Cyber World Overview

7/30/2019 Cyber World Overview

1/26

Online Certificate Course

on

Cyber LawCyber LawCyber LawCyber Law

PAPER 1: INTRODUCTION TO THE CYBER WORLD AND

CYBER LAW

PART A : CYBER WORLD - AN OVERVIEW

Prepared by

Mr. Kapil SoniAsst. Manager (Engineering)

OM Nanotech Pvt. Ltd.

Delhi.

FOR

THE INDIAN LAW INSTITUTE(Deemed University)

Bhagwandas RoadNew Delhi - 110001


2/26

2

Table of contents

Cyber World: An Overview- Understanding the scope of computers in our daily life- Basic /Fundamental Principle of computer- The E Zone- Where did the computer come from?

33

334

What is a Computer Network? 4

Pre-Requisites of Internet Connection 13

Basic Working of ISP 16

Dialup Connection Provided by ISP 17

Broad-band Connections 18

What can we do with Internet 20

Security of Information: 21

Types of Threats 23

Prevent yourself from the Threats 24

Digital Signatures 25


3/26

3

Cyber World: An Overview

This paper provides an overview of cyber world with reference to-

The Internet and online resources

Security of Information

Digital Signature

Understanding the scope of computers in our daily life

There is no doubt, that in todays world, computer are used

everywhere, when we mean everywhere, it could be your local shopping

center, computer center, be it your railway reservations, airlines reservation,

micro-wave ovens, even your phones. Institutions like banks, not only ease

the use of banks, but also give us flexibility to bank from virtually anywhere.

With a swipe from your plastic money (Debit/Credit Cards), it fetches

balance information from your banks account and there you go, you just

purchased the commodity without even bothering, how many gadgets,

complex security codes went through and did helped you to purchase.

Basic /Fundamental Principle of computerWhen they (electronic gadgets) receive an input, they definitely give an

output after some calculations, whether we realize or not. Eg: Our Caller Id

Telephone in Fixed Line, not only tells the number but it is also able to tell the

name of the person. It stores and recalls, whenever the bell rings, it knows

what to be displayed on screen of your telephone.

The E ZoneThere could be numerous such examples where our life has been

attached with e. Be it mail that got converted to e-mail, your banking

became e-banking, commerce became e-commerce, and so on. This e- stands

for Electronics. Now that makes better sense, Electronic mail called as E-Mail.

Electronic Banking called as E-Banking etc.

Similarly, when we speak of Cyber, it is a prefix, derived from

cybernetics (a Greek word meaning "the art of steering"), used to describe the

entire range of things made available through the use of a computer. Earlier


4/26

4

it was used in fiction stories, but now its commonly used. For example:

cyber-phobia is an irrational fear of computers, cyberspace is the virtual

(nonphysical) space created by computer systems.

But when we talk about some terms like cyber-space in terms of our

scope, we combine not only the humans, computers (hardware and/orsoftware), but also to the extent that one (computer) is almost capable to do

that. Mostly, this term is associated with science fiction, as simply as a

computer is not capable of thinking.

Where did the computer come from?As we say, necessity is the mother of invention and un-fortunately, the

computers are invention of Cold Wars. In beginning, they are humongous,

very large in size, would cover a size of a football ground, and may be bigger.

But as computers can be trusted more than humans if we give a repeated task,

it definitely supersedes humans in certain area. As a matter of fact, they

instate discipline in work. One has to follow certain guidelines to attain a job

done from computers. Let us take a small example, when banking was done

manually, Customers could have a personal touch on the banker, but since

computers are in place, it would work at same speed even if its a new

customer, or his relative. Im sure, flight bookings and their management

couldnt have been better as we have the facility to book, tickets, get best

fares. This facility is not only extended to our computers at home, but also

extended to our mobile phones which is always in network.

Moreover, the art of communication, which helps in transfer of information /

data from any place to any place. Gone are the days when one had to make a

school projects, business presentations, now-a-days, one can search projects,

themes and then continue to add wings to ones concept.

