hardware, software and communication in web …

HARDWARE, SOFTWARE AND COMMUNICATION IN WEB

APPLICATIONS• Internet and Hardware Structure,

• Wireless and Mobile Internet, Software and Technology Connections

• Internet Security

2.1- Internet & Hardware Structure

How Networks Function• Networking Fundamentals

• Network Architectures and Components

• Connecting to the Internet

Copyright © 2016 Pearson Education, Inc. 7-2

Networking Fundamentals

Objective

1. What is a network, and what are a network’s advantages and disadvantages?


Network Architecturesand Components

Objectives

2. What are the different ways to classify networks?

3. Which type of network is most commonly found in the home?

4. What are the main components of every network?


Connecting to the Internet

Objective

5. What are my options for connecting to the Internet?



• Computer network

• Node

• Computer

• Peripheral

• Network device



• Computer network resource sharing benefits:

• High-speed Internet connection

• Peripheral devices

• Files

• Common communications


Network Architectures

• Classified by:

• Distance

• How managed

• Rules to exchange data

• Communications medium used


Network Components


Network ComponentsTransmission Media

• Communications channel between nodes

• Wireless networks

• Wired networks


Network ComponentsTransmission Media

• UTP cable

• Types of UTP cable

• Cat 5E

• Cat 6

• Cat 6a

• Decreased throughput in wireless networks


Unshielded Twisted Pair cable(UTP)

Network ComponentsBasic Network Hardware

• Network adapter

• Network interface card (NIC)

• Broadband modem

• Packets

• Router

• Switch


Internet Communication Paradigms

Internet supports two basic communication paradigms:

• stream paradigm

• message paradigm

Internet Communication Paradigms

Network ComponentsNetwork Software

• Operating software for P2P networking

• Client/server network

• Communicate through centralized server

• Specialized network operating system (NOS) software


Connecting to the Internet

• Home network

• Share an Internet connection

• Must purchase Internet access from ISP

• Specialized providers

• Companies that provide other services

• Broadband

• Dial-up


Connecting to the InternetBroadband Internet Connections

• Broadband

• Standard broadband technologies

• Satellite broadband

• Mobile broadband


Connecting to the InternetWired Broadband Internet Connections

• Cable Internet• DSL (digital subscriber line)• Fiber optic service


Connecting to the InternetWireless Internet Access

• Wireless Internet at home

• WiFi hotspot

• Wireless in-flight Internet

• Mobile Broadband 3G

• 4G LTE


Your Home Network• Installing and Configuring Home Networks

• Securing Wireless Networks


EXTRA READING

Installing and ConfiguringHome Networks

Objectives

6. How do I tell if my home network is up to date, and how do I identify the devices on the network?

7. Besides computers, what other devices can I connect to a home network?

8. How do I configure the software on my computer and set up other devices to get my network up and running?

9. What problems might I encounter when setting up a wireless network?


Securing Wireless Networks

Objective

10.Why are wireless networks more vulnerable to security risks than wired networks, and what special precautions are required to ensure my wireless network is secure?


Installing and Configuring Home Networks

• Devices connecting to home networks

• Smartphones

• Gaming consoles

• Tablets

• Smart TVs

• Computers

• Printers


Installing and Configuring Home NetworksConnecting Devices to a Router

• Routers for Windows computers

• 802.11n

• 802.11ac

• Routers for Apple computers

• AirPort Extreme router

• AirPort Express


Installing and Configuring Home NetworksNetwork-Attached Storage Devices

• NAS devices

• AirPort Time Capsule


Installing and Configuring Home NetworksSpecialized Home-Networking Devices

• New digital picture frames

• Built-in wireless

• Access network and online photos

• Receive pictures via e-mail

• Security

• Wireless monitoring cameras


Installing and Configuring Home NetworksTroubleshooting Wireless Network Problems

• 802.11n or 801.11ac added performance options:

