Computer Communication and Security

Published on February 2017 | Categories: Documents | Downloads: 33 | Comments: 0 | Views: 215
of 44
Download PDF   Embed   Report

Comments

Content

Chapter 3

Computer Communication
and Security

Chapter 3 Objectives
Communications
and Network
terminology and
applications

Various
communications
devices, media,
and procedures

Type of Computer
Networks

Describe the types
of computernetwork & Internet
security risks

Identify ways to
safeguard against
Network-based
attacks

Techniques to
prevent Network
Attacks

Communications
• What are computer communications?


Process in which two or more computers or devices transfer data, instructions, and
information

Communications
• What is needed for successful communications?
Sending device
• Initiates instruction to transmit data, instructions, or information. Commonly in software
forms
Communications device
• Connects the sending device to the communications channel

Communications channel
• Media on which data, instructions, or information travel
Communications device
• Connects the communications channel to the receiving device
Receiving device

• Accepts transmission of data, instructions, or information

Communication Software
• What is communications software?
Programs that help users
establish connection to
Internet, other network,
or another computer

Programs that help users
manage transmission of
data, instructions,
and information
Programs that provide an
interface for users to
communicate with one
another

Communication Devices
• What are examples of communications
devices?
Common types are [dial-up modems, ISDN & DSL
modems, broadband/cable modems] For
Internet Communication, and [network cards,
wireless access points, routers, and
hub/switches] for General Computer Network
Communications

Communication Devices
• What is a modem?



Converts digital signals to analog signals and vice versa
Notebook computers often use PC Card modem

Dial Up Modems

Cable and Wireless Broadband Modems
Faster Internet Connection

Communications Devices
• What is a network card?
– Adapter card, PC Card, or
compact flash card that
enables computer or
device to access network
– Sometimes called network
interface card (NIC)

Communications Devices
• What is a wireless access
point?
– Central communications
device that allows
computers and devices to
transfer data wirelessly
among themselves or to
wired network

Communications Devices
• What is a router?
– Connects computers and
transmits data to correct
destination on network
– Routers forward data on
Internet using fastest
available path

Communications Devices

Communications Devices
• What is a switch/hub?
– Device that provides
central point for cables in
network

Communications Channel
• What is a channel?
– Transmission media on which data travels in
communications system

Transmission media
are materials
capable of carrying
one or more signals

Bandwidth is
amount of data
that can travel
over channel

Transmission Media
Physical
• Optical Fiber
• Twisted Pair
Cables
• Coaxial Cable

Wireless
• Communications
Sattelite
• Microwave Radio
• Cellular Radio (2G,
2,5G, 3G, etc)
• Broadcast Radio
(Wi-fi, Bluetooth)
• Infrared

Computer Network
• What is a network?
– Collection of computers
and devices connected
via communications
devices and
transmission
media

Computer Network
• What is a local area
network (LAN)?
– Network in limited
geographical area such
as home or office
building
– Metropolitan area
network (MAN)
connects LANs in city or
town

Computer Network
• How to Join a computer into a LAN

IP address is a numerical label assigned to each device
(e.g., computer, printer) participating in a computer
network

Computer Network
• What is a wide area
network (WAN)?
– Network that covers
large geographic area
using many types of
media
– Internet is world’s
largest WAN

Computer Network
• What is a client/server
network?
– One or more computers act
as server and other
computers, or clients, access
server

Computer Network
• What is an Intranet?
Internal network that uses Internet technologies

Makes information accessible to employees
Typically includes connection to Internet

Extranet allows customers or suppliers to access
part of company’s intranet

Network Risks & Security

Computer Security Risks
• What is a computer security risk?
– Action that causes loss of or damage to computer
system
– Mostly happened when computer connected into
a network
• Easier to access, more unpredictable than attacking
unattended computer

Computer Viruses, Worms, and Trojan Horses

• What are viruses, worms, and Trojan horses?
Virus is a potentially
damaging
computer
program

Can spread
and
damage
files

Worm copies
itself repeatedly,
using up
resources
and possibly
shutting down
computer or
network

Trojan horse hides
within
or looks like
legitimate program
until triggered

Does not
replicate
itself on
other
computers

Payload
(destructive
event) that is
delivered when
you open file, run
infected program, or
boot computer with
infected disk
in disk drive

Computer Viruses, Worms, and Trojan Horses

• How can a virus spread through an e-mail
message?
Step 1. Unscrupulous

Step 2. They use

programmers create a virus
program. They hide the
virus in a Word document
and attach the Word
document to an e-mail
message.

the Internet to send
the e-mail message
to thousands of
users around the
world.

