5. The internet and its uses Flashcards
How do DOS attacks work?
Large number of requests sent to server at once
Useless traffic floods the server
Server will come to a stop trying to deal with the traffic
Prevents users gaining access to the web server
What do cookies do?
Saves log-in information
Provides customized page for user
Enables target advertisements
One-click purchasing
3 functions of browsers
− Allows user to view web pages
− Renders HTML
− Allows user to bookmark/favourite web pages
− Provides navigation features
− Allows (multiple) tabs
− Stores cookies
− Records history of pages visited
− Has a homepage
− Runs active script
− Allows files to be downloaded from website/internet
− Sends a request to the IP address/web server (to obtain the contents of a web page)
− Sends URL to DNS
− Manages HTTP/HTTPS protocol
Physical security
Data needs to be kept physically safe from intruders, in large companies by…
Issuing staff with ID
Having all visitors sign in on arrival and having escorts around the office
Keeping sensitive areas locked
Security cameras
Security guards
Physical Security and Biometrics
Locks on doors
Security Guards
Biometrics:
- Fingerprint recognition
- Retina scanner
- Iris recognition
- Voice recognition
Audit trails and logs
Audit trail maintains a record of all activity on a computer system
The time and date a user accesses the system will be logged as well as their activity
Assists in detecting security violations
Help system admin ensure the system has not been harmed by hackers, insiders or technical problems
Acceptable use policies (AUP)
Many businesses and educational facilities require employees or students to sign an AUP before being given a network ID
Secure passwords
Minimum of 8 characters
Mixture of numbers, lowercase and uppercase characters
Include symbols
Do not include name, DOB or personal details
Phishing
A phishing email is one that tricks you into handing over your personal or sensitive information
You receive an email leading you to a bogus site to enter your details from where they are captured by phishers
What to look out for:
Generalised impersonal greeting
Sender’s address, variation from original
Forged link, roll mouse over link to check
Request personal information, legit sites do not do this
Sense of urgency
Poor spelling and grammar
Pharming attacks
Similar to phishing but instead of using a fake link in email, pharming redirects victims to bogus sites despite entering the legit website
Detecting pharming attacks:
ISPs filter out bogus redirects as soon as an attack is detected
Check the URL once loaded has not changed
Before entering sensitive information check that http has changed to https
Trojan Horse Email
Offers something tempting to look at like an attachment or link eg. funny video
When you open the attachment or click the link it installs a virus on your computer which may:
- record your keystrokes and send them to the attacker
- Provide someone else with access to your files
- Use your computer to send spam to everyone in your
address book
Virus generated emails
Appear to be sent from a friend
Usually means your friend’s email has been infected and sent to their entire address book
Typically includes product or shop recommendation and asks for emergency cash
Encourages you to click a link to a sales website or transfer cash
Encryption
Encryption is the encoding of data so that it can no longer be easily understood to safeguard the data if intercepted.
Terminology:
Plaintext: original message
Ciphertext: encrypted message
Encryption: the process of converting plaintext into ciphertext
Key: a sequence of numbers used to encrypt or decrypt, often data using a mathematical formula.
Encryption algorithm: the formula for encrypting the plaintext
Encryption techniques:
Private key (symmetric encryption)
A single key used to encrypt and decrypt a message and must be given to the recipient of your message to decrypt the data
Public key (asymmetric encryption)
Two keys are used, one to encrypt and one to decrypt
This is more secure as you never have to send or reveal your decryption key
Caesar shift cipher
Earliest known substitution cipher invented by Julius Caesar
Each letter is replaced by n positions further in the alphabet
n is the key used to encrypt and decrypt the message - symmetric encryption
Cryptanalysis
The objective of cryptanalysis is to decode the ciphertext - typically by finding the secret key
Methods include:
Brute-force attack
every possible key is tried
Non-brute-force attack (cryptanalysis)
Key strength
5 bits would enable 2^5 key combinations so it could be said that you are using 5 bit encryption
Increasing the number of bits used for a key increases encryption strength.
Algorithmic security
Ciphers are based on computational security
keys determined using computer algorithm
given enough computer power and time any key can be cracked.
