Computer Networks
Types of Wireless Network Attacks - 1 Insertion attacks: When a wireless device connects to an access point without authorization Interception /monitoring of wireless traffic: The network traffic across a WLAN is intercepted and monitored without authorization. Mis-configuration: Many access points ship in an unsecured configuration
WLAN Security WEP: Wired Equivalent Privacy WPA: Wi-Fi Protected Access WPA2: Best protection for home WLAN.
WEP: Wired Equivalent Privacy Purpose: – Protect wireless network from eavesdropping. – Prevent unauthorized access to the network How Does It Work – A secret key between laptop and access point – The secret key to encrypt packets Length of Key – 64-bit encryption – 128-bit encryption
WPA: Wi-Fi Protected Access Two types of WPA – WPA-PSK (WPA Personal) - Home &Small Offices – WPA-RADIUS (WPA Enterprise) – Large Organizations WPA-PSK: Pre-Shared Key – Extra-strong encryption – Encryption keys are automatically changed after a specified period of time after a specified number of packets Implements a subset of IEEE i.
WPA2: Wi-Fi Protected Access WPA2: Best protection for home WLAN. – Fully compatible with IEEE i security standard. – Stronger encryption protocol – Not all wireless cards and access points support – WPA2 certification is mandatory for all new devices wishing to be Wi-Fi certified.
The Internet
What is the Internet? The Internet involves millions of computers, connected in complex ways to a maze of local and regional networks
Origins of the Internet 1969 Department of Defense established experimental network connecting 4 research computers (UCLA, Stanford Research Institute (SRI), Barbara and U. of Utah. Called ARPANET 1980s National Science Foundation involved – Only scientific, research and academic institutions (no commercial traffic)
Other Developments… connectivity thru CompuServe and MCI Mail 1991 – move towards private sector – National Access Points (NAPs) – Internet Service Providers (ISPs) Communication coordinated through national and international organizations (standards)
Who Owns the Internet? No one company or country can be considered as owner of Internet – Ownership shared among various entities Coordination: – Internet Society (ISOC) – Internet Engineering Task Force (IETF) – Internet Architecture Board (IAB) In the US – – ICANN – Internet names and port numbers (Internet Corporation for Assigned Names and Numbers)
Cost ($$$$)… Revenue is required to offset expenses – Servers, routers, communication lines, etc. Costs must be covered by users – Companies, organizations and individuals – AOL – subscribers charges monthly fee
Internet Address Domain Name Logical name for computing system Top-Level Domain (suffix) ICANN IP Number 32-bit address (4 part decimal #) ARIN ( American Registry for Internet Numbers )/ RIPE / APNIC
Internet Address… Ethernet Address – 48-bit address built into machine or Ethernet board – Refers to specific board in a local computer
Addressing Domain Name Server (local) Network Information Server (wider area) – Maintain databases with domain names and IP numbers in binary format Domain Name IP Number(logical) Ethernet Address (physical)
Laptops Static IP address – Specified manually and entered into network tables Dynamic IP address – Dynamic Host Configuration Protocol (DHCP) – Ask network for an IP address when you turn it on (from a pool of available addresses) IP address changes each time computer is used
Web Browsers Internet Explorer, Mozilla, Netscape Navigator, Firefox System of communicating Web documents – Hypertext Transfer Protocol (HTTP) Formatting instructions called: – HTML (Hypertext Markup Language)
How info is transmitted? Uniform Resource Locator (URL) Hypertext Transfer Protocol Domain name of the Web server Directory path Web page
What info is transmitted? Each time you access the Web, the browser sends the following to the Web server – The IP address of your machine Often it can identify your town or ISP – The web server’s IP address – The OS you use on your machine – The browser you use Goto to see how much info is sent to the Web server
What are Cookies? Have you ever gone to a website that seemed to remember you? Websites use cookies to store info about you on your own computer – When you visit such a website, it stores info as cookies (that appear as files) on your computer – Next you visit the same website, your browser sends over all the cookies stored by that website What info is stored in cookies? – In theory, anything the website wants to – Normally, it is about how you used the website – A website could store your id, password, etc in cookies if it has that info.