• Dual-band N router

• Wireless range extender


Securing Wireless Networks

• Use a firewall to secure Internet connections

• Wired networks more secure than wireless

• Added vulnerabilities for wireless:

• Signal range can extend to neighbors

• Extra precautions required to secure wireless


Check Your Understanding

1. What is a network, and what are a network’s advantages and disadvantages?

2. What are the different ways to classify networks?

3. Which type of network is most commonly found in the home?

4. What are the main components of every network?

5. What are my options for connecting to the Internet?



6. How do I tell if my home network is up to date, and how do I identify the devices on the network?

7. Besides computers, what other devices can I connect to a home network?

8. How do I configure the software on my computer and set up the devices required to get my network up and running?



9. What problems might I encounter when setting up a wireless network?

10.Why are wireless networks more vulnerable to security risks than wired networks, and what special precautions are required to ensure my wireless network is secure?


Wireless, Mobile Networks 6-33

2.2 - Wireless and Mobile Internet

Introduction

Wireless

Wireless links, characteristics

o CDMA

IEEE 802.11 wireless LANs (“Wi-Fi”)

Cellular Internet access

o architecture

o standards (e.g., GSM)

Mobility

Principles: addressing and routing to mobile users

Mobile IP

Handling mobility in cellular networks

Mobility and higher-layer protocols


Mobile

Switching

Center

Public telephone

network

Mobile

Switching

Center

Components of cellular network architecture

connects cells to wired tel. net.

manages call setup (more later!)

handles mobility (more later!)

MSC

covers geographical

region

base station (BS)

analogous to 802.11 AP

mobile users attach to

network through BS

air-interface: physical

and link layer protocol

between mobile and BS

cell (BSS)

wired network


Cellular networks: the first hop

Two techniques for sharing mobile-to-BS radio spectrum

combined FDMA/TDMA: divide spectrum in frequency channels, divide each channel into time slots

CDMA: code division multiple access

frequency

bands

time slots

Wireless phones at different time


http://www.design-laorosa.com/2012_04_22_archive.html

http://www.design-laorosa.com/2012_04_22_archive.html


http://commons.wikimedia.org/wiki/File:Celulares.JPG

http://commons.wikimedia.org/wiki/File:Celulares.JPG


http://blogs.uoregon.edu/terryzone/files/2012/12/cell-phone-urxr5m.jpg

http://blogs.uoregon.edu/terryzone/files/2012/12/cell-phone-urxr5m.jpg

1G mobile network (wikipedia)• Wireless telephone and mobile communication technology.

• Digital signaling to communicate with towers, the phone signals after establishing the connection is analog.

• The first commercially automated cellular network (the 1G generation) was launched in Japan by NTT (Nippon Telegraph and Telephone) in 1979.

• In 1981, this was followed by the simultaneous launch of the Nordic Mobile Telephone (NMT) system in Denmark, Finland, Norway and Sweden. NMT was the first mobile phone network featuring international roaming.

• The first 1G network launched in the USA was Chicago-based Ameritechin 1983 using the Motorola DynaTAC mobile phone. Several countries then followed in the early-to-mid 1980s including the UK, Mexico and Canada.


http://en.wikipedia.org/wiki/Nippon_Telegraph_and_Telephone

http://en.wikipedia.org/wiki/Ameritech

http://en.wikipedia.org/wiki/Motorola_DynaTAC


BSCBTS

Base transceiver station (BTS)

Base station controller (BSC)

Mobile Switching Center (MSC)

Mobile subscribers

Base station system (BSS)

Legend

2G (voice) network architecture

MSC

Public

telephone

network

GatewayMSC

G

2G mobile network (wikipedia)• 2G cellular telecom networks were commercially

launched on the GSM standard in Finland (1991)

• Conversation digitally encrypted

• Significantly more efficient in spectrum use

• Mobile data service (SMS, text message)

• 2G network can be divided into two categories: TDMA and CDMA

• GSM: Global Systems for Mobile communication (TDMA based)

• Digital, circuit switched network system supporting both voice and digital data (900 MHz or 1800 MHz)


http://en.wikipedia.org/wiki/GSM

http://en.wikipedia.org/wiki/Finland

2.5G mobile network (wikipedia)

• Evolving from circuit switching in 2G to packet switching

• The first major step in the evolution of GSM networks to 3G occurred with the introduction of General Packet Radio Service (GPRS).

