Analysis of suggested Sites for Construction of a Shopping Mall at Banepa,Kavre
Internet Threats & Opportunities Sushil Upreti M.Sc. IT, MCSA SOS NTC Panaute, Kavre 30 th June...
-
Upload
charity-tyler -
Category
Documents
-
view
212 -
download
0
Transcript of Internet Threats & Opportunities Sushil Upreti M.Sc. IT, MCSA SOS NTC Panaute, Kavre 30 th June...
Internet Threats & OpportunitiesSushil UpretiM.Sc. IT, MCSA
SOS NTC Panaute, KavreSOS NTC Panaute, Kavre3030thth June 2009 June 2009
The InternetThe Internet
The Internet, simply "the Net“- is a worldwide system of computer networks
- a network of networks
Birth of the InternetBirth of the Internet1858-66 Transatlantic cable
1958 In response to the launch of Sputnik, the US Department of Defense established the Advanced Research Projects Agency (ARPA).
1962 Formation of ARPANET.
1969 ARPANET were interconnected between UCLA and SRI (later SRI International) in Menlo Park, California.
1971 E-mail invented (a program to send messages across a distributed network)
1972 First public demonstration of ARPANET between 40 machines.
1973 First international connections to the ARPANET: University College of London (England) and Royal Radar Establishment (Norway).
1979 ARPA establishes the Internet Configuration Control Board (ICCB).
1983 All hosts on the ARPANET adapted the first TCP/IP-based wide-area network. Internet Activities Board (IAB) established, replacing ICCB.
1984 DNS (Domain Name Server) introduced.
Birth of the Internet Birth of the Internet (contd.)(contd.)
1985 In 1985, the United States' National Science Foundation (NSF) constructed NSFNET.
1989 NSFNET connected the commercial MCI Mail system, OnTyme, Telemail and Compuserve. IETF & IRTF came into existence under the IAB.
1990 ARPANET was transferred to the NSFNET. The NSFNET was connected to the CSNET, which linked Universities around North America, and then to the EUnet, which connected research facilities in Europe.
1991 World Wide Web (WWW) released by CERN. Developer: Tim Berners-Lee.
1992 ISOC (Internet Society) was chartered.
1994 Commercialization began. Number of hosts: 3 Million. 10,000 WWW sites. 10,000 Newsgroups. ARPANET/Internet celebrates 25th anniversary.
1995 Registration of domain names is no longer free. US Government decided to transfer Internet management to independent organizations.
1996 Microsoft entered. The WWW browser war begins .1997 1 Million WWW sites.2009 April 231,510,169 sites (netcraft.com).
Nepal in Internet MapNepal in Internet Map1992 Mr. Satish Kharel, a renowned Lawyer connected to an email server in
Japan using packet radio.
1993 Some INGOs dialed to email servers in Europe for email services.
1994 Mercantile Office Systems, the first ISP (Internet Service Provider) of Nepal started commercial email services for the public from June 1994.
1995 Mercantile started full online access to Internet from July 1995.
2009 Total ISPs in Nepal: 35
Internet ManagementInternet ManagementThe Internet
ISOC(Internet Society)
ICANN (Internet Corporation For Assigned
Names & Numbers)
IAB(Internet Architecture
Board)
IETF(Internet Engineering
Task Force)
IRTF (Internet Research Task
Force)
IANA (Internet Assigned
Numbers Authority)ASO
(Address Support Organization)
CCNSO (Country Code Names Supporting
Organization)GNSO (Generic Names
Supporting Organization)
Network Solutions:- Central Domain Database
- Root ServersAccredited Registrars
Basic Internet Terms:Basic Internet Terms:Browser Simply Browser or Web Browser is a software program that allows users
to view content on the Internet and World Wide Web. (e.g. Internet Explorer, Mozilla Firefox, Opera, Safari , Google Chrome etc.)
Web Page A single page of a website; it will commonly include text, graphics, and links to other web pages.
Web Site A Website is a collection of Web files on a particular subject that includes a beginning file called a home page.
