• Internet is a vast world of several computers in a very large network. • The three words 'vast', 'several' and 'very large' don't allow us to deny the importance of security in the field of data communication and networking. • Internet security is used to protect websites and other electronic files from being attacked by hackers and viruses. • Security concerns are in some ways peripheral to normal business working, but serve to highlight just how important it is that business users feel confident when using IT systems. • Simply because cyber criminals know that a successful attack is very profitable and security will probably always be high on IT systems. • Thus it means that cyber criminals will always strive hard to find new ways around IT security and users will consequently need to be continually vigilant. • In the computer industry, Internet security refers to the techniques for ensuring the data stored in a computer cannot be read or compromised by any individuals without authorization. • Most security measures involve data encryption and passwords. • When computer connects to a network and begins communicating with others, it is taking a risk. • Internet security involves the protection of a computer's internet account and files from intrusion of an unknown user. • Basic security measures which involves protection by passwords (a secret word or phrase giving user access to system or a program), change of file permissions and back up of computer's data. • Thus it is clear that whenever decisions are to be made about how to enhance a system, security will need to be held upper most among its requirements. E-Content of INTERNET TECHNOLOGY AND WEB DESIGN Chapter: 11.2 Overview of Internet Security
Topic: 11.2.2 Aspects and need of security
Aspects and need of security
• The information security picture is changing and threats are expanding. • Our business practices are being transformed and many security products are evolving. • These changes must be a part of our strategic thinking for the future. Changing threats and consequences • The fight is not against ''pranksters'' any more, but well financed and highly motivated criminals. • We still must protect against e-mailed viruses, but are now more concerned about web based malicious software, self-propagating worms, attacks on vulnerable applications. Changing business needs • The primary customers for electronic services are no longer state employees, but citizens, organizations and business partners. • To provide these services, user concentrate valued information in large database linked to applications open to people all over the world. • User must show close attention to server configuration, application security, system and application patches, authentication and authorization, malicious traffic and other things that may not have been big concerns before. New tools and methods needed • User still needs to filter out spam and e-mail viruses and install border protections. • User must also filter out malicious websites, apply patches quickly, develop secure applications, lock down desktops, implement secure configurations and remove unnecessary services from servers, use strong authentication, train employees, isolate data stored and more. Vendor products, services and pricing are changing E-Content of INTERNET TECHNOLOGY AND WEB DESIGN • There is a trend toward bundling security tools and requiring purchase of the bundle. • Vendors are providing discounts when only their products are used, even when it is contrary to best practice, example, using two different antivirus vendor's products. • Products which used for long years are no longer top performers. • As product lines expand, support seems to decline and vendors push for long term contracts to lock customers in. • There is little price competition, except with a large volume purchase. • Vendors are getting better at identifying threats and quickly updating their products to stop them. • Usually no clear best product or company surfaces and stays at the top. • Core security products are becoming commodities with many customers changing products regularly, rather than staying with the same product year after year. Security needs to be strategic • Security is not an extra cost add-on. • It must become part of the core service-delivery requirements. • Expecting all agencies to learn about choose, implement, manage and maintain new security measures independently is inefficient and costly. • User need to develop long-term strategies that accomplish goals and then figure out how to achieve them. • Working collaboratively and strategically user can improve security, reduce workloads and save money. • It may allow us to take advantage of opportunities that user cannot individually. E-Content of INTERNET TECHNOLOGY AND WEB DESIGN Chapter: 11.2 Overview of Internet Security
Topic: 11.2.3 E-mail threats and Secure E-mail
E-mail threats and Secure E-mail
