Analyzing internetsecurity

EC05.02a Internet Security Issues 1

E-Commerce I

Analyzing

Internet Security Issues


Security Risks

Bugs Hackers Browser-Side Risks Interception of

Data


Bugs and Hackers

Bugs allow unauthorized users into main computer systems Steal confidential

document Execute commands on

server to modify system Launch denial-of-service

attacks


Browser-Side Risks

Browser-Side Risks Active Content That

Crashes the browser Damages the user’s

system Breaches the user’s

privacy Creates annoyance


Interception of Data

Eavesdroppers operating via: Server’s side Customer’s side Through End-user’s ISP Through Server’s ISP Through either ISP’s

regional access provider


Firewalls What are firewalls?

Packet filteringCircuit level gateways

Application level gateways

Stateful inspection


What are firewalls? A firewall is either a piece of hardware or a software

program that examines data as it passes into your computer or network and discards it if it does not meet certain criteria.

Depending on the type of firewall used, this operation may take place at different points in the path between the source of the data and the application in your computer. Different criteria will be used to examine the data, but the basic operation remains the same for all firewalls.



Packet filtering firewalls

Packet filtering firewalls work by examining data packets as they attempt to pass through the firewall.

They compare them to a list of rules based on the source of the data, its intended destination, and the connection port between the target and source data.


Circuit level gateways

The firewall keeps a record of requests for data that go out, and only allows data in that matches that request.

An advantage of this type of firewall is that since it acts as the gateway to the network it is protecting, anyone scanning the network from outside will see only the address of the firewall and not the rest of its protected network.

A circuit level gateway is a firewall that only allows data into its protected network based on requests from computers inside that network.


Application level gateways

Application level gateways, also known as proxies, are outwardly similar in operation to circuit level gateways in that they act as the only entrance into or out of a protected network and deny all non-requested data from outside. The major difference is in the way they handle information.

A firewall using this method runs proxy applications to view common types of data before it is allowed through the firewall.


Stateful inspection Stateful inspection is a combination

of packet filtering with some elements of the gateway methods.

Essentially, it is a packet filter firewall that examines more than just the addresses and port information of the data. Without using proxies, it can imitate some of the features of an application gateway by viewing the application specific data sent in each packet.


What is spyware? Spyware is a category of computer

programs that attach themselves to the computer’s operating system in various ways.

It can drain the life out of your computer's processing power.

It is designed to track users’ Internet habits and nag them with unwanted sales offers or generate traffic for the host Web site.


What is browser hijacking?

The most generally accepted description of browser hijacking software is external code that changes your Internet Explorer settings.

Generally the home page will be changed and new favorites will be added that point to sites of strange content. In most cases, the hijacker will make registry changes to the system, causing the home page to revert back to the unwanted destination even if it is changed manually.

A browser hijacker may also disallow access to certain web pages, for example the site of an anti-spyware software manufacturer like Lavasoft. These programs have also been known to disable antivirus and anti-spyware software.


They take advantage of Internet Explorer's (IE) ability to run ActiveX scripts straight from a web page. Generally, these programs will request permission to install themselves

via a popup that loads when visiting a certain site. If the user accidentally gives permission to install, IE will execute the program on your computer and change your settings.

Use security holes within Internet Explorer to install themselves automatically without any user interaction at all. These can be launched from popup ad windows which the user has not

even intended to view. Make entries to the HOSTS file on your system.

This special file directly maps DNS addresses (web URLs) to IP addresses, so that every time you type a URL you are redirected to the IP address of a sponsored search or porn site.

Characteristics of browser hijackers


Some browser hijackers may also install themselves onto your computer system as legitimate programs, leaving an entry in the 'add-remove programs' list in the control panel.

There are many faces of browser hijacking, and to combat the situation, you have to be aware of all tricks and loopholes that make this scourge possible.

Browser hijacking isn't necessarily a virus, and isn't necessarily adware, so stopping it isn't necessarily best left to software monitoring programs.

More Characteristics of browser hijackers


Antivirus software Definition How to protect

yourself Purchasing

guidelines


Antivirus software definition Antivirus programs learn and memorize all of the

different replicating viral signatures that are already out there (40,000 to date), and then compare the binary signatures of incoming files against those already-known viral signatures to see if anything suspect is lurking on your computer.

The software typically is kept running in the background to check files and e-mail messages as they are downloaded.

A virus signature is a section of code that can be used to identify a known virus.


Virus protection Install antivirus software and keep

it running in the background. Before downloading a file, make

sure the source is reputable. When you receive a disk, scan it

with antivirus software before using it.

Never open an e-mail attachment unless the sender is known.

Watch for information about the latest virus threats.

Keep your antivirus program up-to-date.


Purchasing guidelines

Use software that provides free weekly updates.

Use software that provides the coverage necessary to maintain the computer’s security.

The two most popular brands: Symantec

McAfee


Sources “Electronic Commerce.” 1999.

http://www.wapa.gov/CorpSrvs/procurmt/ecomm.htm (2 Jan 2006). Stein, Lincoln D. “WWW Security FAQ: What’s New.” 2000.

http://www.w3.org/Security/Faq/www-security-faq.html (2 Jan 2006) Strom, David. “The Challenge of Electronic Commerce: Selling Lemonade has

Never Been This Tough.” 2000. http://www.strom.com/pubwork/ecommerce.html (2 Jan. 2006).

“Bureau of Industry and Security.” US Department of Commerce http://www.bis.doc.gov/ComplianceAndEnforcement/E-Commerce.htm (2 Jan 2006)

Electronic Commerce NC WiseOwl http://www.mywiseowl.com/articles/Electronic_commerce (2 Jan 2006)

Kennedy, Dennis, An Internet Tool Kit for E-Commerce Law Jan 15, 2001 The John Marshall Law School (2 Jan 2006)

Education

Analyzing internetsecurity