Download Unit 2 - Intan Viona

Unit 10
Internet Security
Overview
Any file can be uploaded or downloaded to the Internet. You as user of Internet will
always run the risk of downloading a harmful file. The potential of harmful files in many
common Internet activities, along with risks such as information theft or invasion of
privacy, make it crucial to understand Internet security and to take steps to minimize your
risks when you’re online.
This unit introduces Internet Security and privacy concerns as well as the Web browser’s
capabilities for dealing with these concerns. This unit also introduces on ways to
minimize the security risk. This unit also introduces on how to protect Web Transactions,
E-mail from viruses and interception.
Lessons
1. Understanding the Internet Security
2. Understand on how to minimize Web Security Risks
3. Understand on how to Protecting Web Transactions
4. Understand on how to Protecting E-mail from Viruses and Interception
Lesson 1 – Understanding Internet Security
Objectives:
At the end of this lesson you will be able to:
 Understand virus, worms & Trojan horses
 Understand the Web Security
 Understand the E-mail security
Internet security is the prevention of unauthorized access and/or damage to computer
systems via internet access. Most security measures involve data encryption and
passwords. Data encryption is the translation of data into a form that is unintelligible
without a deciphering mechanism. A password is a secret word or phrase that gives a user
access to a particular program or system.
Virus & Worms
Computer virus
A computer virus is a computer program that can copy itself and infect a computer
without permission or knowledge of the user. The term "virus" is also commonly used,
albeit erroneously, to refer to many different types of malware and adware programs.
Malware, also known as Malicious Software, is software designed to infiltrate or damage
a computer system without the owner's informed consent. Adware or advertisingsupported software is any software package which automatically plays, displays, or
downloads advertisements to a computer after the software is installed on it or while the
application is being used. Some types of adware are also spyware and can be classified as
privacy-invasive software. The original virus may modify the copies, or the copies may
modify themselves, as occurs in a metamorphic virus. A virus can only spread from one
computer to another when its host is taken to the uninfected computer, for instance by a
user sending it over a network or the Internet, or by carrying it on a removable medium
such as a floppy disk, CD, or USB drive. Meanwhile viruses can spread to other
computers by infecting files on a network file system or a file system that is accessed by
another computer. Viruses are sometimes confused with computer worms and Trojan
horses. A worm can spread itself to other computers without needing to be transferred as
part of a host, and a Trojan horse is a file that appears harmless. Worms and Trojans may
cause harm to either a computer system's hosted data, functional performance, or
networking throughput, when executed. In general, a worm does not actually harm either
the system's hardware or software, while at least in theory, a Trojan's payload may be
capable of almost any type of harm if executed. Some can't be seen when the program is
not running, but as soon as the infected code is run, the Trojan horse kicks in. That is why
it is so hard for people to find viruses and other malware themselves and why they have
to use spyware programs and registry processors.
Most personal computers are now connected to the Internet and to local area networks,
facilitating the spread of malicious code. Today's viruses may also take advantage of
network services such as the World Wide Web, e-mail, Instant Messaging and file
sharing systems to spread, blurring the line between viruses and worms. Furthermore,
some sources use an alternative terminology in which a virus is any form of selfreplicating malware.
Some malware is programmed to damage the computer by damaging programs, deleting
files, or reformatting the hard disk. Other malware programs are not designed to do any
damage, but simply replicate themselves and perhaps make their presence known by
presenting text, video, or audio messages. Even these less sinister malware programs can
create problems for the computer user. They typically take up computer memory used by
legitimate programs. As a result, they often cause erratic behavior and can result in
system crashes. In addition, much malware is bug-ridden, and these bugs may lead to
system crashes and data loss. Many CiD programs are programs that have been
downloaded by the user and pop up every so often. This results in slowing down of the
computer, but it is also very difficult to find and stop the problem.
Computer Worm
A computer worm is a self-replicating computer program. It uses a network to send
copies of itself to other nodes (computer terminals on the network) and it may do so
without any user intervention. Unlike a virus, it does not need to attach itself to an
existing program. Worms almost always cause harm to the network, if only by
consuming bandwidth, whereas viruses almost always corrupt or modify files on a
targeted computer
Worms spread by exploiting vulnerabilities in operating systems. All vendors supply
regular security updates, and if these are installed to a machine then the majority of
worms are unable to spread to it. If a vendor acknowledges a vulnerability but has yet to
release a security update to patch it, a zero day exploit is possible. However, these are
relatively rare.
