Blanca Canseco - Research Paper
Yampah Mountain High School
1 January 2016
Network Security: Watch Yourself
Networking is a concept that has bounds well beyond the wifi that the school uses for their internet connection. Although some people simply do not have the time or effort that it takes to learn this, as it is decades of technological advancement and research, it is important for them to know how and where they send their information. I believe that everyone should know how they are being advertised across the Internet because our privacy and confidentiality should be a large concern to our wellbeing and self imagery. I believe that with power comes responsibility and it is up to the consumer to know his/her information is not being tampered with in travel, and to arm themselves with information against the modern day cyber criminals (which DO exist). No one else in the world has the responsibility of locking your house at night, why would you expect someone else to lock away your electronic data? You wouldn’t leave your keys in your car on purpose right? That would be like taping a sign to the windows saying “Free to anyone”. Why would you let someone have access to your credit card information when you could use the information that is available to anyone to secure the financial stability of your hard earned money? Right. And so we begin a brief introduction into a world that started decades ago turned into a way of life often misunderstood, that will leave our audience with a deeper understanding of network infrastructure and security.
The topic of networking spans the social aspects, technical side and economical functions of modern day life. Not only is it considered networking when you meet an important person who might know even more people likewise, it is also considered networking when you send an email to your boss, a message through facebook or even turning on the tv. We will be talking about the technical side of networking in this paper as the needs of modern society require. There are many different types of networks in the world and the ones that we are discussing are often unseen forces that constantly are connecting people through applications and programs such as Facebook, E-Mail and even phone systems. The thing that most people do not realize about the way we communicate in the modern day is that in order for them to wake up in the morning and turn the cable on to see what's on the news, there are years of research and advancements that have made that possible and that nobody actually takes the time to figure out. I mean if we can pay some to figure it out for us, why would we care? Ignorance is bliss, I guess.
The first thing that you have to know about networking is what exactly a network is. A network (in terms of technology and contemporary communication through existing resources and infrastructure) is a web of existing devices that can be manipulated by end users to communicate with other devices. For instance, if I would like to send an email to a friend, the two end-users that are communicating are my friend and I and the devices that we used to check these emails are considered clients (often explained as a vessel for transportation). So back to layman's terms, a network is a connecting roadway or roadways between 2 or more people using intermediary devices as means of transportation. The largest network in the world is something that we use every single day, whether we think so or not and is what we call nowadays ‘The Internet of Things’ aptly abbreviated at ‘IoT’.
The Internet was first conceptualized in a military environment called the ‘ARPANET’ in 1967.
The idea was to connect users at different institutions so that they could communicate seamlessly between 2 or more entities. The ARPANET was the basis for everything that we know today as the Internet of Everything. Imagine life where there was no internet. No Google, no Youtube, No Facebook, no email. Our lives would be pretty much the same as the 1950s. However in a matter of 15 years, humans have developed something that connected 4 different entities to a sea of information connection 8.7 billion devices seamlessly. That's a large accomplishment with boasting rewards that no other species can claim.
The first network (ARPANET) was a network that used something called “packets” as a way of transportation, and to this day, we use packets as such. Packets are sent across networks in a maze of roadways and intersections using electrical impulses that can be interpreted at either end. The first thing that is necessary to understand the previous concept is that computers do not speak in alphanumeric digits as we humans do. They use a language called binary. Binary describes a numbering scheme in which there are only two possible values for each digit: 0 and 1. When a computer receives a signal from the cable attached to the internet, it translates the impulses that are sent across the line as on or off. As a military man would translate morse code, computers translate binary into everything you see on the screen. Binary uses a method of place values. For instance the place values in this language can be described as follows:
2^0 2^1 2^2 2^3 2^4 2^5 2^7 2^8
As it should be, zero IS a number in the world of binary and is used as a placeholder. A binary value of 1000000000 can be represented as our own alphanumeric ‘1’. Notice how the place value that is being represented as the 1 can be directly correlated to the previous example of ‘2^0’. Now 01000000 would be represented as 2. Why? Because the place value that has its place being held by the 1 is also known as 2^1. Now let's get a tricky: Say we have the number 11000000. Two to the power of zero equals one, and two to the power of one equals two. Since these two place values are being held, we would simply add them together to find the result. So the number 11000000 is equal to three. The concept of binary is simple, however the application is much more difficult to understand. Now that we know a little background knowledge on HOW computers speak with one another, we can now take a look at WHAT computers say to each other.
