Information Technology Fundamentals - Internet And Network Security"
Internet And Network Security
Internet is the world's largest network. It is a unique collection of networks of different kinds. It is often described as “a network of networks” since all the smaller networks are linked together into one giant network called the Internet.
The use of the internet began in 1969 in the U.S. Department of Defence’s Advanced Research Project Agency (ARPA) to provide immediate communication within the department during war. Computers were then installed at U.S. universities with defense-related projects.
As scholars began to go online, the network changed from military use to scientific use. As Arpanet grew, administration of the system became distributed to a number of organizations, including the National Science Foundation (NSF). This shift of responsibility began the transformation of the science-oriented Arpanet into commercially minded and funded internet, which is used by millions today.
The Internet Architecture
The Internet has a set architecture which is the basis of its functioning. We need to understand some basic concepts, and terminologies to understand the internet better.
1. Protocol: Architecture is based in the very specification of the standard TCP/IP protocol, designed to connect any two networks which may be very different in internal hardware, software, and technical design. Once two networks are interconnected, communication with TCP/IP is enabled end-to-end so that any node on the internet has the ability to communicate with any node irrespective of their location.
2. IP Address: Every computer on the internet has a unique numerical address, called an Internet Protocol (IP) address, used to route packets across the Internet. Just as a postal address enables the postal system to send mail to the desired destination from anywhere around the world, the computer's IP address gives the internet routing protocols the unique information they need to route packets of information to the computer from anywhere across the Internet.
3. Domain Name Service: The Domain Name System (DNS), as a whole, consists of a network of servers that map internet domain names to a local IP address. The DNS enables domain names to stay constant while the underlying network topology and IP addresses change. This provides stability at the application level while enabling network applications to find and communicate with each other using the IP no matter how the underlying physical network changes.
4. Packet Switching: The key idea of packet switching is the division of each communication into individual, equal-sized packets. These packets are then sent individually to their destination through the network, and the entire message is reassembled when all the packets arrive. There is a range of procedures for retransmission of packets that might get lost in the network. On the internet, a typical packet length is about one kilobyte or a thousand characters. A large message may be divided into thousands of individual packets.
The beginning of a packet is called the ‘header’ and it records the following information:
A. Source: the IP address of the computer sending the packet
B. Destination: the IP address of the destination computer
C. Length: the length of the packet in bytes
D. Number: total number of packets in the complete message
E. Sequence: the number of this packet in the whole list of packets making up this communication.
5. Internet Routers: Internet routers are specialized computers that interconnect the network by switching communications from one line to another at cross points. When a computer communicates with another on the internet, it addresses each packet with the other computer's IP address and then sends it to the closest internet router. The router then uses a routing algorithm to send the packet across the internet to the destination computer.
A good firm may face potential threats through the internet or networking and the protective measures are essential for securing the modern business network and IT infrastructure. Although the knowledge of threats and protective methods will not stop all attempts at network incursion or system attack, it can empower to eliminate certain general problems, greatly reducing the potential damages, and quickly detect breaches. With the ever-increasing number and complexity of attacks, vigilant approaches to security in both large and small enterprises are a must.
Understanding Potential Threats
Threats can come from both internal and external sources. They may be human-based, automated or even nonintentional natural phenomena. Their consequences differ as per the type of virus, type of attack, etc. We will have a brief view of the threats and consequences.
1. E-mail with the virus: This could be from an external origination, internal use, and it could infect system reading email and subsequently spread throughout the entire organization.
2. Network with the virus: This is of external nature, could enter through unprotected ports, compromise the whole network.
3. Web-based virus: This is from internal browsing to an external site, which could cause compromise on the system doing browsing and subsequently affect other internal systems.
4. Web server attack: This could be external to web servers If the webserver is compromised hacker could gain access to other systems internal to the network.
5. Denial of service attack: This is external, External services such as web, email, and file transfer protocol could become unusable.
6. Network user attack: This is internal to anywhere, Firewalls do nothing for this attack. Internal segmentation firewalls can help contain the damage.
A Computer Virus is a self-replicating computer program that behaves like a biological virus. It spreads by inserting copies into other executable codes or documents. Similar to the biological virus, it spreads on its own by multiplying itself throughout the system. There are different types of viruses, prominent being Trojan horses, worms, and email viruses.
Steps Towards Security
This scans your PC for signatures of a virus.
1. A virus signature is the unique part of that virus. It can be a filename, how the virus behaves or the size of the virus file itself.
2. Good antivirus software will find viruses that haven't yet infected PC and eliminate the ones that have already attacked.
3. Antivirus software can only protect your computer from viruses trying to infect via email, CD-ROM, floppy disk, Word documents or other types of computer files. Antivirus software alone will not keep computers 100% Safe and use firewall software is also necessary.
A Firewall is a mechanism by which a controlled barrier is used to control network traffic into and out of an organizational intranet.
1. Firewalls are basically application-specific routers. They run on dedicated embedded systems such as an internet appliance or they can be software programs running on a general server platform.
2. In most cases, these systems will have two network interfaces, one for the external network such as the internet and one for the internal intranet site. The firewall process can tightly control what is allowed to traverse from one side to the other.
3. Firewalls can range from being fairly simple to very complex. As with most aspects of security, deciding what type of firewall to use will depend upon factors such as traffic levels, services needing protection and the complexity of rules required. The greater the number of services that must be able to traverse the firewall the more complex the requirement becomes.
Uses Of Internet
In spite of all the security issues discussed above, networks, especially the internet, are one of the most essential components of the routine life of individuals. This is not to exaggerate, but to underline the significance of the internet and its services in today’s world.
Some of the important applications of the internet are:
1. Access to remote information
2. World wide web
3. Person-to-person communication with electronic mail, videoconference, and so on
4. Interactive entertainment like video-on-demand, games and so on
5. Online shopping, booking, trading, social networking and so on.