What is a Computer Network?Computer Network: To be able to communicate and share resources

(knowledge or information, hardware equipments, software etc) between two

or more computers.

One just has to share the equipment/information, and it becomes

available to others. Telephones were the one of the first electronic gadgets,


5/26

5

which helped humans to interact with each other. However, it could only

send voices across. You can just dial the desired phone number and you can

access anyone else who is connected to the same network and is available.

There was one more invention Radio. But it could communicate only

one-way. We may not put radio and television in category of Television. AndCyber Space one of the best and economic way to bridge gap between each

other, it is irrespective of physical boundaries and distances.

Have you ever imagined, that if a person in country A makes a call to

another country B, the call has to go through various networks of telephone

exchanges, however when you speak from here, the other person (if both use

same language to communicate) is also able to hear and respond accordingly.

This is irrespective of the path that it took. This happens because even if they

use different machines / gadgets, they have to follow same set of rules, just

like on road, one has to follow traffic rules to avoid chaos, and it does not

depend on which vehicle you are driving.

Similarly, in computer networking, there are a few standard sets of

rules which both (or more than two) have to follow if they want to network

with each other. These set of rules are also called as Protocol.

Protocol: A protocol is a convention or standard that controls or enables the

connection, communication, and data transfer between two computing

endpoints.

Few Protocol Examples:

# Name Short Description Uses

1. IP Internet Protocol The Internet Protocol (IP) is a data-oriented protocol used for

communicating data across apacket-switched internet work.

2. UDP User DatagramProtocol

User Datagram Protocol (UDP) isone of the core protocols of theInternet protocol suite. Using UDP,programs on networked computerscan send short messagessometimes known as datagrams(using Datagram Sockets) to one


6/26

6

another. UDP is sometimes calledthe Universal Datagram Protocol.

3. TCP TransmissionControl Protocol

The Transmission Control Protocol(TCP) is one of the core protocolsof the Internet protocol suite. TCPprovides reliable, in-order delivery

of a stream of bytes, making itsuitable for applications like filetransfer and e-mail. It is sometimesreferred to as "the TCP/IP protocol

suite."

4. DHCP Dynamic HostConfiguration

Protocol

Dynamic Host ConfigurationProtocol (DHCP) is a protocol used

by networked devices (clients) toobtain IP addresses and otherparameters such as the defaultgateway, subnet mask, and IP

addresses of DNS servers from aDHCP server. The DHCP serverensures that all IP addresses areunique. IP address poolmanagement is done by the serverand not by a networkadministrator.

5. HTTP Hypertext TransferProtocol

HTTP is a request/responseprotocol between a client and aserver. The client making an HTTPrequest - such as a web browser,

spider, or other end-user tool. Theresponding server - which stores orcreates resources such as HTMLfiles and images - is called theorigin server.

6. FTP File Transfer Protocol FTP or File Transfer Protocol isused to transfer data from onecomputer to another over theInternet, or through a network.

7. Telnet Telnet RemoteProtocol

TELNET (TELecommunicationNETwork) is a network protocol

used on the Internet or local areanetwork (LAN) connections.

8. SSH Secure Shell RemoteProtocol

Secure Shell or SSH is a networkprotocol that allows data to beexchanged over a secure channelbetween two computers.Encryption providesconfidentiality and integrity ofdata. SSH uses public-key


7/26

7

cryptography to authenticate theremote computer and allow theremote computer to authenticatethe user,

9. POP3 Post Office Protocol-3

In computing, local e-mail clientsuse the Post Office Protocol version

3 (POP3), an application-layerInternet standard protocol, toretrieve e-mail from a remoteserver over a TCP/IP connection.

Eg: Outlook Express retrievesemails from Email Server with helpof POP3 Protocol

10. SMTP Simple Mail TransferProtocol

Simple Mail Transfer Protocol(SMTP) is the de facto standard fore-mail transmissions across theInternet.

