E-Content of

INTERNET TECHNOLOGY AND WEB DESIGN

Chapter: 11.2 Overview of Internet Security

Topic: 11.2.1 Overview of Internet Security

Overview of Internet Security

• Internet is a vast world of several computers in a very large network.
• The three words 'vast', 'several' and 'very large' don't allow us to deny the
importance of security in the field of data communication and networking.
• Internet security is used to protect websites and other electronic files from being
attacked by hackers and viruses.
• Security concerns are in some ways peripheral to normal business working, but
serve to highlight just how important it is that business users feel confident when
using IT systems.
• Simply because cyber criminals know that a successful attack is very profitable
and security will probably always be high on IT systems.
• Thus it means that cyber criminals will always strive hard to find new ways
around IT security and users will consequently need to be continually vigilant.
• In the computer industry, Internet security refers to the techniques for ensuring
the data stored in a computer cannot be read or compromised by any individuals
without authorization.
• Most security measures involve data encryption and passwords.
• When computer connects to a network and begins communicating with others, it
is taking a risk.
• Internet security involves the protection of a computer's internet account and files
from intrusion of an unknown user.
• Basic security measures which involves protection by passwords (a secret word
or phrase giving user access to system or a program), change of file permissions
and back up of computer's data.
• Thus it is clear that whenever decisions are to be made about how to enhance a
system, security will need to be held upper most among its requirements.
 E-Content of
INTERNET TECHNOLOGY AND WEB DESIGN
Chapter: 11.2 Overview of Internet Security

Topic: 11.2.2 Aspects and need of security

Aspects and need of security

• The information security picture is changing and threats are expanding.
• Our business practices are being transformed and many security products are
evolving.
• These changes must be a part of our strategic thinking for the future.
Changing threats and consequences
• The fight is not against ''pranksters'' any more, but well financed and highly
motivated criminals.
• We still must protect against e-mailed viruses, but are now more concerned
about web based malicious software, self-propagating worms, attacks on
vulnerable applications.
Changing business needs
• The primary customers for electronic services are no longer state employees, but
citizens, organizations and business partners.
• To provide these services, user concentrate valued information in large database
linked to applications open to people all over the world.
• User must show close attention to server configuration, application security,
system and application patches, authentication and authorization, malicious
traffic and other things that may not have been big concerns before.
New tools and methods needed
• User still needs to filter out spam and e-mail viruses and install border
protections.
• User must also filter out malicious websites, apply patches quickly, develop
secure applications, lock down desktops, implement secure configurations and
remove unnecessary services from servers, use strong authentication, train
employees, isolate data stored and more.
Vendor products, services and pricing are changing
 E-Content of
INTERNET TECHNOLOGY AND WEB DESIGN
• There is a trend toward bundling security tools and requiring purchase of the
bundle.
• Vendors are providing discounts when only their products are used, even when it
is contrary to best practice, example, using two different antivirus vendor's
products.
• Products which used for long years are no longer top performers.
• As product lines expand, support seems to decline and vendors push for long
term contracts to lock customers in.
• There is little price competition, except with a large volume purchase.
• Vendors are getting better at identifying threats and quickly updating their
products to stop them.
• Usually no clear best product or company surfaces and stays at the top.
• Core security products are becoming commodities with many customers
changing products regularly, rather than staying with the same product year after
year.
Security needs to be strategic
• Security is not an extra cost add-on.
• It must become part of the core service-delivery requirements.
• Expecting all agencies to learn about choose, implement, manage and maintain
new security measures independently is inefficient and costly.
• User need to develop long-term strategies that accomplish goals and then figure
out how to achieve them.
• Working collaboratively and strategically user can improve security, reduce
workloads and save money.
• It may allow us to take advantage of opportunities that user cannot individually.
 E-Content of
INTERNET TECHNOLOGY AND WEB DESIGN
Chapter: 11.2 Overview of Internet Security

