COSC1078 Introduction to Information Technology Lecture 21 Internet Security

Lecture 21: Internet Security Intro to IT

COSC1078 Introduction to Information Technology

Lecture 21

Internet SecurityJames Harland

[email protected]

Lecture 20: Internet Intro to IT

Introduction to IT1 Introduction 2 Images3 Audio4 Video WebLearnTest 1 5 Binary Representation Assignment 16 Data Storage7 Machine Processing8 Operating Systems WebLearn Test 29 Processes Assignment 210 Internet11 Internet Security WebLearn Test 312 Future of IT Assignment 3, Peer and Self Assessment


Overview Questions?

Assignment 3

Peer and Self Assessment

Internet Security

Questions?


Assignment 3 Reflect

Answer reflection questions from tutorialsSee last lecture for ideas

ResearchWrite about a particular IT topic of your choice (5-6 paragraphs)electronic voting, information security, 3D user interfaces, digital music, digital video, electronic commerce, natural language processing, DNA computing, quantum computing, cryptography, malware detection and removal, Moore's Law, green computing, …

Lecture 21: Internet Security SE Fundamentals

Self and Peer Assessment How well has each person contributed to the

group? Evaluated over the entire semester Assessed on process, not product Work out a grade for each person (CR, DI etc) Then convert this to a mark out of 20 Submit list of marks to tutor with justifications Repeat previous step until the tutor is satisfied See guidelines in Blackboard material

Lecture 19: Internet: Images Intro to IT

Internet Lisa?Hi Dad! Listen!Lisa?

Hi Dad! Listen!


Internet Structure

Application Application

Transport Transport

Network

Link

Network

Link

Mordor sucks!

2 dor1 Mor3 suc 4 ks!

1 2 3 49 5 6 2

143

22

13

4

2 3 1 49 5 6 2

2 dor1 Mor3 suc 4 ks!

Mordor sucks!


Internet Structure

1 Mor

1

6

6


Internet addresses Unique 32-bit identifier (up to 4,294,967,296) Soon to become 128-bit identifier Managed by Internet Corporation for Assigned

Names and Numbers (ICANN) ISPs get “blocks” of addresses 32-bit string represented as N1.N2.N3.N4 where Ni

is in the range 0..255 17.12.25.0 means00010001 00001100 00011001 00000000


Internet addresses Dotted decimal notation is still not very kind to

humans … www.sludgefacethemovie.com -> ??.??.??.?? Translation done by name servers which look up

the Domain Name System (DNS) Domains such as rmit.edu.au can be structured by

the domain owner (eg goanna.cs.rmit.edu.au)

Lecture 21: Internet Intro to IT

IPv4 vs IPv6 Internet Protocol version 4 (used since 1981) 32-bit addresses Can handle “only’’ 4,294,967,296 unique

addresses Exhausted in February 2011 IPv6 uses 128-bits addresses IPv6 can handle “only” 3.4×1038 addresses IPv5 didn’t change the IPv4 address space

and wasn’t successful for other reasons …


Internet Security

pass word patch spam

fire wall

virus war drivingkey logge

r

proxy worm

phishing

Trojan horse

Security vs access It is always a trade-off (a balance between two

competing forces) More security means less access More access means less security Redundancy can be either fatal or vital Nothing is perfect!

Freedom vs security Èverything which is not forbidden is allowed’ -- Principle of English Law Èverything which is not allowed is forbidden’ -- Common security principle

Ànything not mandatory is forbidden’ -- “military policy” Ànything not forbidden is compulsory’ (??) — T.H. White (The Once and Future King)


Passwords Should be: Long (8 characters or more) Not obvious or from a dictionary Contain capitals, numerals and non-

alphanumeric characters (!&^*$@.,’[]{}? …)

Recorded securely somewhere Transmitted in encrypted form only Older programs such as FTP, Telnet

transmit this in plaintext …


Firewalls Device which limits internet connections Limit network uses to only approved ones Prevent malicious software reporting

information Prevent outside attacks May need to have ports opened to allow

applications to work Only work on applications, not on content


Proxy servers All internet traffic routed via proxy server Acts as an internet gateway Once proxy is secure, so is network Can filter content Can cache content Often used with a firewall in a corporate

environment


Wardriving Driving around to find a vulnerable wireless signal Find a wireless connection that doesn’t

require a password (so add one to yours if you haven’t!)

Attack systems that use a default admin login name and password (change yours!)

Snoop on transmissions which are not encrypted (encrypt yours!)

Using a MAC address whitelist means only specified devices can connect to your router


Viruses,Worms,Trojans

Virus: self-replicating program that attaches itself to files and is spread when they are transferred

Worm: self-replicating program that pro-actively spreads itself

Trojan horse: a program that appears legitimate but is in fact malicious


Malware and Spyware Malicious software: Hidden mail server Key logging (to capture passwords) Enable machine takeover Direct traffic to particular web sites Analyse behaviour Act as a proxy …


Denial of service Prevent network from working normally Flood a server with ‘invalid’ inputs Use a network of compromised machines

to generate an overwhelming number of requests (Conficker?)

Such zombie machines can form a botnet, which then attack a particular server


Tricking the user Users are often the weakest link in security Email attachments containing trojan horses ‘Phishing’ Malicious web pages Malicious documents (macros in

spreadsheets) Account stealing (via key logging) Scams (‘I have $10 million to import’, ‘You

have just won the lottery’, …)


Protecting your system

Keep up to date with patches (Windows update, Software update)

Use a firewall Use anti-virus software and keep it up to

date Use anti-spyware tools Filter email for spam and suspicious

messages Be aware of ‘fake alerts’


Conclusion

Work on Assignment 3

Check whether your security defenses are up to date

Documents

COSC1078 Introduction to Information Technology Lecture 21 Internet Security