SlideShare a Scribd company logo

Analyzing internetsecurity

Download as PPT, PDF
Dr. TJ Wolfe
Dr. TJ Wolfe
EducationTechnology
1 of 21
EC05.02a Internet Security Issues 1 E-Commerce I Analyzing Internet Security Issues
EC05.02a Internet Security Issues 2 Security Risks  Bugs  Hackers  Browser-Side Risks  Interception of Data
EC05.02a Internet Security Issues 3 Bugs and Hackers  Bugs allow unauthorized users into main computer systems  Steal confidential document  Execute commands on server to modify system  Launch denial-of-service attacks
EC05.02a Internet Security Issues 4 Browser-Side Risks Browser-Side Risks Active Content That  Crashes the browser  Damages the user’s system  Breaches the user’s privacy  Creates annoyance
EC05.02a Internet Security Issues 5 Interception of Data  Eavesdroppers operating via:  Server’s side  Customer’s side  Through End-user’s ISP  Through Server’s ISP  Through either ISP’s regional access provider
EC05.02a Internet Security Issues 6 Firewalls What are firewalls? Packet filtering Circuit level gateways Application level gateways Stateful inspection
EC05.02a Internet Security Issues 7 What are firewalls?  A firewall is either a piece of hardware or a software program that examines data as it passes into your computer or network and discards it if it does not meet certain criteria.  Depending on the type of firewall used, this operation may take place at different points in the path between the source of the data and the application in your computer. Different criteria will be used to examine the data, but the basic operation remains the same for all firewalls.
EC05.02a Internet Security Issues 8
EC05.02a Internet Security Issues 9 Packet filtering firewalls Packet filtering firewalls work by examining data packets as they attempt to pass through the firewall. They compare them to a list of rules based on the source of the data, its intended destination, and the connection port between the target and source data.
EC05.02a Internet Security Issues 10 Circuit level gateways  The firewall keeps a record of requests for data that go out, and only allows data in that matches that request.  An advantage of this type of firewall is that since it acts as the gateway to the network it is protecting, anyone scanning the network from outside will see only the address of the firewall and not the rest of its protected network. A circuit level gateway is a firewall that only allows data into its protected network based on requests from computers inside that network.
EC05.02a Internet Security Issues 11 Application level gateways  Application level gateways, also known as proxies, are outwardly similar in operation to circuit level gateways in that they act as the only entrance into or out of a protected network and deny all non-requested data from outside. The major difference is in the way they handle information.  A firewall using this method runs proxy applications to view common types of data before it is allowed through the firewall.
EC05.02a Internet Security Issues 12 Stateful inspection  Stateful inspection is a combination of packet filtering with some elements of the gateway methods.  Essentially, it is a packet filter firewall that examines more than just the addresses and port information of the data. Without using proxies, it can imitate some of the features of an application gateway by viewing the application specific data sent in each packet.
EC05.02a Internet Security Issues 13 What is spyware?  Spyware is a category of computer programs that attach themselves to the computer’s operating system in various ways.  It can drain the life out of your computer's processing power.  It is designed to track users’ Internet habits and nag them with unwanted sales offers or generate traffic for the host Web site.
EC05.02a Internet Security Issues 14 What is browser hijacking?  The most generally accepted description of browser hijacking software is external code that changes your Internet Explorer settings.  Generally the home page will be changed and new favorites will be added that point to sites of strange content. In most cases, the hijacker will make registry changes to the system, causing the home page to revert back to the unwanted destination even if it is changed manually.  A browser hijacker may also disallow access to certain web pages, for example the site of an anti-spyware software manufacturer like Lavasoft. These programs have also been known to disable antivirus and anti- spyware software.
EC05.02a Internet Security Issues 15  They take advantage of Internet Explorer's (IE) ability to run ActiveX scripts straight from a web page.  Generally, these programs will request permission to install themselves via a popup that loads when visiting a certain site. If the user accidentally gives permission to install, IE will execute the program on your computer and change your settings.  Use security holes within Internet Explorer to install themselves automatically without any user interaction at all.  These can be launched from popup ad windows which the user has not even intended to view.  Make entries to the HOSTS file on your system.  This special file directly maps DNS addresses (web URLs) to IP addresses, so that every time you type a URL you are redirected to the IP address of a sponsored search or porn site. Characteristics of browser hijackers
EC05.02a Internet Security Issues 16  Some browser hijackers may also install themselves onto your computer system as legitimate programs, leaving an entry in the 'add-remove programs' list in the control panel.  There are many faces of browser hijacking, and to combat the situation, you have to be aware of all tricks and loopholes that make this scourge possible.  Browser hijacking isn't necessarily a virus, and isn't necessarily adware, so stopping it isn't necessarily best left to software monitoring programs. More Characteristics of browser hijackers
EC05.02a Internet Security Issues 17 Antivirus software  Definition  How to protect yourself  Purchasing guidelines
EC05.02a Internet Security Issues 18 Antivirus software definition  Antivirus programs learn and memorize all of the different replicating viral signatures that are already out there (40,000 to date), and then compare the binary signatures of incoming files against those already-known viral signatures to see if anything suspect is lurking on your computer.  The software typically is kept running in the background to check files and e-mail messages as they are downloaded.  A virus signature is a section of code that can be used to identify a known virus.
EC05.02a Internet Security Issues 19 Virus protection  Install antivirus software and keep it running in the background.  Before downloading a file, make sure the source is reputable.  When you receive a disk, scan it with antivirus software before using it.  Never open an e-mail attachment unless the sender is known.  Watch for information about the latest virus threats.  Keep your antivirus program up-to- date.
EC05.02a Internet Security Issues 20 Purchasing guidelines  Use software that provides free weekly updates.  Use software that provides the coverage necessary to maintain the computer’s security.  The two most popular brands:  Symantec  McAfee
EC05.02a Internet Security Issues 21 Sources  “Electronic Commerce.” 1999. http://www.wapa.gov/CorpSrvs/procurmt/ecomm.htm (2 Jan 2006).  Stein, Lincoln D. “WWW Security FAQ: What’s New.” 2000. http://www.w3.org/Security/Faq/www-security-faq.html (2 Jan 2006)  Strom, David. “The Challenge of Electronic Commerce: Selling Lemonade has Never Been This Tough.” 2000. http://www.strom.com/pubwork/ecommerce.html (2 Jan. 2006).  “Bureau of Industry and Security.” US Department of Commerce http://www.bis.doc.gov/ComplianceAndEnforcement/E-Commerce.htm (2 Jan 2006)  Electronic Commerce NC WiseOwl http://www.mywiseowl.com/articles/Electronic_commerce (2 Jan 2006)  Kennedy, Dennis, An Internet Tool Kit for E-Commerce Law Jan 15, 2001 The John Marshall Law School (2 Jan 2006)