There are different types of networks classified by scale/scope:

1. PAN (Personal Area Network): A personal area network (PAN) is a

computer network used for communication among computer devices close to

one person. Some examples of devices that may be used in a PAN are:

printers, fax machines, telephones, PDAs, or scanners. The reach of a PAN is

typically within about 20-30 feet (approximately 4-6 Meters). PANs can be

used for communication among the individual devices (intrapersonalcommunication).

2. LAN (Local Area Network): A network covering a small geographic area,

like a home, office, or building. Current LANs are most likely to be based on

Ethernet technology. For example, a library will have a LAN for users to

connect to the internet.

3. CAN (Campus Area Network): A network that connects two or more

LANs but that is limited to a specific and contiguous geographical area such

as a college campus, industrial complex, or a military base. A CAN, may be

considered a type of MAN (metropolitan area network), but is generally

limited to an area that is smaller than a typical MAN.

4. MAN (Metropolitan Area Network): A Metropolitan Area Network is a

network that connects two or more Local Area Networks or Campus Area

Networks together but does not extend beyond the boundaries of the


8/26

8

immediate town, city, or metropolitan area. Multiple routers, switches & hubs

are connected to create a MAN.

5. WAN (Wide Area Network): A WAN is a data communications network

that covers a relatively broad geographic area (i.e. one city to another and one

country to another country) and that often uses transmission facilitiesprovided by common carriers, such as telephone companies. WAN

technologies generally function at the lower three layers of the OSI reference

model: the physical layer, the data link layer, and the network layer.

Different combinations of above types, broadly can be done as:

1. Intranet: It uses simple protocols (like Internet Protocol) and IP Based

tools (like web browsers), which is controlled by a single administrative

entity. Eg: A typical Office Network, where all users can share common

resources like printer, but only limited users are allowed to access Internet.

2. Extranet: An Intranet which has a limited connections to other Network.

Eg: A company may give some access to its intranet, but at the same time, this

connection may not be considered as trusted from security point of view.

3. Internet: Internet is a worldwide, publicly accessible series of

interconnected computer networks that transmit data by packet switching

using the standard Internet Protocol (IP). It is a "network of networks" that

consists of millions of smaller domestic, academic, business, and government

networks, which together carry various information and services, such as

electronic mail, online chat, file transfer, and the interlinked web pages and

other resources of the World Wide Web.


9/26

9

Depending upon number of computers and kind of complexities

involved, it is broadly divided in two kinds. There are two basic reference

models:

Internet Protocol Suite (IPS)

OSI Model / 7-Layer OSI Model

a. Internet Protocol Suite (IPS)

The Internet protocol suite is the set of communications protocols that

implement the protocol stack on which the Internet and most

commercial networks run. It has also been referred to as the TCP/IP

protocol suite, which is named after two of the most important

protocols in it: the Transmission Control Protocol (TCP) and the

Internet Protocol (IP), which were also the first two networking

protocols defined. Today's IP networking represents a synthesis of two

developments that began to evolve in the 1960s and 1970s, namely

LANs (Local Area Networks) and the Internet, which, together with

the invention of the World Wide Web by Tim Berners-Lee in 1989, have

revolutionized computing.

The Internet Protocol suitelike many protocol suitescan be

viewed as a set of layers. Each layer solves a set of problems involving

the transmission of data, and provides a well-defined service to the

upper layer protocols based on using services from some lower layers.


10/26

10

Upper layers are logically closer to the user and deal with more

abstract data, relying on lower layer protocols to translate data into

forms that can eventually be physically transmitted.

HTTP Application

TCP Transport

IP Network

Ethernet Link

RJ 45 / CAT5 Physical

b. Open System Interconnection (OSI)

The Open Systems Interconnection Basic Reference Model (OSI

Reference Model or OSI Model for short) is a layered, abstract

description for communications and computer network protocol

design. It was developed as part of the Open Systems Interconnection

(OSI) initiative and is sometimes known as the OSI seven layer model.

From top to bottom, the OSI Model consists of the Application,

Presentation, Session, Transport, Network, Data Link, and Physical

layers. A layer is a collection of related functions that provides services

to the layer above it and receives service from the layer below it. For

example, a layer that provides error-free communications across a

network provides the path needed by applications above it, while it

calls the next lower layer to send and receive packets that make up the

contents of the path.