• E-mail when sent across the internet is more like a post card. • It can be intercepted at any stage and read by anybody who can lay his hands on it. • To ensure the secrecy of the message, the sender as well as the receiver should agree on the secret key. • There starts the problems, if user's intended recipient is in faraway country, then user have to distribute the key first to him before user can send him the message. • And it presents a logistical problem, Public key cryptography was designed to overcome this problem through what is known as public key private key pair. • Another way to ensuring the secrecy of the e-mail messages is through the use of a technique called singing a message. Web security and Privacy concepts • The control panel of our system provides us with 'Internet options' where we can set the level of privacy and security of our web browsers. • Using 'security options', user can block certain unwanted and unsecure sites. • Using 'privacy option', user can select the zone for blocking cookies as per the requirements. What are cookies? • The term “cookie” is derived “magic cookie”, a well-known concept in UNIX computing. • In simple computing terms a cookie is a small string of text stored on a user's computer by a web browser. • Cookie is a message given to a web browser by a web server which is stored by the browser in a text file. E-Content of INTERNET TECHNOLOGY AND WEB DESIGN • The message is then sent back to the server each time the browser request a page from the server. • The main purpose of cookies is to identify users and possibly prepare customized web pages for them. • Websites use cookies for different reasons: To collect demographic information about who is visiting the web site. To personalize the user's experience on the web site cookies help to store personal information about you so that when you return to the site you have a more personalized experience. To monitor advertisements. • Thus cookies are text files that can be deleted at any time. • They cannot be used to spread virus and can't access your hard drive. • Cookies do not act maliciously on computer systems. The Simple Network Management Protocol • The simple network management protocol is a frame work for managing devices in an internet using the TCP/IP protocol suite. • It provides a set of fundamental operations for monitoring and maintaining on internet. • The SNMP uses the concept of a manager and agent. • A manager is a host that runs the SNMP client program. • A manager is a host that runs the SNMP server program. • Management is done through simple interaction between manager and agent. • The agent keeps performance information in a database. • The manager has access to value in the database. • SNMP is an application level protocol in which a few manager stations control a set of agents. • The protocol is designed at the application level so that it can monitor devices made by different manufacturers and installed on different physical networks. • SNMP frees the management tasks from both the physical characteristics of the managed devices and underlying networking technology. E-Content of INTERNET TECHNOLOGY AND WEB DESIGN • Management with SNMP is based on three basic ideas: A manager checks an agent by requesting information that reflects the behavior of the agent. A manager forces an agent to perform a task by resulting values in agent database. An agent contributes to the management process by warning the manager of an unusual situation. Role of SNMP • SNMP has some very specific roles in network management. • It defines the format of the packet to be sent from a manager to an agent. • It also interprets the result and creates statistics. • The packets exchanged contain the object variable names and their status (values) SNMP is responsible for reading and changing these values. VPN • Virtual private network allows a computer to connect to a corporate LAN over the internet. • Virtual private network is an extremely important technology that is in wide spread use. • A VPN is carried over a shared or public network which is almost always the internet and encrypts the message so that only the VPN client and server can access it. • The cost of VPN connections are much less than dedicated connections such as WAN technologies because they take advantage of the art efficiency of the Internet without compromising security. VPN Connections • These connections are used in two important ways: To establish WAN connection using VPN technology between two distant networks that may be thousands of miles apart, but where each has some way of accessing the internet. To establish remote access connections that enable remote users to access a private network through a public network like the internet. E-Content of INTERNET TECHNOLOGY AND WEB DESIGN VPN’s support WAN connection in the same way as they support a remote access connection. VPN Protocols • VPN connection must be connected to the internet using point-to-point protocols. • Both sides must have a networking protocol in common. • This protocol is usually IP, but can also be IPX, Net BEUI, or Apple talk. • Both sides must set up a tunnel through their existing PPP connections, through which their data packets will pass. • The tunnel is formed using a tunneling protocol. • The three important tunneling protocols used for VPN’s are point-to-point tunneling protocol, Layer2 Tunneling Protocol and Internet Protocol Security. • VPN Client • VPN connection of both sides must be running compatible VPN software compatible protocols. • For a remote access VPN solution, the software you install depends on the VPN itself. • Dedicated VPN solutions also sell client software that you can distribute to users.