Presentation is loading. Please wait.

Presentation is loading. Please wait.

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

Published byJeffery Porter Modified over 8 years ago

Similar presentations

Presentation on theme: "11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. "— Presentation transcript:

1 11 SECURING INTERNET MESSAGING Chapter 9

2 Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging.  Describe how to secure mail servers.  Describe how to secure mail clients.  Describe how to secure instant messaging (IM).  Explain basic concepts of Internet messaging.  Describe how to secure mail servers.  Describe how to secure mail clients.  Describe how to secure instant messaging (IM).

3 Chapter 9: SECURING INTERNET MESSAGING3 UNDERSTANDING INTERNET MESSAGING BASICS  E-mail is a popular communications medium.  E-mail is a common target of attackers and hoaxes.  E-mail security must address servers, clients, and protocols.  IM supports real-time interaction.  E-mail is a popular communications medium.  E-mail is a common target of attackers and hoaxes.  E-mail security must address servers, clients, and protocols.  IM supports real-time interaction.

4 Chapter 9: SECURING INTERNET MESSAGING4 TYPES OF MESSAGING  E-mail  Standardized protocols  Delayed communication  IM  Few standards  Real-time communication  List of online partners  E-mail  Standardized protocols  Delayed communication  IM  Few standards  Real-time communication  List of online partners

5 Chapter 9: SECURING INTERNET MESSAGING5 E-MAIL PROCESSING  Store and forward mechanism  DNS Mail Exchanger (MX) records  American Standard Code for Information Interchange (ASCII) format  Multipurpose Internet Mail Extensions (MIME) encoding  Store and forward mechanism  DNS Mail Exchanger (MX) records  American Standard Code for Information Interchange (ASCII) format  Multipurpose Internet Mail Extensions (MIME) encoding

6 Chapter 9: SECURING INTERNET MESSAGING6 STORE AND FORWARD

7 Chapter 9: SECURING INTERNET MESSAGING7 E-MAIL HEADER  Sender and receiver addresses  MIME attachments  E-mail client software  E-mail servers  Clear text, unencrypted  Sender and receiver addresses  MIME attachments  E-mail client software  E-mail servers  Clear text, unencrypted

8 Chapter 9: SECURING INTERNET MESSAGING8 E-MAIL PROTOCOLS  Simple Mail Transfer Protocol (SMTP)  Post Office Protocol (POP)  Internet Message Access Protocol (IMAP)  Simple Mail Transfer Protocol (SMTP)  Post Office Protocol (POP)  Internet Message Access Protocol (IMAP)

9 Chapter 9: SECURING INTERNET MESSAGING9 HOW E-MAIL SERVERS SEND AND RECEIVE MESSAGES

10 Chapter 9: SECURING INTERNET MESSAGING10 NATIVE E-MAIL SECURITY  No encryption  Easily intercepted  No authentication  Easily forged or spoofed  No encryption  Easily intercepted  No authentication  Easily forged or spoofed

11 Chapter 9: SECURING INTERNET MESSAGING11 SPAM  Spam can be either unsolicited commercial e-mail (UCE) or unwanted noncommercial e-mail.  More than half of all e-mail on the Internet is spam.  Spam wastes significant online resources.  Filters and blacklists reduce spam.  Spam can be either unsolicited commercial e-mail (UCE) or unwanted noncommercial e-mail.  More than half of all e-mail on the Internet is spam.  Spam wastes significant online resources.  Filters and blacklists reduce spam.

12 Chapter 9: SECURING INTERNET MESSAGING12 REDUCING SPAM  Never respond to spam.  Don’t post your e-mail address on your Web site.  Use a secondary e-mail address in newsgroups.  Don’t provide your e-mail address online without knowing how it will be used.  Use a spam filter.  Never buy anything advertised in spam.  Never respond to spam.  Don’t post your e-mail address on your Web site.  Use a secondary e-mail address in newsgroups.  Don’t provide your e-mail address online without knowing how it will be used.  Use a spam filter.  Never buy anything advertised in spam.

13 Chapter 9: SECURING INTERNET MESSAGING13 SCAMS  The purpose of a scam is to defraud rather than sell a product.  Education is the best defense.  Create a policy to control the release of sensitive information.  The purpose of a scam is to defraud rather than sell a product.  Education is the best defense.  Create a policy to control the release of sensitive information.