Strong and weak encryption
Encryption can be considered “strong” when the useful lifetime of the encrypted data is less than the time needed to crack it
Weak encryption means that the encryption can be cracked while the encrypted data is still in its lifetime
Other methods of data protection
Passwords
SSL (security protocol)
TSL (security protocol)
Firewalls
HTTPS
Proxy server
A proxy server is a computer that acts as an intermediary between a web browser and the internet.
It helps to improve web performance by storing a copy of frequently accessed web pages.
A proxy server may act as a firewall
can help to improve security by filtering out some web content like malware
responds to input packets by blocking and allowing some
gateway from one network to another
HTTPS
s in https stands for secure
this means a security protocol is used to ensure a trusted encrypted data connection
Secure Sockets Layer and Transport layer security
SSL is a protocol for transferring private documents via the internet
it uses asymmetric encryption to encrypt data before transmission
many websites use SSL to receive confidential information like credit card details
TSL is a more recent upgrade to SSL. Like SSL it uses public key to encrypt.
Process of getting web page from webserver
Web browser sends request to IP address or web server to identify itself by providing certificate
Web page sent from web server to browser
Browser renders HTML to display web pages
HTTPS used to secure data
Benefits of USB connection
Universal connection
High transmission speeds
No incorrect connections
Can be inserted both ways
Backwards compatible
Fast data transfer speed
Inexpensive to purchase
Protocols to transfer data safely
HTTPS
SSL
TSL - layers are handshake and record
What is the internet
A collection of interconnected networks, not the world wide web as that is a part of the internet
ISP
what do they supply
what they allow you to do
storage in an ISP
ISPs are companies supplying connectivity to the internet, email services, web hosting and VOIPs.
You connect to the Internet service provider that you are contracted with, when you connect to the ISP you become a part of their network. This ISP may connect to a larger network and become a part of that.
Every ISP has its own data storage facility.
Browser softwares
Examples
How to access
Internet explorer, google chrome and firefox are all browser softwares. One way to access a particular page is by typing its address into an address bar.
Cloud based services
Mini def
Examples
Servers host software or services that you can access.
Online storage:
Dropbox
OneDrive
Google Drive
Connecting to the internet
PC > Router > Modem > ISP > Internet
router provides access to local area network
modem connects to your internet service provider (ISP)
- modem no longer used in modern technology
ISP connects you to the internet
Modem
stands for modulator/demodulator
converts digital signal from computer and converts to analogue signal for phone lines
a second modem at the receiving end converts the signal back to digital
Router
A router is a hardware device that allows you to connect several devices to a single internet connection (home setting)
Many routers have a WAP (Wireless access point) allowing you to create a wireless access point
TCP/IP protocol
TCP (transmission control protocol)
breaks up messages sent over the internet into packets
reassembles packets at the other end
detects errors
resends lost messages
IP protocol
- routes the individual packets between sender and recipient
HTTP and HTTPS Protocol
HTTP (hyper text transfer protocol) used for accessing and receiving web pages in the form of HTML files on the internet
The protocol requests the web server to upload the requested web page to the users browser for viewing
HTTPS (secure protocol) encrypts the information so that it can not be hacked
Packet switching
files and packets micro def
packet header
Each file is broken up into packets
Each packet is given a header containing:
- IP address its going too (Internet protocol)
- IP address it came from
- Sequence number of the packet
- Number of packets in the whole communication
IP Addressing
Every device connected to the internet has an IP address
eg. 81. 101. 137. 12
Packets are labelled with the senders and the destinations IP address
Packets are sent across the internet along separate routes and reassembled at the end
Public vs Private IP addresses
A PC network has a public and private IP address
Public IP belongs to the router on your LAN
Private IP is accessible only through the LAN
ISPs are allocated blocks of IP addresses
Once a message arrives at the router of your LAN it will use the private IP address to identify which device requested information
MAC Addressing
in full and assigned by who
how many addresses and for what
what it looks like
similarity of and combinations
role
A media access control address is assigned to each Network interface card by the manufacturer.
Computers may have 2, one for ethernet and one for wireless or for a phone wireless and bluetooth
Hex value eg.
3B:14:E6:39:0A:2C
Every network device in the world has a unique MAC address
There are 2^48 possible MAC addresses
Role of a MAC address:
When you request a web page each router along the way uses the MAC address of the next router to send the data packet to the next leg of its journey.
URL
Uniform resource locator is a web page and all are unique
WWW.