There are many different steps that devices use to complete end user communication. These steps follow a process called “Encapsulation” to create what we call packets. Packets are in the most simple of definition: an envelope of instructions that are interpreted at either end of a conversation as a set of rules, instructions or simply information that are decoded using a guideline set in place by various organizations in the technology world. The template that internetworked devices use for the encapsulation process is called the OSI Model. The OSI model has many different purposes, and is fundamental in the understanding of electronic communication. The OSI model is broken up into 7 different Layers: The Physical Layer (Layer 1); the Data-Link Layer (Layer 2); the Network Layer (Layer 3); the Transport Layer (layer 4); the Session Layer (Layer 5); the Presentation Layer (Layer 6); and the Application Layer (Layer 7). These layers encompass all of the networking in the world and also give insight and instructions as to how the world communicates in the modern world. The first layer has been mostly covered by the explanation of the role that binary holds on electronic communication, however does encompass more that just that.
The physical layer of the OSI model is inclusive of: any intermediary transmission media that is used for transport of data across networks. This includes: Wireless transmission, fiber optic cable, ethernet, satellite, and cable, Just to name a few. This is also the last step in the encapsulation process, and I will explain why in the coming paragraphs. So in an essence, the physical layer is literally the road that information takes from one place to another. The next layer in the list is the Data-Link Layer. Computers can exist without the internet, and we all should know that. Every internet accessible device is equipped with an interface that is connected to the internet (Wireless cards, NIC’s etc.) And every interface that is connected to the internet has two types of addresses. The layer two address (the MAC address) and the more commonly know counterpart layer three address (the IP address). These two addresses are used inside the packets and give the packets a destination to reach, while the two different addresses cooperate in order to ensure that data is sent to the right place. MAC is an acronym for: Media Accessible Content. Every network accessible device has a MAC address that is burnt into them by the manufacturer. This is comparable to a VIN on an automobile. The MAC address of the destination device is always placed into the packet that is sent across the network. The MAC and IP address of a device are used to triangulate destination devices, and they can be changed, manipulated in transit by malicious entities to gain, change or simply distort traffic.
An IP address is something that, unlike the MAC address, can be changed and is configured as the device is connected to the network through a protocol called DHCP, or can be manually assigned by network administrators. The easiest analogy for an IP address is a street address. All IP addresses can be described by two parts: the network address and the host address. The network address would be the street that you live on, and the host address would be the house number in specific that you live in. IP addresses are formatted into 4 octets. The octets are separated by periods. An example of an IP address would be: “10.0.0.1”. A computer however (as we discussed) would see that number in binary. Which if you recall would be: 01010000.00000000.00000000.10000000. The reason that each number in an IP address is called an Octet is because it can be represented in binary by 8 places. If you were to take these 8 place values and add them together, you would get the number 256. So in an essence, the largest number you can have in an octet is 256 and the lowest would be 0. An organization called “ARIN” (American Registry for Internet Numbers) has assigned address spaces to geographic locations around the world. It’s really similar to how a phone number would work, in accordance to area codes. Now that we know that all devices have a MAC address and an IP address, I can safely state that in background, the devices take information to be sent across the internet and place these two addresses into the data “packet” so that the information is sent to the right place.
