1 / 20

Computer Security

Computer Security. Email Hacking. what exactly HACKING is ?. ->Hacking is a process to bypass the security mechanisms of an information system or network. These are two types:- Local hacking: Local hacking is done in local area where we physical access ,like through printer etc.

sasha-ruiz
Download Presentation

Computer Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Security Email Hacking dibyajit dash@PIET,ORISSA

  2. what exactly HACKING is ? ->Hacking is a process to bypass the security mechanisms of an information system or network. These are two types:- Local hacking: Local hacking is done in local area where we physical access ,like through printer etc. Remote hacking: Remote hacking is done remotely by taking advantages of the vulnerability of the target system. dibyajit dash@PIET,ORISSA

  3. Internet Protocol Stack BitTorrent SMTP HTTP Application Layer RTSP UDP TCP Transport Layer IP Network Layer Ethernet 802.11(b, a, g) / WiFi Link Layer Physical Layer Cables Fiber Optics Radio dibyajit dash@PIET,ORISSA

  4. SMTP ->SMTP used to send email from sender to recipient’s mail server ->Then use POP3, IMAP or HTTP (Web mail) to get messages from server ->As with many application protocols, SMTP commands are human readable recipient sender SMTP SMTP POP3 dibyajit dash@PIET,ORISSA

  5. Electronic Mail Three major components: • user agents • mail servers • simple mail transfer protocol: SMTP User Agent • a.k.a. “mail reader” • composing, editing, reading mail messages • e.g., pine, Outlook, elm, Thunderbird • outgoing, incoming messages stored on server SMTP SMTP SMTP user agent Mail server user agent Mail server user agent user agent Mail server user agent user agent dibyajit dash@PIET,ORISSA

  6. Electronic Mail: mail servers Mail Servers • mailbox contains incoming messages for user • message queue of outgoing (to be sent) mail messages • SMTP protocol between mail servers to send email messages – client: sending mail server – “server”: receiving mail server SMTP SMTP SMTP Mail server Mail server Mail server dibyajit dash@PIET,ORISSA

  7. Sending Server toReceiving Server • three phases of transfer – handshaking (greeting) – transfer of messages – closure • command/response interaction – commands: ASCII text: HELO, MAIL, RCPT, DATA, QUIT, etc. – response: status code and phrase • messages must be in 7-bit ASCII dibyajit dash@PIET,ORISSA

  8. Mail message format RFC 822: standard for text message format: • header lines, e.g., – To: – From: – Subject: • body – the “message”, ASCII characters only blank line header body dibyajit dash@PIET,ORISSA

  9. More mail access protocols • SMTP: delivery/storage to receiver’s server • Mail access protocol: retrieval from server – POP: Post Office Protocol [RFC 1939] • authorization (agent <-->server) and download – IMAP: Internet Mail Access Protocol [RFC 1730] • more features (more complex) • manipulation of stored messages on server – HTTP: Hotmail , Yahoo! Mail, etc. dibyajit dash@PIET,ORISSA

  10. What is Security? Security is the protection of assets. The three main aspects are: • prevention • detection • re-action dibyajit dash@PIET,ORISSA

  11. Some differences between traditional security and information security • Information can be stolen - but you still have it • Confidential information may be copied and sold - but the theft might not be detected • The criminals may be on the other side of the world dibyajit dash@PIET,ORISSA

  12. Computer Security deals with the prevention and detection of unauthorised actions by users of a computer system. dibyajit dash@PIET,ORISSA

  13. There is no single definition of security What features should a computer security system provide? dibyajit dash@PIET,ORISSA

  14. Confidentiality • The prevention of unauthorized disclosure of information. • Confidentiality is keeping information secret or private. • Confidentiality might be important for military, business or personal reasons. dibyajit dash@PIET,ORISSA

  15. Security systems • A security system is not just a computer package. It also requires security conscious personnel who respect the procedures and their role in the system. • Conversely, a good security system should not rely on personnel having security expertise. dibyajit dash@PIET,ORISSA

  16. Risk Analysis • The disadvantages of a security system are that they are time-consuming, costly, and impede management and smooth running of the organization. • Risk analysis is the study of the cost of a particular system against the benefits of the system. dibyajit dash@PIET,ORISSA

  17. Designing a Security System There are a number of design considerations: • Does the system focus on the data, operations or the users of the system? • What level should the security system operate from? Should it be at the level of hardware, operating system or applications package? • Should it be simple or sophisticated? • In a distributed system, should the security be centralised or spread? • How do you secure the levels below the level of the security system? dibyajit dash@PIET,ORISSA

  18. Summary By now you should have some idea about • Why we need computer security (prevention, detection and re-action) • What a computer security system does (confidentiality, integrity, availability, non-repudiation, authentication, access control, accountability) • What computer security exerts do (design, implement and evaluate security systems) dibyajit dash@PIET,ORISSA

  19. Thank You… dibyajit dash@PIET,ORISSA

  20. Dibyajit Dash dibyajit dash@PIET,ORISSA

More Related