USER (Transmit) USER (Receive)

Layer 7 Application Layer

Layer 6 Presentation Layer

Layer 5 Session Layer

Layer 4 Transport Layer


11/26

11

Layer 3 Network Layer

Layer 2 Data link Layer

Layer 1 Physical Layer

The 7 Layers of OSI Model

In short, when user wants to connect to a web-server (eg:

www.google.com), he need an application (Internet Explorer / Godzilla

Browser etc), common protocol, and a physical link (or secured link)

between two computers. Short definitions/functions are given in thetable below:

Layer Name Description

Layer7

Application This layer supports application and end-user processes.Communication partners are identified, quality of serviceis identified, user authentication and privacy areconsidered, and any constraints on data syntax areidentified. Everything at this layer is application-specific.This layer provides application services for file transfers,

e-mail, and other network software services. Telnet andFTP are applications that exist entirely in the applicationlevel. Tiered application architectures are part of this layer.

Layer6

Presentation This layer provides independence from differences in datarepresentation (e.g., encryption) by translating fromapplication to network format, and vice versa. Thepresentation layer works to transform data into the form

that the application layer can accept. This layer formatsand encrypts data to be sent across a network, providingfreedom from compatibility problems. It is sometimes

called the syntax layer.

Layer5

Session This layer establishes, manages and terminatesconnections between applications. The session layer setsup, coordinates, and terminates conversations, exchanges,and dialogues between the applications at each end. Itdeals with session and connection coordination.


12/26

12

Layer4

Transport This layer provides transparent transfer of data betweenend systems, or hosts, and is responsible for end-to-enderror recovery and flow control. It ensures complete datatransfer.

Layer

3

Network This layer provides switching and routing technologies,

creating logical paths, known as virtual circuits, fortransmitting data from node to node. Routing andforwarding are functions of this layer, as well asaddressing, internetworking, error handling, congestioncontrol and packet sequencing.

Layer2

Data Link At this layer, data packets are encoded and decoded intobits. It furnishes transmission protocol knowledge andmanagement and handles errors in the physical layer, flowcontrol and frame synchronization. The data link layer isdivided into two sublayers: The Media Access Control(MAC) layer and the Logical Link Control (LLC) layer. The

MAC sublayer controls how a computer on the networkgains access to the data and permission to transmit it. TheLLC layer controls frame synchronization, flow control anderror checking.

Layer1

Physical This layer conveys the bit stream - electrical impulse, light

or radio signal -- through the network at the electrical andmechanical level. It provides the hardware means ofsending and receiving data on a carrier, including definingcables, cards and physical aspects. Fast Ethernet, RS232,and ATM are protocols with physical layer components.

The above technology comprises a basic network where two or more

computers interact.


13/26

13

The Internet: A complex representation of Internet. Inset: A magnified portion that shows aNetwork System of a small Organization.

Pre-Requisites of Internet Connection

1. You need to have a computer with Network Card or Telephonic modem

depending upon type of connection that you plan to take from your ISP.

Network Cards are usually built into your computer these days, however,

you have to specifically ask for Telephone Modem from your Computer

Hardware Vendor.

2. You also need a Internet Service Provider, and means to connect to your

Internet Service Provider (ISP).

3. You need a User Name (Provided by your ISP).


14/26

14

4. To avoid someone else use your Internet Plans User Name, you need to

protect it with a password.

5. You need to have a modem:

i. Telephonic Modem

ii. DSL Modemiii. Cable Modem

6. You need an application where you can view a website or download

information / data. This is called a Web-browser. Most popular web-

browsers:

i.Internet Explorer: It is a tool, which is provided along with Microsoft

Windows. You can click / double click on the icon for application

and type the website address in the address bar. As it downloads the

website information, it starts displaying the website information in

Web-Page Information

ii. Mozilla Firefox: Mozilla Firefox is a tool which also helps in

viewing Website information, however, it is created by a an

organization which is global community and public benefit

organization dedicated to improve Internet experience for people

everywhere. It has its own unique interface. However the concept

remains the same.


