Internet Security Flashcards
Name 5 methods of internet security.
- Firewalls
- Stateful inspection
- Encryption
- Proxy servers
- Packet filtering
What are firewalls?
- They regulate the packets that pass through it, accepting or rejecting packets according to preconfigured rules
- Can work as a proxy server performing packet filtering and stateful inspection.
What is stateful inspection?
- Stateful inspection examines a packets payload (instead of only the packets header) before deciding whether to allow it through the firewall.
- Use a connection table to keep track of rules set by the network administrator
What are proxy servers?
- A proxy server sits between a public network and a private network.
- They hide the true network addresses of the sender from the recipient by using the IP address of the firewall rather than the sender’s private IP address
- This enables privacy and anonymous surfing
- Administrators can use proxy servers to filter the content users requests
- Proxy servers can also keep a log of users requests
What is packet filtering?
- It accepts or blocks packets attempting to pass through the firewall based on their source IP address or the protocol they’re using (show by their port number)
- An administrator can specify specific IP addresses or protocols to block or use automatic filtering software that blocks suspicious packets.
What is symmetric encryption?
In symmetric encryption, the sender and receiver share the same private key. The same key is used to encrypt and decrypt data sent between the two parties
What is a major flaw in symmetric encryption?
-The sender and receiver must participate in a key exchange which can be vulnerable to interception.
What is asymmetric encryption?
- Each device has a pair of mathematically related keys, the private key is kept secret and the public key is shared on the Internet.
- When a message is encrypted with a public key, only the corresponding private key can decrypt it
How does asymmetric encryption avoid being vulnerable to interception.
-It uses a public and private, so there’s no key exchange, so the key can’t be intercepted
What are digital signatures used for?
Used to verify
- the identity of the sender
- that the data has not been changed/corrupted during transmission.
What type of encryption do digital signatures use?
Asymmetric encryption
How are digital signatures created?
- Using a hashing/checksum algorithm a digest of the message being sent is created (the digest is dependant on the contents of the message)
- The digest is encrypted with the sender’s private key
- The encrypted digest is appended to the message
- The message + appended digest are encrypted
with the recipient’s public key
What happens when the recipient receives the message with the digital signature?
- They decrypt it using their private key; leaving them with the decrypted message + encrypted digest
- As the digest was encrypted using the sender’s private key, it can be decrypted using the sender’s public key.
- This verifies the sender’s identity as only they have access to their private key.
- The recipient then carries out the same hashing/ checksum algorithm on the message and checks
if their result matches the decrypted digest. - If everything matches, the recipient can be certain of the sender’s identity and that the data hasn’t be changed
What is a digital certificate used for?
- It verifies ownership of a key pair used in asymmetric encryption
- Can be used to check that a fake key pair isn’t being used by an imposter
Who issues digital certificates and what 5 things do digital certificates contain?
Issued by certificate authorities, digital certificates contain:
- a serial number
- the owner’s name
- an expiry date,
- the owner’s public key
- the certificate authority’s digital signature