Domains names (TDLs)
.uk , .nz etc
DNS
Domain Name system
DNs technology allows you to type a URL into your web browser and it translates the web address into an IP address.
There are 13 DNS “root” servers worldwide that keep complete database of all names and IP addresses
Lower level DNS servers are owned by ISPs and hold parts of the database
When a DNS server receives a request not in its database it will pass it on until reaches one with the matching name and IP address
Cookies
A cookie is a small data file that a web server puts onto your computer when you visit a website
Cookies save any data entered such as registration details, passwords and relevant adverts for you as well as web preferences.
Role of a browser
how browser gets webpage/website on your computer
User types web address (URL) into browser
Browser forwards request to web server to access page
Web server acknowledges request and sends HTML source code for the web page to the computer
Source code is rendered (translated) into viewable web page
Malicious software
what it does
what it can/typically does
types x6
Malware is any software written with malicious intent.
Disrupt computers from their work
Corrupt files
Record key presses and gather information
Gain unauthorised access to a computer or files
Not all viruses cause harm, but the ones (most) that do:
limiting hard disk space and memory
destroying or damaging files and data
spamming your address book with contacts
consuming your internet bandwidth
Types of Malware:
Spyware,
gathers information, installs more spyware, sends information back to spyware author, sells to advertising companies or help with identity theft
Adware,
irritating pop ups, instals itself on a computer, rarely harms
Viruses,
small program that replicates by inserting itself in other computer programs
- attach them self to existing software programs and infect when you run that program
- self replicate
Worms,
a standalone file that does not need a host program to attach itself to
Trojans,
a non-self-replicating virus that masquerades as a harmless file that you might want to open
Ransomware,
malware used to lock your computer or access to your flies for which you are then asked to pay a fee to regain access
Botnets
A virus can compromise a computer and use the host’s storage and processing power to perform jobs
This computer can then become a part of a Botnet network ( a group of computers secretly cooperating to send spam or cause disruption on a much larger scale)
Computers in a botnet can:
send email spam to other users
store and distribute illegal material
perpetrate a Denial of Service attack
DOS attacks
Denial of service attack
Frequently aimed at company or web servers to overload them or make them crash by:
- flooding servers with millions of requests
- absorbing 100% of its processor time or memory
- using all available bandwidth
Attempts to make a network or website unavailable to legit users and the motive is often revenge, blackmail or terrorism
Reducing the risk of any cyber security issues
Use strong passwords, keep software up to date, and avoid clicking on suspicious links or downloading files of unknown sources.
Anti-virus softwares
what they do
how they do
detects viruses
deletes or quarantines infected files
commonly finds all malware including adware, spyware,
worms and Trojans
Works by:
holding a dictionary of snippets used in viruses
scans new files, downloads, external drives on your computer
looks for suspicious codes by comparison
keeps a dictionary of know viruses up to date
Firewall
acts as a filter or barrier between your own trusted
network and others
only allows certain data packets across that meets set
filtering rules
Hacking
Breaking security defined as unauthorised access to files or data
Exploiting weaknesses in websites or security systems
to access data
Guessing default or common passwords
Tricking people into downloading malware to gain
access to their computer
Logging in as someone else without their permission
In order too:
pure mischief or a challenge
steal money
steal or modify information
for political reasons, expose wrongdoing or revenge on opposing views
Black and white hats
Black hat hackers are illegally hacking with criminal intent
White hat hackers ethical hackers employed by companies to deliberately find holes in their own security
Grey hat hackers look for wholes in other systems and ask for a payment from those systems
Cracking
Not hacking
Illegally accessing program source code to change it or fool it to:
Bypass security or licensing control
prevent software from expiring
unlock features that otherwise would require a subscription
Hyper Text Markup Language
International standard language that all pages can read and all pages are written in.
