Presentation is loading. Please wait.

Presentation is loading. Please wait.

2.2 Interfacing Computers MR JOSEPH TAN CHOO KEE TUESDAY 1330 TO 1530

Similar presentations


Presentation on theme: "2.2 Interfacing Computers MR JOSEPH TAN CHOO KEE TUESDAY 1330 TO 1530"— Presentation transcript:

1 2.2 Interfacing Computers MR JOSEPH TAN CHOO KEE TUESDAY 1330 TO 1530

2 Different type of Servers *Servers has dedicated roles

3 File server is a computer and storage device dedicated to storing files Any user on the network can store files onto the server Print server is a computer that manages one or more printers Mail Servers An server is a computer within your network that works as your virtual post office. It handles the transfer of messages to and from other mail servers and clients. Proxy Servers sit between a client program typically a Web browser and an external server (typically another server on the Web) to filter requests, improve performance, and share connections. Domain Name Servers Domain Name systems: Allows Clients to query for IP addresses(32 bit) of hostnames.

4 Mail Servers An server is a computer within your network that works as your virtual post office. It handles the transfer of messages to and from other mail servers and clients. Components Sender workstation (Sender Client) SMTP (Simple Mail Transfer Protocol) Server Internet Standard for Electronic mail transmission across Internet It is a protocol to send s Text only, extensions are created to expand on it eg. Video, images messages storage (Receiver Server) Receiver Workstation (Receiver Client)

5 How does mail server works? Example sends an to

6 Sender Client Receiver Client Client: SMTP Server Receiver: SMTP Server Internet Question: What happens if its send to the same SMTP server? What happens if it cannot locate the receiver? mail.hci.edu.sg mail.moe.edu.sg

7 SMTP/POP3 2 main categories of Mail servers: Outgoing mail servers Simple Mail Transfer Protocol Incoming mail servers POP3 (Post Office Protocol, Version 3) storing sent and received messages on local Most POP3 servers can store messages on servers, too

8 Proxy Servers Sit between a client program typically a Web browser and an external server (typically another server on the Web) to filter requests (acts as a firewall), improve performance(Log activity, caching), and Goal: satisfy client request without involving origin server

9 Firewalls Objective is to keep the network secure. To control the incoming and outgoing network traffic by analyzing the data and determining whether it should be allowed through or not, based on a predetermined rule set. Filter based on data packets/applications

10 Proxy Servers Browser sends all HTTP requests to cache (proxy) If object in cache: cache returns object Else cache requests object from origin server, then returns object to client Why caching? Reduce response time for client request Reduce traffic

11 DNS (Domain Name System) There are 2 ways to identify a host host names IP addresses Routers identify a host by IP addresses. Eg Easier to remember a host by its name. Eg. DNS provides the directory service to translation from hostnames to IP addresses. DNS is a Distributed database implemented in a hierarchy of DNS servers It allows hosts to query the database

12 Cache in Browser + OS Resolving Name Server By ISP or Organization admin Root Server Top Level DNS Server, Authoritative DNS Servers

13 DNS: Root Name Servers

14

15 What are the different type of servers? Mail Servers An server is a computer within your network that works as your virtual post office. It handles the transfer of messages to and from other mail servers and clients. Proxy Servers sit between a client program typically a Web browser and an external server to filter requests, improve performance, and share connections. Domain Name Systems Using a hierarchy of DNS servers to allows Clients to query for IP addresses of hostnames.

16 Mail Servers An server is a computer within your network that works as your virtual post office. It handles the transfer of messages to and from other mail servers and clients. Elaborate on how messages get transferred from 1 domain to another. Proxy Servers sit between a client program typically a Web browser and an external server to filter requests, improve performance, and share connections. Elaborate on how it filter requests, improve performance, and share connections. Domain Name Systems Using a hierarchy of DNS servers to allows Clients to query for IP addresses of hostnames. Elaborate on process of querying the different levels of servers.

17 Network security

18 Security: Questions 1.What are the security threads? 2.What are some of the possible problems with breach of security? 3.What kind of data get ‘stolen’? 4.What are the current security measures in place? 5.What can the Singapore government do to ensure security measures are in place?

19 Case Studies Breaches Sony Playstation Questions: What are the security threads? What are some of the possible problems with breach of security? What kind of data get ‘stolen’? What are the current security measures in place?

20 Case Studies Sony Playstation Questions: What are the security threads? Servers get hacked! Servers with customer/player personal data What kind of data get ‘stolen’? Personal data stolen, million, names address and Credit card number What are some of the possible problems with breach of security? Data theft, Identity theft and Credit card fraud What are the current security measures in place? ???

