5.2.4: Protection

Last updated
Save as PDF

Page ID: 38286

\( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \)

\( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)

\( \newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\)

( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\)

\( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\)

\( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\)

\( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\)

\( \newcommand{\Span}{\mathrm{span}}\)

\( \newcommand{\id}{\mathrm{id}}\)

\( \newcommand{\Span}{\mathrm{span}}\)

\( \newcommand{\kernel}{\mathrm{null}\,}\)

\( \newcommand{\range}{\mathrm{range}\,}\)

\( \newcommand{\RealPart}{\mathrm{Re}}\)

\( \newcommand{\ImaginaryPart}{\mathrm{Im}}\)

\( \newcommand{\Argument}{\mathrm{Arg}}\)

\( \newcommand{\norm}[1]{\| #1 \|}\)

\( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\)

\( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\AA}{\unicode[.8,0]{x212B}}\)

\( \newcommand{\vectorA}[1]{\vec{#1}} % arrow\)

\( \newcommand{\vectorAt}[1]{\vec{\text{#1}}} % arrow\)

\( \newcommand{\vectorB}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \)

\( \newcommand{\vectorC}[1]{\textbf{#1}} \)

\( \newcommand{\vectorD}[1]{\overrightarrow{#1}} \)

\( \newcommand{\vectorDt}[1]{\overrightarrow{\text{#1}}} \)

\( \newcommand{\vectE}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash{\mathbf {#1}}}} \)

\( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \)

\( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)

\(\newcommand{\avec}{\mathbf a}\) \(\newcommand{\bvec}{\mathbf b}\) \(\newcommand{\cvec}{\mathbf c}\) \(\newcommand{\dvec}{\mathbf d}\) \(\newcommand{\dtil}{\widetilde{\mathbf d}}\) \(\newcommand{\evec}{\mathbf e}\) \(\newcommand{\fvec}{\mathbf f}\) \(\newcommand{\nvec}{\mathbf n}\) \(\newcommand{\pvec}{\mathbf p}\) \(\newcommand{\qvec}{\mathbf q}\) \(\newcommand{\svec}{\mathbf s}\) \(\newcommand{\tvec}{\mathbf t}\) \(\newcommand{\uvec}{\mathbf u}\) \(\newcommand{\vvec}{\mathbf v}\) \(\newcommand{\wvec}{\mathbf w}\) \(\newcommand{\xvec}{\mathbf x}\) \(\newcommand{\yvec}{\mathbf y}\) \(\newcommand{\zvec}{\mathbf z}\) \(\newcommand{\rvec}{\mathbf r}\) \(\newcommand{\mvec}{\mathbf m}\) \(\newcommand{\zerovec}{\mathbf 0}\) \(\newcommand{\onevec}{\mathbf 1}\) \(\newcommand{\real}{\mathbb R}\) \(\newcommand{\twovec}[2]{\left[\begin{array}{r}#1 \\ #2 \end{array}\right]}\) \(\newcommand{\ctwovec}[2]{\left[\begin{array}{c}#1 \\ #2 \end{array}\right]}\) \(\newcommand{\threevec}[3]{\left[\begin{array}{r}#1 \\ #2 \\ #3 \end{array}\right]}\) \(\newcommand{\cthreevec}[3]{\left[\begin{array}{c}#1 \\ #2 \\ #3 \end{array}\right]}\) \(\newcommand{\fourvec}[4]{\left[\begin{array}{r}#1 \\ #2 \\ #3 \\ #4 \end{array}\right]}\) \(\newcommand{\cfourvec}[4]{\left[\begin{array}{c}#1 \\ #2 \\ #3 \\ #4 \end{array}\right]}\) \(\newcommand{\fivevec}[5]{\left[\begin{array}{r}#1 \\ #2 \\ #3 \\ #4 \\ #5 \\ \end{array}\right]}\) \(\newcommand{\cfivevec}[5]{\left[\begin{array}{c}#1 \\ #2 \\ #3 \\ #4 \\ #5 \\ \end{array}\right]}\) \(\newcommand{\mattwo}[4]{\left[\begin{array}{rr}#1 \amp #2 \\ #3 \amp #4 \\ \end{array}\right]}\) \(\newcommand{\laspan}[1]{\text{Span}\{#1\}}\) \(\newcommand{\bcal}{\cal B}\) \(\newcommand{\ccal}{\cal C}\) \(\newcommand{\scal}{\cal S}\) \(\newcommand{\wcal}{\cal W}\) \(\newcommand{\ecal}{\cal E}\) \(\newcommand{\coords}[2]{\left\{#1\right\}_{#2}}\) \(\newcommand{\gray}[1]{\color{gray}{#1}}\) \(\newcommand{\lgray}[1]{\color{lightgray}{#1}}\) \(\newcommand{\rank}{\operatorname{rank}}\) \(\newcommand{\row}{\text{Row}}\) \(\newcommand{\col}{\text{Col}}\) \(\renewcommand{\row}{\text{Row}}\) \(\newcommand{\nul}{\text{Nul}}\) \(\newcommand{\var}{\text{Var}}\) \(\newcommand{\corr}{\text{corr}}\) \(\newcommand{\len}[1]{\left|#1\right|}\) \(\newcommand{\bbar}{\overline{\bvec}}\) \(\newcommand{\bhat}{\widehat{\bvec}}\) \(\newcommand{\bperp}{\bvec^\perp}\) \(\newcommand{\xhat}{\widehat{\xvec}}\) \(\newcommand{\vhat}{\widehat{\vvec}}\) \(\newcommand{\uhat}{\widehat{\uvec}}\) \(\newcommand{\what}{\widehat{\wvec}}\) \(\newcommand{\Sighat}{\widehat{\Sigma}}\) \(\newcommand{\lt}{<}\) \(\newcommand{\gt}{>}\) \(\newcommand{\amp}{&}\) \(\definecolor{fillinmathshade}{gray}{0.9}\)