Webpages, webpage code
HTML Code
In a text file containing the content of the website to be displayed by the browser
Uses to govern how to present sections of content
Stores locations of images that are to be displayed
Stores the location of other websites that are linked to using hyperlinks
HTML vs CSS
HTML controls content and function of a web page
Cascading Style Sheets control its style and appearance
Writing HTML code
open <> and close >
Websites are made of a head and body
<h1> , <h2>, <h3>, <h4> - different headings (main , sub)
<img></img></img>
<em> </em>:
emphasis
<a>
Click here for more info
</a>:
link placed in middle line, click to access</h4></h3></h2></h1>
Adding CSS to a webpage
Define the style at the top between tags
h1 {colour:blue; text-align: centre}
Everything that falls inside the style tag, that html will adopt that style
Sector ==> h1 or other
Declaration ==> property and value
Property ==> colour or other
Value ==> blue or other
h1 {colour: blue;}
To add a CSS style:
Define a style for a particular tag eg. h1
or
Define a general style and attribute it to a new name eg. #page
Attribute style to a <div> block:
Image file on desktop
</div>
Describe how the SSL works
− Browser / client sends request to webserver for identification
− Web server sends its digital / security certificate
− Browser authenticates certificate
− If authentic connection, is established any data sent is encrypted
− Using public and private key to do this
Describe how the TSL works
− Handshake and record protocols
− Client/Browser requests secure connection to web server
− Browser requests server to identify itself
− Web server then provides digital certificate after identification
− Browser validates certificate
− Browser sends signal to web server to begin transmission
− Session key generated
− Encryption method is agreed on
The handshake protocol is used to exchange all the information needed by both computers in order to establish a secure SSL/TLS connection
The record protocol handles the actual data and it’s encryption
Describe how a browser accesses a web page
Browser sends URL to DNS using HTTP
DNS find matching IP address for URL and sends it to the browser
Browser requests web server for web pages
Web pages are then sent from web server to the web
browser
Browser then renders the HTML to display web pages
Security certificates authenticated, SSL and TSL used to
encrypt data sent to and fro
Describe how a proxy server works
− Acts as mediator between the user’s computer and web server
− Allows internet traffic to be filtered
− Speed access to information on website using cache
Describe encryption
− Encryption key used
− Key uses algorithm to scramble data
− Data before encryption is plain text
− After encryption it is known as cypher text
− Same key used to decrypt data
Describe symmetric encryption
− Key is kept secret, only sender and receiver know
− Sender uses same key to encrypt and decrypt
− Key has to be sent over internet, can be intercepted
− Less safe but fast
Describe asymmetric encryption
− Public and private key mathematically linked
− Public key used to encrypt, anyone can see
− Private key not transmitted, used to decrypt
− Safer process but slower
Describe a Denial of Service attack
− Webserver is sent multiple requests, requests flood the webserver at the same time
− Webserver crashes / runs slow
− Designed to prevent access to e.g. a website // Stops legitimate requests being processed/serviced
Describe copyright, plagiarism
Copyright
− law/legislation that requires permission to use intellectual property / other people’s work
Plagiarism
− To claim other’s work as your own
− To use other people’s work without consent / acknowledgement
− Theft of intellectual property
Accidental loss of data and prevention
Lost from
Human error, accidentally deleting file
Hardware failure
Power failure or surge
Physical damage, fire or flood
Misplacing storage device
Prevention
Back up data regularly
Use surge protection and UPS
Keep data in protective case
Use verification method for deleting file
Follow and educate on correct procedure of ejecting files, saving, etc.
Internet risks
Phishing
Pharming
Spyware
Dos
Malware
Viruses
Worm
Rootkit
Backdoor
How to minimise risk of spyware
Anti-spyware
Scans computer for spyware
Removes/quarantines any spyware found
Prevent spyware from being installed
Onscreen keyboard
Key-logger can’t collect data of key press
Can’t relay useful info to 3rd party
2 Factor Authentication
Extra data sent to device
Harder for hacker to obtain data
Data has to be entered into same system if entered from remote location not accepted
Firewall
Can be software or hardware based
Monitors incoming and outgoing traffic
Allows criteria to be set
Blocks access to signal that do not meet criteria
Restricts access to specific applications
How to minimise risk of virus
Anti-virus
Scans computer for viruses daily
Has a record of known viruses
Removes/Quarantines any virus found
Warns user of virus
Checks data before downloaded
Prevents download of virus found
Firewall/Proxy server
Monitors incoming and outgoing traffic
Allows setting of criteria
Checks if traffic meets criteria
Blocks traffic that does not meet criteria
How to minimise risk of hacking
