Internet Security is a computer security branch that is specifically related to the Internet, often involving browser security but also network security at a more general level, as it applies to other applications or operating systems overall. The goal is to set rules and steps to use against attacks against the Internet. The Internet is an insecure channel for exchanging information that leads to a high risk of intrusion or fraud, such as phishing, online viruses, trojans, worms, and more.
Many methods are used to protect data transfer, including encryption and engineering from the ground. The current focus is on prevention as much as on real time protection against known and new threats.
Video Internet security
Threat
Malicious software
Internet users can be tricked or forced to download software to a computer that has malicious intent. Such software comes in various forms, such as viruses, trojan horses, spyware, and worms.
- Malware, short for malicious software, is any software used to disrupt computer operations, gather sensitive information, or gain access to personal computer systems. Malware is determined by malicious intent, acts against the requirements of computer users, and does not include software that causes unintentional harm due to some deficiencies. The term badware is sometimes used, and is applied to real (malicious) malware and unintentionally harmful software.
- Botnets are zombie computer networks that are taken over by robots or bots that do large-scale malicious actions for botnet makers.
- Computer Virus is a program that can replicate its structure or effect by infecting files or other structures on the computer. A common use of viruses is to take over computers to steal data.
- Computer worms are programs that can replicate themselves across computer networks, performing malicious tasks throughout.
- Ransomware is a type of malware that limits access to infected computer systems, and requires a ransom paid to malware authors to have these restrictions removed.
- Scareware is a typically limited or useless fraud scam, containing a malicious charge, sold to consumers through unethical marketing practices. The sales approach uses social engineering to cause shock, anxiety, or threat perception, generally directed at unsuspecting users.
- Spyware refers to programs that secretly monitor activity on a computer system and report that information to others without the user's consent.
- Trojan horses, commonly known as Trojans , are common terms for malicious software that pretend to be harmless, so users are happy to allow them to be downloaded to a computer.
- KeyLogger, Keystroke logging , often called keylogging or keyboard capturing , is the action of recording (keying) keys being hit on the keyboard
Denial-of-service_attacks Denial-of-service Attacks
Denial-of-service attacks (denial-of-service attacks) or distributed denial-of-service attacks (DDoS attacks) are attempts to make computer resources unavailable to the intended user. Another way to understand DDoS is to see it as an attack in a cloud computing environment that evolves due to the important characteristics of cloud computing. Although the means to implement, motive for, and target DoS attacks may vary, it generally consists of a concerted effort to prevent the site or Internet service from functioning efficiently or not at all, temporarily or indefinitely. According to businesses participating in international business security surveys, 25% of respondents experienced DoS attacks in 2007 and 16.8% experienced one in 2010.
Phishing
Phishing is an attack that targets online users to extract their sensitive information such as usernames, passwords and credit card information. Phishing occurs when an attacker pretends to be a trusted entity, either via email or a web page. The victim is directed to a fake web page, which is dressed to look legitimate, via spoof email, instant messenger/social media or any other means. Often tactics such as email spoofing are used to make emails appear from legitimate senders, or complex subdomains long hiding the actual website host. The RSA insurance group says that phishing accounts for worldwide losses of $ 1.5 billion in 2012.
Application vulnerability
Applications used to access Internet resources may contain security vulnerabilities such as memory security bugs or incorrect authentication checks. The most severe of these bugs can give the attacker a full network control over the computer. Most security applications and suites do not have adequate defenses against these attacks.
Maps Internet security
Remedies
Network layer security
The TCP/IP protocol can be secured by cryptographic methods and security protocols. These protocols include Secure Sockets Layer (SSL), replaced by Transport Layer Security (TLS) for web traffic, Pretty Good Privacy (PGP) for email, and IPsec for network layer security.
Internet Security Protocol (IPsec)
IPsec is designed to protect TCP/IP communications in a secure way. This is a set of security extensions developed by the Internet Task Force (IETF). It provides security and authentication on IP layers by altering data using encryption. The two main types of transformations that form the basis of IPsec: Authentication Header (AH) and ESP. Both of these protocols provide data integrity, data origin authentication, and anti-replay services. This protocol can be used alone or in combination to provide the desired set of security services for the Internet Protocol (IP) layer.