These three layers are essential to understanding that when you send any information across the internet, any computers/ devices that lay in the path of the traffic can take the information using software applications called “Packet Sniffers” and they can not only see: whos is sending the traffic, who is receiving the traffic, but they can see what the traffic is and can possibly change where it is sent, what it contains or even if it is sent at all. This is where Data Security comes in. There are many different ways that you can ensure that your data is being sent to the right person in confidentiality, with integrity and security. One of the most common ways that we can protect our information is by using something called encryption. When you send information to a wireless network, anyone that is in the middle can “sniff” your traffic and read anything that you send across the network using an application called a “Packet sniffer”. This is the most fundamental and basic way of stealing information sent across public networks. All that one would need to do is sit in a public place like a coffee shop and sniff all of the traffic being sent across the network. Things that are sent across networks without second thought could be: Credit Card Information, Login Credentials, Legal Documentation, even information that could cumulatively describe who you are as an individual in enough detail to steal your identity. Hackers are becoming more and more sophisticated, and so we need to be aware of how easy it is to steal unprotected information. A more common way of keeping data safe and secure is called encryption.
Encryption is simply a way of making sure that you and whoever you are communicating with are doing so in a “hidden” manner.
One of the earliest forms of encryption to date is an encryption method called a Caesarian Shift. Two parties that had an agreed number that would remain the same throughout the contact and that number represented a shift in the representation of letters in a message. For instance, if you wanted to simply sent the word “COW”, you would take the first letter in the word (being C) and cross reference it with the alphabet, and find the letter that is 3 digits away from the letter C. This letter would be F. After then, you would take the next letter in the word being O, and find the value of the letter that is 3 away, which would be R. Finally the last letter, W, would be represented by a Z. So according to a Caesarian Shift of 3, the word “COW” would essentially become “FRZ”. I am sure that you have heard of encrypting WIFI passphrases in order to keep out unwanted clients, and this is not very different from the Cesarian Cipher. Encryption is a large portion of what makes secure communication safe.
When a person decides that they need to protect the information that is sent across the internet, one way to do such is through a VPN.
Imagine that you are a desk jockey, and you are starting a telecommuting position. This simply is a big word for “work from home”. Moving on, you wake up in the morning, and you put your suit and tie on, grab your coffee and start walking out the door. Then it hits you. You work from home today! So you run back inside, take your suit off, put on the pajamas and sit down at your computer. At this point, you need a way to simulate an office environment. This is usually what we call a remote desktop connection, or more preferably a VPN tunnel. VPN stands for Virtual Private Network and has evolved due to the growing need of confidentiality of information. A VPN tunnel is established between your office and your home, in order for you to be seamlessly connected to the network and all of it’s resources. Since this scenario is a very geographically spaced situation, that gives a lot of road that information must travel in order to reach it’s destination.
So what if you want to secure information that is not in regards to telecommuting or anything in specific? Grab an antivirus suite. Not Norton, not Macafee. You want Comodo Internet Security Free.
This is an incredibly comprehensive antivirus platform with maximum security that won’t block everything that you want to do. This package has many different features that make it the obvious choice in the antivirus community. Comodo integrates the use of a real time firewall “dynamic and malleable” in order to support a rapidly growing and almost dangerous field of cybercrime. The website that you can download this program from will be referenced in the citation page. You have to be careful because when you are looking for an antivirus, there are countless fraudulent websites that pose as Antivirus, however ironically are Virus’s in themselves. You really have to be careful which links you decide to go to and what you download. A way to check a websites reputation is through the site: “https://trustedsource.org/”. The second thing you must do is to make sure to only put your credit card information into a website that is secure.
You will know it is a secure site by the “Https://” instead of “Http://”. Not many people know/ remember this. But remember that if you do not send that card information over a secure site, then the site will take no extra measures to keep your information confidential. As a general rule of thumb, do not exchange money, documents or anything that has value to the holder over the internet, but sometimes I know that that just isn’t an option. so when you do, always remember that if the website does not have HTTPs:// at the beginning, it is not secure. The S in the HTTPS acronym stands for… you guessed it! Security. This ‘S’ lets the user know that the information that is sent to and from the website that you are using is encrypted, and has background measures taken to ensure confidentiality, authenticity and integrity of all your data. Another way to ensure security with communication is to use something called IPsec.