Firewall/Proxy server
Monitors incoming and outgoing traffic
Allows setting of criteria
Checks if traffic meets criteria
Blocks traffic that does not meet criteria
Passwords
Use long and more random passwords
Change it regularly
Lock after a set attempts
Biometrics
Data needed to enter is unique to individual
Hard to replicate
Lock after set attempts
2 Factor Authentication
Extra data sent to device
Hard for hacker to obtain
Data entered needs to be in the same system, if attempted from remote location it’s not accepted
Describe Phishing and Pharming
Phishing
− Legitimate looking email sent to user
− encourages user to click a link that directs user to a fake website
− User encouraged to enter personal details into a fake website // designed
to obtain personal details from a user
Pharming
− Malicious code/malware is downloaded without users’ knowledge
− That re-directs user to fake website (when legitimate URL entered)
− User encouraged to enter personal details into a fake website
− Designed to obtain personal and sensitive details from a user
Describe free software, freeware, shareware
Free software-
* Type of software licence
* Free of charge
* Normally distributed without the source code
* Can legally share / copy
* Cannot legally modify code
* Cannot resell
Freeware- Owner has copyright for software but can be given away for free
Shareware- Often a trial version of full software, fee required for full access
Copyright
Legal protection person can obtain to provide protection against their work stolen
Identify and describe risks to a device when accessing the internet
Hacking
− When a person tries to gain unauthorised access to a computer system
− Data can be deleted/corrupted by hacker
Malware
− A software program designed to damage data / disrupt the computer system
− Replicates itself and fills the hard disk
Virus
− A program that replicates itself to damage/delete files
Describe Cracking
-When someone alters a program source code usually for a backdoor (by disabling computer security software)
What is hacking?
illegally gaining access to a computer system
illegally gaining access to a computer system in known as
hacking
Why do people hack (5)
Curiosity
Financial Gain
Malicious
Hacktivism
Military
Curiosity,Financial Gain,Malicious,Hacktivism,Military are all reasons to___?
Hack
Cracking is
Changing a program’s source code to be used for another use (illegal)
Changing a program’s source code to be used for another use illegally is known as
Cracking
What is spyware
Software which tracks keylogs and through this can find out passwords.
Software which tracks keylogs and through this can find out passwords. Is known as
Spyware
How is Spyware prevented
Antispyware
Antispyware prevents___?
Spyware
Spyware (5)
User clicks on a link from an email or website
When clicked spyware is downloaded
Monitors users activity and relays it back to author
Keypresses can be analysed to find passwords
Common key logs allow password to be found
Viruses (3)
Program that replicates itself
Deletes or corrupts files
Ransomware a new form of virus
Phishing (5)
Fake email sent that looks legitimate
User clicks on link in the email
User redirected to fake website
Often used to try and steal financial details
How to avoid – Don’t click on links from unknown emails
Pharming (3)
Malicious code stored on a computer
Redirects user to fake website to steal users data
How to avoid – check the URL is as expected
Cookies (4)
Message given to browser by webserver
Stored in a text file
Stores detail about users preferences on a website
Message sent back to server each time that page is requested
Cookies uses (5)
Enable logon information to be kept
Provide customized pages for the user
Enable target adverts
Enable one-click purchasing with shopping carts
Be able to distinguish between new and repeat visitors
Causes of data loss (5)
Accidental Deletion
Malicious – virus
Hardware failure
Software failure
Natural disaster
Data loss prevention (4)
Set data to read only
Use correct shut down procedures
Use correct procedures when removing portable storage devices
Backup
Firewalls(5)
Prevents unauthorized access
Acts as a filter for incoming/outgoing data
Checks data meets criteria
Logs incoming and outgoing traffic
Blocks access to specified IP addresses
Antivirus (2)
Compares virus signature against a database of known virus signatures
Removes any viruses
Proxy servers (3)
Keeps user IP address secret
Prevents direct access to a web server
Filters traffic
Biometrics examples (3)
Voice recognition
Facial Recognition
Thumbprint
Text v Biometric (2)
Text passwords easier to hack than biometrics
- Biometric passwords are unique and can’t be shared
Security methods (2)
Encryption
- SSL
SSL (5)
Uses encryption
Uses SSL
Uses digital certificates – contains public key
Makes use of public and private keys
Data is meaningless without the key
How can we tell a website is using SSL(3)
Protocol end in s e.g. https
Padlock on some browsers
Colour of address bar changes
SSL process (5)
Web browser connects to the website
Web browser requests web server to identify itself
Web server sends browser a copy of its SSL certificate
Browser checks the certificate is trustworthy and sends message back to server
Server acknowledges message and SSL session begins