Web Server A computer that stores and transmits requested Web pages and associated files over the Internet.
http Short for Hypertext Transfer Protocol, HTTP is the protocol that a web browser uses to request a web page from a web server, and which the server uses to send the requested page back.
WWW World Wide Web or the Web, this usually refers to information/services available on the Internet that can be easily accessed with software usually called a "browser.“
Fig. Web Server
How Internet Works?How Internet Works?
http://www.sushilupreti.com.np
Internet ProtocolHyper Text Transfer
Protocol
World Wide Web
Domain NameCountry Domain
http://www.sushilupreti.com.np/images/image1.jpg
URL(Uniform Resource Locator)
E-mailE-mail– Short for ‘Electronic Mail’.– Exchange of electronic messages and computer files
through the internet.
How E-mail Works…?
Internet ThreatsInternet Threats
Cyber-bullying is "when the Internet, cell phones or other devices are used to send or post text or images intended to hurt or embarrass another person.“
- National Crime Prevention Council, US
Cyber-bullying
What Cyber-bullies do …….?• Disclose victim's personal data• Send threatening and harasing emails• Post false statements, bad rumors
Internet ThreatsInternet Threats
It has been defined as the use of information and communications technology, particularly the Internet, by an individual or group of individuals, to harass another individual, group of individuals, or organization.
Cyberstalking
What Cyberstalkers do …….? False accusations Attempts to gather information about the victim Transmission of Threats Encouraging others to harass the victim, False victimization The solicitation of minors for sexual purposes Attacks on data and equipment Ordering goods and services Identity Theft
Cyberstalkers find their victims from …….?Search engines, online forums, blogs, bulletin and discussion boards, chat rooms, and more recently, through online communities such as MySpace, Facebook, Hi5 etc.
Internet ThreatsInternet Threats
Phishing
Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by pretending as a trustworthy entity through an electronic communication, especially e-mails.
Phishers’ Major Techniques: Man-in-the-middle Attacks URL Attacks Cross-site Scripting Attacks Observing Customer Data Client-side Vulnerability Exploitation
Internet ThreatsInternet ThreatsPhishers’ Major Techniques: URL Attacks
Bad Domain Names
Using URL obfuscation techniques, the attacker tricks the customer into connecting to their proxy server instead of the real server.
For example, the customer may follow a link tohttp://www.my-bank.com instead of http://www.mybank.com
Internet ThreatsInternet ThreatsPhishers’ Major Techniques: Cross-site Scripting Attacks
Cross-site scripting attacks make use of custom URL or code injection into a valid web-based application URL or imbedded data field. These techniques are the result of poor web-application development processes.
Typical formats for CSS injection into valid URL’s include:
Full HTML substitution:http://mybank.com/ebanking?URL=http://evilsite.com/phishing/fakepage.htmInline embedding of scripting content:http://mybank.com/ebanking?page=1&client=<SCRIPT>evilcode...Forcing the page to load external scripting code:http://mybank.com/ebanking?page=1&response=evilsite.com%21evilcode.js&go=2
Internet ThreatsInternet ThreatsPhishers’ Major Techniques: Observing Customer Data
Key-loggers and Screen-grabbers can be used to observe confidential customer data as it is entered into a web-based application.
Client-side Vulnerability Exploitation
Many opportunities for attackers provided by software updates, pactches and add-ons.
Internet ThreatsInternet ThreatsA real-life Phishing Example:
Subject: Westpac official noticeWestpacAustraIia's First Bank
Dear cIient of the Westpac Bank,
The recent cases of fraudulent use of clients accounts forced the Technical services of the bank to update the software. We regret to acknowledge, that some data on users accounts could be lost. The administration kindly asks you to follow the reference given below and to sign in to your online banking account:https://oIb.westpac.com.au/ib/defauIt.asp
We are gratefuI for your cooperation.
Please do not answer this message and follow the above mentioned instructions.Copyright © 2004 - Westpac Banking Corporation ABN 33 007 457 141.
The above email was sent to many thousands of Westpac banking customers in May 2004. While the language sophistication is poor (probably due to the writer not being a native English speaker), many recipients were still fooled.
