Sigrua Ne Rjet ANGLISHT

Network layer security
TCP/IP can be made secure with the help of cryptography. Cryptographic methods and protocols have been developed for different purposes in securing communications on the internet. These protocols include SSL and TLS for web traffic, PGP for email, and IPsec for the network layer security.
IPsec Protocol
This protocol is designed to protect communication in a secure manner using TCP/IP. This is a set of security extensions developed by IETF and it provides security and authentication at the IP layer by using cryptography. To protect the content, the data is transformed using encryption techniques. There are two main types of transformation that form the basis of IPsec, the Authentication Header (AH) and Encapsulating Security Payload (ESP). These two protocols provide data integrity, data origin authentication, and anti-reply service. These protocols can be used alone or in combination to provide desired set of security services for the Internet Protocol (IP) layer.
The basic components of the IPsec security architecture are described in terms of the following functionalities:
Security protocols for AH and ESP
Security association for policy management and traffic processing
Manual and automatic key management for the internet key exchange (IKE)
Algorithms for authentication and encryption
The set of security services provided at the IP layer include access control, data origin integrity, protection against replays and confidentiality. The algorithm allows these sets to work independently without affecting other parts of the implementation. The IPsec implementation operated in a host or security gateway environment giving protection to IP traffic.
[edit]Electronic mail security (E-mail)
Background
Understanding of how email messages are composed, delivered, and stored is helpful in understanding email security.This is a multiple step process. The process starts with message composition. When the user finishes composing the message and sends the message, the message is then transformed into a specific standard format specified by Request for Comments (RFC) 2822, Internet Message Format. Once the message is translated into an RFC 2822 formatted message, it can be transmitted. Using a network connection, the mail client, referred to as a mail user agent (MUA), connects to a mail transfer agent (MTA) operating on the mail server. After initiating communication, the mail client provides the sender’s identity to the server. Next, using the mail server commands, the client tells the server who are the intended recipients. After the complete recipient list is sent to the server the client supplies the message. Once the mail server is processing the message, several events occur: recipient server identification, connection establishment, and message transmission. Using Domain Name System (DNS) services, the sender’s mail server determines the mail server(s) for the recipient(s). Then, the server opens up a connection(s) to the recipient mail server(s) and sends the message employing a process similar to that used by the originating client. Finally the message is delivered to the recipient.
Pretty Good Privacy (PGP)
PGP provides confidentiality by encrypting messages to be transmitted or data files to be stored locally using an encryption algorithm such 3DES, CAST-128. Email messages can be protected by using cryptography in various ways, such as the following:
Sign an email message to ensure its integrity and confirm the identity of its sender.
Encrypt the body of an email message to ensure its confidentiality.
Encrypt the communications between mail servers to protect the confidentiality of both the message body and message header.
The first two methods, message signing and message body encryption, are often used together. The third cryptography method, encrypting the transmissions between mail servers, is typically applicable only when two organizations want to protect emails regularly sent between them. For example, the organizations could establish a virtual private network [3](VPN) to encrypt the communications between their mail servers over the Internet. Unlike methods that can only encrypt a message body, a VPN can encrypt entire messages, including email header information such as senders, recipients, and subjects. In some cases, organizations may need to protect header information. However, a VPN solution alone cannot provide a message signing mechanism, nor can it provide protection for email messages along the entire route from sender to recipient.
Multipurpose Internet Mail Extensions (MIME)
MIME transforms non-ASCII data at the sender's site to Network Virtual Terminal [4](NVT) ASCII data and delivers it to client's Simple Mail Transfer Protocol (SMTP) to be sent through the internet. The server SMTP at the receiver's side receives the NVT ASCII data and delivers it to MIME to be transformed back to the original non-ASCII data.
Secure/Multipurpose Internet Mail Extensions (S/MIME)
S/MIME provides a consistent means to securely send and receive MIME data. S/MIME is not only limited to email but can be used with any transport mechanism that carries MIME data, such Hypertext Transfer Protocol[5] (HTTP).
[edit]Firewalls