Ipsec is a framework in which you can choose different protocols and methods of securing information to build a robust all-inclusive way to make sure that the information that is sent is secure. Authentication, Integrity, Confidentiality and replay protection are the aspects covered in the IPsec suite. Authentication is a means of verifying IDENTITY. The identity of the sending entity is just as important as the receiving. This is because if either of those parameters are wrong, you are not communicating. Now say you are sending an email to Tom, and Billy over in the cubicle between decides to intercept that email, the receiving party would not receive the designated mail, and this would create an authentication error. There are mechanisms in place to makes sure that the sender and receiver are the same throughout transmission. Something else that ties directly into the Authentication bit of IPsec, that would be something called “data integrity”. Data integrity means that the information itself did not change in transmission. So that e-mail we sent to Tom earlier, if it had a breach in integrity during transit, was hacked and altered by a man in the middle. This is an issue, as the “Man in the Middle (MitM)” can see all of the original data, as well as he has the power to change the information held inside, to various ends. Confidentiality is a way to make sure that the previous two things are being prevented. Confidentiality is a way to make sure that only you and the intended recipients are recieving the data. That sums up the IPsec introduction, and now we will talk about ways that we can use this knowledge to our benefit.
You can think of IPsec as a framework filled with protocols that communication uses to keep things secure. The first thing to mention is that we discussed the 4 categories for the framework. In order to fill out the authentication category of IPsec, you will need to choose an authentication method. The most common methods we know of are: DES, 3DES, and AES. These are what we know of as “hash algorithms”. Hash algorithms are used at either end of communication and are phrases that an algorithm runs on to find a jumbled string of characters that using the same hash algorithm at the other end will be able to detangle and read.
Network security is not something to mess with. It comprises of all of the information that we keep electronically, and is some of the most important and sensitive information in our lives, so we should always treat is as such. This means: Keeping the antivirus and antimalware up to date,
Securing communication through encryption or VPNs, understanding how network communication works, Using a firewall, and secure web browsing with HTTPS. Even though it does not guarantee that we will e secure, it sure helps. Some of the programs and features that I would reccomend through my travels to write this paper are:
Yampah Mountain High School
1 January 2016
Network Security: Watch Yourself
Networking is a concept that has bounds well beyond the wifi that the school uses for their internet connection. Although some people simply do not have the time or effort that it takes to learn this, as it is decades of technological advancement and research, it is important for them to know how and where they send their information. I believe that everyone should know how they are being advertised across the Internet because our privacy and confidentiality should be a large concern to our wellbeing and self imagery. I believe that with power comes responsibility and it is up to the consumer to know his/her information is not being tampered with in travel, and to arm themselves with information against the modern day cyber criminals (which DO exist). No one else in the world has the responsibility of locking your house at night, why would you expect someone else to lock away your electronic data? You wouldn’t leave your keys in your car on purpose right? That would be like taping a sign to the windows saying “Free to anyone”. Why would you let someone have access to your credit card information when you could use the information that is available to anyone to secure the financial stability of your hard earned money? Right. And so we begin a brief introduction into a world that started decades ago turned into a way of life often misunderstood, that will leave our audience with a deeper understanding of network infrastructure and security.
The topic of networking spans the social aspects, technical side and economical functions of modern day life. Not only is it considered networking when you meet an important person who might know even more people likewise, it is also considered networking when you send an email to your boss, a message through facebook or even turning on the tv. We will be talking about the technical side of networking in this paper as the needs of modern society require. There are many different types of networks in the world and the ones that we are discussing are often unseen forces that constantly are connecting people through applications and programs such as Facebook, E-Mail and even phone systems. The thing that most people do not realize about the way we communicate in the modern day is that in order for them to wake up in the morning and turn the cable on to see what's on the news, there are years of research and advancements that have made that possible and that nobody actually takes the time to figure out. I mean if we can pay some to figure it out for us, why would we care? Ignorance is bliss, I guess.