14 Chapter 9: SECURING INTERNET MESSAGING14 HOAXES  Spread misleading information, often called urban myths  Often spread like chain letters  Often start with malicious intent  Inappropriately use e-mail systems  Can be minimized by educating users about the proper handling of hoaxes  Spread misleading information, often called urban myths  Often spread like chain letters  Often start with malicious intent  Inappropriately use e-mail systems  Can be minimized by educating users about the proper handling of hoaxes

15 Chapter 9: SECURING INTERNET MESSAGING15 E-MAIL SERVER VULNERABILITIES  Data theft or tampering  Denial of service (DoS)  Spam, scams, and hoaxes  Spoofing  Mail relay  E-mail viruses  Data theft or tampering  Denial of service (DoS)  Spam, scams, and hoaxes  Spoofing  Mail relay  E-mail viruses

16 Chapter 9: SECURING INTERNET MESSAGING16 SECURING E-MAIL SERVERS  Remove unnecessary components.  Block unused protocols.  Disable relaying from unauthenticated connections.  Configure an SMTP bridgehead server.  Install virus filters and antivirus software.  Keep your software updated.  Remove unnecessary components.  Block unused protocols.  Disable relaying from unauthenticated connections.  Configure an SMTP bridgehead server.  Install virus filters and antivirus software.  Keep your software updated.

17 Chapter 9: SECURING INTERNET MESSAGING17 E-MAIL ACCESS CONTROL  When authenticating client access, consider  POP and IMAP  Proprietary protocols  Web-based e-mail  SMTP  When authenticating client access, consider  POP and IMAP  Proprietary protocols  Web-based e-mail  SMTP

18 Chapter 9: SECURING INTERNET MESSAGING18 POP AND IMAP  POP is used more often than IMAP.  Both transmit in clear text.  There are several ways to authenticate a POP user, including  Secure Password Authentication (SPA)  Authenticated Post Office Protocol (APOP)  Encrypted transport protocols such as Internet Protocol Security (IPSec) can be used.  POP is used more often than IMAP.  Both transmit in clear text.  There are several ways to authenticate a POP user, including  Secure Password Authentication (SPA)  Authenticated Post Office Protocol (APOP)  Encrypted transport protocols such as Internet Protocol Security (IPSec) can be used.

19 Chapter 9: SECURING INTERNET MESSAGING19 PROPRIETARY PROTOCOLS  Nonstandard protocols  Wider range of features  Various levels of authentication security  Different vulnerabilities  Nonstandard protocols  Wider range of features  Various levels of authentication security  Different vulnerabilities

20 Chapter 9: SECURING INTERNET MESSAGING20 WEB-BASED E-MAIL  Allows browser-based access  Is more versatile for mobile users  Uses strong Web-based authentication  Uses Secure Sockets Layer (SSL) or Transport Layer Security (TLS)  Allows browser-based access  Is more versatile for mobile users  Uses strong Web-based authentication  Uses Secure Sockets Layer (SSL) or Transport Layer Security (TLS)

21 Chapter 9: SECURING INTERNET MESSAGING21 SMTP ACCESS CONTROL  Allows only authenticated users to send e-mail  Supports password authentication  Limits SMTP access to local POP clients  Allows only authenticated users to send e-mail  Supports password authentication  Limits SMTP access to local POP clients

22 Chapter 9: SECURING INTERNET MESSAGING22 SMTP RELAY  SMTP relay forwards incoming messages to another mail server for delivery.  Open relays can be hijacked by spammers.  SMTP relaying should be limited to internal systems.  Limit access to local clients and approved servers to prevent SMTP relay.  SMTP relay forwards incoming messages to another mail server for delivery.  Open relays can be hijacked by spammers.  SMTP relaying should be limited to internal systems.  Limit access to local clients and approved servers to prevent SMTP relay.

23 Chapter 9: SECURING INTERNET MESSAGING23 OPEN RELAYING

24 Chapter 9: SECURING INTERNET MESSAGING24 MONITORING E-MAIL  Monitoring can be a privacy issue.  Scan for viruses and malicious code.  Scan to prevent disclosure of confidential information.  Monitoring can be a privacy issue.  Scan for viruses and malicious code.  Scan to prevent disclosure of confidential information.