• CDMA2000 networks similarly evolved through the introduction of 1xRTT (1 Times Radio Transmission Technology).

• The combination of the two (GPRS and CDMA) is called 2.5G mobile network.


http://en.wikipedia.org/wiki/GPRS

http://en.wikipedia.org/wiki/1xRTT


3G (voice+data) network architecture

radionetwork controller

MSC(mobile switching center)

SGSN

Public

telephone

network

GatewayMSC

G

Serving GPRS Support Node (SGSN)

Gateway GPRS Support Node (GGSN)

Public

Internet

GGSN

G

Key insight: new cellular data

network operates in parallel

(except at edge) with existing

cellular voice network

voice network unchanged in core

data network operates in parallel


radionetwork controller

MSC

SGSN

Public

telephone

network

GatewayMSC

G

Public

Internet

GGSN

G

radio access networkUniversal Terrestrial Radio

Access Network (UTRAN)

core networkGeneral Packet Radio Service

(GPRS) Core Network

public

Internet

radio interface(WCDMA, HSPA)

3G (voice+data) network architecture

4G network

• 4G network: 4th generation mobile communication technology that provides high speed access to phone and data services

• Two competing standards

• 4G LTE (Long Term Evolution)

• WiMAX (IEEE 802.16)


4G LTE General• 4G LTE is a mobile communications standard that provides

access for mobile devices to core network.

• It is an evolution of the GSM/UMTS standards (from phones to Internet).

• The goal of LTE was to increase the capacity and speed of wireless data networks using new DSP techniques and modulations that were developed around the turn of the millennium.

• A further goal was the redesign and simplification of the network architecture to an IP-based system.

• The LTE wireless interface is incompatible with 2G and 3G networks.


http://en.wikipedia.org/wiki/LTE_(telecommunication)

WiMAX: (IEEE 802.16) Overview• An 802.16 wireless service provides a communications path

between a subscriber site and a core network (the network to which 802.16 is providing access).

• Examples of a core network are the public telephone network and the Internet.

• IEEE 802.16 standards are concerned with the air interface between a subscriber's transceiver station and a base transceiver station.

• Time line: ~2001 first version, 2009 wide deployment of IEEE 802.16e-2005, current 802.16m-2011


http://www.networkworld.com/news/tech/2001/0903tech.html

http://en.wikipedia.org/wiki/IEEE_802.16


http://en.wikipedia.org/wiki/IEEE_802.16

WiMAX: How it works



WiMAX Protocol stack


http://www.javvin.com/protocolWiMAX.html

IEEE 802.11, 15, 16 compared

Parameters EEE802.16d

(802.16-2004

Fixed

WiMAX)

IEEE802.16e

(802.16-2005

Mobile WiMAX)

802.11

(WLAN, aka

WiFi)

802.15.1

(Bluetooth)

Frequency

Band:

2-66 GHz 2-11 GHz 2.4-5.8 GHz 2.4GHz

Range: ~31 miles ~31 miles ~100 meters ~10 meters

Maximum

Data rate:

~134 Mbps ~15 Mbps ~55 Mbps ~3Mbps

Number of

users:

Thousands Thousands Dozens Dozens


http://www.javvin.com/protocolWiMAX.html


http://techtectology.blogspot.com/2011/11/4g-vs-3g-vs-25g-vs-2g-vs-1g.html

A brief comparison of different G’s

http://techtectology.blogspot.com/2011/11/4g-vs-3g-vs-25g-vs-2g-vs-1g.html

What is mobility?