Internet ThreatsInternet ThreatsWebspam
Webspam is the term for webpages that are designed by webmasters to trick search engines and draw users to their websites.
Why do Spammers Create Spam Pages ? To make money To change search engine rankings To do harm to users’ computers with sneaky downloads
How do Spammers Create Spam Pages ? Hidden text and hidden links Keyword stuffing Sneaky redirects Cloaking with JavaScript redirects and 100% frame
Internet ThreatsInternet ThreatsE-mail spoofing
E-mail spoofing is a term used to describe fraudulent e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source.
E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message.
The term spam refers to unsolicited, often unwanted, email messages. Spam does not necessarily contain viruses, valid messages from legitimate sources could fall into this category.
What is spam?
Internet ThreatsInternet ThreatsDenial-of-Service (DoS) attack
A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users.
How to block a "denial of service" attack?By setting up a filter, or "sniffer," on a network before a stream of information reaches a site's Web servers.
Internet ThreatsInternet ThreatsChain letters – a problem
Mask viruses or other malicious activity
Although they seem harmless, may have negative impact if you forward them:
Consume bandwidth/space within the recipient's inbox.Force people to waste time sifting through the messages and possibly taking time to verify the information.You are spreading hype and, often, unnecessary fear and paranoia.
Some types of chain lettersHoaxes: Attempt to trick or defraud users, could be malicious, instructing users to
delete an important file by claiming it is a virus. It could also be a scam that convinces users to send money or personal information.
Designed to be redistributed and usually warn users of a threat or claim to be notifying them of important or urgent information, also promise users monetary rewards for forwarding the message. Urban legends usually have no negative effect aside from wasted bandwidth and time.
Urban legends:
Hoa
x M
ail
Internet ThreatsInternet ThreatsInternet Enemies
A virus is a self-replicating and self-executable malicious software. It spreads being attached to other files (documents with the ability to contain macros, images, movies, music, almost anything which could be executed or run by a user or another software).
Computer Virus
WormsComputer worms are similar to viruses (they are also self-replicating), but while viruses are attached to another software, worms can function separately. Worms can delete files on your computer, send files via e-mails, even to spread across the Internet.
Trojan horse (Trojan)A program that appears desirable but actually contains something harmful; "the contents of a trojan can be a virus or a worm"
Internet ThreatsInternet ThreatsInternet Enemies (contd.)
This is a special kind of software, which once installed, is totally hidden on your computer. One of its most dangerous activity is that it leaves a 'backdoor' on the target system, and can gain control over it without the needed privileges. It can also hide keyloggers which can send data about what you type in on your computer.
Rootkit
They collect personal data from your computer and send it to a company who analyses it to gain precious information for their business.
Spyware
Spyware
Spyware
Internet ThreatsInternet ThreatsDefense Mechanisms
A firewall helps protect your computer by preventing unauthorized users from gaining access to it through a network or the Internet.
What type of firewall is best?
Hardware: Router
Software: ISA Server
Internet ThreatsInternet ThreatsDefense Mechanisms
Use Anti-Virus SoftwareAnti-virus software is designed to protect you and your computer against known viruses. But with new viruses emerging daily, anti-virus programs need to be updated regularly.
A firewall is different from antivirus software, but the two of them work together to help protect your computer. You might say that a firewall guards the windows and doors against strangers or unwanted programs trying to get in, while an antivirus program protects against viruses or other security threats that can try to sneak in through the front door.
Internet ThreatsInternet ThreatsDefense Mechanisms
Attacker E-mail Victim [Shortest & Easiest Route]
Don't give your email address out arbitrarily.
Don't follow links in spam messages.
Do not open email from unknown sources.
Consider opening an additional email account.
Use caution when opening/downloading attachments.
Password………?
Don't spam other people.
Benefits of BCC (Blind Carbon Copy).
Internet ThreatsInternet ThreatsDefense Mechanisms
Digital Signature
Authentication
Authentication is the process of verifying that information is coming from a trusted source. Methods: Passwords, Checksum, CRC etc.