Encryption

Encryption is a method which allows information (for example, a secret message) to be hidden so that it cannot be read without special knowledge (such as a password). Once this is done, using a secret code or cypher, the information is encrypted. Decryption is a way to change an encrypted piece of information back into unencrypted form. This is called the decrypted form. The study of encryption is called cryptography.

Examples

A simple kind of encryption for words is ROT13. In ROT13, letters of the alphabet are changed with each other using a simple pattern. For example, A changes to N, B changes to O, C changes to P, and so on. Each letter is “rotated” by 13 spaces. Using the ROT13 cipher, the words Simple English Wikipedia becomes Fvzcyr Ratyvfu Jvxvcrqvn. The ROT13 cipher is very easy to decrypt. Because there are 26 letters in the English alphabet, if a letter is rotated two times by 13 letters each time, the original letter will be obtained. So applying the ROT13 cipher a second time brings back the original text. When he communicated with his army, Julius Caesar sometimes used what is known as Caesar cipher today. This cipher works by shifting the position of letters: each letter is rotated by 3 positions.

Most kinds of encryption are more complex. Some are made only for text. Others are made for binary computer files like pictures and music. Today, the asymmetric encryption system used the most is RSA. Any computer file can be encrypted with RSA. AES is a common symmetric algorithm.

One-Time Pad

Most types of encryption can theoretically be cracked: an enemy might be able to decrypt a message without knowing the password, if he has clever mathematicians, powerful computers and lots of time. The one-time pad is special because, if it is used correctly, it is impossible to crack. There are three rules that must be followed:

The secret key (password) must be longer than the secret message: if the message has 20 letters then the key must also have at least 20 letters.
The secret key must be a random list of letters (e.g. KQBWLDA…)
The secret key must only be used once. To send more than one message, a different key must be used for each one.