Recommended

Hacking Android [MUC:SEC 20.05.2015]
Hacking Android [MUC:SEC 20.05.2015]Hacking Android [MUC:SEC 20.05.2015]
Hacking Android [MUC:SEC 20.05.2015]Angelo Rüggeberg
 
Secure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior
 
Owasp Top 10
Owasp Top 10Owasp Top 10
Owasp Top 10Gaurav Narwani
 
WiFi security
WiFi security WiFi security
WiFi security Ihor Uzhvenko
 
70-272 Chapter10
70-272 Chapter1070-272 Chapter10
70-272 Chapter10Gene Carboni
 
CNIT 128: 7. Attacking Android Applications (Part 1 of 3)
CNIT 128: 7. Attacking Android Applications (Part 1 of 3)CNIT 128: 7. Attacking Android Applications (Part 1 of 3)
CNIT 128: 7. Attacking Android Applications (Part 1 of 3)Sam Bowne
 
SWITZ Business Security. Official presentation!
SWITZ Business Security. Official presentation!SWITZ Business Security. Official presentation!
SWITZ Business Security. Official presentation!Maxim Sidorenko
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationshipn|u - The Open Security Community
 

Recommended

Hacking Android [MUC:SEC 20.05.2015]
Hacking Android [MUC:SEC 20.05.2015]Hacking Android [MUC:SEC 20.05.2015]
Hacking Android [MUC:SEC 20.05.2015]Angelo Rüggeberg
 
Secure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior
 
Owasp Top 10
Owasp Top 10Owasp Top 10
Owasp Top 10Gaurav Narwani
 
WiFi security
WiFi security WiFi security
WiFi security Ihor Uzhvenko
 
70-272 Chapter10
70-272 Chapter1070-272 Chapter10
70-272 Chapter10Gene Carboni
 
CNIT 128: 7. Attacking Android Applications (Part 1 of 3)
CNIT 128: 7. Attacking Android Applications (Part 1 of 3)CNIT 128: 7. Attacking Android Applications (Part 1 of 3)
CNIT 128: 7. Attacking Android Applications (Part 1 of 3)Sam Bowne
 