• spectrum of mobility, from the network perspective:

no mobility high mobility

mobile wireless user,

using same access

point

mobile user, passing

through multiple

access points while

maintaining ongoing

connections (like cell

phone)

mobile user,

connecting/

disconnecting from

network using

DHCP.

7-54Wireless and Mobile Networks

wide area

network

Mobility: vocabularyhome network: permanent

“home” of mobile(e.g., 128.119.40/24)

permanent address:

address in home

network, can always be

used to reach mobilee.g., 128.119.40.186

home agent: entity that will

perform mobility functions on

behalf of mobile, when mobile is

remote


Mobility: more vocabulary

wide area

network

care-of-address: address

in visited network.(e.g., 79,129.13.2)

visited network: network in

which mobile currently

resides (e.g., 79.129.13/24)

permanent address: remains

constant (e.g., 128.119.40.186)

foreign agent: entity in

visited network that

performs mobility

functions on behalf of

mobile.

correspondent: wants

to communicate with

mobile


How do you contact a mobile friend:

• search all phone books?

• call her parents?

• expect her to let you know where he/she is?

• Facebook!

I wonder where

Alice moved to?

Consider friend frequently changing

addresses, how do you find her?


Mobility: approaches

• let routing handle it: routers advertise permanent address of mobile-nodes-in-residence via usual routing table exchange.

• routing tables indicate where each mobile located

• no changes to end-systems

• What do Packet Headers look like???…

• let end-systems handle it:

• indirect routing: communication from correspondent to mobile goes through home agent, then forwarded to remote

• direct routing: correspondent gets foreign address of mobile, sends directly to mobile


2.3 - Internet Security

• Internet security consists of a range of security tactics for protecting activities andtransactions conducted online over the internet. These tactics are meant tosafeguard users from threats such as hacking into computer systems, emailaddresses, or websites; malicious software that can infect and inherently damagesystems; and identity theft by hackers who steal personal data such as bankaccount information and credit card numbers. Internet security is a specific aspectof broader concepts such as cybersecurity and computer security, being focused onthe specific threats and vulnerabilities of online access and use of the internet.

• In today's digital landscape, many of our daily activities rely on the internet.Various forms of communication, entertainment, and financial and work-relatedtasks are accomplished online. This means that tons of data and sensitiveinformation are constantly being shared over the internet. The internet is mostlyprivate and secure, but it can also be an insecure channel for exchanginginformation. With a high risk of intrusion by hackers and cybercriminals, internetsecurity is a top priority for individuals and businesses alike.

Source: https://www.mcafee.com/what-is-internet-security.html

Types of internet security threatsWhile the web presents users with lots of information and services, it alsoincludes several risks. Cyberattacks are only increasing in sophisticationand volume, with many cybercriminals using a combination of differenttypes of attacks to accomplish a single goal. Though the list of potentialthreats is extensive, here are some of the most common internet securitythreats:

• Malware: Short for "malicious software," malware comes in severalforms, including computer viruses, worms, Trojans, and dishonestspyware.

• Computer worm: A computer worm is a software program that copies itself from one computer to the next. It does not require human interaction to create these copies and can spread rapidly and in great volume.

• Spam: Spam refers to unwanted messages in your email inbox. In some cases, spam can simply include junk mail that advertises goods or services you aren't interested in. These are usually considered harmless, but some can include links that will install malicious software on your computer if they're clicked on.

• Phishing: Phishing scams are created by cybercriminals attempting to solicit private or sensitive information. They can pose as your bank or web service and lure you into clicking links to verify details like account information or passwords.

• Botnet: A botnet is a network of private computers that have been compromised. Infected with malicious software, these computers are controlled by a single user and are often prompted to engage in nefarious activities, such as sending spam messages or denial-of-service (DoS) attacks.

