Encryption and Security

Anmerkungen:

• Any computer is at risk in someway from threats. A computer on a network especially so. The larger the network, the greater the threat.

1. Types of Threat
   1. Intrusion ("Hacking")

      Anmerkungen:

      • This involves manual compromising a computer or network's security.
      • It typically involves taking files from the system, but can also involve taking control of parts of or all of the system
   2. Denial of Service (DoS)

      Anmerkungen:

      • DoS is where a server is overwhelmed by requests and is forced to shut down, often leaving holes in security if the server acted as a firewall or similar security device.
      • A DDoS attack (Dedicated DoS) is the most common type and involves an individual or group sending huge volumes of blank or unintelligible requests to the server they intend to attack. Sometimes this is to spitefully take a website down, although sometimes it is intended to leave holes in the security for intrusion to take place or to allow malware into the system.
   3. Viruses, Worms and Trojans
      1. Virus

         Anmerkungen:

         • A virus is a malware program that attaches to a host program and replicates itself, either in another computer on a network or in other parts of the computer.
      2. Worm

         Anmerkungen:

         • A worm is a malware program that replicates itself to spread itself, typically through a network.
         • Unlike a virus, a worm does not need to attach to an existing program. 
      3. Trojan

         Anmerkungen:

         • A Trojan is a piece of malware that masquerades as a regular piece of software. Often mistakenly installed by the user with other downloads, although it sometimes comes in an install the user thought was an important or necessary install.
         • Spyware tends to be delivered as a trojan.
         • Trojans rarely replicate themselves.
   4. Spyware

      Anmerkungen:

      • Software that covertly gathers information off of a victim's computer and transmits it. Often used to gather login details and credit card details.
   5. Scams
   6. Information Theft
      1. Phishing

         Anmerkungen:

         • Phishing uses emails or websites that are designed to look like legitimate websites in order to steal details and/or place malware on a system.
      2. Pharming

         Anmerkungen:

         • A scam that involves misdirecting a user to a scam website, often using holes in the DNS system.

1. Types of Security
   1. Encryption
   2. Firewalls
      1. Definition
      2. How They Work
      3. The Flaws
   3. Anti-Virus

1. Vulnerable

   Anmerkungen:

   • Wireless Networks are particularly vulnerable owing to their very nature.
   • As they are always transmitting they are also easy to find. There is also no need to be on a workstation wired on the network, meaning one does not have to access the site to access the network. 
2. Security Methods
   1. WEP/WPA Encryption
      1. WEP

         Anmerkungen:

         • Wired Equivalent Privacy was the most commonly used security algorithm until it was superseded by WPA.
      2. WPA

         Anmerkungen:

         • Wi-Fi Protected Access is the current standard in wireless network security. It replaced WEP due to its greater security credentials.
   2. MAC Address Filtering

      Anmerkungen:

      • MAC Address filtering involves keeping a list of MAC addresses approved for the network. As a MAC address is tied to a machine this, in theory, means only approved users can access the network. It is typically tied to a login portal.
      • It is not infallible however.
      1. Spoofing

         Anmerkungen:

         • Spoofing is where a device is set up so as to pretend it has a different MAC address from its actual one. This is typically to fool MAC Adress Filtering as it will then believe that the address is a valid one, hence the backup of the login portal.
   3. Secure Admin Password

      Anmerkungen:

      • Secure admin passwords make it harder to access accounts with a lot of permissions. This means that any breaches can be contained to only the parts of the network the compromised account can access.
   4. Reduced Signal Strength

      Anmerkungen:

      • Reducing the signal strength means that only those on or very near the site are able to access the network. While it results in slower network speeds for almost everyone, it also limits the risk of unauthorised access.
      • This is particularly important, and fairly effective, for sensitive organisations. For example intelligence agencies can make the network very difficult to access as the site itself is hard to gain entry to.
   5. Login Portal

      Anmerkungen:

      • A login portal may or may not work in conjunction with MAC Address Filtering, though secure networks will often employ both.
      • Login portals require the user, upon connecting to the wireless network, to log in to the system, typically with an intranet password. This is designed so that the person using the device can be confirmed. There are workarounds but using multiple layers of security can combat this.