Topic: 11.2.3 E-mail threats and Secure E-mail

E-mail threats and Secure E-mail

• E-mail when sent across the internet is more like a post card.
• It can be intercepted at any stage and read by anybody who can lay his hands on
it.
• To ensure the secrecy of the message, the sender as well as the receiver should
agree on the secret key.
• There starts the problems, if user's intended recipient is in faraway country, then
user have to distribute the key first to him before user can send him the
message.
• And it presents a logistical problem, Public key cryptography was designed to
overcome this problem through what is known as public key private key pair.
• Another way to ensuring the secrecy of the e-mail messages is through the use of
a technique called singing a message.
Web security and Privacy concepts
• The control panel of our system provides us with 'Internet options' where we can
set the level of privacy and security of our web browsers.
• Using 'security options', user can block certain unwanted and unsecure sites.
• Using 'privacy option', user can select the zone for blocking cookies as per the
requirements.
What are cookies?
• The term “cookie” is derived “magic cookie”, a well-known concept in UNIX
computing.
• In simple computing terms a cookie is a small string of text stored on a user's
computer by a web browser.
• Cookie is a message given to a web browser by a web server which is stored by
the browser in a text file.
 E-Content of
INTERNET TECHNOLOGY AND WEB DESIGN
• The message is then sent back to the server each time the browser request a
page from the server.
• The main purpose of cookies is to identify users and possibly prepare customized
web pages for them.
• Websites use cookies for different reasons:
 To collect demographic information about who is visiting the web site.
 To personalize the user's experience on the web site cookies help to store
personal information about you so that when you return to the site you have a
more personalized experience.
 To monitor advertisements.
• Thus cookies are text files that can be deleted at any time.
• They cannot be used to spread virus and can't access your hard drive.
• Cookies do not act maliciously on computer systems.
The Simple Network Management Protocol
• The simple network management protocol is a frame work for managing devices
in an internet using the TCP/IP protocol suite.
• It provides a set of fundamental operations for monitoring and maintaining on
internet.
• The SNMP uses the concept of a manager and agent.
• A manager is a host that runs the SNMP client program.
• A manager is a host that runs the SNMP server program.
• Management is done through simple interaction between manager and agent.
• The agent keeps performance information in a database.
• The manager has access to value in the database.
• SNMP is an application level protocol in which a few manager stations control a
set of agents.
• The protocol is designed at the application level so that it can monitor devices
made by different manufacturers and installed on different physical networks.
• SNMP frees the management tasks from both the physical characteristics of the
managed devices and underlying networking technology.
 E-Content of
INTERNET TECHNOLOGY AND WEB DESIGN
• Management with SNMP is based on three basic ideas:
 A manager checks an agent by requesting information that reflects the
behavior of the agent.
 A manager forces an agent to perform a task by resulting values in agent
database.
 An agent contributes to the management process by warning the manager of
an unusual situation.
Role of SNMP
• SNMP has some very specific roles in network management.
• It defines the format of the packet to be sent from a manager to an agent.
• It also interprets the result and creates statistics.
• The packets exchanged contain the object variable names and their status
(values) SNMP is responsible for reading and changing these values.
VPN
• Virtual private network allows a computer to connect to a corporate LAN over the
internet.
• Virtual private network is an extremely important technology that is in wide spread
use.
• A VPN is carried over a shared or public network which is almost always the
internet and encrypts the message so that only the VPN client and server can
access it.
• The cost of VPN connections are much less than dedicated connections such as
WAN technologies because they take advantage of the art efficiency of the
Internet without compromising security.
VPN Connections
• These connections are used in two important ways:
 To establish WAN connection using VPN technology between two distant
networks that may be thousands of miles apart, but where each has some
way of accessing the internet.
 To establish remote access connections that enable remote users to access a
private network through a public network like the internet.
 E-Content of
INTERNET TECHNOLOGY AND WEB DESIGN
 VPN’s support WAN connection in the same way as they support a remote
access connection.
VPN Protocols
• VPN connection must be connected to the internet using point-to-point protocols.
• Both sides must have a networking protocol in common.
• This protocol is usually IP, but can also be IPX, Net BEUI, or Apple talk.
• Both sides must set up a tunnel through their existing PPP connections, through
which their data packets will pass.
• The tunnel is formed using a tunneling protocol.
• The three important tunneling protocols used for VPN’s are point-to-point
tunneling protocol, Layer2 Tunneling Protocol and Internet Protocol Security.
• VPN Client
• VPN connection of both sides must be running compatible VPN software
compatible protocols.
• For a remote access VPN solution, the software you install depends on the VPN
itself.
• Dedicated VPN solutions also sell client software that you can distribute to users.