1 / 16

Compiled by : S. Agarwal, Lecturer & Systems Incharge St. Xavier’s Computer Centre, St. Xavier’s College Kolkata.

INTERNET SECURITY. Compiled by : S. Agarwal, Lecturer & Systems Incharge St. Xavier’s Computer Centre, St. Xavier’s College Kolkata. March-2003. The need for security

austin
Download Presentation

Compiled by : S. Agarwal, Lecturer & Systems Incharge St. Xavier’s Computer Centre, St. Xavier’s College Kolkata.

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. INTERNET SECURITY Compiled by : S. Agarwal, Lecturer & Systems Incharge St. Xavier’s Computer Centre, St. Xavier’s College Kolkata. March-2003 Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  2. The need for security Commercial & Government Enterprises are reluctant to use the Internet because of security concerns. Since Internet ultimately connects to a public network, the security concerns are very much valid. Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  3. Attacks on Routers/Routing infrastructure are more troublesome then attacking a single machine because most of the networks use Routing. The Internet currently uses BGP (Border Gateway Protocol) and TCP for transmission, the recent increase in TCP based attacks is an additional threat to BGP security. Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  4. The need for security is being alarmingly realized with the emergence of E-Commerce. Presently, E-Commerce operations are always threatened by fear of loss of money and privacy. Even E-mail is also under threat. When sent across the Internet, the E-mail can be intercepted and read by anybody who can lay his hands on it. To ensure the secrecy of the message the sender as well as the receiver should agree on a secret key. Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  5. In case of secret key, the key should be distributed to the recipient before the message can be sent to him. To overcome this logistical problem, public key cryptography was designed and is known as public key – private key pair. Another way of ensuring the secrecy of E-mail messages is through the use of a technique called signing a message. Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  6. Firewall Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  7. If you are planning to connect your organisation to Internet and your computers are accessed from remote places, you must have a Firewall to protect your Intranet. Firewall is defined as a group of systems that enforce an access control policy between two networks. In other words it is a mechanism used to protect trusted network from an untrusted network. Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  8. Firewall acts as a Gatekeeper between a companies internal network and the outside world. It acts as an electronic barrier to stop unauthorised entry. Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  9. A Firewall performs two basic functions :- • Gatekeeping – It examines the location from which the data enters your system and then decides based on your instructions whether or not to allow the information. Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  10. Monitoring – It includes login of all system activities and generation of reports for system administration. Monitoring can be active or passive. In active monitoring a firewall notifies a manager whenever an incidence occurs, generally by E-mail or Pager. In passive monitoring the manager has to go through the logs to determine and analyse the system activities. Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  11. Firewall Architecture : FIREWALL Inside protected Network Global outside Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  12. Drawbacks of Firewall Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  13. An Internet Firewall cannot protect against attacks that do not go through the Firewall. For example, if an unrestricted dial-out connection is permitted from inside the protected network the users can make a direct connection to the Internet. Savvy users who become irritated with the additional authentication required by the Firewall may be tempted to bypass the security system by purchasing a direct connection to an ISP. Since these types of connections bypass the security provided by the Firewall, they create a significant threat for backdoor attacks. Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  14. The Internet Firewall cannot protect against threats posed by traitors who may copy sensitive data into floppies and other media. A hacker may also persuade someone to reveal a password and grant him a temporary network access. Hence, there is a need to periodically change the passwords. Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  15. The Firewall cannot protect against the transfer of virus infected files or software. Hence, anti-viral software should be deployed at each desktop. Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

  16. Lastly the Internet Firewall cannot protect against data driven attacks. A data driven attacks occur when seemingly harmless data is mailed or copied to a computer and executed to launch a hidden attack. Compiled by : S. Agarwal, Lecturer & Systems Incharge, St. Xavier's Computer Centre, Kolkata : sxcc@vsnl.net

More Related