security awareness chapter 3 internet security. o bjectives after completing this chapter, you...

Security Awareness

Chapter 3Internet Security

OBJECTIVES

After completing this chapter, you should be able to do the following:

Explain how the World Wide Web and e-mail work

List the different types of Internet attacks

Explain the defenses used to repel Internet attacks

SECURITY AWARENESS, 3RD EDITION

2

HOW THE INTERNET WORKS

Internet

Worldwide set of interconnected computers, servers, and networks

Not owned or regulated by any organization or government entity

Computers loosely cooperate to make the Internet a global information resource


3

THE WORLD WIDE WEB

World Wide Web (WWW)

Better known as the Web

Internet server computers that provide online information in a specific format

Hypertext Markup Language (HTML)

Allows Web authors to combine text, graphic images, audio, video, and hyperlinks

Web browser

Displays the words, pictures, and other elements on a user’s screen


4

THE WORLD WIDE WEB (CONT’D.)

Figure 3-1 How a browser displays HTML code


5

Course Technology/Cengage Learning


Hypertext Transport Protocol (HTTP)

Standards or protocols used by Web servers to distribute HTML documents

Transmission Control Protocol/Internet Protocol (TCP/IP)

Port number

Identifies the program or service that is being requested

Port 80 Standard port for HTTP transmissions


6


Transfer-and-store process

Entire document is transferred and then stored on the local computer before the browser displays it

Creates opportunities for sending different types of malicious code to the user’s computer


7


Figure 3-2 HTML document sent to browser


8


E-MAIL

Number of e-mail messages sent each day to be over 210 billion

More than 2 million every second

Simple Mail Transfer Protocol (SMTP)

Handles outgoing mail

Post Office Protocol (POP or POP3)

Responsible for incoming mail

Example of how e-mail works


9

E-MAIL (CONT’D.)

Figure 3-3 E-mail transport


10


E-MAIL (CONT’D.)

IMAP (Internet Mail Access Protocol, or IMAP4)

More advanced mail protocol

E-mail attachments

Documents that are connected to an e-mail message

Encoded in a special format

Sent as a single transmission along with the e-mail message itself


11

INTERNET ATTACKS

Variety of different attacks

Downloaded browser code

Privacy attacks

Attacks initiated while surfing to Web sites

Attacks through e-mail


12

DOWNLOADED BROWSER CODE

JavaScript

Scripting language Similar to a computer programming language that is

typically ‘‘interpreted’’ into a language the computer can understand

Embedded in HTML document

Executed by browser

Defense mechanisms are intended to prevent JavaScript programs from causing serious harm

Can capture and send user information without the user’s knowledge or authorization


13


(CONT’D.)

Figure 3-4 JavaScript


14



(CONT’D.)

Java

complete programming language

Java applet

Can perform interactive animations, immediate calculations, or other simple tasks very quickly

Sandbox

Unsigned or signed


15


(CONT’D.)

Figure 3-5 Java applet


16



(CONT’D.)

ActiveX

Set of rules for how applications under the Windows operating system should share information

Do not run in a sandbox

Microsoft developed a registration system poses a number of security concerns

Not all ActiveX programs run in browser


17

PRIVACY ATTACKS

Cookies

User-specific information file created by server

Stored on local computer

First-party cookie

Third-party cookie

Cannot contain a virus or steal personal information stored on a hard drive

Can pose a privacy risk


18

PRIVACY ATTACKS (CONT’D.)

Adware

Software that delivers advertising content

Unexpected and unwanted by the user

Can be a privacy risk Tracking function

Popup

Small Web browser window

Appears over the Web site that is being viewed


19

ATTACKS WHILE SURFING

Attacks on users can occur while pointing the browser to a site or just viewing a site

Redirecting Web traffic

Mistake when typing Web address

Attackers can exploit a misaddressed Web name by registering the names of similar-sounding Web sites


20

ATTACKS WHILE SURFING (CONT’D.)

Table 3-1 Typical errors in entering Web addresses


21


ATTACKS WHILE SURFING (CONT’D.)

Drive-by downloads

Can be initiated by simply visiting a Web site

Spreading at an alarming pace

Attackers identify well-known Web site

Inject malicious content

Zero-pixel IFrame Virtually invisible to the naked eye


22

E-MAIL ATTACKS

Spam

Unsolicited e-mail

90 percent of all e-mails sent can be defined as spam

Lucrative business

Spam filters

Look for specific words and block the e-mail

Image spam

Uses graphical images of text in order to circumvent text-based filters


23

E-MAIL ATTACKS (CONT’D.)

Other techniques to circumvent spam filters

GIF layering

Word splitting

Geometric variance

Malicious attachments

E-mail-distributed viruses

Replicate by sending themselves in an e-mail message to all of the contacts in an e-mail address book


24

E-MAIL ATTACKS (CONT’D.)

Embedded hyperlinks

Clicking on the link will open the Web browser and take the user to a specific Web site

Trick users to be directed to the attacker’s “look alike” Web site


25

Figure 3-12 Embedded hyperlink


26


INTERNET DEFENSES

Several types

Security application programs

Configuring browser settings

Using general good practices


27

DEFENSES THROUGH APPLICATIONS

Popup blocker

Separate program or a feature incorporated within a browser

Users can select the level of blocking

Spam filter

Can be implemented on the user’s local computer and at corporate or Internet Service Provider level


28


(CONT’D.) Spam filter (cont’d.)

E-mail client spam blocking features Level of spam e-mail protection

Blocked senders (blacklist)

Allowed senders (whitelist)

Blocked top level domain list

Bayesian filtering User divides e-mail messages into spam or not-spam

Assigns each word a probability of being spam

Corporate spam filter Works with the receiving e-mail server


29


(CONT’D.)

Figure 3-16 Spam filter on SMTP server


30



(CONT’D.)

E-mail security settings

Configured through the e-mail client application Read messages using a reading pane

Block external content

Preview attachments

Use an e-mail postmark


31

DEFENSES THROUGH BROWSER SETTINGS

Browsers allow the user to customize security and privacy settings

IE Web browser defense categories:

Advanced security settings Do not save encrypted pages to disk

Empty Temporary Internet Files folder when browser is closed

Warn if changing between secure and not secure mode


32


(CONT’D.)

IE Web browser defense categories (cont’d.):

Security zones Set customized security for these zones

Assign specific Web sites to a zone

Restricting cookies Use privacy levels in IE


33


(CONT’D.)

Table 3-3 IE Web security zones


34


E-MAIL DEFENSES THROUGH GOOD

PRACTICES

Use common-sense procedures to protect against harmful e-mail

Never click an embedded hyperlink in an e-mail

Be aware that e-mail is a common method for infecting computers

Never automatically open an unexpected attachment

Use reading panes and preview attachments

Never answer an e-mail request for personal information


35

INTERNET DEFENSE SUMMARY

Table 3-4 Internet defense summary


36


SUMMARY

Internet composition

Web servers

Web browsers

Internet technologies

HTML

JavaScript

Java

ActiveX


37

SUMMARY (CONT’D.)

Privacy risk

Cookies

Adware

Security risk

Mistyped Web address

Drive-by downloads

Email security

Spam

Attachments

Security applications


38

security awareness chapter 3 internet security. o bjectives after completing this chapter, you...

Documents

rd edition

windows vistahow

web servers

browsersecurity awareness

email workssecurity

web sitesattacks

hyperlinks web browser

html codesecurity awareness