11 Aug 2014Computer networks1 Network administrators are here to help you! Open a ticket on

11 Aug 2014 Computer networks 1

Computer networks

Network administrators are here to help you!

Open a ticket on http://support.unibz.it


Computer networks What is a network

Computers External connection Terminals Printers Stand-alone hard disks VoIP telephones

Server-client architecture


Transfer speed Network areas

Local Area Network (LAN, Intranet) Wide Area Network (WAN, Internet) Virtual Private Network (VPN)

Speed in “bits per second” (bps) Ethernet 10 Mbps Fast Ethernet 100 Mbps Gigabit Ethernet 1 Gbps Wireless 30-300 Mbps


Communication programs Web browser

Chrome (55% of the market) Mozilla Firefox (25% of the market) Internet Explorer (10% of the market) Safari

Mail reader Outlook, Mozilla Thunderbird, Windows Live Mail Webmail and Microsoft Outlook Web App

http://webmail.unibz.it Voice over IP

Costs WhatsApp


Posta Elettronica Certificata – PEC Standard email

No guarantee of sender’s e-mail address identity No guarantee of sender’s identity No guarantee that content has not been altered No sent proof No dispatched proof No read proof

PEC to PEC: like a raccomandata con ricevuta di ritorno

Sent proof Dispatched proof (in practice also) sender’s address identity and unaltered

content


Posta Elettronica Certificata – PEC PEC to standard email: like a raccomandata

semplice Sent proof

Standard email to PEC: like a normal letter

Sent and dispatched proves are legal proves

Every citizen may have a free PEC address to communicate with public administration


Search engines Crawler technique (8 billions web

pages!) Google scoring system Search tricks:

Use many keywords Quotations Advanced search Search for images


Slow connections

Names EquipmentEffective

speedNotes

PSTNanalogical

dial-up

telephone line and modem

56 KbpsTelephone is busy during connection

ISDN

ISDN telephone line and modem

128 KbpsTelephone is busy during full speed

connection

GPRS2G

GSM mobile phone

100 KbpsTelephone is busy during connection

EDGE2.5 G

modern GSM phone

300 Kbps


Broadband connections

Name Equipment Effective speed Notes

ADSLtelephone line and modem

500 Kbps in upload8-20 Mbps download

Congestion

Internet cable

special contract

some Gbps

UMTS3G

HSDPA

3G mobile phone

5 Mbps in upload40 Mbps in download

Speed depends strongly on environment

LTE4G

LTE mobile phone

up to 100 MbpsDepends on coverage and

contract

Wireless

Wi-Fiwireless card 30-300 Mbps

Speed depends on wireless generation

WiMaxantenna in line

of sight and modem

40 Mbps Speed depends strongly

on distance


Broadband connections ADSL Congestion

“minimum band guaranteed” contract Digital divide

5,400,000 Italians not covered by broadband WiMax

10 Kilometers range “line of sight” problem


Law 196/2003 on privacy

Data are divided into: personal data sensitive data

race and ethnicity, religious / philosophical / political opinions, belonging to religious / philosophical / political / workers

organization sensitive data about health and sex justice data (handled as sensitive data) genetic data (need extremely particular procedures)


Law 196/2003 on privacy

To personal users who do not communicate data security requirements still apply

Requirements authentication with login + password or alternatives permission training or instructions backup every week all data security programs updated every 12 months (6 if

sensitive) sensitive data must be encrypted or unidentifiable


Encryption

Scrambling technique to make text unreadable Public key for encrypting Private key for decrypting 128 bits to be sure


Encryption for information exchange

G#4hg!

decryptencrypt

B

C

D

A

encrypt

encrypt

f@çd*s

È^£(iw,

decrypt

decrypt

message 1

message 2

message 3

message 1

message 2

message 3

D

B

C

message 1

message 2

message 3

G#4hg!

encrypt

encrypt

encrypt

f@çd*s

È^£(iw,

decrypt Trb:-ò°§

Dr4^\|ò9

%$&/òL

decrypt

decrypt


Encryption for data storage

encrypt

decrypt

A secret data

D(£ò§*+]dH

secret

data A

encrypt decrypt

A secret data

D(£ò§*+]dH

%£)(“84jhg

ds?ì


Digital signature

Law 82/2005 Private key for encrypting Public key for decrypting Keys given by certification authorities Combination with PEC Keys expiration