15/26

15

Once you fulfill the above criteria, you are ready to get connected to

hundreds, thousands of computers and servers available worldwide. In cyber

terms, we also call it as online. Online When our computer (or any other

gadget) is connected to World Wide Web (WWW) and can view websites,

download information/data, we say it as online. Usually term online is

associated when we are connected to Internet.

Let us discuss the above pre-requisites. ISP:

ISP or we also call it as Internet Service Provider or also called as IAP

(Internet Access Provider). It is an organization, which provides the end-user

(consumer or business access) an access to World Wide Web the Internet.

Earlier ISPs were run and maintained by Telephone providers. There were

mainly two reasons they could only provide the telephonic network which

was required by any Service Provider, the other reason was that they were

also able to control / monitor to a greater extent. However, now as cost of

infrastructure has gone down considerably, there are more private venturous

who came up with their own ISP. These days you would lot kind of ISP

which are broadly categorized as:

a) Dialup


16/26

16

b) Broadband

i. DSL Broadband

ii. Cable Broadband

The major criteria for differentiating different type of Internet

connections are speed.

These Service providers give you an Access System in which the ISP

gives you a unique identity. This way, ISP is able to log and maintain your

usage, and thus able to charge as per your plan/usage. It usually comprises

of a unique User Name accompanied by a password, which prevents others to

use your unique User Name. Some ISP even maintains your Network Cards

Hardware Code apart from user name and password. In such cases, if you

have that connection in your desktop computer, you cannot connect the same

on your Laptop. You will have to request your ISP to given you another

connection which enables you to connect to other computer (in this case a

Laptop).

Basic Working of ISPTo get Internet access, End user first has to establish a connection with ISP

Server. This server then validates you as a user by first checking if your

unique user name matches with the list that server has; and then the

password. If both your user name and password matches, then it checks

your account validity and if you have enough balance to use Internet Services

(Browsing, downloading etc), you are given access. This enables you to make

use of Internet Services.

ISPs mainly provide two kinds of accounts:a) Hourly Plan: In case of hourly plan, it does not matter on how much you

download or surf. What matters is the number of hours. This kind of plan is

more suitable, if you have regular task of download.

b) Usage / Download & Upload Plan or also called as MB (Mega Bytes) Plan:

In these plans, you purchase few Mega Bytes of Information download ie, you

are not paying for hour usage, one pays for Bytes. It can be an information


17/26

17

download or a website content that gets downloaded. In case of usage /

download plans, it does not matter how long you open the site, but even if

you refresh (fetching same information again) same site several times, you

would be paying for each refresh you do. One would prefer this plan if you

are searching and you have to gather most of information by reading.c) Un-limited: These connections are expensive than the above two, but one

has no limits on usage or downloads from Internet. In some cases, un-limited

connections are limited with speed factors, eg: you can get an internet

connection which would be un-limited but will not be able to exceed speed of

64kbps.

Now lets us discuss something about dialup and broadband setups:

Dialup Connection Provided by ISP

To connect to a Dialup Internet connection, of course, ensure that your

computer is on and ready. Your computer should have a dialup modem and

necessary software for modem installed in your computer.

You will be given a phone number from your ISP. This phone number

directly connects your computer to ISP Login Server. This is done with help

of a special instrument Modem. It translates computer language (also

known as digital language) to Analog Language (the signal that travels

through Telephone lines) and vice-versa. Once initiated, the server gives our


18/26

18

computer a fax tone. The server then prompts us to input User Name and

password. After that the server knows that you are a valid user, it proceeds

further and gives you access to Internet. However meanwhile you are

connected to Internet, you are at the same time being billed for phone talk

time. In other words, making Internet connection gets charged in two ways:a) Talk Time (As Modem dials the ISP number and gets connected)

b) ISP Charges. Apart from Telephone Talk time, we also have to pay for the

Internet services, which is the other cost than the Talk Time.

Once we are done with our Internet, we can then logout / disconnect.