The first thing that you have to know about networking is what exactly a network is. A network (in terms of technology and contemporary communication through existing resources and infrastructure) is a web of existing devices that can be manipulated by end users to communicate with other devices. For instance, if I would like to send an email to a friend, the two end-users that are communicating are my friend and I and the devices that we used to check these emails are considered clients (often explained as a vessel for transportation). So back to layman's terms, a network is a connecting roadway or roadways between 2 or more people using intermediary devices as means of transportation. The largest network in the world is something that we use every single day, whether we think so or not and is what we call nowadays ‘The Internet of Things’ aptly abbreviated at ‘IoT’.
The Internet was first conceptualized in a military environment called the ‘ARPANET’ in 1967.
The idea was to connect users at different institutions so that they could communicate seamlessly between 2 or more entities. The ARPANET was the basis for everything that we know today as the Internet of Everything. Imagine life where there was no internet. No Google, no Youtube, No Facebook, no email. Our lives would be pretty much the same as the 1950s. However in a matter of 15 years, humans have developed something that connected 4 different entities to a sea of information connection 8.7 billion devices seamlessly. That's a large accomplishment with boasting rewards that no other species can claim.
The first network (ARPANET) was a network that used something called “packets” as a way of transportation, and to this day, we use packets as such. Packets are sent across networks in a maze of roadways and intersections using electrical impulses that can be interpreted at either end. The first thing that is necessary to understand the previous concept is that computers do not speak in alphanumeric digits as we humans do. They use a language called binary. Binary describes a numbering scheme in which there are only two possible values for each digit: 0 and 1. When a computer receives a signal from the cable attached to the internet, it translates the impulses that are sent across the line as on or off. As a military man would translate morse code, computers translate binary into everything you see on the screen. Binary uses a method of place values. For instance the place values in this language can be described as follows:
2^0 2^1 2^2 2^3 2^4 2^5 2^7 2^8
As it should be, zero IS a number in the world of binary and is used as a placeholder. A binary value of 1000000000 can be represented as our own alphanumeric ‘1’. Notice how the place value that is being represented as the 1 can be directly correlated to the previous example of ‘2^0’. Now 01000000 would be represented as 2. Why? Because the place value that has its place being held by the 1 is also known as 2^1. Now let's get a tricky: Say we have the number 11000000. Two to the power of zero equals one, and two to the power of one equals two. Since these two place values are being held, we would simply add them together to find the result. So the number 11000000 is equal to three. The concept of binary is simple, however the application is much more difficult to understand. Now that we know a little background knowledge on HOW computers speak with one another, we can now take a look at WHAT computers say to each other.
There are many different steps that devices use to complete end user communication. These steps follow a process called “Encapsulation” to create what we call packets. Packets are in the most simple of definition: an envelope of instructions that are interpreted at either end of a conversation as a set of rules, instructions or simply information that are decoded using a guideline set in place by various organizations in the technology world. The template that internetworked devices use for the encapsulation process is called the OSI Model. The OSI model has many different purposes, and is fundamental in the understanding of electronic communication. The OSI model is broken up into 7 different Layers: The Physical Layer (Layer 1); the Data-Link Layer (Layer 2); the Network Layer (Layer 3); the Transport Layer (layer 4); the Session Layer (Layer 5); the Presentation Layer (Layer 6); and the Application Layer (Layer 7). These layers encompass all of the networking in the world and also give insight and instructions as to how the world communicates in the modern world. The first layer has been mostly covered by the explanation of the role that binary holds on electronic communication, however does encompass more that just that.
The physical layer of the OSI model is inclusive of: any intermediary transmission media that is used for transport of data across networks. This includes: Wireless transmission, fiber optic cable, ethernet, satellite, and cable, Just to name a few. This is also the last step in the encapsulation process, and I will explain why in the coming paragraphs. So in an essence, the physical layer is literally the road that information takes from one place to another. The next layer in the list is the Data-Link Layer. Computers can exist without the internet, and we all should know that. Every internet accessible device is equipped with an interface that is connected to the internet (Wireless cards, NIC’s etc.) And every interface that is connected to the internet has two types of addresses. The layer two address (the MAC address) and the more commonly know counterpart layer three address (the IP address). These two addresses are used inside the packets and give the packets a destination to reach, while the two different addresses cooperate in order to ensure that data is sent to the right place. MAC is an acronym for: Media Accessible Content. Every network accessible device has a MAC address that is burnt into them by the manufacturer. This is comparable to a VIN on an automobile. The MAC address of the destination device is always placed into the packet that is sent across the network. The MAC and IP address of a device are used to triangulate destination devices, and they can be changed, manipulated in transit by malicious entities to gain, change or simply distort traffic.