SWITZ Business Security. Official presentation!
SWITZ Business Security. Official presentation!SWITZ Business Security. Official presentation!
SWITZ Business Security. Official presentation!Maxim Sidorenko
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationshipn|u - The Open Security Community
 
Network security
Network securityNetwork security
Network securityFekadu Abera
 
Webhawk as-software
Webhawk as-softwareWebhawk as-software
Webhawk as-softwareDivyanisetia
 
Injection flaws
Injection flawsInjection flaws
Injection flawsDANISH INAMDAR
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsAaron ND Sawmadal
 
Be Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability TestingBe Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability TestingAmit Shirolkar
 
Security Software
Security SoftwareSecurity Software
Security Softwarebennybigbang
 
Security Testing For Web Applications
Security Testing For Web ApplicationsSecurity Testing For Web Applications
Security Testing For Web ApplicationsVladimir Soghoyan
 
Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Pruthvi Monarch
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingShivamSharma909
 
2.index (computer forensic)
2.index (computer forensic)2.index (computer forensic)
2.index (computer forensic)JIEMS Akkalkuwa
 
Operating system security
Operating system securityOperating system security
Operating system securityRachel Jeewa
 
Handy penetration testing tools
Handy penetration testing toolsHandy penetration testing tools
Handy penetration testing toolsMindfire LLC
 
What's new in​ CEHv11?
What's new in​ CEHv11?What's new in​ CEHv11?
What's new in​ CEHv11?EC-Council
 
Lannguyen-Detecting Cyber Attacks
Lannguyen-Detecting Cyber AttacksLannguyen-Detecting Cyber Attacks
Lannguyen-Detecting Cyber AttacksSecurity Bootcamp
 
WAP Hack (Windows Password Hacking)
WAP Hack (Windows Password Hacking)WAP Hack (Windows Password Hacking)
WAP Hack (Windows Password Hacking)AshishKakne
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingShivamSharma909
 
Brute Force Attack Security Use Case Guide
Brute Force Attack Security Use Case Guide Brute Force Attack Security Use Case Guide
Brute Force Attack Security Use Case Guide Protect724manoj
 
UNIT IV:Security Measurement Strategies
UNIT IV:Security Measurement StrategiesUNIT IV:Security Measurement Strategies
UNIT IV:Security Measurement StrategiesArnav Chowdhury
 
Aliens in Your Apps! Are You Using Components With Known Vulnerabilities?
Aliens in Your Apps! Are You Using Components With Known Vulnerabilities?Aliens in Your Apps! Are You Using Components With Known Vulnerabilities?
Aliens in Your Apps! Are You Using Components With Known Vulnerabilities?Sonatype
 
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for OrganizationsMitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for OrganizationsDigital Shadows
 
Effects of the_internet_on_consumers_and_businesses
Effects of the_internet_on_consumers_and_businessesEffects of the_internet_on_consumers_and_businesses
Effects of the_internet_on_consumers_and_businessesDr. TJ Wolfe
 
Newspapers
NewspapersNewspapers
Newspapersmonicahayes
 

More Related Content

What's hot

Webhawk as-software
Webhawk as-softwareWebhawk as-software
Webhawk as-softwareDivyanisetia
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsAaron ND Sawmadal
 
Be Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability TestingBe Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability TestingAmit Shirolkar
 
Security Testing For Web Applications
Security Testing For Web ApplicationsSecurity Testing For Web Applications
Security Testing For Web ApplicationsVladimir Soghoyan
 
Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Pruthvi Monarch
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingShivamSharma909
 
2.index (computer forensic)
2.index (computer forensic)2.index (computer forensic)
2.index (computer forensic)JIEMS Akkalkuwa
 
Operating system security
Operating system securityOperating system security
Operating system securityRachel Jeewa
 
Handy penetration testing tools
Handy penetration testing toolsHandy penetration testing tools
Handy penetration testing toolsMindfire LLC
 
What's new in​ CEHv11?
What's new in​ CEHv11?What's new in​ CEHv11?
What's new in​ CEHv11?EC-Council
 