The phone line now gets free for our normal usage.

Advantage: It requires lesser investment in terms of hardware. In earlier

times, it was the cheap and best way to get connected.

Disadvantage: Firstly, we have to pay for both, telephone usage and Internet

usage. Secondly, it is very slow. Thirdly, one can use it for either one

purpose phone or Internet purpose. Even if there is a minor disturbance in

phone line, you may never get connected or sometimes it makes Internet

connection very slow. If you are not able to get connected, the second time

you try is basically a second call that you have made. In other words, each

time when you get a Fax Tone, you have called up the server those many

times, this is regardless if you were able to get connected to Internet or not.

Broad-band Connections

S litter


19/26

19

Broadband Internet or Broadband is almost similar in working as a

dialup setup. However, in most of ISPs, you have an option to key-in the user

name and password every time, in other words, just turn on computer and

modem, and you are connected. No hustles of typing your user name

password as it is remembered by your DSL-modem (DSL Digital SubscriberLine). It is much faster A conventional dialup modem may give you speeds

up to 54kbps (kilo bits per second), whereas minimum speed provided by

broadband is 64kbps, and can go up to 2Mbps. These days the most common

speeds are 128kbps and 256kbps. Small office / home office (SOHO) usually

uses 512kbps, which is sufficient enough to share Internet connection for up

to 10~15 computers.

Moreover, we can use our phone line as well as Internet at the same

time. They both use same connection (wires and cables), but with help of

splitter and new modem design, both are treated separately. Both have

different accounting, thus your talk-time and Internet Usage can be

charged as per usage.

Advantages: Better speed, more stable connection. Easy to use as compared

to telephonic modem ISP. Minimum speed is 64kbps which is faster than

Dialup Modem ISP. One can use phone line and Internet on the same

connection and same ISP. In-case of Cable Modem, one can have TV and

Internet working on same setup.

Disadvantage: The modem cost is slightly higher than a dialup modem. It

also requires a separate power adaptor. As in some cases it is always on, one

may un-intentionally download files (Eg: Updates etc that may not be

necessary). These factors accounts for billing factors un-knowingly.

There are several other ways as well:

ISDN: Integrated Service Digital Network

Rural Internet

Satellite Internet

Cellular Broadband


20/26

20

What can we do with Internet

The basic purpose of Internet:

1. Information / Knowledge:

a. Share Information / data and Access to infinite knowledge: Search

Options eg: www.google.com, www.yahoo.com, www.amazon.com etc.

b. Forums: These are special sites, which are dedicated for

discussions. You may put your query on these websites, and once

some one has a solution, he/she would share that

experience/knowledge/solution with you.

2. Communication:

a. Email: This has brought a revolution in the way we communicate.

It has almost replaced our existing snail-mail system (the conventionalLetter System). Most of the business, formal or informal

communications are being done through this Electronic Mail.

b. Chats: Commonly used only for entertainment/relaxation, or

online live text communication. It requires a small tool that enables

people to communicate with each other through written text.

Difference between online chat and email is, that both person(s)

communicate with each other at the same time. It is also important

that both person are online and logged in at the same time so that

they can communicate with each other at the same time. They also

need to have same type of tool. Eg: yahoo messenger should be

installed on both computers. If one has yahoo and other one has

hotmail, they will not be able to chat amongst themselves.

c. Video Conferencing: This is an extension of Chat session. Few of

the tools support Live Video images to go across. For this both parties

should have a Web-cam, else only one person would be able to view.

3. Entertainment:

a. Book Travel Tickets: You may visit a travel page, and there you

will be able to search best prices for your airfare. Railways also offer a

website which enables us to book our tickets and get it delivered to our

doorstep.


21/26

21

b. Play online-games: There are lot of multi-user games available. We

definitely need a high-speed Internet connection for this as they

required to be in touch all the time.