Sources: 2016 Internet Security Threat Report

Threat Landscape

Far-reaching vulnerabilities, faster attacks, files held for ransom and more malicious code than ever.

Real Names 78%

Home Addresses 44%

Birth Dates 41%

Gov. IDs 38%

Medical Records 36%

Top 10 Types of Information Exposed

Financial Info 33%

Email Addresses 21%

Phone Numbers 19%

Insurance 13%

Login Credentials 11%

76% social media scams manually shared—6% increase from

previous year.

SCAMS & SOCIAL MEDIA

Half a Billion records stolen or lost. 89% had financial or espionage

motive.

PRIVACY BREACHES

3x more Android apps contained malware--230% increase from

previous year.

MOBILE DEVICES

65% of targeted attacks struck small- and-

medium-sized Orgs.

TARGETED ATTACKS

Cybercrime cost the global economy up to $575 billion annually

WEB THREATS

62HCA - Public

Financial Sector Details

Privacy Breaches: 2,260 1 Total Records Lost: 429m 1 Avg. Cost Per Record: $221 2

Sources: 1. http://breachlevelindex.com. (Database based on publicly-available breach disclosure information. Statistics based on number of breaches, not number of records lost)2. 2016 Cost of Data Breach Study: United States” by Ponemon Institute

FINANCIAL INDUSTRY

BY RECORD LOST 1

151175 189

0

50

100

150

200

2014 2015 2016

25% over the last 3 years

$236

$259 $264

$220

$230

$240

$250

$260

$270

2014 2015 2016

BY COST 2

12% over the last 3 years

BY SOURCE 2

Malicious or Criminal

50% 50%InsiderThreat

Financial Healthcare Retail

Education Government Other

30.1%

10.3%

11.9%

12.5%

10.3%

BY INDUSTRY 1

*24.8%

*(Unknown, Insurance, Hospitality, Non-profit, etc.)

63HCA - Public

http://breachlevelindex.com/

Threat Actors and Motives

THR

EATS

• Hacktivists use computer network exploitation to advance their political or social causes.

HACKTIVISM

• Individuals and sophisticated criminal enterprises steal personal information and extort victims for financial gain.

CRIME

• Trusted insiders steal proprietary information for personal, financial, and ideological reasons.

INSIDER

• Nation-state actors conduct computer intrusions to steal sensitive state secrets and proprietary information from private companies.

ESPIONAGE

• Terrorist groups sabotage the computer systems that operate our critical infrastructure, such as the electric grid.

TERRORISM

• Nation-state actors sabotage military and critical infrastructure systems to gain an advantage in the even of conflict.

WARFARE

Who would target us and why?

64HCA - Public

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjbnrPFhvLRAhXFJ5QKHf-9BCAQjRwIBw&url=http://www.computerheadz.com/&bvm=bv.146073913,d.dGo&psig=AFQjCNEhmgjS-78ZxnpEGiiWNcPBtwOpYA&ust=1486146832203958

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjbnrPFhvLRAhXFJ5QKHf-9BCAQjRwIBw&url=http://www.computerheadz.com/&bvm=bv.146073913,d.dGo&psig=AFQjCNEhmgjS-78ZxnpEGiiWNcPBtwOpYA&ust=1486146832203958

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwi1hIu3hvLRAhUBJZQKHUNlD0kQjRwIBw&url=http://freevector.co/vector-icons/other/sniper-circular-target.html&bvm=bv.146073913,d.dGo&psig=AFQjCNGmhChIhY7FUVR0ahZAzWSA5pYjvQ&ust=1486146782506577

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwi1hIu3hvLRAhUBJZQKHUNlD0kQjRwIBw&url=http://freevector.co/vector-icons/other/sniper-circular-target.html&bvm=bv.146073913,d.dGo&psig=AFQjCNGmhChIhY7FUVR0ahZAzWSA5pYjvQ&ust=1486146782506577