If these three rules are obeyed, then it is impossible to read the secret message without knowing the secret key. For this reason, during the Cold War, embassies and large military units often used one-time pads to communicate secretly with their governments. They had little books (“pads”) filled with random letters or random numbers. Each page from the pad could only be used once: this is why it is called a “one-time pad”.

Encryption on the Internet

Encryption is often used on the Internet, as many web sites use it to protect private information. On the Internet, several encryption protocols are used, such as Secure Sockets Layer (SSL), IPsec, and SSH. They use the RSA encryption system and others. The protocol for protected web browsing is called HTTPS. Mostly URL encryption contain MD5 Algorithm. Various algorithms are used in the internet market depending upon the need.

Antivirus Software

Antivirus software, if properly installed on a computer system, can prevent access to computer systems by unwanted computer programs. Viruses, worms or Trojan Horses can be used by criminals or mischievous people (called Crackers). They can be used to steal information or damage computer systems. If no antivirus software is installed, hackers may be able to access the information in the computer.

Most tests and experts claim that antivirus software is unable to prevent all attacks.[38] There are many different types of antivirus software. Many Antivirus programs can be downloaded for free. These versions usually have some features missing. The missing features are only available to those who buy the “full” version.

Antivirus software uses many ways to protect the computer. They often search for signs of viruses in every website that is visited. Most also do a regular scan of all the data and files on the computer’s hard disk.

Installing more than one antivirus is not a good idea. The 2 different antivirus software can interfere with each other.

Problems with Antivirus Software

Antivirus software can not always detect all viruses on a computer.

Sometimes antivirus software sees viruses in files that do not really have viruses. This is called a false positive.[39] The antivirus software will sometimes remove files from the computer that should not be removed. This may cause other programs to not work properly.

fireball networking example

Firewall (Networking)

Originally, a firewall was a wall that was built to stop (or slow down) the spread of a fire. In terms of computer security, a firewall is a piece of software. This software monitors the network traffic. A firewall has a set of rules which are applied to each packet. The rules decide if a packet can pass, or whether it is discarded. Usually a firewall is placed between a network that is trusted, and one that is less trusted. When a large network needs to be protected, the firewall software often runs on a dedicated hardware, which does nothing else.

A firewall protects one part of the network against unauthorized access.

Different Kinds of Firewalls

Packet filtering. Data travels on the internet in small pieces; these are called packets. Each packet has certain metadata attached, like where it is coming from, and where it should be sent to. The easiest thing to do is to look at the metadata. Based on rules, certain packets are then dropped or rejected. All firewalls can do this.it is known as network layer
Stateful packet inspection. In addition to the simple packet filtering (above) this kind of firewall also keeps track of connections. A packet can be the start of a new connection, or it can be part of an existing connection. If it is neither of the two, it is probably useless and can be dropped.
Application-layer firewalls. Application-layer firewalls do not just look at the metadata; they also look at the actual data transported. They know how certain protocols work, for example FTP or HTTP. They can then look if the data that is in the packet is valid (for that protocol). If it is not, it can be dropped.

Other Things Firewalls Are Used For

Firewalls can provide a secure connection between two networks. This is called tunnelling. The data may be encrypted. It is unencrypted at the other end. Since the firewalls are doing this, the rest of the network is unaware of it. An alternative is to provide a secure access (to the corporate network).

Network Address Translation

Very often, firewalls can translate IP addresses. That way, many computers can share a few public IP addresses. The firewall translates between the public and the private IP addresses.

Types of Firewalls

In general, there are two types of firewalls:

Software-based firewalls: these are often run as additional programs on computers that are used for other things. They are often known as personal firewalls which can be updates on personal computers.

Hardware-based firewalls: Hardware based firewalls run on a dedicated computer (or appliance). Often, these offer a better performance than software firewalls, but they are also more expensive.

What Firewalls Cannot Protect Against

Firewalls can protect against some problems (viruses and attacks) that come from the internet. They cannot protect against viruses, that come from infected media (like an infected office document on an USB flash drive).

Search

Text Color

Text Size

Margin Size

Font Type