chapter 10 network security. introduction look at: –principles of security (10.1) –threats...
TRANSCRIPT
![Page 1: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/1.jpg)
Chapter 10
Network Security
![Page 2: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/2.jpg)
Introduction
• Look at:– Principles of Security (10.1)– Threats (10.2)– Encryption and Decryption (10.3)– Firewalls (10.4)
![Page 3: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/3.jpg)
Introduction
• Look at:– IP Security (IPSec) (10.5)– Web Security (10.6)– E-mail Security (10.7)– Best Internet Security Practices (10.8)
![Page 4: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/4.jpg)
Principles of Security
• The concept of security within the network environment includes:– All aspects of operating systems – Software packages– Hardware– Networking configurations– Network sharing connectivity– Physical security is also linked to IT security
![Page 5: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/5.jpg)
Principles of Security
• Security is not just a policy or a plan
• It is a mindset
• You must properly train and cultivate employees to be security aware
• Remember that your network is only as strong as its weakest link, which is usually a human being
![Page 6: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/6.jpg)
Threats
• Humans pose probably the greatest threat to a network because their behavior cannot be controlled
• Because an environment can’t be made completely threat-proof, you must be constantly attentive to be sure that it is as secure as possible
• The first step to sound security is establishing a security policy
![Page 7: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/7.jpg)
Threats
• A back door is a program that allows access to a system without using security checks
• Programmers will put back doors in programs so they can debug and change code during test deployments of software
• A back door can also be installed through applications that are hidden inside of games or software such as screen savers
• Another type of back door comes in the form of a privileged user account
![Page 8: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/8.jpg)
Threats
• Brute force is a term used to describe a way of cracking a cryptographic key or password
• It involves systematically trying every conceivable combination until a password is found, or until all possible combinations have been exhausted
• Brute force is a method of pure guessing• Password complexity plays an important role
when dealing with brute force programs• The more complex the password, the longer it
takes to crack
![Page 9: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/9.jpg)
Threats
• The most popular attacks are buffer overflow attacks
• More data is sent to a computer’s memory buffer than it is able to handle causing it to overflow
• The system is left in a vulnerable state or arbitrary code can be executed
• Buffer overflows are probably the most common way to cause disruption of service and lost data
![Page 10: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/10.jpg)
Threats
• The purpose of a denial of service (DoS) attack is to disrupt the resources or services that a user would expect to have access to
• These types of attacks are executed by manipulating protocols and can happen without the need to be validated by the network
• Many of the tools used to produce this type of attack are readily available on the Internet
![Page 11: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/11.jpg)
Threats
• The man-in-the-middle attack takes place when an attacker intercepts traffic and then tricks the parties at both ends into believing that they are communicating with each other
• The attacker can also choose to alter the data or merely eavesdrop and pass it along
• A man-in-the-middle attack can be compared to inserting a receptive box between two people having a conversation
• This attack is common in Telnet and wireless technologies
![Page 12: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/12.jpg)
Threats
• Session hijacking is a term given to an attack that takes control of a session between the server and a client
• A hijacker waits until the authentication cycle is completed and then generates a signal to the client
• This causes the client to think it has been disconnected
• Then the hijacker begins to transact data traffic, pretending to be the original client
![Page 13: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/13.jpg)
Threats
• Spoofing is making data appear to come from somewhere other than where it really originated
• This is accomplished by modifying the source address of traffic or source of information
• Spoofing bypasses IP address filters by setting up a connection from a client and using an IP address that is allowed through the filter
![Page 14: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/14.jpg)
Threats
• Social engineering plays on human behavior and how we interact with one another
• The attack doesn’t feel like an attack at all • We teach our employees to be customer
service oriented so often they think they are being helpful and doing the right thing
• Each attack plays on human behavior and our willingness to help and trust others
![Page 15: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/15.jpg)
Threats
• Software exploitation is a method of searching for specific problems, weaknesses, or security holes in software code
• Improperly programmed software can be exploited
• It takes advantage of a program’s flawed code
![Page 16: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/16.jpg)
Threats
• A program or piece of code that is loaded onto your computer without your knowledge is a virus
• It is designed to attach itself to other code and replicate
• It replicates when an infected file is executed or launched