Lannguyen-Detecting Cyber Attacks
Lannguyen-Detecting Cyber AttacksLannguyen-Detecting Cyber Attacks
Lannguyen-Detecting Cyber AttacksSecurity Bootcamp
 
WAP Hack (Windows Password Hacking)
WAP Hack (Windows Password Hacking)WAP Hack (Windows Password Hacking)
WAP Hack (Windows Password Hacking)AshishKakne
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingShivamSharma909
 
Brute Force Attack Security Use Case Guide
Brute Force Attack Security Use Case Guide Brute Force Attack Security Use Case Guide
Brute Force Attack Security Use Case Guide Protect724manoj
 
UNIT IV:Security Measurement Strategies
UNIT IV:Security Measurement StrategiesUNIT IV:Security Measurement Strategies
UNIT IV:Security Measurement StrategiesArnav Chowdhury
 
Aliens in Your Apps! Are You Using Components With Known Vulnerabilities?
Aliens in Your Apps! Are You Using Components With Known Vulnerabilities?Aliens in Your Apps! Are You Using Components With Known Vulnerabilities?
Aliens in Your Apps! Are You Using Components With Known Vulnerabilities?Sonatype
 
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for OrganizationsMitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for OrganizationsDigital Shadows
 

What's hot (20)

Network security
Network securityNetwork security
Network security
 
Webhawk as-software
Webhawk as-softwareWebhawk as-software
Webhawk as-software
 
Injection flaws
Injection flawsInjection flaws
Injection flaws
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
 
Be Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability TestingBe Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability Testing
 
Security Software
Security SoftwareSecurity Software
Security Software
 
Security Testing For Web Applications
Security Testing For Web ApplicationsSecurity Testing For Web Applications
Security Testing For Web Applications
 
Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter Hacking
 
2.index (computer forensic)
2.index (computer forensic)2.index (computer forensic)
2.index (computer forensic)
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Handy penetration testing tools
Handy penetration testing toolsHandy penetration testing tools
Handy penetration testing tools
 
What's new in​ CEHv11?
What's new in​ CEHv11?What's new in​ CEHv11?
What's new in​ CEHv11?
 
Lannguyen-Detecting Cyber Attacks
Lannguyen-Detecting Cyber AttacksLannguyen-Detecting Cyber Attacks
Lannguyen-Detecting Cyber Attacks
 
WAP Hack (Windows Password Hacking)
WAP Hack (Windows Password Hacking)WAP Hack (Windows Password Hacking)
WAP Hack (Windows Password Hacking)
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application Hacking
 
Brute Force Attack Security Use Case Guide
Brute Force Attack Security Use Case Guide Brute Force Attack Security Use Case Guide
Brute Force Attack Security Use Case Guide
 
UNIT IV:Security Measurement Strategies
UNIT IV:Security Measurement StrategiesUNIT IV:Security Measurement Strategies
UNIT IV:Security Measurement Strategies
 
Aliens in Your Apps! Are You Using Components With Known Vulnerabilities?
Aliens in Your Apps! Are You Using Components With Known Vulnerabilities?Aliens in Your Apps! Are You Using Components With Known Vulnerabilities?
Aliens in Your Apps! Are You Using Components With Known Vulnerabilities?
 
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for OrganizationsMitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
 

Viewers also liked

Effects of the_internet_on_consumers_and_businesses
Effects of the_internet_on_consumers_and_businessesEffects of the_internet_on_consumers_and_businesses
Effects of the_internet_on_consumers_and_businessesDr. TJ Wolfe
 
Overview Of Major Project Efforts
Overview Of Major Project EffortsOverview Of Major Project Efforts
Overview Of Major Project Effortsskvanbibber
 
Analyzinglegislation
AnalyzinglegislationAnalyzinglegislation
AnalyzinglegislationDr. TJ Wolfe
 
Effects of the_internet_on_education_and_training
Effects of the_internet_on_education_and_trainingEffects of the_internet_on_education_and_training
Effects of the_internet_on_education_and_trainingDr. TJ Wolfe
 
Characteristics and purpose_of_e_commercei
Characteristics and purpose_of_e_commerceiCharacteristics and purpose_of_e_commercei
Characteristics and purpose_of_e_commerceiDr. TJ Wolfe
 
Pengutipan Dana Kerja Sosial Komuniti
Pengutipan Dana Kerja Sosial KomunitiPengutipan Dana Kerja Sosial Komuniti
Pengutipan Dana Kerja Sosial KomunitiEngku Fatin
 