25 Chapter 9: SECURING INTERNET MESSAGING25 E-MAIL CLIENT VULNERABILITIES  Impersonation or spoofing  Eavesdropping  Hypertext Markup Language (HTML) vulnerabilities  Software that has not been updated  Viruses and executable programs spread through e-mail messages  Web-based e-mail  Impersonation or spoofing  Eavesdropping  Hypertext Markup Language (HTML) vulnerabilities  Software that has not been updated  Viruses and executable programs spread through e-mail messages  Web-based e-mail

26 Chapter 9: SECURING INTERNET MESSAGING26 SECURING MAIL CLIENTS  Keep e-mail clients updated.  Configure security settings on mail servers.  Educate users on safe e-mail practices.  Keep e-mail clients updated.  Configure security settings on mail servers.  Educate users on safe e-mail practices.

27 Chapter 9: SECURING INTERNET MESSAGING27 ENCRYPTION AND SIGNING  Encryption provides confidentiality for e-mail.  There are two ways to secure e-mail:  Pretty Good Privacy (PGP)  Secure/Multipurpose Internet Mail Extensions (S/MIME)  PGP and S/MIME are based on public key cryptography.  Clients must have a certificate issued by a certification authority (CA).  Encryption provides confidentiality for e-mail.  There are two ways to secure e-mail:  Pretty Good Privacy (PGP)  Secure/Multipurpose Internet Mail Extensions (S/MIME)  PGP and S/MIME are based on public key cryptography.  Clients must have a certificate issued by a certification authority (CA).

28 Chapter 9: SECURING INTERNET MESSAGING28 THREATS TO IM  Unencrypted data transfers are prone to eavesdropping.  Transferred files might bypass virus scanners.  IM has vulnerabilities, such as buffer overflows.  Sensitive information might be disclosed.  Unencrypted data transfers are prone to eavesdropping.  Transferred files might bypass virus scanners.  IM has vulnerabilities, such as buffer overflows.  Sensitive information might be disclosed.

29 Chapter 9: SECURING INTERNET MESSAGING29 HOW IM WORKS

30 Chapter 9: SECURING INTERNET MESSAGING30 IM SECURITY  Prohibit the use of IM, if possible.  Block IM traffic on network borders.  Specify and restrict IM software.  Use IM encryption.  Define the acceptable use of IM.  Prohibit the use of IM, if possible.  Block IM traffic on network borders.  Specify and restrict IM software.  Use IM encryption.  Define the acceptable use of IM.

31 Chapter 9: SECURING INTERNET MESSAGING31 IM SECURITY (CONT.)  Train users how to safely use IM.  Update virus scanners.  Keep IM software updated and patched.  Use internal IM servers.  Train users how to safely use IM.  Update virus scanners.  Keep IM software updated and patched.  Use internal IM servers.

32 Chapter 9: SECURING INTERNET MESSAGING32 SUMMARY  Secure e-mail servers, e-mail clients, and the communications between them.  Defend your networks against spam and other unwanted e-mail.  Securing e-mail clients includes configuring secure authentication methods. Another important client configuration task is to configure the encryption and signing capabilities of the client software.  Secure IM by preventing its use in your organization or by controlling the types of information that can be exchanged by using IM.  Secure e-mail servers, e-mail clients, and the communications between them.  Defend your networks against spam and other unwanted e-mail.  Securing e-mail clients includes configuring secure authentication methods. Another important client configuration task is to configure the encryption and signing capabilities of the client software.  Secure IM by preventing its use in your organization or by controlling the types of information that can be exchanged by using IM.

Download ppt "11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. "

Similar presentations

Basic Communication on the Internet:

Basic Communication on the Internet:
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Lesson 7: Business, , & Personal Information Management

Lesson 7: Business, , & Personal Information Management
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Guide to Operating System Security Chapter 10 E-mail Security.

Guide to Operating System Security Chapter 10 Security.
» Explain the way that electronic mail (e-mail) works » Configure an e-mail client » Identify e-mail message components » Create and send e-mail messages.

» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.
 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.

 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.
SMUCSE 5349/49 Email Security. SMUCSE 5349/7349 Threats Threats to the security of e-mail itself –Loss of confidentiality E-mails are sent in clear over.

SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.
1 SMTP Transport Configuration SMTP Configurations and Virtual Servers Customizing the SMTP Service.

1 SMTP Transport Configuration SMTP Configurations and Virtual Servers Customizing the SMTP Service.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Electronic Mail (SMTP, POP, IMAP, MIME)

Electronic Mail (SMTP, POP, IMAP, MIME)
Computer Concepts 2014 Chapter 7 The Web and E-mail.

Computer Concepts 2014 Chapter 7 The Web and .

Similar presentations

Ads by Google