• It attaches to other files, adding its code to the application’s code and continues to spread
![Page 17: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/17.jpg)
Threats
• Trojan horses are programs disguised as useful applications
• Trojan horses do not replicate themselves like viruses but they can be just as destructive
• Code hidden inside the application can attack your system directly or allow the system to be compromised by the code’s originator
• It is typically hidden so its ability to spread is dependent on the popularity of the software and a user’s willingness to download and install the software
![Page 18: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/18.jpg)
Threats
• Worms are similar in function and behavior to a virus, Trojan horse, or logic bomb
• Worms are self-replicating• A worm is built to take advantage of a
security hole in an existing application or operating system, find other systems running the same software, and automatically replicate itself to the new host
• The process repeats with no user intervention
![Page 19: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/19.jpg)
Threats
• Other types of malware are:– Logic bombs – Spyware – Sniffers – Keystroke loggers
• As with anything, the intent and use of some of these can be good or bad
![Page 20: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/20.jpg)
Encryption and Decryption
• Cryptosystem or cipher system provides a way to protect information by disguising it into a format that can be read only by authorized systems or individuals
• The use of these systems is called cryptography and the disguising of the data is called encryption
![Page 21: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/21.jpg)
Encryption and Decryption
• Encryption is the transformation of data into a form that cannot be read without the appropriate key to decipher it
• It is used to ensure that information is kept private
• Decryption is the reverse of encryption • Decryption deciphers encrypted data
into plain text that can easily be read
![Page 22: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/22.jpg)
Encryption and Decryption
• There are two basic types of encryption where one letter is replaced with another by a scheme
• This is called a cipher
• The two basic types are:– substitution
– transposition
![Page 23: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/23.jpg)
Encryption and Decryption
• A substitution cipher replaces characters or bits with different characters or bits, keeping the order in which the symbols fall the same
• In a transposition cipher, the information is scrambled by keeping all of the original letters intact, but mixing up their order
• This is called permutation
![Page 24: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/24.jpg)
Encryption and Decryption
• The Data Encryption Standard (DES) suggests the use of a certain mathematical algorithm in the encrypting and decrypting of binary information
• The system consists of an algorithm and a key
• It is a block cipher using a 56-bit key on each 64-bit chuck of data
• In a block cipher, the message is divided into blocks of bits
![Page 25: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/25.jpg)
Encryption and Decryption
• Rivest-Shamir-Adleman (RSA) is an Internet encryption and a digital signature authentication system that uses an algorithm
• This encryption system is currently owned by RSA Security
• The RSA key length may be of any length, and it works by multiplying two large prime numbers
![Page 26: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/26.jpg)
Encryption and Decryption
• Public-key cryptosystems use different keys to encrypt and decrypt data
• The public key is readily available whereas the private key is kept confidential
• There are two major types of algorithms used today: – symmetric, which has one key that is
private at all times – asymmetric, which has two keys: a public
one and a private one
![Page 27: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/27.jpg)
Encryption and Decryption
• Besides RSA, some of the more popular asymmetric encryption algorithms are:– Diffie-Hellman Key Exchange – El Gamal Encryption Algorithm – Elliptic Curve Cryptography (ECC)
• The environments where public-key encryption is very useful include unsecured networks where data is vulnerable to interception and abuse
![Page 28: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/28.jpg)
Encryption and Decryption
• Public Key Infrastructure (PKI) allows you to bring strong authentication and privacy to the Internet
• Public-key cryptographic techniques and encryption algorithms allow you to provide authentication and ensure that only the intended recipients have access to data
• PKI is comprised of several standards and protocols that are necessary for interoperability among different security products
![Page 29: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/29.jpg)
Encryption and Decryption
• The system consists of digital certificates and the certificate authorities (CAs) that issue the certificates
• Certificates identify sources that have been verified as authentic and trustworthy
• The CA’s job is to verify the holder of a digital certificate and ensure that the holder of the certificate is who they claim to be
![Page 30: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/30.jpg)
Encryption and Decryption
• Digital signatures are used to authenticate the identity of the sender, as well as ensure that the original content sent has not been changed
• Non-repudiation is intended to provide a method in which there is no way to refute where data has come from
• Non-repudiation is unique to asymmetric systems because private keys are not shared
![Page 31: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/31.jpg)