STEM Resources for K-12 Educators
STEM Resources for K-12 EducatorsSTEM Resources for K-12 Educators
STEM Resources for K-12 EducatorsDr. TJ Wolfe
 
Analyzing securewebsites
Analyzing securewebsitesAnalyzing securewebsites
Analyzing securewebsitesDr. TJ Wolfe
 
Tech Integration for Dummies. A Simple 5 Step Plan
Tech Integration for Dummies. A Simple 5 Step PlanTech Integration for Dummies. A Simple 5 Step Plan
Tech Integration for Dummies. A Simple 5 Step PlanDr. TJ Wolfe
 
Storyboarding and planning_your_website
Storyboarding and planning_your_websiteStoryboarding and planning_your_website
Storyboarding and planning_your_websiteDr. TJ Wolfe
 
Principles design lecture
Principles design lecturePrinciples design lecture
Principles design lectureDr. TJ Wolfe
 
35 Attitudes and Behaviours Ideal for Success in today's World of Work
35 Attitudes and Behaviours Ideal for Success in today's World of Work35 Attitudes and Behaviours Ideal for Success in today's World of Work
35 Attitudes and Behaviours Ideal for Success in today's World of WorkSharon Shakung
 

Viewers also liked (15)

Effects of the_internet_on_consumers_and_businesses
Effects of the_internet_on_consumers_and_businessesEffects of the_internet_on_consumers_and_businesses
Effects of the_internet_on_consumers_and_businesses
 
Newspapers
NewspapersNewspapers
Newspapers
 
Overview Of Major Project Efforts
Overview Of Major Project EffortsOverview Of Major Project Efforts
Overview Of Major Project Efforts
 
Analyzinglegislation
AnalyzinglegislationAnalyzinglegislation
Analyzinglegislation
 
Effects of the_internet_on_education_and_training
Effects of the_internet_on_education_and_trainingEffects of the_internet_on_education_and_training
Effects of the_internet_on_education_and_training
 
Cache
CacheCache
Cache
 
Characteristics and purpose_of_e_commercei
Characteristics and purpose_of_e_commerceiCharacteristics and purpose_of_e_commercei
Characteristics and purpose_of_e_commercei
 
Pengutipan Dana Kerja Sosial Komuniti
Pengutipan Dana Kerja Sosial KomunitiPengutipan Dana Kerja Sosial Komuniti
Pengutipan Dana Kerja Sosial Komuniti
 
STEM Resources for K-12 Educators
STEM Resources for K-12 EducatorsSTEM Resources for K-12 Educators
STEM Resources for K-12 Educators
 
Analyzing securewebsites
Analyzing securewebsitesAnalyzing securewebsites
Analyzing securewebsites
 
Tech Integration for Dummies. A Simple 5 Step Plan
Tech Integration for Dummies. A Simple 5 Step PlanTech Integration for Dummies. A Simple 5 Step Plan
Tech Integration for Dummies. A Simple 5 Step Plan
 
Storyboarding and planning_your_website
Storyboarding and planning_your_websiteStoryboarding and planning_your_website
Storyboarding and planning_your_website
 
Principles design lecture
Principles design lecturePrinciples design lecture
Principles design lecture
 
35 Attitudes and Behaviours Ideal for Success in today's World of Work
35 Attitudes and Behaviours Ideal for Success in today's World of Work35 Attitudes and Behaviours Ideal for Success in today's World of Work
35 Attitudes and Behaviours Ideal for Success in today's World of Work
 
Cyber ethics
Cyber ethicsCyber ethics
Cyber ethics
 

Similar to Analyzing internetsecurity

Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxSecurity Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxAmardeepKumar621436
 
Security threats explained
Security threats explained Security threats explained
Security threats explained Abhijeet Karve
 
ransomware keylogger rootkit.pptx
ransomware keylogger rootkit.pptxransomware keylogger rootkit.pptx
ransomware keylogger rootkit.pptxdawitTerefe5
 
Become fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacksBecome fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacksHigh-Tech Bridge SA (HTBridge)
 
Overview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxOverview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxAjayKumar73315
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5CAS
 
Cscu module 03 protecting systems using antiviruses
Cscu module 03 protecting systems using antivirusesCscu module 03 protecting systems using antiviruses
Cscu module 03 protecting systems using antivirusesAlireza Ghahrood
 