Temporal mark


Digital signature

documentencryp

t decrypt

decrypt

decryptdocument

document

document

G#4$h&à?-2y

BC

D

A

false

document

encrypt decrypt

decrypt

decrypt2?=zx:-ki

2?=zx:-ki

2?=zx:-ki

Y&”:ò[fgj?’^

d

B

C

D


Comparison with handwritten signature

Digital signature Handwritten signature

Who can signNeeds keys from certification authority and proper tools

Everybody instantly

Who can verify

Everybody (with proper tools)

Handwriting analysts

Verification reliability

Sure for some yearsSubjective in dubious cases, no time limit

Temporal duration

Some years (can be renewed)

Until other reliable signatures are available

Mass signatures

Some seconds for all documents (with proper tools)

Some seconds per document

Date reliability

Objective if temporal markBased on other subjective elements (paper’s and ink’s age)


Electronic vs digital signature

Electronic signature automatic signature through username

and password Qualified electronic signature

and a certification authority guarantees it

Digital signature and uses encryption


Passwords


Passwords

What can be done with your password? Steal personal data Steal other people’s data Steal money Delete and modify data Steal identity Start illegal activities


Passwords

Most people have the following passwords:

A standard computer can try 4 billion passwords per second

password dragon monkey

123456 pussy 696969

12345678 baseball abc123

1234 football 12345

qwerty letmein


Passwords Law 196/2003

Avoid personal data in the password Change password every 6 months (3 if sensitive

data) Minimum 8 characters

Better also: Mix letters, strange characters and numbers Do not use words Use different passwords for different purposes Beware of passwords stored in programs

Test your password robustness on https://howsecureismypassword.net What to do in case of employee’s absence

https://howsecureismypassword.net/

https://howsecureismypassword.net/


Alternatives to password Law 196/2003 allows biometric identification

methods

fingerprints

hand palm

retina scanning

voice identification


Extra security Adding physical methods to standard password

smartcard token key OTP with display OTP USB phone SMS phone call


Viruses

What does a virus do? Infect Survive Duplicate Damage

Virus infection symptoms computer is slow to start unwanted and annoying pop-ups many system errors


Viruses

User’s responsible behaviors downloaded files and email attachments CD, DVD, USB pendrives strange websites updated programs updated antivirus beware when installing free programs!

Anti-viruses Checking the whole hard disk Checking suspect files Always running


Types of viruses Trojan horse

looks like a good program Key logger

records your keyboard activity (to get passwords) Back door

opens a port on your computer (to let external users in) Adware

displays advertisement Spyware

spies your activity (to get passwords or for spam targeting) Ransomware

demands money to avoid damage or justice problems


Spam

“unsolicited” “unwanted” “bulk” email Advertisement: gambling, pornographic websites,

medicines, risky investments, software… Chain letters Frauds Phishing

Sender is always counterfeited Do not click on links! Do not answer!!! Where do they get my email address? Antispam and blacklists


Phishing


Phishing


Phishing example

2,000,000 emails sent 5% arrive to existing users: 100,000 5% of users read the email: 5,000 2% of readers believe in the email: 100 $1,200 from each user

Gain: $120,000

In 2005 Mr. David Levi gained $360,000 from 160 people using Phishing on eBay website


Safe navigating

Navigation security Phishing Viruses

Download Save Antivirus Open Avoid visiting and downloading from

untrustworthy websites Keep Explorer and Windows up-to-date

Intercept your data Secure connection SSL: httpS


Attacks from outside

Denial of Service zombie computers

Firewall which internal program which external address what amount of traffic which kind of data

Windows Seven Firewall


Backup Why backup?

Source: The Cost of Lost Data. The importance of investing in that “ounce of prevention” by David M. Smith

40%

29%

13%

6%

9%3%

Hardware failureHuman errorSoftware corruptionVirusesTheftHardware destruc-tion


Backup Law 196/2003

backup every week What to backup?

Your data files emails, contacts, calendar Program configuration files Difficult-to-find stuff

Where to backup? another hard disk online backup systems: Dropbox, GoogleDrive, Box,

Amazon RAID techniques


RAID – Redundant Array of Independent Disks

JBOD – Just a Bunch Of Disks 2 disks

RAID 0 2 disks, fast

RAID 1 2 disks but space as for 1, safe vs crash, 24h service Most common solution

RAID 10 4 disks but space as for 2, fast, safe vs crash , 24h

service

None of these techniques is safe versus viruses or human errors!


JBOD


RAID 1


RAID 0


RAID 10

Documents

11 Aug 2014Computer networks1 Network administrators are here to help you! Open a ticket on