4. Business

a. Advertise: Most of the free Email Providers usually bring in lot ofadvertisements. This is needed for them to keep running and

maintaining their servers.

b. Online-Shopping: Now without going to stores, you can find the

best and cheapest items. You can even compare there features. You

can go to online shopping on various sites eg: www.ebay.in,

www.indiaplaza.com, www.rediff.com etc.

c. Online-Banking: Now you can manage your account online as well.

You dont need to go to bank for most of transactions. Infact, ATMs

(Automatic Teller Machine) and Computer banking (or E-Banking) has

almost made us forget Who is working in our bank branch. You can

go to any bank and deposit or withdraw money, and the balance is

reflected almost instantly. All these branch computers are actually

linked to a central Banks Server Computer. Once they are updated, all

that gets reflected in your respective accounts.

d. Extend your office (or) Access your office computer (with help of

special tools): With help of few tools, you can actually work on your

office computer without actually being there. All you need is that your

office computer and your computer (from where you wish to work)

should have an Internet access and a computer. It also needs a special

application that enables this possibility and keeps it secured enough.

Security of Information:Since times, it is always very important to secure information. There

were several ways in which messages were secured. Some of the most

common examples was, When ever any message was sent through a

messenger, it will be sealed by special material. This used to ensure that no

one has read the message in between. To overcome this limitation, the

messages were encoded on a strip of cloth. It then was wrapped on a cylinder


22/26

22

with specified diameter. A message was written on it, to make it more

complex, further text were also written so that it makes difficult to make out

what was written on it. These two objects, the cylinder and piece of cloth

were sent via different messengers. When it reached the destination, both had

to be combined to read the correct message. See illustration:

As you can see in the illustration, it does not reveal message when

cloth is spread. But when it will be wrapped again on same diameter

cylinder, one can read the required message. To make us understand easily,

the word WORLD PEACE is in bold. Even today, a similar technology is

used to save the original message. It is wrapped on a special sequence of

characters where. This process of making a message secure is also called as

encrypting. When this message is converted in normal form so that it is easily

readable, then this process is called as de-encryption.

Threats to InformationThe biggest threat to Information stored in a computer is VIRUS. In

Latin, it means toxic or poison. It is a computer program that can copy itself

and infect a computer without permission or knowledge of user. As common

viruses infect people through some media, air, touch, blood transmission etc;


23/26

23

similarly a Computer virus also spreads through exchange of information

through Floppy, CD media, USB Pen Drives or Internet (Email, websites,

downloads). They may make our computer slow, freeze it to perform only

few operations, delete data files, or even leave our computer as Not

Bootable.There is one more threat which is even more painful and time

consuming. A Virus-Hoax. People in threat of a virus, usually format (Erase

everything on a disk) and re-install (Eg: Operating System Re-install like

Windows, Linux etc). This is a lengthy and time-consuming process. Just

imagine a Network Administrator had to re-do the whole Server again. This

being a major factor in down-time for the users who were trying to access the

Servers.

Despite of various options available, to prevent computer threats, still

there are chances of your computer getting a virus. The best policy is

Prevention is better than cure!

Types of ThreatsThere are several type of threats:

a) Virus: Computer programs that travel through floppy, CDs, Pen Drives,

Games (Usually Demo Versions), Internet.

b) Spyware: It is a computer program that gets installed without

informing/knowledge of the user into a computer and takes partial control of

the computer. They reside in the computer and monitor, collect personal

information, Install additional software, redirecting to any website.

Spywares usually gets into computer from websites or Junk Emails.

c) Rootkit: It is a program (or a combination of programs) designed to take

fundamental control of a computer system, without authorization of user. It

may allow unauthorized users to act as system Administrator on your

computer; and thus take full control of your computer system.

d) Worm: It is a self-replicating computer program. It usually uses a

network to send copies of itself to other computers attached on the same

network without informing the user. They may corrupt files or simply choke

the bandwidth (Speed) of network.


24/26

24

e) Trojan Horses: A computer program that appears to perform certain

action, but in fact performs some other actions, as a virus would do. Its

usually hidden with another free-ware utility tool. Eg: You may download a

free alarm software from a website. But it actually gets in your computer and

destroys your computer files.

