Chapter 3 Objectives
Communications
and Network
terminology and
applications
Various
communications
devices, media,
and procedures
Type of Computer
Networks
Describe the types
of computernetwork & Internet
security risks
Identify ways to
safeguard against
Network-based
attacks
Techniques to
prevent Network
Attacks
Communications
• What are computer communications?
•
Process in which two or more computers or devices transfer data, instructions, and
information
Communications
• What is needed for successful communications?
Sending device
• Initiates instruction to transmit data, instructions, or information. Commonly in software
forms
Communications device
• Connects the sending device to the communications channel
Communications channel
• Media on which data, instructions, or information travel
Communications device
• Connects the communications channel to the receiving device
Receiving device
• Accepts transmission of data, instructions, or information
Communication Software
• What is communications software?
Programs that help users
establish connection to
Internet, other network,
or another computer
Programs that help users
manage transmission of
data, instructions,
and information
Programs that provide an
interface for users to
communicate with one
another
Communication Devices
• What are examples of communications
devices?
Common types are [dial-up modems, ISDN & DSL
modems, broadband/cable modems] For
Internet Communication, and [network cards,
wireless access points, routers, and
hub/switches] for General Computer Network
Communications
Communication Devices
• What is a modem?
•
•
Converts digital signals to analog signals and vice versa
Notebook computers often use PC Card modem
Dial Up Modems
Cable and Wireless Broadband Modems
Faster Internet Connection
Communications Devices
• What is a network card?
– Adapter card, PC Card, or
compact flash card that
enables computer or
device to access network
– Sometimes called network
interface card (NIC)
Communications Devices
• What is a wireless access
point?
– Central communications
device that allows
computers and devices to
transfer data wirelessly
among themselves or to
wired network
Communications Devices
• What is a router?
– Connects computers and
transmits data to correct
destination on network
– Routers forward data on
Internet using fastest
available path
Communications Devices
Communications Devices
• What is a switch/hub?
– Device that provides
central point for cables in
network
Communications Channel
• What is a channel?
– Transmission media on which data travels in
communications system
Transmission media
are materials
capable of carrying
one or more signals
Bandwidth is
amount of data
that can travel
over channel
Wireless
• Communications
Sattelite
• Microwave Radio
• Cellular Radio (2G,
2,5G, 3G, etc)
• Broadcast Radio
(Wi-fi, Bluetooth)
• Infrared
Computer Network
• What is a network?
– Collection of computers
and devices connected
via communications
devices and
transmission
media
Computer Network
• What is a local area
network (LAN)?
– Network in limited
geographical area such
as home or office
building
– Metropolitan area
network (MAN)
connects LANs in city or
town
Computer Network
• How to Join a computer into a LAN
IP address is a numerical label assigned to each device
(e.g., computer, printer) participating in a computer
network
Computer Network
• What is a wide area
network (WAN)?
– Network that covers
large geographic area
using many types of
media
– Internet is world’s
largest WAN
Computer Network
• What is a client/server
network?
– One or more computers act
as server and other
computers, or clients, access
server
Computer Network
• What is an Intranet?
Internal network that uses Internet technologies
Makes information accessible to employees
Typically includes connection to Internet
Extranet allows customers or suppliers to access
part of company’s intranet
Network Risks & Security
Computer Security Risks
• What is a computer security risk?
– Action that causes loss of or damage to computer
system
– Mostly happened when computer connected into
a network
• Easier to access, more unpredictable than attacking
unattended computer
Computer Viruses, Worms, and Trojan Horses
• What are viruses, worms, and Trojan horses?
Virus is a potentially
damaging
computer
program
Can spread
and
damage
files
Worm copies
itself repeatedly,
using up
resources
and possibly
shutting down
computer or
network
Trojan horse hides
within
or looks like
legitimate program
until triggered
Does not
replicate
itself on
other
computers
Payload
(destructive
event) that is
delivered when
you open file, run
infected program, or
boot computer with
infected disk
in disk drive
Computer Viruses, Worms, and Trojan Horses
• How can a virus spread through an e-mail
message?
Step 1. Unscrupulous
Step 2. They use
programmers create a virus
program. They hide the
virus in a Word document
and attach the Word
document to an e-mail
message.
the Internet to send
the e-mail message
to thousands of
users around the
world.
