lecture 21: internet security intro to it cosc1078 introduction to information technology lecture 21...
Post on 20-Dec-2015
216 views
TRANSCRIPT
Lecture 21: Internet Security Intro to IT
COSC1078 Introduction to Information Technology
Lecture 21
Internet SecurityJames Harland
Lecture 21: Internet Security Intro to IT
Introduction to IT
1-4 Introduction, Images, Audio, Video
5-6 Computer Fundamentals Assignment 1, WebLearn Test 1
7 Review
8 Operating Systems WebLearn Test 2
9 Operating Systems Assignment 2
10 Internet
11 Internet & Security WebLearn Test 3
12 Future of IT Assignment 3, Peer and Self Assessment
Lecture 21: Internet Security Intro to IT
Intro to IT Schedule
Week Lecture 1 Lecture 2
11 Internet Protocols Internet Security
12 Future of IT Review by request or more Future of IT
13 Mock Exam Wednesday 2nd June
Lecture 21: Internet Security Intro to IT
Overview
Questions?
Mock Exam
Assignment 3
Internet Security
Questions?
Lecture 21: Internet Security Intro to IT
Mock Exam
10.00-12.30 (TBC) on Wednesday 2rd June in 10.13.03 Bring your own paper, pens, etc. No calculators allowed Answers will be available from me when you leave
Schedule (times to be confirmed):
10.00 Access to room 10.15 Reading time commences 10.30 Writing time commences 12.30 Exam concludes
Lecture 21: Internet Security Intro to IT
Assignment 3
Review
(re-) answer What is IT? questions from Tutorial 1
Identify difficult parts of the course
Suggest new questions
Include favourites from Assignments 1 and 2
Reflect
Answer reflection questions from tutorials
Research
Write about a particular IT topic of your choice
(5-6 paragraphs)
Lecture 19: Internet: Images Intro to IT
InternetLisa?Hi Dad!
Listen!Lisa?Hi Dad! Listen!
Lecture 21: Internet Security Intro to IT
Internet Structure
Application Application
Transport Transport
Network
Link
Network
Link
Mordor sucks!
2 dor1 Mor3 suc 4 ks!
1 2 3 49 5 6 2
14
3
22
1
3
4
2 3 1 49 5 6 2
2 dor1 Mor3 suc 4 ks!
Mordor sucks!
Lecture 21: Internet Security Intro to IT
Internet Structure
1 Mor
1
6
6
Lecture 21: Internet Security Intro to IT
Network Layer (Internet Protocol) Real intelligence is in the network layer
Adds next destination to packet
Not complete list of addresses
Sends to next destination
Retrieves final destination packets for this node
Passes them to the transport layer
Routing tables can be updated when disconnections occur
Hop counts used to stop endless looping
Lecture 21: Internet Security Intro to IT
Transport layer
Transmission Control Protocol (TCP) often used
User Datagram Protocol (UDP) becoming more common
TCP
Establishes connection first
Send and wait for acknowledgement
Reliable
Can adjust flow control to avoid congestion
Often best for email (which is not real-time)
Older
Lecture 21: Internet Security Intro to IT
Transport layer
UDP
Doesn’t establish connection
Just sends and forget
Efficient
No congestion adjustment
Works well for DNS lookup
Often used for Voice over Internet Protocol (VoIP) applications such as Skype
Lecture 21: Internet Security Intro to IT
Internet addresses
Unique 32-bit identifier (up to 4,294,967,296)
Soon to become 128-bit identifier
Managed by Internet Corporation for Assigned Names and Numbers (ICANN)
ISPs get “blocks” of addresses
32-bit string represented as N1.N2.N3.N4 where Ni
is in the range 0..255
17.12.25.0 means
00010001 00001100 00011001 00000000
Lecture 21: Internet Security Intro to IT
Internet addresses
Dotted decimal notation is still not very kind to humans …
www.sludgefacethemovie.com -> ??.??.??.??
Translation done by name servers which look up the Domain Name System (DNS)
Domains such as rmit.edu.au can be structured by the domain owner (eg goanna.cs.rmit.edu.au)
Lecture 21: Internet Security Intro to IT
Internet Security
pass wordpatch spa
mfire wall
virus war drivingkey logge
r
proxy worm
phishing
Trojan horse
Security vs access
It is always a trade-off (a balance between two competing forces)
More security means less access
More access means less security
Redundancy can be either fatal or vital
Nothing is perfect!
Freedom vs security `Everything which is not forbidden is allowed’
-- Principle of English Law `Everything which is not allowed is forbidden’
-- Common security principle
`Anything not mandatory is forbidden’
-- “military policy” `Anything not forbidden is compulsory’ (??)
— T.H. White (The Once and Future King)
Lecture 21: Internet Security Intro to IT
Conclusion
Work on Assignment 3
Check whether your security defenses are up to date