Prevent yourself from the Threats

You can prevent but not avoid virus threats and problems. The best

way is to Install a Good Antivirus Program with all features and keep it

updated. -- Why Updated? Let us understand by an example: You

purchased an Antivirus, Anti-Spyware Software on 1.Dec.2006 and installed it

successfully. There are hundreds of Viruses Spywares, Trojans etc creatednew on Internet in every 24 hrs. Now, your Antivirus/Anti-spyware

Programs would not be aware of all the viruses, Spyware, Trojans that were

created after 1st of Dec 2006. Then how are you protected? - In this situation

you are only protected till you are not attacked by the latest.

It is very important for anyone who uses his/her computer; to keep

their Antivirus/Anti-Spyware Program updated all the time.

From time to time, Software companies keep on releasing fixes.

When any operating system / computer program is written, it comprises of

several thousands of lines of code. There may be some un-thought possibility

left while creating that computer software. Whenever these vulnerable

threats are realized, a new revised patch (small software code to fix known

problem) is release from the software company. These are given different

names eg: Windows NT Server came with Service Packs (SP1, SP2, SP3 etc).

Windows 98 released Windows 98 SE (second edition). Windows XP released

Windows XP SP2 (Service Pack 2). Antivirus release its new patches or

updates almost daily so that their database of list of viruses and techniques

to handle them is always ready to defend with latest threats.

One should avoid using free or trial software: simply because they

may not be able to avoid most of the threats and it is never provided with

complete functionality. Eg: It may detect a virus in your computer, but may


25/26

25

not remove virus from your computer. It puts you in jeopardy whether

you should purchase an ant virus right away or live with that virus. You may

not prefer to purchase it online as if your computer is hacked (someone else

monitoring your personal details or capturing your credit card numbers and

password), you may be in a greater loss by typing your credit card details!!!One should also avoid use of two different ant viruses at the same

time. An Anti virus resides in special place in memory, similar to a virus

most of time.

The second Antivirus may always give you false alarms of suspicious

activity going one in the computer.

If you are going to do online shopping/ banking, make sure that

address in the address-bar starts with https://. This ensures that

you are opening a Secured Website. You should also ensure that the site has

right spellings and proper grammar. Some are also able to fake sites

(Phishing).

You should never respond to email where someone is asking your

bank details and personal details, unless you are very sure upon it. Banking

websites never ask your personal details unless you are logging into their

website.

Digital Signatures

The traditional ways used in our common lives are use of stamp and

seals. These with witnesses increase genuineness of a document. So that

others cannot access this document, it has to be kept in treasure. However,

even then these documents are prone to several threats. Similarly, in

computers or cyber space, we can use digital signature to make our

documents secure.

A digital signature is an electronic signature that can be used to

authenticate the identity of the sender of a message or the signer of a

document, and possibly to ensure that the original content of the message or

document that has been sent is unchanged. Digital signatures are easily

transportable, cannot be imitated by someone else, and can be automatically


26/26

time-stamped. The ability to ensure that the original signed message arrived;

means that the sender cannot easily repudiate it later.

A digital signature can be used with any kind of message, whether it is

encrypted or not, simply so that the receiver can be sure of the sender's

identity and that the message arrived intact. A digital certificate contains thedigital signature of the certificate-issuing authority so that anyone can verify

that the certificate is real.

Let us understand its working by an example: Assume you were

going to send the draft of a contract to your lawyer in another town. You

want to give your lawyer the assurance that it was unchanged from what you

sent and that it is really from you.

You write the contract in your email. Using special software, you

obtain a message hash (mathematical summary) of the contract. You then use

a private key that you have previously obtained from a public-private key

authority to encrypt the hash.

The encrypted hash becomes your digital signature of the message.

(Note that it will be different each time you send a message.) At the other end,

your lawyer receives the message. To make sure it's intact and from you,

your lawyer makes a hash of the received message. Your lawyer then uses

your public key to decrypt the message hash or summary. If the hashes

match, the received message is valid.

Cyber World Overview

Documents

Transcript of Cyber World Overview