Users need to be wary of opening unexpected email, and should not run attached files or
programs, or visit web sites that are linked to such emails. However, as with the
ILOVEYOU worm, and with the increased growth and efficiency of phishing attacks, it
remains possible to trick the end-user into running a malicious code.
Anti-virus and anti-spyware software are helpful, but must be kept up-to-date with new
pattern files at least every few days. The use of a firewall is also recommended.
In the April-June, 2008, issue of IEEE Transactions on Dependable and Secure
Computing, computer scientists describe a potential new way to combat internet worms.
The researchers discovered how to contain the kind of worm that scans the Internet
randomly, looking for vulnerable hosts to infect. They found that the key is for software
to monitor the number of scans that machines on a network send out. When a machine
starts sending out too many scans, it is a sign that it has been infected, allowing
administrators to take it off line and check it for viruses.
Trojan Horses
Trojan horse, also known as a trojan, is a piece of malware which appears to perform a
certain action but in fact performs many different forms of codes. Therefore, a computer
worm or virus may be a Trojan horse. The term is derived from the classical story of the
Trojan Horse.
In the field of computer architecture, 'Trojan Horse' can also refer to security loopholes
that allow kernel code to access anything for which it is not authorized.
Web Security
Although many people use the Web every day without a second thought to security, the
Web exposes users to a variety of security risks:
 Computer safety: the potential for the greatest damage comes from programs that
Web pages can download to your computer and run. Such programs known as scripts,
controls, or applets are generally benign and are used by Web page designers to
enrich and personalize a user’s interaction with a Web page. Many browser plug-ins,
such as Shockwave, are controls or applets. Such programs can also be written with
malicious intent, however, destabilizing programs and even risking data loss on a
user’s computer.
 Data confidentiality: Web sites commonly include forms where users can efficiently
supply information to an organization. In addition to online shopping or donations,
these forms are also used in other ways, for example, to sign up for an e-mail list.
However, transmitting information across the Internet is not always secure. If security
features are not deliberately put into place by a Web site administrator, submitting
information over the Web is about as secure as sending the same information on a
postcard; people at both the sending and receiving ends can view the information
without going through too much trouble.
 Activity monitoring: Some Web sites store information on your computer in small
text files known as cookies. Although some Web sites merely use cookies to preserve
information about your preferences between visits, other Web sites might use cookies
to collect information about your interests and then use this information to try to
market products or services to you. Additionally, some Web sites attempt to glean
information from all the cookies stored on your computer, meaning that any
information stored in a cookie is at risk of being seen and used by anyone on the
Web.
E-mail
Using e-mail can open users to computer safety risks. E-mail messages themselves are
generally not harmful to a computer; attached files, however, can cause many different
types of damage. A sender can attach an executable file known as a virus to an e-mail
message. Viruses can cause various types of destruction to the recipient’s computer.
Other types of attachments are more worrisome and widespread., however. Harmful
programs such as worms, which spread themselves using e-mail programs can spread
undetected around the world via the Internet in a matter of hours.
Lesson 2 – Minimizing Web Security Risks
Objectives:
At the end of this lesson you will be able to:
 Understand the Web Page Programs
 Understand the Sniffer Programs
 Understand the Cookies
The Web can expose users to many types of potential security risks. Fortunately,
informed users can take simple countermeasures which are procedures programs and
hardware that detect and prevent computer security threats. Take appropriate
countermeasures makes Web use significantly less risky.
Web Page Programs
A program on a Web page such as a script, control, or applet can attach your computer.
Java applet
A Java applet is an applet delivered in the form of Java bytecode. Java applets can run in
a Web browser using a Java Virtual Machine (JVM), or in Sun's AppletViewer, a standalone tool for testing applets. Java applets were introduced in the first version of the Java
language in 1995. Java applets are usually written in the Java programming language but
they can also be written in other languages that compile to Java bytecode such as Jython.
Applets are used to provide interactive features to web applications that cannot be
provided by HTML. Since Java's bytecode is platform independent, Java applets can be
executed by browsers for many platforms, including Windows, Unix, Mac OS and Linux.
There are open source tools like applet2app which can be used to convert an applet to a
stand alone Java application/windows executable/Linux executable. This has the
advantage of running a Java applet in offline mode without the need for internet browser
software.
A Java Servlet is sometimes informally compared to be "like" a server-side applet, but it
is different in its language, functions, and in each of the characteristics described here
about applets.
For example, a destructive Java applet, which is a program written in the Java
programming language, can run and consume all your computer’s resources.
