Network Internet Security Chapter 4 Information

Network & Internet Security Chapter 4

Information Technology • Helps to produce, manipulate, store, communicate, and/or disseminate information • Consists of Computers + Communications • Most computers today have Internet access

LANS, MANS, and WANS • Local area network (LAN) - a network of computers and other devices that is confined to a relatively small space, such as one building or even one office. • Metropolitan area network (MAN) - a network that connects clients and servers in multiple buildings in a region. • Wide area network (WAN) - a network that connects two or more geographically distinct LANs

LAN (Short distance)

MAN (Usually within a city)

WAN (Large distance) Chicago Seattle Boston Washington San Diego Dallas

From the Analog to the Digital Age • Tape recorders, voices, and musical instruments are analog. • CDs are digital.

Going Digital • • Music CD’s Computers TVs Web TV Telephones Movies (DVD) Newspapers

Digital Television • Clearer picture • Supports HDTV

HDTV

Forms of Connectivity • • • Videoconferencing Virtual Private Networks Telecommuting & virtual offices Home networks (Wi. Fi) Cell Phones Bluetooth Plymouth State College

Videoconferencing Plymouth State College

VPNs • Virtual Private Networks – Private networks that use a public network, usually the internet, to connect remote sites

VPN (Virtual Private Network) Node node Internet node Node

Network Concerns and Protection • Hackers • Viruses • Snooping • Firewalls

Cyberthreats, Hackers, & Safeguards • Problem: • Initially no security was built into the Internet. • The internet is used by some people who are not trustworthy. • All it takes is one computer on a LAN that has been compromised for all computers on it to be vulnerable.

Cybercrime • Crimes committed with or against computers and networks • Includes unauthorized access or use • Hacking – Individual information – Business information – National security information Plymouth State University

Cyberthreats, Hackers, & Safeguards • Hackers – People who gain unauthorized access to computers or networks, often for fun or to see if they can (not good) • Crackers – Malicious hackers who break into computers for malicious purposes

Threats to Computers & Communications Systems • Worms ü A program that copies itself repeatedly into a computer’s memory or onto a disk drive • Viruses ü A is a “deviant” program, stored on a computer hard drive, that can cause unexpected and undesirable effects. 11/2/00 Plymouth State University 19

Viruses & Worms • How they spread – – Via e-mail attachments By infected floppies or CDs By clicking on infiltrated websites By downloading from infected files from websites – Through infiltrated Wi-Fi hotspots – From one infected PC on a LAN to another • What can you do about it? – Install anti-virus software and subscribe to the automatic anti-virus update service

Cyberthreats, Hackers, & Safeguards • Trojan Horses – Programs that pretend to be a useful program such as a free game or screensaver. – Carry viruses or malicious instructions that damage your computer or install a backdoor or spyware – Backdoors and spyware allow others to access your computer without your knowledge

Backdoor • Sometimes installed by a virus • http: //www. youtube. com/watch? v=ahc. Vp 8 v. Iic. I Plymouth State University

Disgruntled Employees 11/2/00 Plymouth State University 23

Computer Criminals • Hackers • Crackers • Employees 11/2/00 Plymouth State University 24

Protecting Your Computer • Safeguards – Use antivirus software, and keep it current – Install a firewall to filter out undesirable traffic – Use robust passwords – • Minimum 8 characters with letters, numbers, characters • 4 cats is not a good password, but f 0 Ur. K@t. Tz is – Install antispyware software – Encrypt financial and personal records – Back up your data, so if your PC is attacked and must be reformatted, you can restore your data

Protecting Your Computer • Encryption – The process of altering readable data into unreadable form to prevent unauthorized access – Two forms: • Private Key encryption means the same secret key is used by both the sender and receiver to encrypt and decrypt a message • Public Key encryption means that two keys are used

Encryption • Scrambles data before transmission • Uses encryption key • Plaintext versus cipher text

Proof of Authenticity • Certificate Authority • Entity that issues digital certificates • Digital Certificate – Provided by a Certificate Authority – Has an expiration date • Digital Signature – Gives a recipient reason to believe that the message was created by a known sender Plymouth State University

Validation Plymouth State University

Vulnerable Communication • Home Wi. Fi Networks • Cellular phones • Bluetooth Plymouth State University

Cellular Phones Plymouth State University

Wireless Communications Media Short-range Wireless • Wi-Fi (802. 11) networks – – – Wi-Fi b, a, and g correspond to 802. 11 b, 802. 11 a, and 802. 11 g 802. 11 is an IEEE wireless technical specification 802. 11 b is older, transmits 11 megabits per second 802. 11 a is faster than b but with weaker security than g 802. 11 g is 54 megabits per second and transmits 50 ft • Warning! Security is disabled by default on Wi-Fi

Wireless Communications Media Personal Area Wireless • Bluetooth – Short-range wireless standard to link cellphones, PDAs, computers, and peripherals at distances up to 30 ft – Named after King Harald Bluetooth, the Viking who unified Denmark and Norway – Transmits 720 kilobits per second – Bluetooth can also be used to eavesdrop on networks – Turn it off on your cell phone unless you need it at that time

Safeguards Identification & Access • What you have – Cards, keys, signatures, badges, RFID, USB key Joe Smith • What you know – PINs, passwords, personal information • Who you are – Physical traits • Biometrics – fingerprints, iris, face recognition 11/2/00 Plymouth State University 34

Stealing Passwords http: //www. youtube. com/watch? v=O 68 zx 6 x. Tubs http: //boing. net/2011/03/07/nevada-student-charg. html Plymouth State University

Iris Scan 11/2/00 Plymouth State University 36

Safeguards • Encryption • Protection of software & data – Access, audit, & people controls • Disaster-recovery plans 11/2/00 Plymouth State University 37

Protection of Software & Data • Security procedures – Control of access – Audit controls – People controls • Disaster-recovery plan What can a business do if there are no disasterrecovery plans in place and a disaster occurs? 11/2/00 Plymouth State University 38

Attacks on Computers and Networks • • Botnet Denial-of-Service attack Logic bomb Trojan Horse Malware on cell phones Virus on router i. Pod infected during manufacturing Plymouth State University

Identity / Information Theft • • Requests for information Phishing (spoof E-mail) Pharming (fake web site) Auction fraud Plymouth State University

Real Web Site Plymouth State University

Fake Web Site Plymouth State University

Protection at Work • No floppy / USB use • Secure access – Physical – Logical Plymouth State University

Recent Problems • • Cyberbullying Cyberstalking Pornography Child predators Plymouth State University

Internet Predators Plymouth State College

Legal Protection • Laws changing due to changing technology Plymouth State University