SECURITY

25
SECURITY SECURITY Bart Vansevenant Who is who? Who can read what? Traces Virusses Safety and confidentiality

description

SECURITY. Bart Vansevenant Who is who? Who can read what? Traces Virusses Safety and confidentiality. Who is who?. Who can read what ?. Telephone line Mail server TCP/IP Echelon & Carnivore. e-mail using an ISP. POST. SMTP. MAIL. POP3. POST OFFICE. a) Telephone-line. - PowerPoint PPT Presentation

Transcript of SECURITY

Page 1: SECURITY

SECURITYSECURITYBart Vansevenant

Who is who?

Who can read what?

Traces

Virusses

Safety and confidentiality

Page 2: SECURITY

Who is who?Who is who?

Page 3: SECURITY

Telephone line

Mail server

TCP/IP

Echelon & Carnivore

Who can read what ?Who can read what ?

Page 4: SECURITY

SMTP

POP3

POST

MAIL

e-mail using an ISPe-mail using an ISP

POST OFFICE

Page 5: SECURITY

SMTP

POP3

POST

MAIL

a) Telephone-linea) Telephone-line

POST OFFICE

Page 6: SECURITY

SMTP

POP3

POST

MAIL

b) e-mail serverb) e-mail serverEverything on the servers can be read or copied

POST OFFICE

Page 7: SECURITY

SMTP

POP3

POST

MAIL

c) TCP/IPc) TCP/IP

Not readable – following different ways

POST OFFICE

Page 8: SECURITY

Echelon/CarnivoreEchelon/Carnivore

Source: http://www.fbi.gov/hq/lab/carnivore/carnlrgmap.htm

Page 9: SECURITY

TracesTraces

Page 10: SECURITY

TracesTracesThe IP address of your computer is : 213.177.129.120

your DNS address is : adsl-129-120.wanadoo.be

We know you use : Microsoft Windows 98

Your navigator has the code: Mozilla/4.78 [en] (Win98; U)

In fact it is: Netscape Communicator 4.x English

What you did is stored :

Windows 95 C:\Windows\Temporary Internet Files\

Windows NT C:\WinNt\Temporary Internet Files\

A nice demo in french on: www.cnil.fr

Page 11: SECURITY

VirusVirus

What is a virus and types?

How is a computer infected?

Danger

Page 12: SECURITY

a) What is a virus?a) What is a virus? computer virus = a computer program

'I love you', 45 million computers infected

worm = multiplicates itselfcode Red: 300.000 servers destroyed

trojan horse = hides for other actionsBack Orifice

logic bomb = distroys programs

hoax = false alarm

Page 13: SECURITY

b) How is a computer infected?b) How is a computer infected?

files attached to e-mail (attachment)

diskettes

other

Page 14: SECURITY

c) Dangerc) Danger infecting components of your system

effects:

malfunctions

deletion of data

wiping of hard disk

...

Page 15: SECURITY

Solutions to provide safety and Solutions to provide safety and confidentialityconfidentiality

solving identity problem and unauthorised reading

protection against traces

protection against virusses

Page 16: SECURITY

Encryption

Purpose

Functions

How?

Identity and unauthorised Identity and unauthorised readingreading

Page 17: SECURITY

Functions of encryptionFunctions of encryption

Authentication

Integrity

Confidentiality

Page 18: SECURITY

Symmetrical encryptionSymmetrical encryption

Ubizen Vcjafo

EncryptionE(…)

DecryptionD(…)

Sender Receiver

VcjafoUntrustednetwork

SAME KEY

Ubizen

A=A+1 A=A-1

Page 19: SECURITY

Asymmetrical encryptionAsymmetrical encryption

Ubizen

Sender Receiver

Untrustednetwork

Go#st$

EncryptionE(…)

Public Key Receiver

DecryptionD(…)

Go#st$ Ubizen

Private Key Receiver

confidentiality towards receiver

Page 20: SECURITY

Asymmetrical encryptionAsymmetrical encryption

Ubizen

Sender Receiver

Untrustednetwork

Go#st$

EncryptionE(…)

Private Key Sender

DecryptionD(…)

Go#st$ Ubizen

Public Key Sender

authentication of sender

Page 21: SECURITY

ExampleExample

Page 22: SECURITY

ExampleExample

Page 23: SECURITY

ExampleExample

Page 24: SECURITY

Traces at the ISP

Traces on own computer

Against leaving tracesAgainst leaving traces

Page 25: SECURITY

anti-virus programNorton, McAfee, eSafe, F-Secure, …

watch out for attachments.exe, .com, .pif, .vbs, .doc, .xls, …

www.bipt.be

Against virussesAgainst virusses