An IP address is something that, unlike the MAC address, can be changed and is configured as the device is connected to the network through a protocol called DHCP, or can be manually assigned by network administrators. The easiest analogy for an IP address is a street address. All IP addresses can be described by two parts: the network address and the host address. The network address would be the street that you live on, and the host address would be the house number in specific that you live in. IP addresses are formatted into 4 octets. The octets are separated by periods. An example of an IP address would be: “10.0.0.1”. A computer however (as we discussed) would see that number in binary. Which if you recall would be: 01010000.00000000.00000000.10000000. The reason that each number in an IP address is called an Octet is because it can be represented in binary by 8 places. If you were to take these 8 place values and add them together, you would get the number 256. So in an essence, the largest number you can have in an octet is 256 and the lowest would be 0. An organization called “ARIN” (American Registry for Internet Numbers) has assigned address spaces to geographic locations around the world. It’s really similar to how a phone number would work, in accordance to area codes. Now that we know that all devices have a MAC address and an IP address, I can safely state that in background, the devices take information to be sent across the internet and place these two addresses into the data “packet” so that the information is sent to the right place.
These three layers are essential to understanding that when you send any information across the internet, any computers/ devices that lay in the path of the traffic can take the information using software applications called “Packet Sniffers” and they can not only see: whos is sending the traffic, who is receiving the traffic, but they can see what the traffic is and can possibly change where it is sent, what it contains or even if it is sent at all. This is where Data Security comes in. There are many different ways that you can ensure that your data is being sent to the right person in confidentiality, with integrity and security. One of the most common ways that we can protect our information is by using something called encryption. When you send information to a wireless network, anyone that is in the middle can “sniff” your traffic and read anything that you send across the network using an application called a “Packet sniffer”. This is the most fundamental and basic way of stealing information sent across public networks. All that one would need to do is sit in a public place like a coffee shop and sniff all of the traffic being sent across the network. Things that are sent across networks without second thought could be: Credit Card Information, Login Credentials, Legal Documentation, even information that could cumulatively describe who you are as an individual in enough detail to steal your identity. Hackers are becoming more and more sophisticated, and so we need to be aware of how easy it is to steal unprotected information. A more common way of keeping data safe and secure is called encryption.
Encryption is simply a way of making sure that you and whoever you are communicating with are doing so in a “hidden” manner.
One of the earliest forms of encryption to date is an encryption method called a Caesarian Shift. Two parties that had an agreed number that would remain the same throughout the contact and that number represented a shift in the representation of letters in a message. For instance, if you wanted to simply sent the word “COW”, you would take the first letter in the word (being C) and cross reference it with the alphabet, and find the letter that is 3 digits away from the letter C. This letter would be F. After then, you would take the next letter in the word being O, and find the value of the letter that is 3 away, which would be R. Finally the last letter, W, would be represented by a Z. So according to a Caesarian Shift of 3, the word “COW” would essentially become “FRZ”. I am sure that you have heard of encrypting WIFI passphrases in order to keep out unwanted clients, and this is not very different from the Cesarian Cipher. Encryption is a large portion of what makes secure communication safe.
When a person decides that they need to protect the information that is sent across the internet, one way to do such is through a VPN.
Imagine that you are a desk jockey, and you are starting a telecommuting position. This simply is a big word for “work from home”. Moving on, you wake up in the morning, and you put your suit and tie on, grab your coffee and start walking out the door. Then it hits you. You work from home today! So you run back inside, take your suit off, put on the pajamas and sit down at your computer. At this point, you need a way to simulate an office environment. This is usually what we call a remote desktop connection, or more preferably a VPN tunnel. VPN stands for Virtual Private Network and has evolved due to the growing need of confidentiality of information. A VPN tunnel is established between your office and your home, in order for you to be seamlessly connected to the network and all of it’s resources. Since this scenario is a very geographically spaced situation, that gives a lot of road that information must travel in order to reach it’s destination.