21 Data scare Citibank Affects 100,000 North American customers affecting about 200,000 accounts Stolen 2.7 Million Sony Multiple attacks, 1 million users compromised Pull PlayStation gaming networks offline Account information being compromised Name, address, address, Date of birth Plaintext password, encrypted password Damages Trust/Reputation $

22 Case study: Target 1.What are the security threads? Using Malware to infect computer systems The Malware is scripted/embedded into another software 2.What kind of data get ‘stolen’? Personal information(Card/pin numbers), Address 3.What are some of the possible problems with breach of security? Data theft, Identity theft and Credit card fraud 4.What are the current security measures in place? Awareness

23 Malware What? software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems.

24 Questions to discuss Give 3 real life cases of security breaches/copy right issues etc in Singapore. Briefly describe how they have impacted the society and the organization involved. Recently, end of 2013 Hackers threatens to hit out on Singapore’s infrastructure Hackers compromise government websites Hackers defaced school web sites

25 Threats posted on youtube Video:

26 Case 1: School website Defaced 13 school website gets defaced of-13-schools/ html of-13-schools/ html

27 Case 2: 17 website related to People’s Association hacked News:

28 Case 2: PMO and Isetana Website compromised News Using cross-scripting => pointing to another page 2 men arrested for hacking into the websites

29 Case 2: PMO and Isetana Website compromised News video: Using cross-scripting => pointing to another page 2 men arrested for hacking into the websites Punishments Charged in court under Computer Misuse & Cyber Security Act Fine: $ Jail up to 3 years

30 Case 3: Singapore Art Museum website compromised Nov 20 & Nov 29 News: news/singapore/story/sam-website-hacked-second-cyber- intrusion-within-month news/singapore/story/sam-website-hacked-second-cyber- intrusion-within-month Internal investigations found that unauthorised links had been added to a specific page of the website. On Nov 20, personal information of about 4,000 people on its online mailing list was compromised Video:

31 Examples Posting threads to Singapore government on the Internet Govt to reconsider its regulation for licensing of news site Defaced school websites: Intention unclear Hacked Government websites People’s associations: intentions unclear PMO & Isetana: Intentions unclear Singapore Art Museum: Data theft

32 Government’s Take Video: What is the Computer Misuse Act?

33 (SG)Computer Security Act Offences: 1.Unauthorised access to computer material 2.Access with intent to commit or facilitate commission of offence 3.Unauthorised modification of computer material 4.Unauthorised use or interception of computer service 5.Unauthorised obstruction of use of computer 6.Unauthorised disclosure of access code 7.Enhanced punishment for offences involving protected computers 8.Abetments and attempts punishable as offences

34 (SG)Computer Security Act Offences: Unauthorised access to computer material any person who knowingly causes a computer to perform any function for the purpose of securing access without authority to any program or data held in any computer shall be guilty of an offence and shall be liable on conviction to a fine

35 (SG)Computer Security Act Offences: Access with intent to commit or facilitate commission of offence Any person who causes a computer to perform any function for the purpose of securing access to any program or data held in any computer with intent to commit an offence to which this section applies shall be guilty of an offence

36 (SG)Computer Security Act Offences: Unauthorised modification of computer material any person who does any act which he knows will cause an unauthorised modification of the contents of any computer shall be guilty of an offence and shall be liable on conviction to a fine

37 (SG)Computer Security Act Offences: Unauthorised use or interception of computer service Any person who knowingly — (a)secures access without authority to any computer for the purpose of obtaining, directly or indirectly, any computer service; (b) intercepts or causes to be intercepted without authority, directly or indirectly, any function of a computer by means of an electro- magnetic, acoustic, mechanical or other device; or (c) uses or causes to be used, directly or indirectly, the computer or any other device for the purpose of committing an offence under paragraph (a) or (b), shall be guilty of an offence and shall be liable on conviction to a fine

38 (SG)Computer Security Act Offences: Unauthorised obstruction of use of computer Any person who, knowingly and without authority or lawful excuse — (a) interferes with, or interrupts or obstructs the lawful use of, a computer; or (b) impedes or prevents access to, or impairs the usefulness or effectiveness of, any program or data stored in a computer, shall be guilty of an offence and shall be liable on conviction to a fine

39 (SG)Computer Security Act Offences: Unauthorised disclosure of access code Any person who, knowingly and without authority, discloses any password, access code or any other means of gaining access to any program or data held in any computer shall be guilty of an offence

40 (SG)Computer Security Act Offences: Enhanced punishment for offences involving protected computers a computer shall be treated as a “protected computer” if the person committing the offence knew, or ought reasonably to have known, that the computer or program or data is used directly in connection with or necessary for — (a)the security, defence or international relations of Singapore; (b)the existence or identity of a confidential source of information relating to the enforcement of a criminal law; (c)the provision of services directly related to communications infrastructure, banking and financial services, public utilities, public transportation or public key infrastructure; or (d)the protection of public safety including systems related to essential emergency services such as police, civil defence and medical services.

41 (SG)Computer Security Act Offences: Abetments and attempts punishable as offences Any person who abets the commission of or who attempts to commit or does any act preparatory to or in furtherance of the commission of any offence under this Act shall be guilty of that offence and shall be liable on conviction to the punishment provided for the offence.

42 Security: Questions 1.What are the security threads? 2.What are some of the possible problems with breach of security? 3.What kind of data get ‘stolen’? 4.What are the current security measures in place? 5.What can the Singapore government do to ensure security measures are in place?


Download ppt "2.2 Interfacing Computers MR JOSEPH TAN CHOO KEE TUESDAY 1330 TO 1530"

Similar presentations


Ads by Google