Firewall is a device that controls the access between networks. It generally consists of gateways, and filters, which vary from one firewall to another. It is secure gateway between public internet and private network. Firewall also screens the network traffic and is able to block the traffic that is dangerous. Fire walls act as the intermediate server between SMTP and HTTP connections.
[edit]Role of Firewalls in Internet Security
Firewalls impose restrictions on incoming and outgoing packets to and from private network. All the traffic whether incoming or outgoing must pass through the firewall, but only authorized traffic is allowed. Firewalls create checkpoints between an internal private network public internet. They are also called choke points. Firewalls can create choke points based on IP source, and TCP port number. They can also serve as the platform for IPsec. Using tunnel mode capability, firewall can be used to implement VPNs. Firewalls can also limit network exposure by hiding the internal network system and information from public internet.
[edit]Types of firewalls
Packet Filters
Packet filters are one of several different types of firewalls that process network traffic on packet-by-packet basis. Its main job is to filter traffic from a remote IP host, so a router is needed to connect the internal network to the internet. The routers is known as screening router, which screens packets leaving and entering the network.
Circuit-Level Gateways
The Circuit-Level Gateway represents proxy server that statically defines what traffic will be allowed. Circuit proxies always forward packets containing a given port number, if the port number is permitted by the rules set. This gateway operates at the network level of OSI model. IT act as IP address translator between internet and internal network. The main advantage of proxy server is its ability to provide Network Address Translation (NAT). NAT hides the IP address from the internet. This process effectively protects all internal information from internet.
Application-Level Gateways
The application-level gateways represents the proxy server operating at the TCP/IP application level. A packet is forwarded only if a connection is established using some known protocol. The application gateway analysis the whole message instead of individual packets when receiving or sending data. This is more valuable aspect of internet.
[edit]Anti-virus

For more details on this topic, see Malware.
Some apparently useful programs also contain features with hidden malicious intent. Such programs are known as Malware, Viruses, Trojans, Worms, Spyware and Bots.
Malware is the most general name for any malicious software designed for example to infiltrate, spy on or damage a computer or other programmable device or system of sufficient complexity, such as a home or office computer system, network, mobile phone, PDA, automated device or robot.
Viruses are programs which are able to replicate their structure or effect by integrating themselves or references to themselves, etc. into existing files or structures on a penetrated computer. They usually also have a malicious or humorous payload designed to threaten or modify the actions or data of the host device or system without consent. For example by deleting, corrupting or otherwise hiding information from its owner.
Trojans (Trojan Horses) are programs which may pretend to do one thing, but in reality steal information, alter it or cause other problems on a such as a computer or programmable device / system.
Spyware includes programs that surreptitiously monitor keystrokes, or other activity on a computer system and report that information to others without consent.
Worms are programs which are able to replicate themselves over a (possibly extensive) computer network, and also perform malicious acts that may ultimately affect a whole society / economy.
Bots are programs that take over and use the resources of a computer system over a network without consent, and communicate those results to others who may control the Bots.
The above concepts overlap and they can obviously be combined. The terminology, along with the dangers involved, are constantly evolving.
Antivirus programs and Internet security programs are useful in protecting a computer or programmable device / system from malware.
Such programs are used to detect and usually eliminate viruses. Anti-virus software can be purchased or downloaded via the Internet. Care should be taken in selecting anti-virus software, as some programs are not as effective as others in finding and eliminating viruses or malware. Also, when downloading anti-virus software from the Internet, one should be cautious as some websites say they are providing protection from viruses with their software, but are really trying to install malware on your computer by disguising it as something else.
[edit]Anti-spyware

For more details on this topic, see Malware.
There are two major kinds of threats in relation to spyware:
Spyware collects and relays data from the compromised computer to a third-party.
Adware automatically plays, displays, or downloads advertisements. Some types of adware are also spyware and can be classified as privacy-invasive software. Adware often are integrated with other software.
[edit]Email security

A significant part of the Internet, E-mail encryption is an important subset of this topic.
[edit]Browser choice

As of December 2008, 68.2% of the browser market was held by Internet Explorer. As a result, malware creators often exploit Internet Explorer. Internet Explorer market share is continuously dropping (as of 2009; see list of web browsers for statistics) as users switch to other browsers, most notably Firefox (with 21.3% market share), Safari (web browser) (with 7.9% market share) and Google Chrome (1% market share). [6]
[edit]Buffer overflow attacks

For more details on this topic, see Buffer overflow.
A buffer overflow is an attack that could be used by a cracker to get full system access through various methods. It is similar to "Brute Forcing" a computer in that it sends an immense attack to the victim computer until it cracks. Most Internet security solutions today lack sufficient protection against these types of attacks.