The basic components of the IPsec security architecture are described in terms of the following functions:
- Security protocols for AH and ESP
- Security association for policy management and traffic processing
- Manual and automated key management for Internet key exchange (IKE)
- Algorithms for authentication and encryption
A set of security services provided in IP layer including access control, data integrity integrity, protection against playback, and confidentiality. The algorithm allows this set to work independently without affecting other parts of the implementation. Implementation IPsec is operated in a hosted environment or security gateway that provides protection against IP traffic.
Multi-factor authentication
Multi-factor authentication (MFA) is a computer access control method in which users are granted access only after successfully presenting several separate pieces of evidence for the authentication mechanism - usually at least two of the following categories: knowledge (something they know), ownership (something they own ), and inherence (something them). Internet resources, such as websites and email, can be secured using multi-factor authentication.
Security Token
Some online sites offer customers the ability to use a six-digit code that randomly changes every 30-60 seconds on a security token. The key on the security token has been built in mathematical calculations and manipulating numbers based on the current time built into the device. This means that every thirty seconds there are only a certain number of numbers that may be true to validate access to an online account. Websites users use to log in will be made aware of the device's serial number and will know the exact calculations and timings built into the device to verify that the given number is indeed one of several six-digit numbers that function within a given 30-60 cycle second. After 30-60 seconds the device will present a new random six-digit number that can enter the website.
Email security
​​â € <â €
Email messages are compiled, sent, and stored in a multiple-step process, beginning with the composition of the message. When the user finishes writing the message and sends it, the message is converted to standard format: RFC 2822 format message. Afterwards, messages can be sent. Using a network connection, an email client, referred to as an email user agent (MUA), is connected to a mail-transfer agent (MTA) that operates on an email server. The email client then assigns the sender identity to the server. Next, using the mail server command, the client sends the recipient list to the mail server. The client then supplies the message. After the mail server receives and processes the message, several events occur: identification of the recipient server, connection establishment, and message transmission. By using the Domain Name System (DNS) service, the sending mail server specifies the mail server for the recipient (s). Then, the server opens a connection to the recipient's email server and sends a message using a process similar to that of the original client, sending a message to the recipient.
Pretty Good Privacy (PGP)
Pretty Good Privacy provides confidentiality by encrypting messages to be sent or data files to be stored using encryption algorithms such as Triple DES or CAST-128. Email messages can be protected using cryptography in various ways, such as the following:
-
- Sign an email message to ensure its integrity and confirm the identity of the sender.
- Encrypt the body of an email message to ensure its privacy.
- Encrypt communication between email servers to protect the confidentiality of the message body and message headers.
The first two methods, message signing and message content encoding, are often used together; however, encrypting transmission between email servers is usually only used when two organizations want to protect emails that are regularly sent between each other. For example, organizations can create virtual private networks (VPNs) to encrypt communications between their email servers over the Internet. Unlike methods that can only encrypt the message body, the VPN can encrypt all messages, including email header information such as sender, recipient, and subject. In some cases, organizations may need to protect header information. However, a VPN solution alone can not provide message signing mechanism, nor can it provide protection for email messages along the route from the sender to the recipient.
Multipurpose Internet Mail (MIME) Extensions
MIME converts non-ASCII data on the sender's site to ASCII Network Virtual Terminal (NVT) data and sends it to the Simple Mail Transfer Protocol (SMTP) client for sending over the Internet. The SMTP server at the receiving end receives the ASCII NVT data and sends it to MIME to be converted back to the original non-ASCII data.
Message Authentication Code
An authentication code (MAC) message is a cryptographic method that uses a secret key to encrypt a message. This method generates a MAC value that can be decrypted by the recipient, using the same secret key used by the sender. The Message Authentication Code protects both the message data integrity and authenticity.
