IN this week last session we only learn about the safety issues that related with internet and also how to use and access the internet safely.
Internet safety or online safety is the security of people and their information when using the Internet. Numerous groups, Internet sites and governments have expressed concerns over the safety of children using the Internet. In the UK the Get Safe Online campaign has received sponsorship from government agency SOCA and major Internet companies such as Microsoft and eBay. Several crimes can be committed on the Internet such as stalking, identity theft and more. Most social networking and chat sites have a page about safety.
Internet Safety Basics:
1. Be Courteous.
2. Disconnect Yourself.
3. Back-up Data.
4. Update Regularly.
5. Use Firewalls.
6. Protect Your Kids.
7. Don't Give Out Personal Information.
8. Prevent Computer Infections.
PHISHING: Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail spoofing or instant messaging,[1] and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users,[2] and exploits the poor usability of current web security technologies.[3] Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.
A phishing technique was described in detail in 1987, and the first recorded use of the term "phishing" was made in 1996. The term is a variant of fishing,[4] probably influenced by phreaking,[5] [6] and alludes to "baits" used in hopes that the potential victim will "bite" by clicking a malicious link or opening a malicious attachment, in which case their financial information and passwords may then be stolen.
SPOOFING: Spoofing is the creation of TCP/IP packets using somebody else's IP address. Routers use the "destination IP" address in order to forward packets through the Internet, but ignore the "source IP" address. That address is only used by the destination machine when it responds back to the source.
A common misconception is that "IP spoofing" can be used to hide your IP address while surfing the Internet, chatting on-line, sending e-mail, and so forth. This is generally not true. Forging the source IP address causes the responses to be misdirected, meaning you cannot create a normal network connection.
However, IP spoofing is an integral part of many network attacks that do not need to see responses (blind spoofing).
Examples of spoofing:
man-in-the-middle
packet sniffs on link between the two end points, and can therefore pretend to be one end of the connection
routing redirect
redirects routing information from the original host to the hacker's host (this is another form of man-in-the-middle attack).
source routing
redirects indvidual packets by hackers host
blind spoofing
predicts responses from a host, allowing commands to be sent, but can't get immediate feedback.
flooding
SYN flood fills up receive queue from random source addresses; smurf/fraggle spoofs victims address, causing everyong respond to the victim.
No comments:
Post a Comment