Module 12 (web application vulnerabilities)
Module 12 (web application vulnerabilities)Module 12 (web application vulnerabilities)
Module 12 (web application vulnerabilities)Wail Hassan
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfANJUMOHANANU
 
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008ClubHack
 
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008ClubHack
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CDamiable_indian
 

Similar to Analyzing internetsecurity (20)

Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxSecurity Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptx
 
Security threats explained
Security threats explained Security threats explained
Security threats explained
 
Attacking antivirus
Attacking antivirusAttacking antivirus
Attacking antivirus
 
Safe Computing At Home And Work
Safe Computing At Home And WorkSafe Computing At Home And Work
Safe Computing At Home And Work
 
Unit 5.pptx
Unit 5.pptxUnit 5.pptx
Unit 5.pptx
 
ransomware keylogger rootkit.pptx
ransomware keylogger rootkit.pptxransomware keylogger rootkit.pptx
ransomware keylogger rootkit.pptx
 
Become fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacksBecome fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacks
 
Overview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxOverview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptx
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
UNIT-4.docx
UNIT-4.docxUNIT-4.docx
UNIT-4.docx
 
Cscu module 03 protecting systems using antiviruses
Cscu module 03 protecting systems using antivirusesCscu module 03 protecting systems using antiviruses
Cscu module 03 protecting systems using antiviruses
 
Module 12 (web application vulnerabilities)
Module 12 (web application vulnerabilities)Module 12 (web application vulnerabilities)
Module 12 (web application vulnerabilities)
 
Firewall
FirewallFirewall
Firewall
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
List of Malwares
List of MalwaresList of Malwares
List of Malwares
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdf
 
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008
 
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
 

Recently uploaded

Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitolTechU
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 

Recently uploaded (20)

Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 

Analyzing internetsecurity

  • 1. EC05.02a Internet Security Issues 1 E-Commerce I Analyzing Internet Security Issues
  • 2. EC05.02a Internet Security Issues 2 Security Risks  Bugs  Hackers  Browser-Side Risks  Interception of Data
  • 3. EC05.02a Internet Security Issues 3 Bugs and Hackers  Bugs allow unauthorized users into main computer systems  Steal confidential document  Execute commands on server to modify system  Launch denial-of-service attacks
  • 4. EC05.02a Internet Security Issues 4 Browser-Side Risks Browser-Side Risks Active Content That  Crashes the browser  Damages the user’s system  Breaches the user’s privacy  Creates annoyance
  • 5. EC05.02a Internet Security Issues 5 Interception of Data  Eavesdroppers operating via:  Server’s side  Customer’s side  Through End-user’s ISP  Through Server’s ISP  Through either ISP’s regional access provider
  • 6. EC05.02a Internet Security Issues 6 Firewalls What are firewalls? Packet filtering Circuit level gateways Application level gateways Stateful inspection
  • 7. EC05.02a Internet Security Issues 7 What are firewalls?  A firewall is either a piece of hardware or a software program that examines data as it passes into your computer or network and discards it if it does not meet certain criteria.  Depending on the type of firewall used, this operation may take place at different points in the path between the source of the data and the application in your computer. Different criteria will be used to examine the data, but the basic operation remains the same for all firewalls.
  • 9. EC05.02a Internet Security Issues 9 Packet filtering firewalls Packet filtering firewalls work by examining data packets as they attempt to pass through the firewall. They compare them to a list of rules based on the source of the data, its intended destination, and the connection port between the target and source data.
  • 10. EC05.02a Internet Security Issues 10 Circuit level gateways  The firewall keeps a record of requests for data that go out, and only allows data in that matches that request.  An advantage of this type of firewall is that since it acts as the gateway to the network it is protecting, anyone scanning the network from outside will see only the address of the firewall and not the rest of its protected network. A circuit level gateway is a firewall that only allows data into its protected network based on requests from computers inside that network.
  • 11. EC05.02a Internet Security Issues 11 Application level gateways  Application level gateways, also known as proxies, are outwardly similar in operation to circuit level gateways in that they act as the only entrance into or out of a protected network and deny all non-requested data from outside. The major difference is in the way they handle information.  A firewall using this method runs proxy applications to view common types of data before it is allowed through the firewall.
  • 12. EC05.02a Internet Security Issues 12 Stateful inspection  Stateful inspection is a combination of packet filtering with some elements of the gateway methods.  Essentially, it is a packet filter firewall that examines more than just the addresses and port information of the data. Without using proxies, it can imitate some of the features of an application gateway by viewing the application specific data sent in each packet.
  • 13. EC05.02a Internet Security Issues 13 What is spyware?  Spyware is a category of computer programs that attach themselves to the computer’s operating system in various ways.  It can drain the life out of your computer's processing power.  It is designed to track users’ Internet habits and nag them with unwanted sales offers or generate traffic for the host Web site.
  • 14. EC05.02a Internet Security Issues 14 What is browser hijacking?  The most generally accepted description of browser hijacking software is external code that changes your Internet Explorer settings.  Generally the home page will be changed and new favorites will be added that point to sites of strange content. In most cases, the hijacker will make registry changes to the system, causing the home page to revert back to the unwanted destination even if it is changed manually.  A browser hijacker may also disallow access to certain web pages, for example the site of an anti-spyware software manufacturer like Lavasoft. These programs have also been known to disable antivirus and anti- spyware software.
  • 15. EC05.02a Internet Security Issues 15  They take advantage of Internet Explorer's (IE) ability to run ActiveX scripts straight from a web page.  Generally, these programs will request permission to install themselves via a popup that loads when visiting a certain site. If the user accidentally gives permission to install, IE will execute the program on your computer and change your settings.  Use security holes within Internet Explorer to install themselves automatically without any user interaction at all.  These can be launched from popup ad windows which the user has not even intended to view.  Make entries to the HOSTS file on your system.  This special file directly maps DNS addresses (web URLs) to IP addresses, so that every time you type a URL you are redirected to the IP address of a sponsored search or porn site. Characteristics of browser hijackers
  • 16. EC05.02a Internet Security Issues 16  Some browser hijackers may also install themselves onto your computer system as legitimate programs, leaving an entry in the 'add-remove programs' list in the control panel.  There are many faces of browser hijacking, and to combat the situation, you have to be aware of all tricks and loopholes that make this scourge possible.  Browser hijacking isn't necessarily a virus, and isn't necessarily adware, so stopping it isn't necessarily best left to software monitoring programs. More Characteristics of browser hijackers
  • 17. EC05.02a Internet Security Issues 17 Antivirus software  Definition  How to protect yourself  Purchasing guidelines
  • 18. EC05.02a Internet Security Issues 18 Antivirus software definition  Antivirus programs learn and memorize all of the different replicating viral signatures that are already out there (40,000 to date), and then compare the binary signatures of incoming files against those already-known viral signatures to see if anything suspect is lurking on your computer.  The software typically is kept running in the background to check files and e-mail messages as they are downloaded.  A virus signature is a section of code that can be used to identify a known virus.
  • 19. EC05.02a Internet Security Issues 19 Virus protection  Install antivirus software and keep it running in the background.  Before downloading a file, make sure the source is reputable.  When you receive a disk, scan it with antivirus software before using it.  Never open an e-mail attachment unless the sender is known.  Watch for information about the latest virus threats.  Keep your antivirus program up-to- date.
  • 20. EC05.02a Internet Security Issues 20 Purchasing guidelines  Use software that provides free weekly updates.  Use software that provides the coverage necessary to maintain the computer’s security.  The two most popular brands:  Symantec  McAfee
  • 21. EC05.02a Internet Security Issues 21 Sources  “Electronic Commerce.” 1999. http://www.wapa.gov/CorpSrvs/procurmt/ecomm.htm (2 Jan 2006).  Stein, Lincoln D. “WWW Security FAQ: What’s New.” 2000. http://www.w3.org/Security/Faq/www-security-faq.html (2 Jan 2006)  Strom, David. “The Challenge of Electronic Commerce: Selling Lemonade has Never Been This Tough.” 2000. http://www.strom.com/pubwork/ecommerce.html (2 Jan. 2006).  “Bureau of Industry and Security.” US Department of Commerce http://www.bis.doc.gov/ComplianceAndEnforcement/E-Commerce.htm (2 Jan 2006)  Electronic Commerce NC WiseOwl http://www.mywiseowl.com/articles/Electronic_commerce (2 Jan 2006)  Kennedy, Dennis, An Internet Tool Kit for E-Commerce Law Jan 15, 2001 The John Marshall Law School (2 Jan 2006)

Editor's Notes

  1. 1.01