TLS layers (2)
Record
- Handshake
Record layer (2)
Contains the data being transferred
- Can be used with or without encryption
Handshake layer (2)
Website and client authenticate each other
- Encryption algorithms used to establish secure session
Differences between TLS and SSL (3)
Possible to extend TLS using new authentication methods
TLS can make use of session caching
TLS separates handshake and record protocol
How does encryption work on text (6)
Before encryption it is plain text
Text encrypted using an algorithm
Text encrypted using a key
Encrypted text called cypher text
Key transmitted separately from text
Key used to decrypt the cypher text
Assymetric(5)
Private key and Public key needed
Public key given to everyone
Private key only known by the computer user
Encryption keys generated using a hashing algorithm
Different keys
Plain text & Cyper text
Text encrypted using encryption algorithm
Text encrypted using a key
Key transmitted separately from the text
Key used to decrypt the text
Authentication (1)
-Used to verify that data comes from trusted source
Symmetric Encryption (1)
-Uses the same key to encrypt and decrypt data
Hashing algorithm (4)
Takes message or key and translates it into string of characters
Usually shown in hex notation
Length depends on algorithm used
Same hashing algorithm needed to decrypt
DoS Attacks (4)
Large number of requests sent to server at once
Designed to flood a server with useless traffic
Server will come to a stop trying to deal with the traffic
Prevents users gaining access to the web server
Types of softaware(3)
Free software
Freeware
Shareware
Free software (4)
Can use for any legal purpose you wish
Can study and change the source code
Can pass on to other people
Must not be used to infringe copyright laws by copying existing software
Freeware(2)
Can download and use free of charge
- Cannot view or modify the source code e.g. Skype
Shareware (5)
Can use for a trial free of charge
Need to pay once the trial is over
Often trial version missing key features
Protected fully by copyright laws
Cannot modify code or distribute the software
What is hacking?
the act of gaining illegal access to a computer system
What is cracking?
the editing of program source code so it can be exploited/changed for a specific purpose
What are viruses?
program code that can replicate/copy itself with the intention of deleting/corrupting data/files or causing the computer to malfunction
What is phishing?
sending legitimate lookng emails to encourage uses to give out personal data
What is pharming?
malicious code installed to redirect uses to a fake website
What is spyware/key logging software?
gathers data by monitoring keypresses on user’s keyboards
What are cookies?
pieces of data that allow detection of web pages viewed by a user and store their preferences
What is accidental or malicious loss of data?
this could be due to accidentally deleting a file or to a malicious attack from viruses or hacking
What are firewalls?
examines traffic between user’s computer and a public network - can help prevent viruses or hackers entering a user’s computer
What is secure sockets layer (SSL)?
allows data to be sent and received securely across a network
What is transport layer security (TLS)?
a protocol that is designed to ensure that no third party may eavesdrop or tamper with any message
What is symmetric encryption?
a secret key which makes a message unreadable unless the recipient also has the decryption key
What is asymmetric encryption?
a form of encryption requiring both a public and private key
What is authentication?
used to verify that data comes from a trusted source
What is a denial of service attack?
an attempt at preventing users from accessing part of a network
What is free software?
users have the freedom to run, copy, change or adopt free software
What is freeware?
software which users can download free of charge
What is shareware?
users are allowed to try out shareware for a trial period
What can hacking lead to?
lead to identity theft and loss or corruption of data
How can you minimise the risk of hacking?
using strong passwords
using firewalls
Why is cracking done?
for malicious purposes (such as modifying legitimate software to do something like redirect a user to a fake website)
How can you minimise the risk of cracking?
it is hard to do
software engineers need to make the act of breaking into the software nearly impossible (make it difficult to identify back doors)
What do viruses cause computers to do?
run slow
crash
cause some software to run abnormally
How to reduce the risk of viruses?
running anti-virus software
don’t open emails/software from unknown sources
What are the main signs that an email is a phishing email?
messages containing poor spelling/grammar
asks for personal information
unrealistic threats/promises made
How can you reduce the risk of pharming?
anti-spyware software can identify and remove pharming code on the hard drive
What is wardriving?
the act of locating and using wireless internet connections illegally
can lead to stealing of internet time/bandwith
How can you prevent the risk of wardriving?
use of WEP (wired equivalent privacy) encryption
complex passwords
firewalls
What are Networks?