Maintain Presence

Establish Foothold

Move Laterally

Recon

Initial Compromise

Escalate Privileges

Internal Recon

Expand Presence

Exfiltrate Data

Common Attack Vectors

• Known Vulnerabilities

• SQL Injection

• Phishing, Spear-phishing, Whaling

• Weak Authentication

• Viruses/Malware attacks

• Social engineering

Targeted Information Types

• Corporate finances

• Internal corporate information

• Customer/Employee PII

• Proprietary technology

• IT infrastructure

• Bandwidth (DDoS)

Anatomy of an Attack

65HCA - Public

What We are Trying to Protect

Sources: 1. AllClear ID2. ID Experts, LifeLock3. FTC, Consumer Sentinel Network Data Book4. Underground Hacker Markets by Dell SecureWorks5. “What your information is worth on the black market” by Bankrate

Driver’s License4

$100 - $150

• First / last name• ID #• Address, DOB

Social Security Card4

$250 - $400

• First / last name• SSN• DOB

Health Insurance Info1

$250

• First / last name• Login credentials• Plan provider • ID #

Bank Info4

$300 - $4200

• First / last name, bank, acct #• Login credentials

*Based on account balance

Identity Profile5

$1200 - $1300

• Name, SSN, DOB• Address, phone #• Email credentials• Credit card # or bank info

Identity Theft

• 7% report harm post breach1

• 0.3% suffer actual harm2

• 2nd highest complaint at the FTC3

Credit Card with PIN4

$17 - $35

• First / last name• Card #• PIN• Expiration date

HCA Credit Card (CC)4

$1 - $8

• First and last name• Card #

o Active Users: 601o Credit Range $1K – $25K

Intellectual Property (IP) Proprietary Information (PI) Personally Identifiable Information (PII)

66HCA - Public

Electronic Black Market

Black Market sites can be found in several locations, many of which are challenging to locate. Payment is often through digital currency, such as Bitcoin.

67HCA - Public

Data Lost…Reportable Breach

Information Protection

A risk management discipline that serves the objectives of Confidentiality, Integrity, Availability, and Privacy of information by applying a risk management framework and yielding confidence that risks are adequately managed.

Data lost due to disasters is devastating, but losing it to hackers, malicious insiders or from malware infections can have far greater concerns

Associated Costs of a Privacy Breach1

Direct Costs

Risk Vectors

Sources: 1. “2016 Cost of Data Breach Study: United States” by Ponemon Institute

34% $90

Legal liability and sanctions

Charges of deceptive business practices

Liability from identity theft

Cyber Insurance deductible

Outside counsel

Credit monitoring services

Indirect Costs

66% $174

OEM marketing to acquire new customers

Damage to the reputation, brand, or business relationships

Customer and / or employee distrust

Lost revenues

Financial

• Direct + Indirect costs

• Cyber insurance costs

Reputational

• Brand damage

• Lost business opportunities

Regulatory

• Monitoring

• Fines

Operational

• Decreased productivity

1

2

3

4

68HCA - Public

Customer Justice Dept. FTC CFPBState Attorneys

General

GLBA

Class Action

$11k + RAM1

Varies

Varies

FACTA

Private Suit / Class-Action

FCRA

ECOA

Red Flags $11k + RequiredAnnual

Monitoring (RAM)

1

UDTP

TCPA

CAN-SPAM

Fed

era

l

Regulatory Stakeholders

Sources: 1. Morrison & Foerster LLP2. White & Case: Cybersecurity Requirements for Financial Services Companies

Examples of the range of complexity of Federal, State and Local privacy regulatory requirements.

