Internet & Security

Shweta Agrawal

Introduction

The Internet is perhaps the most well-known, and the largest, implementation of inter-networking, linking hundreds of thousands of individual networks all over the world. The Internet has a range of capabilities that organizations are using to exchange information internally or to communicate externally with other organizations. Internet technology is providing the primary infrastructure for electronic commerce, electronic business, and the emerging digital firm.

INTERNETWORKING
LINK NETWORKS EACH RETAINS IDENTITY INTO INTERCONNECTED NETWORK
NETWORK C NETWORK A NETWORK B

What is the Internet?

The Internet began as a U.S. Department of Defense network to link scientists and university professors around the world. Even today individuals cannot connect directly to the Net, although anyone with a computer, a modem, and the willingness to pay a small monthly usage fee can access it through an Internet Service Provider.

Contd.

An Internet Service Provider (ISP) is a commercial organization with a permanent connection to the Internet that sells temporary connections to subscribers.

Contd.

One of the most puzzling aspects of the Internet is that no one owns it and it has no formal management organization. As a creation of the Defense Department for sharing research data, this lack of centralization was purposeful, to make it less vulnerable to wartime or terrorist attacks. To join the Internet, an existing network needs only to pay a small registration fee and agree to certain standards based on the TCP/IP reference model. Costs are low because the Internet owns nothing and so has no costs to offset.

Contd.

Each organization, of course, pays for its own networks and its own telephone bills, but those costs usually exist independent of the Internet. Regional Internet companies have been established to which member networks forward all transmission. These Internet companies route and forward all traffic, and the cost is still only that of a local telephone call. The result is that the costs of e-mail and other Internet connections tend to be far lower than equivalent voice, postal, or overnight delivery, making the Net a very inexpensive communications medium. It is also a very fast method of communication, with messages arriving anywhere in the world in a matter of seconds or a minute or two at most.

Internet Technology

The Internet is based on client/server technology. All the data, including e-mail messages and Web pages, are stored on servers. A client reaches the Internet by using a Web browser software, like Internet Explorer or Netscape Navigator. A client uses the Internet to request information from a particular Web server on a distant computer and the server sends the requested information back to the client via the Internet.

Contd.

Web server software receives requests for Web pages from the client and accesses the Web pages from the disk where they are stored. Web server can also access other information from an organizations internal information system applications and their associated databases and return that information to the client in the form of Web pages if desired. Specialized middleware, including application servers, is used to manage the interactions between the Web server and the organizations internal information systems for processing orders, tracking inventory, maintaining product catalogs, and other electronic commerce functions.

Major Internet Tools for Communications

Capability E-mail Usenet Newsgroups Chatting FTP Functions Supported Person-to-person messaging; document sharing Discussion groups on electronic bulletin boards Interactive conversations Transfer files from computer to computer

World Wide Web Retrieve, format, and display information (including text, audio, graphics, and video) using hypertext links

INTERNET TERMS

HOME PAGE: WWW screen display welcomes user to organizations page WEBMASTER: Person in charge of Web site UNIFORM RESOURCE LOCATOR (URL): Address of specific Internet resource

Domain Name

The unique name of a node on the Internet.

Internet Protocol (IP) Address

Four-part numeric address indicating a unique computer location on the Internet.

Domain Name System (DNS)

A hierarchical system of servers maintaining databases enabling the conversion of domain names to their IP addresses.

Analysis of an Internet Address

Let us consider a hypothetical Internet address jack@nic.net.in jack Individual or organization name @ - at nic Host computer net Function in Location The portion after the @ symbol, i.e., nic.net.in is known as the domain name.

The World Wide Web (WWW)

The World Wide Web (the Web) is at the heart of the explosion on the business use of the Internet. The Web is a system with universally accepted standards for storing, retrieving, formatting, and displaying information using a client/server architecture. The Web combines text, hypermedia, graphics, and sound. It can handle all types of digital communication, making it easy to link resources that are half-a-world apart.

Contd.

The Web uses graphical user interfaces for easy viewing. It is based on a standard hypertext language called Hypertext Markup Language (HTML), which formats documents and incorporates dynamic links to other documents stored in the same or remote computers. Using these links, the user need only point at a highlighted keyword or graphic, click on it, and immediately be transported to another document, probably on another computer somewhere else in the world. Users are free to jump from place to place following their own logic and interest.

Contd.

Web browser software is programmed according to HTML standards. The standard is universally accepted, so anyone using a browser can access any of the millions of Web sites. Browsers are hypertexts point-and-click ability to navigate or surf move from site to site on the web to another desired site. The browser also includes an arrow or back button to enable the user to retrace his or her steps, navigating back, site by site.

Contd.

Those who offer information through the Web must establish a home page a text and graphical screen display that usually welcomes the user and explains the organization that has established the page. For most organizations, the home page leads users to other pages, with all the pages of a company being known as a Web site. For a corporation to establish a presence on the Web, therefore, it must set up a Web site of one or more pages. Most Web pages offer a way to contact the organization or individual. The person in charge of an organizations Web site is called a Webmaster.

Contd.