What are Cookies? The positive side of cookies – A Web server can use cookies to streamline and personalize your interactions with it – A browser is supposed to send cookies only to the Web server who stored them. The negative side of cookies – Companies may use cookies to store info for other purposes without your permission – There are ways for a Web server to get cookies that were stored by other Web servers.
What defenses against Cookies For the website you visit, especially, those websites you need to register, check: – How will the company use the info you supply? – Will the company share info with others? – Can you limit access of other to this info? – What protections are in place to keep this info?
What defenses against Cookies If you use a computer at work or school, cookies would be stored on school or company’s computer: – System administrators or managers may read your cookies files View your organization’s privacy policy – Technicians may inadvertently access your cookies, when your computer was sent for repair, for example. – Best way to protect yourself, delete cookies. Almost every browser has a function you can use to delete cookies.
How secure is info during transmission When you use the Internet, all data you put on the network is visible to computers on the same Ethernet, as discussed in the Network chapter. When your data need to be passed from one segment to another segment of the network, the intermediate computers can read your data. Thus, info is not secure at all when transmitted on the Internet.
How secure is info during transmission One way to protect yourself is encrypt info that you want to be confidential – When data is encrypted, it can still be copied or intercepted by other computers, however, they would not know what it means. – When a good encryption is used, it may take years, decades to break the code When shopping (or passing private info) on the Web, make sure the website uses HTTPS protocol. – HTTPS: Secure HTTP, which asks the browser to encrypt the data before it is transmitted and the server decrypts data upon receiving.
Security
Data Availability Data in memory is volatile. Data in storage is non-volatile so it is always available – As long as it isn’t trashed accidentally or deliberately. So, when using software (Word, etc.) save often.
Data Availability BACK UP IMPORTANT DATA – Often Specifically what should YOU do with your data. – At least once per semester, back up your entire computer if it is at all convenient. I use a removable hard disk They are currently cheap
Data Security Secure data is data that is difficult for OTHERS to access. There are two basic methods of securing data: – Password systems – Encryption
Password Systems Username and Password – Good systems will not tell you which one is wrong if one of them is. Usernames are often given to you so you have no choice as to what to use. Most people choose their own passwords.
Choosing Passwords Make it long. Use both letters and digits, maybe even special symbols Use upper and lower case. Example: dsitBtitw5 (dr sidbury is the best teacher in the world 5) Example: P=2*(L+w)
Cryptography/Encryption Ebub jt fodpefe tp uibu ju epfto’u mppl opsnbm. Data is encoded so that it doesn’t look normal.
What are viruses? Unwanted and unanticipated programs May damage a computer or degrade its performance Viruses may appear: – As an attachment – In another program – In user data files (MS Word Macros) – On disk in a place that is routinely activated. – A virus cannot be spread without a human action Worms – Similar to viruses – Have capability to travel without any human action – e.g., send a copy of itself to everyone in your address book, then send to everyone in the receiver’s addr book
How to detect viruses? Anti-virus programs compare each file against known viruses A computer may be set up in such a way that no disk files can be accessed until virus scanning has been completed. A new virus may not be known by the anti-virus program until the virus information is available to the anti-virus program Be proactive in getting information of new viruses for the anti-virus program
How to protect yourself? Be sure anti-virus software is running on your computer and keep the virus info up to date Do not execute (open) any program (file) downloaded from the Internet without first having it scanned for viruses. Be cautious before allowing your Web browser to run programs behind the scenes Save all your attachments to hard disk and scan them for viruses before open them Do not run any macro in Word documents or Excel spreadsheets unless you know they are reliable Install and configure firewalls if your computer is connected to the Web.
Spyware Keyboard Sniffers Wire tapping Trojan Horses Packet Sniffer
Firewalls A firewall controls/monitors traffic from one system to another one. – The systems may be individual computers or networks. A firewall can block unauthorized access to your computer while permitting authorized communications Most computers which you buy have a built in firewall. You should configure them or you will not be able to use software correctly.