Encryption
Encryption is the process of taking all the data that one computer is sending to another and encoding it into a form that only the other computer will be able to decode.
A digital signature is basically a way to ensure that an electronic document (e-mail, spreadsheet, text file, etc.) is authentic.
Internet ThreatsInternet ThreatsDefensce Mechanisms
Digital Certificate
Certificate Authority (CA)
A certificate authority or certification authority (CA) is an entity that issues digital certificates for use by other parties. It is an example of a trusted third party..Some CAs include :
A digital certificate is essentially a bit of information that says the Web server is trusted by an independent source known as a Certificate Authority. The Certificate Authority acts as the middleman that both computers trust.
VeriSign, Inc., Mountain View, California
Comodo Group, Inc.
Washington, USA WebTrust Toronto, Canada
Internet ThreatsInternet ThreatsDefense Mechanisms
Debunking Some Common Myths
Anti-virus software and firewalls are 100% effective.
Software is installed on your computer, you do not have to worry about it anymore.
There is nothing important on your machine, so you do not need to protect it.
Attackers only target people with money.
When computers slow down, it means that they are old and should be replaced.
Internet ThreatsInternet ThreatsDefense Mechanisms
Internet Surfing in Cybercafé:
You never know what kind of malicious program or person is lurking in the next public computer you are going to use.
So ………….. WHAT TO DO????
Lets not leave any evidence of your work in public computer/cybercafé.
HOW????????
Internet ThreatsInternet ThreatsDefense Mechanisms
Use Process Explorer to see attackers attempt.
Use portable version of web browser.
Bypass key loggers
Securely erase your data.
Use portable anti-virus.
Put your password in a safe place.
Internet OpportunitiesInternet OpportunitiesInternet 2008 in numbers
186,727,854 – The number of websites on the Internet in December 2008.
31.5 million – The number of websites added during 2008.
1.3 billion – The number of email users worldwide.
210 billion – The number of emails sent per day in 2008.
70% – The percentage of emails that are spam.
1,463,632,361 – The number of Internet users worldwide (June 2008).
Source: Internet World Stats
Internet OpportunitiesInternet Opportunities
Services of Internet Sharing Information & Resources
Electronic Mail (E-mail)
E-Governance, E-Commerce, E-Medicine, E-Banking
Online Study
Business Communication
Business Promotion
Discussion Forum & Chat
Entertainment
Plus many more …….
Internet OpportunitiesInternet OpportunitiesVersion of Web
Web 1.0 Static Page One-way flow of infomormation
Web 2.0 Dynamic , and decentralized web contents Bottom-up approach Web 2.0 was coined in 2003 by Dale Dougherty, became popular in
2004
Web 3.0 Still takes few years to come into existence Based on “intelligent” web applications More dynamic, totally controlled by multimedia
Internet OpportunitiesInternet OpportunitiesFeatures of Web 2.0
Internet Forum
An Internet forum is a web application for holding discussions and posting user-generated content. Internet forums are also commonly referred to as Web forums, message boards, discussion boards, (electronic) discussion groups, discussion forums, bulletin boards, fora (the Latin plural) or simply forums.
Example
Internet OpportunitiesInternet OpportunitiesFeatures of Web 2.0
Social Networking
www.myspace.com www.orkut.com www.facebook.com www.spaces.live.com www.hi5.com www.batchmates.com www.yaari.com www.minglebox.com www.ning.com www.meetup.com www.bebo.com www.fropper.com www.bigadda.com
Internet OpportunitiesInternet OpportunitiesFeatures of Web 2.0
Blog
A blog/weblog is a type of website, usually maintained by an individual with regular entries of commentary, descriptions of events, or other material such as graphics or video. Entries are commonly displayed in reverse-chronological order.
http://www.bloggers.com.np/index.php http://surathgiri.blogspot.com/ http://thenepalesedebate.forumotion.com/ http://www.rednepal.com/ http://sushilupreti.blogspot.com/
http://www.bloggers.com.np
Internet OpportunitiesInternet OpportunitiesFeatures of Web 2.0
Wiki
Wiki is a piece of server software that allows users to freely create and edit Web page content using any Web browser.
