce security policy - minimize exceptions

Limit exposure - separate sensitive areas of one network from another or outside world

Firewall Capabilities

Simple traffic logging systems ◦ audit log file of files accessed (HTTPD)◦ site usage/demand hours/links/browsers used

Hardened Firewall Host (hardware)◦ Halts unauthorized users◦ Concentrates security, hides internal system

names, centralizes & simplifies net management Proxy Server (software)

◦ Deals with external server requests on behalf of internal clients

◦ May limit certain HTTP methods (CGI or Java applets)

Types of Firewalls

Can’t protect against

◦malicious insiders◦connections that don’t go through it◦new threats◦viruses scans for source & destination

addresses & port numbers, not details of data

Firewall Limitations