Networks are connections between nodes (devices) to share resources. Being connected to a network can be dangerous because there are more access points.
What are the types of Networks?
Personal Area Network (PAN)
Local Area Network (LAN)
Wide Area Network (WAN)
What is PAN?
A personal area network is within the range of an individual, +- 10m. Examples are:
Bluetooth
What is LAN?
It is a network that connects devices close to one another, like in the same house; school; office.
What is WAN?
A wide area network is a network over a broader, geographic area. For example, an internet connection is given by an ISP. The internet is a WAN made up of individual LANs.
What is a Client-Server Network
In a Client-Server Network, every device is either Client or Server. A client will request resources from the server.
When a resource is wanted, the client establishes a connection with the server over the network
Servers backup and store data centrally, although expensive and difficult to run.
It is centralized
What is a Peer-to-Peer Network
A P2P network is decentralized. Each node is equal in responsibility and can work as both client and server.
What are the factors that affect Network Performance?
Latency
The Delay, Speed of Signals
Bandwidth
Max rate of Data Transfer (bps)
Error Rate
How often data is corrupted
How often data must be resent
What are the differences between wired connections and wireless connections?
Wired connections are generally faster
Though Bandwidths must be taken into account, but is shared across a network
Wireless range signals degrade quickly and can be blocked
Signals at the same frequency can interfere, leading to dara collisions
Bus topology have higher error rates
What are network protocols?
They are rules that must be accepted to devices can be compatible and reliably communicate.
How are protocols developed?
They are developed in layers, each responsible for a different part of the process of communication. Layers break the process down into managable self-contained parts.
Easier to develop because it is focused on one aspect
easier to develop standards
changing one layer won’t affect another
What us the TCP/IP Protocol Stac?
It has 4 layers:
Application Layer
HTTP/S; FTP; SMTP; IMAP & POP; DNS
Transport Layer
TCP; UDP
Network Layer
IP
Link Layer
Ethernet; Wifi
What is the Application Layer?
The application layer is where network applications can operate, e.g:
Web Browsers, Email Clients
What is the Transport Layer?
This layer sets up communication between the two hosts, and includes the agreed rules.
What is the Network Layer?
This layer addresses and packages data, and routes it.
What is the Link Layer?
This is where the hardware and drivers operate.
What is the Ethernet?
It is a standardised family of protocols.
Ethernet works at the link layer
it describes how devices on the same netwoek degment format data and transmit it
What is Wi-Fi (WLAN)?
It is a form of wireless transmission, radio waves
EM waves are categorised on frequency
A channel represents a small frequency range, designated by number
Frequency overlap can cause interference.
Data is encrypted using WAP
What is the TCP?
TCP is the transmission control protocol, which runs in the transport layer. It deals with the connection between devices, it:
receives data from the application layer
receives the packets from the network layer
splits data into packets
reassembles them
sends an acknowledgment
What is the IP?
It is the internet protocol, it addresses packets with the source and destination’s IP address, and works at the network layer. The IP removes the IP addresses when the packets are no longer needed.
What is HTTP?
It is the hypertext transfer protocol, a hypertext is a type of text with links. HTTPS is HTTP with encryption through certificates. HTTP is used to access a webpage from a web server, the process goes as:
The client requests a message
the webserver gives a response
What is FTP?
The file transfer protocol is of the application layer, which handles file uploads and downloads. HTTP transfers viewable content whilst FTP transfers data.
What are the email protocols?
SMTP
POP3
IMAP
What are the outbound email protocols?
SMTP
What are the Inbound email protocols?
POP3
IMAP
What is SMTP?
The simple mail transfer protocol is of the application layer.. it handles outbound. It sends the email to a mail server, and then to the internet. SMTP servers have user databases.
What is POP?
it is post office protocol, this is from the internet, mail server to the client. It doesn’t keep client and server in sync. When the mail is downloaded, it is deleted from the server.
What is IMAP?
It is internet message access protocol, where it keeps both client and server synced in which the mail is copied instead of downloaded. For the mail to be deleted from the server, you must contact the client.
What are the network topologies?
Topologies are the arrangement of the nodes and connections in a network.
Bus
Star
Mesh
Ring
What is the Bus Topology?
