Internet Usage and Security

8/3/2019 Internet Usage and Security

1/21

Internet usage and Security


2/21

INTRODUCTIONInternet provides us with different

applications.

The applications we will be covering:Gopher

FTP

Usenet

E-mail

TelnetReasons needed for security:

Make transactions safer

Keep e-mails private


3/21

GopherDistributed document search and retrieval system.

Used at college campus, nonprofit organizations,

for publications and for fun.

Distinct feature of step by step navigation

Choices on Gopher menu: files, directories,

gateways.

Additional features:Bookmarks

VERONICA and JUGHEAD


4/21

FTPInternets File Transfer Program.

Connect to FTP server by giving IP address

Connection through conventional/protocol dialup

A different set of files & directories at anonymousFTP

Things to remember:Content of file location

Most FTP clients dont accept URL formatType and size of file

Files for different computer architecture

Contd


5/21

Commands while using FTP: To control FTP session: ASCII, binary, cr, hash, prompt,

status, user, verbose

for moving around among directories on remote machine:pwd, cd, cdup, dir, mdir, ls, mls, lcd

to move files back and forth: get, recv, put, send mget,mput

Archie- Database for files and directories

Submit queries by archie client program or e-mail

Queries sorted by hostname then path

Provides file permission, size, date and name


6/21

UsenetDeveloped ate UNIX community and circulated by

UUCP initially and then NNTP

Tools for reading news:

Access to Internet host FQDN

Newsreader

Types of Newsreader:

Line mode reader- Eg:Readnews Full-screen reader- Eg:Vnews, tin

Left to right specification of subject increases in a

newsgroup name Contd


7/21

Categories Of newsgroup: comp-computer related topics

misc-topics that cut across categories

news-Net news related distribution and s/w topics

rec- topics on recreational activities, art etc. sci- topics science related

soc- social issues topics

talk- open-ended debates for groups

To introduce new Newsgroup:

Submitting a proposal

Discussion followed by voting


8/21

E-mail: the message and medium

Store-and-forward service

Mailer- program used while sending or receiving

messages via Internet access provider.

Addressing non-local user:login_name@domain_name

Accessing Internet Service through E-mail:

Mailing lists and how to find them

Mail-based Bulletin boards: The Almanac Service

The Archie E-mail interface

FTP via E-mail: Ftpmail


9/21

Telnet

Network application to log in to one computer on theInternet from another

Use Internet and exchange data between the two

connected computers much fasterSession requires a user ID valid on remote computer

Telnet on Internet access providers computer viaconventional dialup.

Telnet client on home computer via protocol dialup.Working on Telnet you need:

IP address to identify the computer to which you want to connect

Valid login name and password on computer you reached.


10/21

Other than input mode command mode is also there

Advantage of using Telnet:

When Internet access providers offer only protocol dialup

Using the Internets client-server applications when theres no

client program on your local computer To get in touch with the Internets stand-alone applications

Web browsers support the Telnet protocol indirectly

Install a Telnet client program and configure your Web

browser to start that client to work with Telnetresources from Web browsers


11/21

Internet security

Being on the Internet: the risks

Unauthorized access to the information system from theoutside

Trojan horses and viruses sneaking in through transferring

data

Using false identities

Risk- extent of the damage to be expected if an eventoccurs and predicted probability of its occuring

Risk analysis: Phase 1: Defining the scope

Phase 2: Finding the risks

Phase 3: Risk assessment


12/21

Computer crime: Who does it?

Hackers from college:

Do no harm

Just want to successfully break-in and share experience

Staff:

can range from simple methods to data thefts

Intend to destroy or sabotage out of frustration

Hackers from computer underground:

Just intend to get in and out of top security sites safely

Old-fashioned criminals:

Target is finance and purchasing system since Internet crimeis easy

Cybercrime: Professional Hackers


13/21

Attack points and weaknesses

Internet: faulty software design

Architecture of TCP/IP and UDP protocols

Lack of safeguards

poorly configured & administered systems Poor service programs

Computer Organization as a risk

No focus on training for systems manager

Care on formulating security measures

Contd


14/21

Hit list of hacking methods

Sniffer attacks- These use invisible miniature programs

smuggled in on Internet hosts to monitor data flows and

retrieve passwords and system IDs

IP spoofing- attacker gives his own data packets addresses

which are in the address range of the target network toovercome packet filters and proxy firewalls

Sendmail attacks- use faults in the mail server application

sendmail

Attacks via NIS and NFS


15/21

Authentication

Core of all authentication systems is how they check ausers identity and what rights they are cleared for

Ways of capturing password apart from guessing:

Analyzing the protocol and filtering the password

Monitoring login/passwords using TSR programs

Social hacking

Protecting passwd file:

Avoid true passwd file get into file ranges of anonymous

Internet servers

Services like NIS should be deactivated

Password shadowing

Contd


16/21

Analyzing protocols and finding passwords-

Sniffer programs allow NIC to accept any data packet. Using

filter and trigger functions Internet addresses and passwords can

be filtered.

Password monitoring using TSR programsRun in the background mode, constantly spying on all keyboard

inputs and saving character sequences

Fishing passwords with Trojan horses

It boots as the users OS and retrieves the user ID and password

One-Time Passwords

Each time you login it is with a different password


17/21

Encryption

Encoding plain text to cipher textTwo ways of encoding:

Substitution- Caesar Cipher, Mono-alphabetic Cipher,Homophonic, Polygram & Polyalphabetic Substitution Cipher

Transposition- Rail Fence Technique, Simple ColumnarTransposition Technique, Vernam Cipher, Book Cipher

Two aspects of encryption: algorithm and key

A key is an input cipher text used for one- time pad

method for encryption.Two cryptography methods based on keys:

Symmetric- same key used for encryption & decryption

Asymmetric- different keys used for encryption & decryption


18/21

Firewalls

Network components connecting an internal, privatecorporate network to an external, public network

Benefits of using firewall:

Concentrates risk on a single area

Monitoring and control systems installed in firewall only

Connections monitored and controlled as via firewall

Different access control systems:

Packet filters- filters data packets with specified attributes

Circuit relays-let use applications without letting things at

protocol level

Application relays- let you use applications without comms

links break through the firewall system at protocol level


19/21

Architecture of firewall systems:

Border routers Border router with secure subnet

Dual home bastion hosts

Dual home bastion host with demilitarized zone (DMZ)

Cascaded dual home bastion hostsMonitoring systems: display connection by user & service

Display when security functions are activated

Display repeated attempts to get through the firewall system

Limits of firewalls Cant keep out data carried inside applications and prevent the

network being penetrated by viruses

Dont offer any security against unauthorized physical attackson an internal computer system


20/21

Conclusion

When Internet comes in, security is a major issue.

Not only, do we get information but can alsoaccess resources from remote compute as thoughfrom local computer.

For distributed DBMS and distributed operatingsystem, Internet is a must.


21/21

Thank you!

Documents

Internet Usage and Security