Firewall
Computer firewalls control access between networks. It generally consists of gateways and filters that vary from one firewall to another. Firewalls also filter out network traffic and can block malicious traffic. The firewall acts as an intermediate server between SMTP connections and Hypertext Transfer Protocol (HTTP).
Firewall role in web security
The firewall imposes restrictions on Incoming and outgoing network packets to and from the private network. Incoming or outbound traffic must pass through the firewall; only allowed traffic is allowed through it. The firewall creates checkpoints between the internal private network and the public Internet, also known as choke point (borrowed from an identical military term from a geographical feature that limits combat). Firewalls can create choke points based on source IP and TCP port numbers. They can also serve as a platform for IPsec. Using tunnel mode capabilities, firewalls can be used to implement VPNs. Firewalls can also limit network exposure by hiding internal network systems and information from the public Internet.
Firewall types
Package filter
Packet filters are the first generation firewall to process network traffic on a packet-by-packet basis. Its main task is to filter traffic from a remote IP host, requiring a router to connect the internal network to the Internet. Routers are known as filter routers, which filter out packets that leave and enter the network.
Important package checks
In stateful gateway firewall the circuit level is a proxy server that operates at the network level of the Open Systems Interconnection (OSI) model and statically defines what traffic will be allowed. The proxy circuit will forward the network packet (formatted data unit) containing the given port number, if the port is allowed by the algorithm. The main advantage of a proxy server is its ability to provide Network Address Translation (NAT), which can hide the user's IP address from the Internet, which effectively protects all internal information from the Internet.
Application-level gateway
An application-level firewall is a third-generation firewall where the proxy server operates at the very top of the OSI model, the application-level IP suite. The network packet is only forwarded if the connection is made using a known protocol. Application-level gateways can be used to analyze all messages rather than individual data packets when data is being sent or received.
Browser options
Web browser stats tend to affect the number of exploited Web browsers. For example, Internet Explorer 6, which used to have most of the Web browser's market share, is considered highly unsafe because of exploited vulnerabilities due to its previous popularity. Since browser options are now more evenly distributed (Internet Explorer at 28.5%, Firefox at 18.4%, Google Chrome at 40.8%, etc.), vulnerabilities are exploited in many different browsers.
Internet security products
Antivirus
Antivirus software and Internet security programs can protect programmable devices from attacks by detecting and removing viruses; Antivirus software is basically shareware in the early years of the Internet, but now there are some free security applications on the Internet to choose from all platforms.
Password manager
Password manager is a software application that helps users store and manage passwords. Password managers typically store encrypted passwords, which require the user to create a master password; a single password, ideally very powerful that gives users access to their entire password database from top to bottom.
Security plan
So-called security suite was first offered for sale in 2003 (McAfee) and contains a series of firewalls, anti-virus, anti-spyware and more. They also offer theft protection, security checks of portable storage devices, personal Internet browsing, anti-spam cloud, file shredder or security-related decisions (answer popup windows) and some others are free.
See also
References
External links
- National Institute of Standards and Technology (NIST.gov) - Information Technology Portal with links to computer and virtual security
- National Institute of Standards and Technology (NIST.gov) - Computer Security Resources Center - Guidelines on Electronic Letter Security, version 2
- The Internet Engineering Task Force.org - British Organization -IP Authentication Header 1998
- Internet Engineering Task Force.org - UK Organization - Issued a Security Payload
- Wireless Safety.org - Latest info about step-by-step security threats, news and tutorials
- PwdHash Stanford University - Firefox & amp; An IE browser extension that transparently converts a user's password into a domain-specific password.
- internet.net security - by JC Montejo & amp; Goio Miranda (free security program), est 2007.
- Internet and English anonymous Membership Data Security Guide
- Cybertelecom.org Security - conducting a federal internet security job survey
- DSL Reports.com- Broadband Reports, FAQs and forums on Internet security, est 1999
- FBI Safe Online Surfing Internet Challenge - Cyber ​​Security â € <â €
Source of the article : Wikipedia
0 Comments