analyzing internetsecurity
DESCRIPTION
TRANSCRIPT
EC05.02a Internet Security Issues 1
E-Commerce I
Analyzing
Internet Security Issues
EC05.02a Internet Security Issues 2
Security Risks
Bugs Hackers Browser-Side Risks Interception of
Data
EC05.02a Internet Security Issues 3
Bugs and Hackers
Bugs allow unauthorized users into main computer systems Steal confidential
document Execute commands on
server to modify system Launch denial-of-service
attacks
EC05.02a Internet Security Issues 4
Browser-Side Risks
Browser-Side Risks Active Content That
Crashes the browser Damages the user’s
system Breaches the user’s
privacy Creates annoyance
EC05.02a Internet Security Issues 5
Interception of Data
Eavesdroppers operating via: Server’s side Customer’s side Through End-user’s ISP Through Server’s ISP Through either ISP’s
regional access provider
EC05.02a Internet Security Issues 6
Firewalls What are firewalls?
Packet filteringCircuit level gateways
Application level gateways
Stateful inspection
EC05.02a Internet Security Issues 7
What are firewalls? A firewall is either a piece of hardware or a software
program that examines data as it passes into your computer or network and discards it if it does not meet certain criteria.
Depending on the type of firewall used, this operation may take place at different points in the path between the source of the data and the application in your computer. Different criteria will be used to examine the data, but the basic operation remains the same for all firewalls.
EC05.02a Internet Security Issues 8
EC05.02a Internet Security Issues 9
Packet filtering firewalls
Packet filtering firewalls work by examining data packets as they attempt to pass through the firewall.
They compare them to a list of rules based on the source of the data, its intended destination, and the connection port between the target and source data.
EC05.02a Internet Security Issues 10
Circuit level gateways
The firewall keeps a record of requests for data that go out, and only allows data in that matches that request.
An advantage of this type of firewall is that since it acts as the gateway to the network it is protecting, anyone scanning the network from outside will see only the address of the firewall and not the rest of its protected network.
A circuit level gateway is a firewall that only allows data into its protected network based on requests from computers inside that network.
EC05.02a Internet Security Issues 11
Application level gateways
Application level gateways, also known as proxies, are outwardly similar in operation to circuit level gateways in that they act as the only entrance into or out of a protected network and deny all non-requested data from outside. The major difference is in the way they handle information.
A firewall using this method runs proxy applications to view common types of data before it is allowed through the firewall.
EC05.02a Internet Security Issues 12
Stateful inspection Stateful inspection is a combination
of packet filtering with some elements of the gateway methods.
Essentially, it is a packet filter firewall that examines more than just the addresses and port information of the data. Without using proxies, it can imitate some of the features of an application gateway by viewing the application specific data sent in each packet.
EC05.02a Internet Security Issues 13
What is spyware? Spyware is a category of computer
programs that attach themselves to the computer’s operating system in various ways.
It can drain the life out of your computer's processing power.
It is designed to track users’ Internet habits and nag them with unwanted sales offers or generate traffic for the host Web site.
EC05.02a Internet Security Issues 14
What is browser hijacking?
The most generally accepted description of browser hijacking software is external code that changes your Internet Explorer settings.
Generally the home page will be changed and new favorites will be added that point to sites of strange content. In most cases, the hijacker will make registry changes to the system, causing the home page to revert back to the unwanted destination even if it is changed manually.
A browser hijacker may also disallow access to certain web pages, for example the site of an anti-spyware software manufacturer like Lavasoft. These programs have also been known to disable antivirus and anti-spyware software.
EC05.02a Internet Security Issues 15
They take advantage of Internet Explorer's (IE) ability to run ActiveX scripts straight from a web page. Generally, these programs will request permission to install themselves
via a popup that loads when visiting a certain site. If the user accidentally gives permission to install, IE will execute the program on your computer and change your settings.
Use security holes within Internet Explorer to install themselves automatically without any user interaction at all. These can be launched from popup ad windows which the user has not
even intended to view. Make entries to the HOSTS file on your system.
This special file directly maps DNS addresses (web URLs) to IP addresses, so that every time you type a URL you are redirected to the IP address of a sponsored search or porn site.
Characteristics of browser hijackers
EC05.02a Internet Security Issues 16
Some browser hijackers may also install themselves onto your computer system as legitimate programs, leaving an entry in the 'add-remove programs' list in the control panel.
There are many faces of browser hijacking, and to combat the situation, you have to be aware of all tricks and loopholes that make this scourge possible.
Browser hijacking isn't necessarily a virus, and isn't necessarily adware, so stopping it isn't necessarily best left to software monitoring programs.
More Characteristics of browser hijackers
EC05.02a Internet Security Issues 17
Antivirus software Definition How to protect
yourself Purchasing
guidelines
EC05.02a Internet Security Issues 18
Antivirus software definition Antivirus programs learn and memorize all of the
different replicating viral signatures that are already out there (40,000 to date), and then compare the binary signatures of incoming files against those already-known viral signatures to see if anything suspect is lurking on your computer.
The software typically is kept running in the background to check files and e-mail messages as they are downloaded.
A virus signature is a section of code that can be used to identify a known virus.
EC05.02a Internet Security Issues 19
Virus protection Install antivirus software and keep
it running in the background. Before downloading a file, make
sure the source is reputable. When you receive a disk, scan it
with antivirus software before using it.
Never open an e-mail attachment unless the sender is known.
Watch for information about the latest virus threats.
Keep your antivirus program up-to-date.
EC05.02a Internet Security Issues 20
Purchasing guidelines
Use software that provides free weekly updates.
Use software that provides the coverage necessary to maintain the computer’s security.
The two most popular brands: Symantec
McAfee
EC05.02a Internet Security Issues 21
Sources “Electronic Commerce.” 1999.
http://www.wapa.gov/CorpSrvs/procurmt/ecomm.htm (2 Jan 2006). Stein, Lincoln D. “WWW Security FAQ: What’s New.” 2000.
http://www.w3.org/Security/Faq/www-security-faq.html (2 Jan 2006) Strom, David. “The Challenge of Electronic Commerce: Selling Lemonade has
Never Been This Tough.” 2000. http://www.strom.com/pubwork/ecommerce.html (2 Jan. 2006).
“Bureau of Industry and Security.” US Department of Commerce http://www.bis.doc.gov/ComplianceAndEnforcement/E-Commerce.htm (2 Jan 2006)
Electronic Commerce NC WiseOwl http://www.mywiseowl.com/articles/Electronic_commerce (2 Jan 2006)
Kennedy, Dennis, An Internet Tool Kit for E-Commerce Law Jan 15, 2001 The John Marshall Law School (2 Jan 2006)