All clients, serbers and resrouces are connected to one medium, the bus.
When a node communicates, the data is transmitted down the bus.
All drivers receive it but only the intended recipient accepts and processes the message.
There are terminators on both ends, which are resistors. They prevent data from reverberating
What are the advantages and disadvantages of the bus topology?
Advantages:
Cheaper, because less wires
Disadvantages:
If the main bus fails, all fails
Prone to data collisions in high traffic, which slows the data down.
What is the ring topology?
In this topology, each device is connected to two other devices, forming a ring for messages to travel around. The nodes take turns sending data, data is sent one direction through each device until the intended recipient receives it.
What are the advantages and disadvantages of the ring topology?
Advantages:
Simple, less wires, cheaper.
Disadvantages:
All nodes must be one for the data to be sent.
What is the star topology?
Most home networks uses this topology, as each node is connected to the central connection point.
What are the advantages and disadvantages of the star topology?
Advantages:
Data goes immediately to recipient
Disadvantages:
If the central connection point fails, network stops.
What is the mesh topology?
In a full mesh, every node is connected to every other node. In a partial mesh, there are simply many connections between nodes. A mesh could be used as a backup mechanism, called the redundancy as it is needed but used as an alternative route.
What are the advantages and disadvantages the mesh topology?
Advantages:
Provides backup should one route fails
Direct links to recipient.
Disadvantages:
Expensive, many wires
Complicated
Can’t add one device without connecting to every other device.
What is Network Security?
It is the processes, practices, and technologies designed to protect networks from attacks, damages, or unauthorized access.
Where do attacks originate from?
It can happen internally and externally.
What are the kinds of security do you need to watch out for?
Physical Security
CCTVs, Case Locks, Disabling USB Ports
Cloud Security
Ensure the cloud servers you use are safe
What should be done when checking security?
Validation
Ensuring that data is correct and secure before processing
Authentication
Ensuring that an entity is genuine, like users, product authentications.
What are some security threats?
Unpatched Software
Misconfigured Access Controls
Social Engineering
Phishing
Shoulder Surfing
USB devices
Portable Digital Devices
Eavesdropping
Malicious Code, malware basically
Commercial Analysis tools
What is Unpatched Software?
It is basically just un-updated software, which may have some protection holes.
It is basically just un-updated software, which may have some protection holes.
It is when an entity has permission to access something that they’re not supposed to.
What is Phishing/Pharming?
It is the usage of sending emails from a ‘verified’ entity that contains malicious links that can lead to websites that download malware.
What is shoulder surfing?
Someone staring at you when you type in important information.
What is Malicious Code?
It is malware like:
viruses
spyware
things like that
How can you identify vulnerabilities?
Penetration Testing
Ethical Hacking
What is penetration testing?
It is basically stimulating an attack to find any weaknesses. For example, entering a random username and password just to see if it can access the site. It is normally done by an external entity.
What are the kinds of penetration testing?
White-box pen test
Inside attack, where attacker has some knowledge of the system
Black-box pen test
Outside attack, hacking
What is ethical hacking?
Hacking is finding and exploiting vulnerabilities, it is only ethical when done in a testing context. There are kinds identified by white/black/gray hat hackers. For it to be ethical, it must:
Have permission
Be worked on securely
notify admins when weaknesses are found
What are Firewalls?
They monitor network traffic and filter data packets based on agreed rules. Routers and dedicated hardware contain firewalls, they can:
Block Packets
Connections from certain regions
What is the structure of a data packet?
Header
Data
Trailer
How do firewalls work?
Packet filtering is done by looking at the addresses on the packet header. (first generation)
Stateful Inspection is done by looking at the data context. (second generation)
What are some security measures (2)?
Design Stage Planning
Audit Trails
Securing Operating Systems
Good Programming Practices
What is Design Stage Planning?
It is threat modeling, basically just analysing vulnerabilities from a theoretical attacker’s view.
What are Audit Trails?
These are system records kept, which can trace security issues.
What is Securing Operating Systems?
Limit User Accounts
Directory Permissions
Strong Passwords
Limit automatic softwares
Install patches and update new versions
What is the internet?
It is the worldwide collection of networks that use the internet protocol suite, TCP/IP.
What is the World Wide Web?
It is the collection of web pages hosted on web servers.