To access a Web site, the user must specify a uniform resource locator (URL), which points to the address of a specific resource on the Web. For instance, the URL for Western International University is http://www.wiu.com http stands for hypertext transfer protocol, which is the communications standard used to transfer pages on the Web. HTTP defines how messages are formatted and transmitted and what actions Web servers and browsers should take in response to various commands. www.wiu.com is the domain name identifying the Web server storing the Web pages.

Searching for Information on the Web

Locating information on the Web is critical function, with the more than one billion Web pages in existence. No comprehensive catalog of Web sites exists.

Contd.

Other search tools do not require Web sites to be preclassified and will search Web pages on their own automatically. Such tools, called search engines, can find Web sites that may be little known. They contain software that looks for Web pages containing one or more of the search terms; then they display matches ranked by a method that usually involves the location and frequency of the search terms.

Contd.

These search engines do not display information about every site on the Web, but they create indexes of the Web pages they visit. The search engine software then locates Web pages of interest by searching through these indexes. AltaVista, Lycos, and Go.com are examples of these search engines. Some are more comprehensive or current than others, depending on how their components are turned, and some also classify Web sites by subject categories.

Contd.

Specialized search tools are also available to help users locate specific types of information easily. For example, Google is turned to find the home pages of companies and organizations. Some Web sites for locating information, such as Yahoo and AltaVista, have become so popular and easy to use that they also serve as portals for the Internet.

Contd.

There are two ways of identifying Web pages to be tracked by search engines. One is to have Web page owners register their URLs with search engine sites. The other is to use software agents known as spiders, bots, and Web crawlers to traverse the Web and identify the Web pages for indexing.

Transmission Control Protocol/Internet Protocol (TCP/IP)

This is a reference model developed by Department of Defense of U.S.A. in 1972. The layers available in this reference model are:

Application Layer: Provides screen presentations Transport Layer (Transmission Control Protocol - TCP): Breaks data into datagrams Network Layer (Internet Protocol - IP): Breaks, sends datagrams as smaller IP packets; can repeat transmission to increase reliability Network Interface: Handles addressing and interface between computer & network Physical Net: Defines electrical transmission characteristics for sending signal along networks to destination

Open System Interconnection OSI)

This is an international reference model, suggested by International Standard Organization (ISO), for linking different types of computer and networks. They have suggested seven layers as follows:

Application Layer Presentation Layer Session Layer Transport Layer Network Layer Data Link Layer Physical Layer

Intranets and Extranets

Organizations can use Intranet networking standards and Web technology to create private networks called intranets. An intranet is an internal organizational network that can provide access to data across the enterprise. It uses the existing company network infrastructure along with Internet connectivity standards and software developed for the World Wide Web. Intranets can create networked applications that can run on many different kinds of computers throughout the organization, including mobile handheld computers and wireless remote access devices.

Intranet Technology

Although the Web is open to anyone, the intranet is private and is protected from public visits by firewalls security systems with specialized software to prevent outsiders from invading private networks. The firewall consists of hardware and software placed between an organizations internal network and an external network, including the Internet. The firewall is programmed to intercept each message packet passing between the two networks, examine its characteristics, and reject unauthorized messages or access attempts.

Extranets

Some firms are allowing people and organizations outside the firm to have limited access to their internal intranets. Private intranets that are extended to authorized users outside the company are called extranets. For example, authorized buyers could link to a portion of a companys intranet from the public Internet to obtain information about the cost and features of its products. The company can use firewalls to ensure that access to its internal data is limited and remains secure; firewalls can also authenticate users, making sure that only authorized people can access the site.

DATABASES CUSTOM ER

S U P P L IE R

IN T E R N E T F IR E W A L L

SERVER

B U S IN E S S PARTNER C L IE N T S

Contd.

Extranets are especially useful for linking organizations with customers or business partners. They often are used for providing productavailability, pricing, and shipment data; electronic data interchange (EDI); or for collaborating with other companies on joint development or training efforts.

Internet Benefits

Following are the benefits derived from the Internet.

Global connectivity Reduced communications cost Lower transaction costs Reduced agency costs Interactivity, flexibility, customization Accelerated knowledge

HACKERS & COMPUTER VIRUSES

HACKER: Person gains access to computer for profit, criminal mischief, personal pleasure COMPUTER VIRUS: Rogue program; difficult to detect; spreads rapidly; destroys data; disrupts processing & memory *

COMMON COMPUTER VIRUSES

CONCEPT, MELISSA: Word documents, e-mail. Deletes files FORM: Makes clicking sound, corrupts data EXPLORE.EXE: Attached to e-mail, tries to e-mail to others, destroys files MONKEY: Windows wont run CHERNOBYL: Erases hard drive, ROM BIOS JUNKIE: Infects files, boot sector, memory conflicts *

ANTIVIRUS SOFTWARE

SOFTWARE TO DETECT ELIMINATE VIRUSES ADVANCED VERSIONS RUN IN MEMORY TO PROTECT PROCESSING, GUARD AGAINST VIRUSES ON DISKS, AND ON INCOMING NETWORK FILES *