Step 3a. Some

Step 3b. Other users do not

users open the
attachment and
their computers
become infected
with the virus.

recognize the name of the
sender of the e-mail message.
These users do not open the
e-mail message. Instead they
delete the e-mail message.
These users’ computers are not
infected with the virus.

Computer Viruses, Worms, and Trojan Horses

• What are some tips for preventing virus,
worm, and Trojan horse infections?
Never download or
install suspicious
software from
untrusted sources
If the antivirus
program flags an
e-mail attachment
as infected, delete
the attachment
immediately

Install an antivirus
program on all of your
computers

Check all
downloaded
programs for
viruses, worms,
or Trojan horses

Never open an
e-mail attachment
unless you are
expecting it and
it is from a
trusted source

Install a personal
firewall program

DOS & Backdoor
• What is a denial of service (DOS) attack and
back door?
A denial of service attack is an assault which
disrupts computer access to an Internet service
such as the Web or e-mail

A back door is a program or set of instructions
in a program that allow users to bypass
security controls when accessing a computer
resource

Spoofing
• What is spoofing?
Makes a
network
or Internet
Transmission appear legitimate

IP spoofing occurs when an intruder
computer fools a network into believing
its IP address is from a trusted source
Perpetrators of IP spoofing trick their
victims into interacting
with a phony Web site

Solutions
• Best way to prevent spoofing and DOS is to
build a firewall

– Implemented on network or installed on host as
software (personal firewall)

Solutions
• What is firewall?
– Security system consisting of hardware and/or
software that prevents unauthorized intrusion

Solutions
• What is personal firewall?
– Program that protects personal computer and its data from
unauthorized intrusions
– Monitors transmissions to and from computer
– Informs you of attempted intrusion

Unauthorized Access and Use
• Unauthorized Access
– Use of a computer or network without
permission.
– By connecting to it and then logging in as a
legitimate user.
– Do not cause damages.
– Merely access the data, valuable information or
programs in the computer.
– In some manners, can be categorized as
Information theft

Unauthorized Access and Use
• Unauthorized Use
– Use of a computer or its data for unapproved or
illegal activities.
– Ex: gaining access to a bank computer and
performing an unauthorized bank transfer etc.

Solutions
• How to prevent unauthorized access and use?
– Make a good use of authorization control

Solutions (Cont.)
• How to make good passwords?
GOOD

• Example:
@k|_|-@n@6-4L4Y
• Longer, alay-er, better

NEVER USE IT





Your birth-day
Your mother/dad/lover name
Very predictable words
Plain, not combinated
characters is weak against
brute-force attacks

Solutions (Cont.)
• How to prevent unauthorized access and use?
– Disable file and printer sharing on Internet connection

File and
printer
sharing
turned off

– enable just
when you need it

Solutions (Cont.)
• How to make information thief life’s much
harder?
– Use encryption
• Safeguards against information theft
• Process of converting plaintext (readable data) into
ciphertext (unreadable characters)
• Use key to generate cipherkey as combinations
• To read the data, the recipient must decrypt, or
decipher, the data
• See the demonstration

Internet Security Risk
• Information Sniffing, How?

• H or L can get all sensitive un-encrypted information
passed on network such as username and password

Internet Security Risk
• Website phising, How?

Impersonated Login Page

Username,
Passwords,
Credit card’s details

https://ib.bankmandiri.co.id/retail/Login.do?action=form

https://ib.bangmandiri.co.id/retail/Login.do?action=form
Username,
Passwords,
Credit card’s details

Normal Login Page
Bank Mandiri’s
Server

Cracker’s Computer

Internet Security Risk
• Website phising commonly
spread using emails and
social media
• Best implemented when
combined with social
engineering technique.

Internet Security Risk
• Social engineering is an nontechnical, outside hacker's use
of psychological tricks on
legitimate users of a computer
system, in order to gain the
information (usernames and
passwords) one needs to gain
access to the system.
• It utilizes two human weakness:
– no one wants to be considered
ignorant
– human trust

Solutions
• Web browsers provide secure data
transmission
Many Web browsers
use encryption

Secure site
Choose Web site that
uses encryption to
secure data
Valid Digital
certificate
Guarantees Web site
is legitimate

Solutions
• Provides encryption of
all data that passes
between client and
Internet server
– Web addresses
beginning with “https”
indicate secure
connections

Solutions
• Protect yourselves from social engineering
– Be educated, aware, and a little bit paranoid.
– Never give out:
• Usernames / ID numbers
• Passwords / PIN numbers
• System information
• Credit card numbers
• Schedules
• Other Sensitive data
– Be aware of what is being asked

End of Chapter 3

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close