1. Networks and Security

2. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service Attacks  Cookies  Spam

3. Security – Internet Connections Methods for blocking intruders from network or individual computers:  Firewall  Browser security settings  Automatic operating system updates

4. Security – Internet Connections Methods for blocking intruders:  Firewall

5. Firewalls  A firewall is software or hardware that monitors and controls data flowing between computers.  Why is it called a firewall?  Firewalls have a set of adjustable filters that detect and block certain types of activities.  Network admins typically configure the firewall to allow only one computer (called a gateway) on the network to interact with the Internet.  Firewalls can control TCP/IP, HTTP, FTP, Telnet, SMTP, and other protocols.

6. Browser Security Settings  Browsers have certain security settings that can block certain features that pose security risks. Some of these are: 1. Disable Java or ActiveX applets in web pages. 2. Prevent web pages from storing cookies. Unfortunately, high security settings sometimes disable user-friendly features of some web pages.

7. Encrypted Communications Kinds of messages we might send/receive:  HTTP requests / responses  E-mail  Instant Messages  Telnet sessions  Transactions (shopping, etc.)

8. Privacy  Any machine (router) along the path of the message can read it. –Message more like a postcard than a letter  Is this good???  What can we do???

9. Encryption/Cryptography  Need to figure out a way so that ONLY the recipient can read the message.  Most common techniques today: symmetric key encryption, public key encryption

10. Symmetric Key Encryption  A key is a binary number, typically 40 – 128 bits long.  Use a specific algorithm to combine the key with the message (already translated into binary) to produce an encrypted message.  The same key is used to decrypt the message.  Method is fast, but sender and receiver must have the key – how can the key be passed safely?

11. Public Key Encryption  Each person has a public key and a private key  The two keys ‘un-do’ each other: –Encrypt with public key, decrypt with private key  Public keys are publicly available on Key Servers (anyone can see / get them)  This method is slower, but more secure than symmetric key.

12. Combination of Symmetric and Public Key Encryption  Sender encrypts message using symmetric key  Sender encrypts symmetric key with the public key of the receiver.  Send encrypted key to receiver.  Receiver uses private key to decrypt symmetric key.  Receiver uses symmetric key to decrypt message.

13. Certificate Authority  How do you obtain someone’s public key?  Refer to a Certificate Authority (CA) – a trusted source that maintains a database of user names and their public keys. (similar to a DMV)  The CA may be used to identify merchants when making online purchases, or to verify contents of important documents and their senders.  VeriSign is a CA.

14. How does encryption address security concerns? 4 communication security concerns:  Eavesdropping: If a message is encrypted, it is unreadable by eavesdroppers without a key  Spoofing: Sender uses his or her private key to encrypt part of the message. Receiver uses sender’s public key to decrypt that part – if it decrypts, it confirms sender’s identity.

15. Encryption & Security Concerns cont.  Misrepresentation: Obtain a business’s public key from a CA and encrypt your message. Only the business identified by CA can decrypt the message.  Tampering: Use symmetric key encryption – Word & Excel can encrypt a file and require a password to decrypt it. (Password is used in making the symmetric key.) Weakness? More secure – using a digital signature.

16. Digital Signatures  To create a digital signature, the message is first processed by some algorithm to produce a single number (a 1-way hash).  This algorithm and the 1-way hash are then encrypted with the private key to produce the digital signature.  The message and digital signature are then transmitted.

17. Digital Signatures, cont.  The recipient uses the public key to decrypt the hash and its algorithm.  The recipient uses the algorithm and the transmitted message to produce a new hash. If this new hash matches the decrypted hash, recipient knows the message was not altered.