JavaScript
JavaScript is a scripting language most often used for client-side web development. It
was the originating dialect of the ECMAScript standard. It is a dynamic, weakly typed,
prototype-based language with first-class functions. JavaScript was influenced by many
languages and was designed to look like Java, but be easier for non-programmers to work
with.
Although best known for its use in websites (as client-side JavaScript), JavaScript is also
used to enable scripting access to objects embedded in other applications.
A JavaScript program can examine your computer’s program and e-mail a file from your
computer to the Web server, which potentially compromises sensitive information such
as personal passwords.
ActiveX Components
ActiveX components are Microsoft’s technology for writing small applications that
perform some action on Web pages. These components have full access to the files on
your computer. For example, a hidden ActiveX component in a Web page can scan your
hard drive for GIF and JPEG files and print them on any network printer, simply to drain
resources and cause trouble. A renegade ActiveX program can reformat your hard drive.
Web servers are also targets for such attacks. Recent programs have launched denial of
service attacks, which slow down all Web traffic or make certain Web site inaccessible.
Although you cannot do much to protect Web servers from being attacked, you can
protect your own computer. Popular Web browsers contain numerous options for limiting
or blocking the types of Web page programs that run on your computer.
Sniffer Programs
The possibility of someone stealing your credit card number in a Web transaction is
perhaps most well-knows security risk. This is possible because all Web traffic is divided
up by the sender’s server into uniform sized chunks of data known as packets; at any
point along a packet’s trip from source to destination, a user can identify and read packets
for a certain network or user. A tool known as a packet sniffer or sniffer program, allows
a user to monitor and analyze network traffic. Used illegally, a packet sniffer can also
capture data being transmitted on a network, including user names, passwords, and other
information. In many cases, it makes no difference if others view the information you
send and receive on the Internet. However, whenever you submit sensitive data, such as
financial or other personal information, or view sensitive Web sites, you should ensure
that the upload and download are protected by encryption. Encryption scrambles and
encodes data transmissions to make it difficult for anyone intercepting the data to make
sense of it. Popular Web browsers indicate that a Web page is encrypted by displaying a
lock icon on the status bar. Additionally, the protocol in the Web page address generally
begins with “https” rather than “http”.
Cookies
Usually, cookies are used for harmless reasons but they can pose a security threat.
Cookies generally store information about your click stream, which is the sequence of
links you click while visiting a Web site. Creating and saving cookies in this way is
harmless. However, cookies can store user name, password, and credit card information,
which allows illicit Web sites to store and use information about you without your
knowledge. Web browsers offer many different options for dealing with cookies. All
recent Web browsers allow you to prevent cookies from being saved on your computer.
Although this choice totally eliminates problems with cookie misuse, it also blocks your
access to some Web sites that rely on cookies for basics information about your
preferences. For example, if you visit a Web site that requires a membership, without a
cookies you might have to sign in every time you open a new Web page on the Web site.
Fortunately, recent Web browsers can also distinguish between different types of cookies
and might allow you to block more intrusive cookies while allowing harmless ones.
Lesson 3 – Protecting Web Transactions
Objectives:
At the end of this lesson you will be able to:
 Understand the protection of web transactions
 Understand how to set the protections in Internet Explorer & Netscape
As the number of Web users and the risk of security threats on the Web grow, the makers
of the most popular Web browsers incorporate features that allow users to limit their risks
as they use the Web. Although these features can largely protect users from many
common threats, the tradeoff of increased security is sometimes a limitation on Web
pages’ customizable and inter-activity. After you understand these tradeoffs, you can
balance the amount of security you require with the importance of enhanced Web
content.
Protecting Web Transactions through Internet Explorer
1. Click Help on the menu bar, then click About Internet Explorer
The About Internet Explorer dialog box opens. This window shows your Web
browser’s version number and other details. The cihper strength listed in this
dialog box is a measure of the encryption strength that the Web browser can use
when exchanging information over a secure connection. Your Web browser might
display a value between 40 and 128. A higher number indicates stronger
encryption and some online businesses consider only 128-bits encryption strong
enough to ensure data security.
2. Click OK, click Tools on the menu bar, then click Internet Options.
The Internet Options dialog box opens.
3. Click the Security tab then click Custom Level
The Security Settings dialog box opens.
4. Scroll down the Setting list box to view the available options
The list box allows you to specify how to deal with many different types of Web
pages contents and programs including ActiveX Controls, Java applets, scripts,
and form content that is not encoded.
