Networks and Security
Types of Attacks/Security Issues
Malware Viruses Worms Trojan Horse Rootkit Phishing Spyware Denial of Service Attacks
Cookies Spam
Security – Internet Connections
Methods for blocking intruders from network or individual computers:
Firewall Browser security settings Automatic operating system updates
Security – Internet Connections
Methods for blocking intruders: Firewall
Firewalls A firewall is software or hardware that monitors
and controls data flowing between computers. Why is it called a firewall? Firewalls have a set of adjustable filters that detect
and block certain types of activities. Network admins typically configure the firewall to
allow only one computer (called a gateway) on the network to interact with the Internet.
Firewalls can control TCP/IP, HTTP, FTP, Telnet, SMTP, and other protocols.
Browser Security Settings
Browsers have certain security settings that can block certain features that pose security risks. Some of these are:
1. Disable Java or ActiveX applets in web pages.
2. Prevent web pages from storing cookies.
Unfortunately, high security settings
sometimes disable user-friendly features of
some web pages.
Encrypted Communications
Kinds of messages we might send/receive: HTTP requests / responses E-mail Instant Messages Telnet sessions Transactions (shopping, etc.)
Privacy
Any machine (router) along the path of the message can read it.– Message more like a postcard than a letter
Is this good???
What can we do???
Encryption/Cryptography
Need to figure out a way so that ONLY the recipient can read the message.
Most common techniques today: symmetric key encryption, public key encryption
Symmetric Key Encryption
A key is a binary number, typically 40 – 128 bits long.
Use a specific algorithm to combine the key with the message (already translated into binary) to produce an encrypted message.
The same key is used to decrypt the message. Method is fast, but sender and receiver must have
the key – how can the key be passed safely?
Public Key Encryption
Each person has a public key and a private key
The two keys ‘un-do’ each other:– Encrypt with public key, decrypt with private
key Public keys are publicly available on Key
Servers (anyone can see / get them) This method is slower, but more secure than
symmetric key.
Combination of Symmetric and Public Key Encryption Sender encrypts message using symmetric
key Sender encrypts symmetric key with the
public key of the receiver. Send encrypted key to receiver. Receiver uses private key to decrypt
symmetric key. Receiver uses symmetric key to decrypt
message.
Certificate Authority
How do you obtain someone’s public key? Refer to a Certificate Authority (CA) – a trusted
source that maintains a database of user names and their public keys. (similar to a DMV)
The CA may be used to identify merchants when making online purchases, or to verify contents of important documents and their senders.
VeriSign is a CA.
How does encryption address security concerns?4 communication security concerns: Eavesdropping: If a message is encrypted,
it is unreadable by eavesdroppers without a key
Spoofing: Sender uses his or her private key to encrypt part of the message. Receiver uses sender’s public key to decrypt that part – if it decrypts, it confirms sender’s identity.
Encryption & Security Concerns cont. Misrepresentation: Obtain a business’s public
key from a CA and encrypt your message. Only the business identified by CA can decrypt the message.
Tampering: Use symmetric key encryption – Word & Excel can encrypt a file and require a password to decrypt it. (Password is used in making the symmetric key.) Weakness?
More secure – using a digital signature.
Digital Signatures
To create a digital signature, the message is first processed by some algorithm to produce a single number (a 1-way hash).
This algorithm and the 1-way hash are then encrypted with the private key to produce the digital signature.
The message and digital signature are then transmitted.
Digital Signatures, cont.
The recipient uses the public key to decrypt the hash and its algorithm.
The recipient uses the algorithm and the transmitted message to produce a new hash. If this new hash matches the decrypted hash, recipient knows the message was not altered.