internet security.ppt

04/12/23 Internet Security 1

Internet SecurityInternet Security

Cameron Gianetti

Lap Hong

Ying-Chih Mao

Doung Wu

Simon Wu


Rising number of hackersRising number of hackers

difficult to estimate the number of hackers

only about two thousand or more sites offer free hacking tools

– unknown intruder – almost impossible to guard against.


Number of incidents reportedNumber of incidents reported 00’-03’00’-03’

an incident may involve one site or hundreds (or even thousands) of sites. Also, some incidents may involve ongoing activity for long periods of time. (“CERT/CC 1988-2003”)

Year 2000 2001 2002 2003 1Q-2Q

Incidents 21,756 52,658 82,094 76,404


Growing complicated threatsGrowing complicated threats

"Love Letter" worm May 2000 more than 650 individual sites indicating more than 500,000

individual systems are affected

“SQL Slammer” worm January 2003

crashed the Internet and infected roughly “75,000 systems within 15 minutes” on all systems running Microsoft Windows

– considerable network degradation – huge amount of damages and cleanup costs


Reduced spending on updating Reduced spending on updating security softwaresecurity software

– network firewalls (“99%”)– anti-virus software (“98%”)– VPNs, virtual private network (“86%”)

– only reduce risk, but not remove it – may be severely out of date tomorrow


User authentication User authentication

keep confidential information from unauthorized people

prove whether a user is who he or she claims to be. – individual identity can be a password, a

smart card, or a fingerprint.


Access authorizationAccess authorization

avoid the information from being modified in unexpected ways

make sure that people who access to company resources are permitted to so.


Data encryptionData encryption

the process of scrambling a message so that it cannot be read until it is unscrambling again.

protect information while information is transferring between authorized entities


What is it?

It is any software which takes information from your computer without your knowledge or consent.

Types of Spyware available

1. Trojans2. Web Bugs3. Advertiser software4. Stand-Alone Commercial Computer

Monitoring.


They are programs which are placed on your system by tricking you.

It gets the from the story of the Trojan horse in Troy.

It pretends to be harmless.


They are Active X controls or cookies that track what you do online from web sites.

Could be used by online retail stores for marketing research.


It is software installed with certain ad-supported programs which watches what you do online in order to send you targeted advertising.

Online retail stores find what kind of products you look for and sends you ads related to your interests.


It is software sold for use by bosses, spouses, private investigators, or identity thieves.

It is used to gather everything you do on your computer for later retrieval.


www.Spycop.comwww.Spyguard.com

They’re software runs for about $50 for home computers.

Some virus scan software such as McAfee may be able to do the job.


FirewallsFirewalls

What is a firewall?

Why would you want a firewall?

What can firewalls protect against?

What can’t a firewall protect against?

Can firewalls protect against viruses?


What is a firewall?What is a firewall?

A firewall is a group of systems that enforces access between networks

Enforces the inflow and outflow of data Some emphasis on blocking data whereas

others deal with permitting data. Important feature is access control


Why would you want a firewallWhy would you want a firewall??

Helps protect your system from those who want to gain access

In corporations keeping databases safe is a priority

Keeps unwanted users out


What can firewalls protect againts?What can firewalls protect againts?

Helps keep hackers from accessing the company network

Helps block traffic from the outside to the inside

Can protect against any network borne attack

If attacked the firewall can be used as a tracing tool.


What can’t firewalls protect against?What can’t firewalls protect against?

Can’t protect against trojaned clients

Cant’ protect from those inside the network


Can firewalls protect against Can firewalls protect against viruses?viruses?Firewalls can’t protect very well

against viruses. To many ways of encoding binary files

Can’t protect against a data-driven attack, in which something is emailed and is opened.


Viruses OriginViruses Origin

First widely seen in the late 1980s Second factor: people often download

free software/data from computer

bulletin board Third factor: is the creation of

“Floppy Disk.”


Why the Creation?Why the Creation?

First Reason: The “Thrill” – sense of superioritySecond Reason: the thrill of watching things blows upThird Reason: Bragging right or the thrill of doing it


Types of InfectionTypes of Infection

Viruses -- A virus is a small piece of software that piggybacks on real programs.

E-mail viruses -- Automatically mailing itself to dozens of people in victim’s e-mail address book.

Worms -- A worm is a small piece of software that uses computer networks and security holes to replicate itself.

Trojan horses – does damage to program and may erase the hard drive.


Top 5 Viruses/wormTop 5 Viruses/worm1st Lovgate.G worm - Destructive = NO Overall risk = Low Damage Potential =

high

*It’s slow down memory in the system

2nd Swen.A worm - Destructive = NO Overall risk = Low Damag Potential = hight

*Is destructive to via peer-to-peer file-sharing networks. Also terminates running antivirus and firewall software.

3rd Nachi.A worm- Destructive = Yes Overall risk = Medium Damage Potential = High

*Is similar to MsBlast Worm which will shut down operation system once the user is on line


Continue Continue 4th Antinny.A worm – Destructive = No Overall Risk = very lowDamage Potential = Low

*Upon execution, this worm displays the following fake message

5th Java Applet Virus – Destructive = No Overall Risk = Low

*Damage Potential = Medium

*modifications of web sites


How does Antivirus Work?How does Antivirus Work?

Scanning -- Allows user to analyze all the files one at a time and to check them in order to see if they contain a virus.

Real-time monitoring -- This antivirus feature is constantly active, constantly monitoring to keep any suspect file at bay.

Express repair – Once it detects an infected virus, an antivirus will first quarantine it in order to prevent it from multiplying

.File scanning – scan all files on computer

.Download scanning – scan all files that are being download form a ftp site

.Heuristic scanning – scan all usual files

.Email scanning – scan all received email


Antivirus PublishersAntivirus Publishers

. User can updates their current antivirus from a publishers bulletin board

.Download removal tool or fellow instructions on the vendor site for virus removal

.Getting helps from “Forum Site”


Anonymous IPAnonymous IP

IP Address - This address is a unique string of numbers that identifies a computer on the Internet. All resources on the Internet must have an IP address--or else they're not on the Internet at all.

IP Address - the most important piece of information a hacker needs to gain access to your computer.


What Can You Do?What Can You Do?

Firewalls (Blocked)

Routers (Drop Ping)

Anonymous Web Surfing Programs


Anonymous Web Surfing Anonymous Web Surfing

Zero-Knowledge Systems (ZKS) Network World, August 10, 1998 v15 n32

p1(1)

– Onion Routing

PGP (Pretty Good Protection)– http://www.pgpi.org/cgi/download-wizard.cgi

Cookie Cruncher– www.rbaworld.com/Programs/CookieCruncher/


Conclusion and Conclusion and RecommendationRecommendationcan only reduce risk, but not remove it. choose the degree of applying security

tools keep pace on updating technology stay with the innovations and new

trends in IT field

internet security.ppt

Documents

theyre software

antispyware software

antivirus software

virus scan software

small piece of software

computer networks

company network

email viruses