Stat

e &

Lo

cal

Civil Penalty Variations1,2

Florida Stat. 507.171: • Up to $500k per breach• PII also includes name and online account credentials

Texas Bus. & Comm. Code Ann. § 521.001 et seq:• Civil penalties up to $300k per violation

Massachusetts Gen. Bus. Law § 899aa: • Actual costs

New York State Gen. Bus. Law § 899aa: • Actual costs or up to $150k per incident

New York City N.Y. State Tech. Law SS 208: • $500 per person and $100 per violation

California Civ. Code § 1798.80: • $3k per customer, per violation

New York 23 NYCRR 5002: NYDFS Cyber Security Reg.

69HCA - Public

• Number of targeted cyber attacks to increase

• Cyber attacks will continue to evolve

• Phishing attempts to rise

• Dedicated Information Security & Privacy program investments to grow

• Mobile platforms to be targeted more

• Rise in the threat of Organized Crime and State Sponsored Attacks

• Compromises related to Internet of Things (IoT) intensifies

Future Trends

Expectations

70HCA - Public

Next Steps

Recommended Actions

Establish network segmentation to reduce desktops/laptops being compromised

Ensure applicable software patches are installed timely

Implement email filtering capabilities

Implement strong authentication capabilities

COMPANY

Identify threats reinforced from your adaptive training & awareness program

Ensure compliance with Information Protection standards & practices

Apply risk management practices to safeguard assets

Evangelize best practices with collages across the company

EMPLOYEES

71HCA - Public

Web protection strategiesAn effective combination of web management practices and internet security technologies can help protect an organization from many types of web security attacks. These are primary web protection strategies:

• Encrypt sensitive data in transit and at restClassify data based on its sensitivity and regulatory requirements and encrypt all sensitive data at rest and in transit.

• Properly implement access controlsWeb administrators sometimes incorrectly implement authentication and session management functions, allowing attackers to compromise passwords, keys, or session tokens. Likewise, flaws in access control settings may enable hackers to access accounts, view sensitive files, modify data, and change access rights. A variety of best practices and access control technologies can enhance web security, including regular auditing and updating of user access rights and credentials, role-based access policies to restrict user privileges to the applications and data needed for their jobs, and vulnerability scanning and analysis software.

• Employ patch management and updatingComponents, such as libraries, frameworks, and other software modules, are particularly vulnerable, as they run with the same privileges as their underlying application. If a component is outdated or originates from an unsecure source, the attacker can exploit vulnerabilities to assume control of a server or steal data. Regular patch management and updating both help ensure that web applications and components are secure. A subscription or virtual patching service can help ensure rapid, effective patching of vulnerabilities.

• Implement multi-factor authenticationHackers can steal or guess passwords. Two-factor authentication requires the user to provide additional information besides a password, such as a code sent to their smartphone or a PIN they remember.

• Implement state-of-the-art web firewalls and gatewaysA web application firewall protects the website from incoming attacks, while a web gateway protects the network and internal systems from malicious web traffic, which can then infect a website. These web security technologies may employ similar methods of detecting and blocking threats, and they may be integrated into a single product. Primary effective methods of defense include:

• Filtering based on signatures, reputation, and category. Major gateway providers such as McAfee employ real-time filtering and classification engines. These techniques analyze and identify incoming attacks, suspicious behavior patterns, and potential malware, and then apply rules to block, quarantine, or conduct further testing.

• Behavioral analysis. This approach simulates the behavior of suspect files and components such as JavaScript or Flash files, or activates them in a sandbox (a separate, restricted environment) to identify their behavior and actions. This technique can evaluate components in milliseconds, which is fast enough that the user is unaware of the intervention. Behavioral analysis is especially useful for zero-day attacks, like when the malware signature is not yet known.

• Use managed security servicesMany organizations rely on managed security service providers for web protection. Security companies like McAfee apply the expertise and signature databases of cybersecurity threats needed to provide secure web protection. Security solution providers use their clients’ collective traffic to continually enhance their ability to accurately identify exploits and cyberattacks before they can disrupt their customers’ systems.

END Chapter 2

hardware, software and communication in web …

Documents