5. Click Cancel, then in the Internet Options dialog box, click Cancel.
6. Close Internet Explorer.
Protecting Web Transactions through Netscape
1. Click Help on the menu bar then click About Netscape 6
The About Netscape 6 window opens. This window shows your Web browser’s
version number and other details. The window also specifies the encryption
strength that the Web browser can use when exchanging information over a
secure connection. Your Web browser might display a value between 40 and 128.
A higher number indicates stronger encryption and some online businesses
consider only 128-bit encryption strong enough to ensure data security.
2. Click the Close button, click Edit on the menu bar then click Preferences
The Preferences dialog box opens.
3. Click Advanced in the Category list
The dialog box displays options for advanced preferences. You can use this dialog
box to enable or disable Java applets, Web page scripts written in the JavaScript
language and scripts included in e-mail messages.
4. Click Cancel
5. Close Netscape
Lesson 4 – Protecting E-mail from Viruses and Interception
Objectives:
At the end of this lesson you will be able to:
 Understand the Antivirus Software
 Understand on how to Handle E-mail Attachments
 Understand Encryption Software
Although the Web is an important area to focus on for understanding Internet
security, it’s not the only area of concern. Protecting your computer when using email must go hand in hand with Web protection to eliminate the most common
Internet-based threats to your computer. Fortunately, you can greatly limit your
exposure to destructive programs carried by e-mail by taking a few simple
precautions such as installing programs that protect your computer or verifying that
your attachments are safe before you open them.
Antivirus Software
Antivirus software is computer programs that attempt to identify, neutralize or
eliminate malicious software. The term "antivirus" is used because the earliest
examples were designed exclusively to combat computer viruses; however most
modern antivirus software is now designed to combat a wide range of threats,
including worms, phishing attacks, rootkits, trojan horses and other malware.
Antivirus software typically uses two different approaches to accomplish this:
 examining (scanning) files to look for known viruses matching definitions in a
virus dictionary, and identifying suspicious behavior from any computer program
which might indicate infection.
 The second approach is called heuristic analysis. Such analysis may include data
captures, port monitoring and other methods.
Most commercial antivirus software uses both of these approaches, with an emphasis
on the virus dictionary approach. Some people consider network firewalls to be a type
of antivirus software, however this is not correct.
Many types of programs have been specially designed to cause computer problems
when downloaded as attachments with incoming e-mail messages. Worms and Trojan
horses are destructive programs similar to viruses. Worms can not only perform
undesired tasks when they run such as deleting the contents of your hard drive, but
they can also reproduce themselves by using the functions of e-mail programs like
Netscape Mail and Microsoft Outlook Express to send out copies of themselves as
attachments. Software is easily available, however which can block damage from any
viruses, worms, or Trojan Horses that you might receive by e-mail. Such software
known as anti-virus software also keeps such programs from using your e-mail
program to reproduce.
Handling E-mail Attachments
In addition to using anti-virus software to protect your computer from harmful e-mail
attachments you can increase your e-mail security by modifying your e-mail
practices. Most importantly, you don’t save or open attachments from anyone – even
people you know well – without scrutinizing the e-mail message first. An attachment
ending with .exe is a program file; opening it runs the program on your computer with
unknown consequences. Always be sure you know what a program will do, and that
you’re certain of the sender’s identity before opening it. Additionally, because worms
replicate by sending nonsense messages to people listed in the victim’s address book,
male sure the accompanying e-mail message makes sense and is specific to you. If the
message is short and general, even if it’s from a friend, it might simple be a worm’s
trick to get you to open the attachment when you are not paying attention. If you get a
lot of e-mail every day, using anti-virus software can be a worthwhile investment,
because it can find and delete any viruses, worms, or Trojan horses attached to e-mail
messages before they are even visible on your e-mail program.
Encryption Software
Encryption software describes an algorithm that is designed to encrypt computer data
in such a way that it cannot be recovered without access to the key. Software
encryption is a fundamental part of all aspects of modern computer communication
and file protection and may include features like file shredding.
The purpose of encryption is to prevent third parties from recovering the original
information. This is particularly important for sensitive data like credit card numbers.
Like Web data, e-mail messages are sent across the Internet in packets. Therefore a
packet sniffer can be used illegally to intercept the contents of e-mail messages. If
you use e-mail to send sensitive information such as sensitive business information or
financial data, it’s good practice to use encryption software for e-mail. Like Web
browser encryption, e-mail encryption scrambles a message’s contents in a way that
can only be decoded by the intended recipient. Pretty Good Privacy (PGP) described
on the download page, is a popular program used to encrypt and decrypt e-mail. PGP
can be downloaded for free from the Web for noncommercial use.