Step 3a. Some
Step 3b. Other users do not
users open the
attachment and
their computers
become infected
with the virus.
recognize the name of the
sender of the e-mail message.
These users do not open the
e-mail message. Instead they
delete the e-mail message.
These users’ computers are not
infected with the virus.
Computer Viruses, Worms, and Trojan Horses
• What are some tips for preventing virus,
worm, and Trojan horse infections?
Never download or
install suspicious
software from
untrusted sources
If the antivirus
program flags an
e-mail attachment
as infected, delete
the attachment
immediately
Install an antivirus
program on all of your
computers
Check all
downloaded
programs for
viruses, worms,
or Trojan horses
Never open an
e-mail attachment
unless you are
expecting it and
it is from a
trusted source
Install a personal
firewall program
DOS & Backdoor
• What is a denial of service (DOS) attack and
back door?
A denial of service attack is an assault which
disrupts computer access to an Internet service
such as the Web or e-mail
A back door is a program or set of instructions
in a program that allow users to bypass
security controls when accessing a computer
resource
Spoofing
• What is spoofing?
Makes a
network
or Internet
Transmission appear legitimate
IP spoofing occurs when an intruder
computer fools a network into believing
its IP address is from a trusted source
Perpetrators of IP spoofing trick their
victims into interacting
with a phony Web site
Solutions
• Best way to prevent spoofing and DOS is to
build a firewall
– Implemented on network or installed on host as
software (personal firewall)
Solutions
• What is firewall?
– Security system consisting of hardware and/or
software that prevents unauthorized intrusion
Solutions
• What is personal firewall?
– Program that protects personal computer and its data from
unauthorized intrusions
– Monitors transmissions to and from computer
– Informs you of attempted intrusion
Unauthorized Access and Use
• Unauthorized Access
– Use of a computer or network without
permission.
– By connecting to it and then logging in as a
legitimate user.
– Do not cause damages.
– Merely access the data, valuable information or
programs in the computer.
– In some manners, can be categorized as
Information theft
Unauthorized Access and Use
• Unauthorized Use
– Use of a computer or its data for unapproved or
illegal activities.
– Ex: gaining access to a bank computer and
performing an unauthorized bank transfer etc.
Solutions
• How to prevent unauthorized access and use?
– Make a good use of authorization control
Solutions (Cont.)
• How to make good passwords?
GOOD
Your birth-day
Your mother/dad/lover name
Very predictable words
Plain, not combinated
characters is weak against
brute-force attacks
Solutions (Cont.)
• How to prevent unauthorized access and use?
– Disable file and printer sharing on Internet connection
File and
printer
sharing
turned off
– enable just
when you need it
Solutions (Cont.)
• How to make information thief life’s much
harder?
– Use encryption
• Safeguards against information theft
• Process of converting plaintext (readable data) into
ciphertext (unreadable characters)
• Use key to generate cipherkey as combinations
• To read the data, the recipient must decrypt, or
decipher, the data
• See the demonstration
Internet Security Risk
• Information Sniffing, How?
• H or L can get all sensitive un-encrypted information
passed on network such as username and password
Internet Security Risk
• Website phising commonly
spread using emails and
social media
• Best implemented when
combined with social
engineering technique.
Internet Security Risk
• Social engineering is an nontechnical, outside hacker's use
of psychological tricks on
legitimate users of a computer
system, in order to gain the
information (usernames and
passwords) one needs to gain
access to the system.
• It utilizes two human weakness:
– no one wants to be considered
ignorant
– human trust
Solutions
• Web browsers provide secure data
transmission
Many Web browsers
use encryption
Secure site
Choose Web site that
uses encryption to
secure data
Valid Digital
certificate
Guarantees Web site
is legitimate
Solutions
• Provides encryption of
all data that passes
between client and
Internet server
– Web addresses
beginning with “https”
indicate secure
connections
Solutions
• Protect yourselves from social engineering
– Be educated, aware, and a little bit paranoid.
– Never give out:
• Usernames / ID numbers
• Passwords / PIN numbers
• System information
• Credit card numbers
• Schedules
• Other Sensitive data
– Be aware of what is being asked