Encryption and Decryption
• A virtual private network (VPN) is a network connection that allows you secure access through a publicly accessible infrastructure
• VPN technology is based on tunneling• Tunneling uses one network to send its data
through the connection of another network• It works by encapsulating a network protocol
within packets carried by a public network
![Page 32: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/32.jpg)
Encryption and Decryption
• The protocol that is wrapped around the original data is the encapsulating protocol such as: – IP Security (IPSec) – Point-to-Point Tunneling Protocol (PPTP)– Layer Two Tunneling Protocol (L2TP)– Layer 2 Forwarding (L2F)
• Tunneling is not a substitute for encryption
![Page 33: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/33.jpg)
Firewalls
• A firewall is a component placed between computers and networks to help eliminate undesired access by the outside world
• It can be comprised of:– hardware– software– a combination of both
![Page 34: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/34.jpg)
Firewalls
• There are four broad categories that firewalls fall into: – packet filters – circuit level gateways– application level gateways– stateful inspection
• These four categories can be grouped into two general categories
![Page 35: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/35.jpg)
Firewalls
• A packet-filtering firewall is typically a router• Packets can be filtered based on IP
addresses, ports, or protocols • They operate at the Network layer (Layer 3)
of the Open System Interconnection (OSI) model
• Packet filtering is based on the information contained in the packet header
![Page 36: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/36.jpg)
Firewalls
• An Application-level gateway is known as a proxy
• Proxy service firewalls act as go betweens for the network and the Internet
• The firewall has a set of rules that the packets must pass to get in or out of the network
• They hide the internal addresses from the outside world and don’t allow the computers on the network to directly access the Internet
![Page 37: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/37.jpg)
IP Security (IPSec)
• IPSec is a set of protocols developed by the IETF that operates at the Transport Layer (Layer 3) to support the secure exchange of packets
• The IPSec protocol suite adds an additional security layer in the TCP/IP stack
• The IPSec suite attains a higher level of support for data transport by using a set of protocols and standards together
![Page 38: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/38.jpg)
IP Security (IPSec)
• These include:– Authenticated Header (AH)– Encapsulated Secure Payload (ESP)– Internet Key Exchange (IKE)
• AH provides integrity, authentication, and anti-replay capabilities
• ESP provides all that AH provides, plus data confidentiality
![Page 39: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/39.jpg)
Web Security
• A Web server is used to host Web-based applications and internal or external Web sites
• The best way to ensure that only necessary services are running is to do a clean install
• Web servers contain large, complex programs that may have some security holes
• Many protocols contain common vulnerabilities that may be manipulated to allow unauthorized access
![Page 40: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/40.jpg)
E-mail Security
• E-mail has become the preferred method of communication
• The public transfer of sensitive information exposes it to interception or being sent to undesired recipients
• Unsolicited e-mail may contain dangerous file attachments such as viruses, trojan horses or worms
![Page 41: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/41.jpg)
E-mail Security
• Pretty Good Privacy (PGP) is a specification and application which is integrated into popular e-mail packages
• PGP enables you to securely exchange messages, secure files, disk volumes and network connections with both privacy and strong authentication
• PGP can also be used for applying a digital signature without encrypting the message
![Page 42: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/42.jpg)
E-mail Security
• Privacy-Enhanced Mail (PEM) was one of the first standards for securing e-mail messages by encrypting 7-bit text messages
• PEM may be employed with either symmetric or asymmetric cryptographic key mechanisms
• It works at the application layer, using a hierarchical authentication framework compatible with X.509 standards
![Page 43: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/43.jpg)
Best Internet Security Practices
• Here are some best practices for being able to detect network attacks: – Assume everyday that a new vulnerability
has surfaced overnight– Make it part of your daily routine to check
the log files from firewalls and servers– Have a list of all the security products that
you use and check vendor Web sites for updates
![Page 44: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/44.jpg)
Best Internet Security Practices
• Here are some best practices for being able to detect network attacks:– Know your infrastructure – Ask questions and look for answers – Set good password policies– Install virus software and update the files
on a regular basis
![Page 45: Chapter 10 Network Security. Introduction Look at: –Principles of Security (10.1) –Threats (10.2) –Encryption and Decryption (10.3) –Firewalls (10.4)](https://reader034.vdocuments.us/reader034/viewer/2022042516/56649eab5503460f94bb17fd/html5/thumbnails/45.jpg)
Best Internet Security Practices
• Listed below are some Web sites that offer good information on best practices:– http://csrc.nist.gov/fasp/– http://www.cert.org/security-improvement/– http://www.sans.org/rr/– http://www.securityfocus.com