So what if you want to secure information that is not in regards to telecommuting or anything in specific? Grab an antivirus suite. Not Norton, not Macafee. You want Comodo Internet Security Free.
This is an incredibly comprehensive antivirus platform with maximum security that won’t block everything that you want to do. This package has many different features that make it the obvious choice in the antivirus community. Comodo integrates the use of a real time firewall “dynamic and malleable” in order to support a rapidly growing and almost dangerous field of cybercrime. The website that you can download this program from will be referenced in the citation page. You have to be careful because when you are looking for an antivirus, there are countless fraudulent websites that pose as Antivirus, however ironically are Virus’s in themselves. You really have to be careful which links you decide to go to and what you download. A way to check a websites reputation is through the site: “https://trustedsource.org/”. The second thing you must do is to make sure to only put your credit card information into a website that is secure.
You will know it is a secure site by the “Https://” instead of “Http://”. Not many people know/ remember this. But remember that if you do not send that card information over a secure site, then the site will take no extra measures to keep your information confidential. As a general rule of thumb, do not exchange money, documents or anything that has value to the holder over the internet, but sometimes I know that that just isn’t an option. so when you do, always remember that if the website does not have HTTPs:// at the beginning, it is not secure. The S in the HTTPS acronym stands for… you guessed it! Security. This ‘S’ lets the user know that the information that is sent to and from the website that you are using is encrypted, and has background measures taken to ensure confidentiality, authenticity and integrity of all your data. Another way to ensure security with communication is to use something called IPsec.
Ipsec is a framework in which you can choose different protocols and methods of securing information to build a robust all-inclusive way to make sure that the information that is sent is secure. Authentication, Integrity, Confidentiality and replay protection are the aspects covered in the IPsec suite. Authentication is a means of verifying IDENTITY. The identity of the sending entity is just as important as the receiving. This is because if either of those parameters are wrong, you are not communicating. Now say you are sending an email to Tom, and Billy over in the cubicle between decides to intercept that email, the receiving party would not receive the designated mail, and this would create an authentication error. There are mechanisms in place to makes sure that the sender and receiver are the same throughout transmission. Something else that ties directly into the Authentication bit of IPsec, that would be something called “data integrity”. Data integrity means that the information itself did not change in transmission. So that e-mail we sent to Tom earlier, if it had a breach in integrity during transit, was hacked and altered by a man in the middle. This is an issue, as the “Man in the Middle (MitM)” can see all of the original data, as well as he has the power to change the information held inside, to various ends. Confidentiality is a way to make sure that the previous two things are being prevented. Confidentiality is a way to make sure that only you and the intended recipients are recieving the data. That sums up the IPsec introduction, and now we will talk about ways that we can use this knowledge to our benefit.
You can think of IPsec as a framework filled with protocols that communication uses to keep things secure. The first thing to mention is that we discussed the 4 categories for the framework. In order to fill out the authentication category of IPsec, you will need to choose an authentication method. The most common methods we know of are: DES, 3DES, and AES. These are what we know of as “hash algorithms”. Hash algorithms are used at either end of communication and are phrases that an algorithm runs on to find a jumbled string of characters that using the same hash algorithm at the other end will be able to detangle and read.
Network security is not something to mess with. It comprises of all of the information that we keep electronically, and is some of the most important and sensitive information in our lives, so we should always treat is as such. This means: Keeping the antivirus and antimalware up to date,
Securing communication through encryption or VPNs, understanding how network communication works, Using a firewall, and secure web browsing with HTTPS. Even though it does not guarantee that we will e secure, it sure helps. Some of the programs and features that I would reccomend through my travels to write this paper are:
- Comodo Antivirus: https://www.comodo.com/home/internet-security/antivirus.php
- Malwarebytes: https://www.malwarebytes.org/