http://en.wikipedia.org
http://en.wikipedia.org/wiki/Gopher
Internet OpportunitiesInternet OpportunitiesFew Web 2.0 featured web sites
http://twitter.com
http://maps.google.com
http://en.wikipedia.org
http://www.youtube.com
http://www.facebook.com
http://www.blogger.com
SOS Children’s Village from Google mapwww.youtube.com
Internet OpportunitiesInternet OpportunitiesPodcasts
Podcasts are audio broadcasts created and stored digitally on the Internet. Instead of being broadcast over the airwaves once and lost, like with traditional radio, podcasts were created to be stored and played at the user's convenience.
http://www.gazzabko.com/hitsfm.htm
Internet OpportunitiesInternet OpportunitiesLive Video Stream
http://entertainment.nepalnews.com/livetv/sagarmatha.html
The process of providing live video data or content via a web page.
Internet OpportunitiesInternet OpportunitiesRSS (Really Simple Syndication)
RSS solves a problem for people who regularly use the web. It allows you to easily stay informed by retrieving the latest content from the sites you are interested in. You save time by not needing to visit each site individually.
RSS Feed
http://www.reader.google.com
Feed Reader/Aggregator"
RSS document includes full or summarized text, plus metadata such as publishing dates and authorship
Internet OpportunitiesInternet OpportunitiesYou don’t know the answer…..? Hmm… then ask to..
http://www.ask.com/
http://wiki.answers.com
http://www.about.com/
Internet OpportunitiesInternet OpportunitiesOther Educational Sites
www.3form.org (Free Knowledge Exchange) http://in.answers.yahoo.com/ (Yahoo Answers) http://lycos.co.uk/ (Lycos IQ) http://qna.live.com (Live QnA) www.answerbag.com (AnswerBag) www.whyville.net (3D Virtual Education) www.experts-exhange.com (IT Professional Site) http://uclue.com (Site by the researchers of Google Answers)
Internet OpportunitiesInternet OpportunitiesOther Educational Sites (contd.)
http://www.orillas.org/math/projex.html http://www.wisc-online.com http://www.globalschoolnet.org https://media.iearn.org/node/101 http://www.bie.org/index.php/site/PBL/resources/Project_Examples http://www.k12science.org/collabprojs.html http://www.kn.pacbell.com/wired/bluewebn/contentarea.cfm?cid=9 http://www.pbs.org/howartmadetheworld/resources http://www.algebasics.com/3way2.html http://www.mathpower.com/summer2.htm
Internet OpportunitiesInternet OpportunitiesE-newsletter
An e-newsletter (also called e-zine) is a newsletter sent via e-mail to subscribers.
E-newsletter Sample:
Russian Center of Science & Culture
SOS Hermann Gmeiner School Sanothimi
Internet OpportunitiesInternet OpportunitiesUpcoming Web 2.0 Technology
Liquid Design
Cloud Computing
DeepNet technology
Internet OpportunitiesInternet OpportunitiesOnline Job – Anywhere, Anytime
Job Nature
Online Typists Online Marketing Online Journalism Online Translators Search Engine Optimization Data Entry Operators Search Quality Rater Web Design & Development
Internet OpportunitiesInternet OpportunitiesOnline Job – Search Quality Rater
Post: Quality Rater
Payment: 5.56 USD/Hour (Reduced by 10% from April 2009)
Working Hour: Max. 20 Hrs/week – Min. 10 Hrs/week
Job Provider: Lionbridge Technology, USAWhat is the work?
Internet OpportunitiesInternet OpportunitiesOnline Job – Online Marketing
Job Provider: Google AdSense
Internet Threats & OpportunitiesInternet Threats & Opportunities
Conclusion!!
• Online Exam• E-newsletter• School Website• Communication Mechanism• Develop Own Course Book• Professional Training for ICT teachers through
NTC and Schools• Plus