Security on the Internet, while related to "general"
computer security, differs, due to it's focus upon Internet technologies.
The Internet is a global system which is comprised of interconnected
computer networks that use the Internet protocol suite (tcp/ip).
Therefore, Internet security is related to vulnerability within
the Internet protocol suite and the applications and services that
Individuals who engage in finding security vulnerability - be
it on the Internet or other computer systems - are referred to as
hackers (sometimes as crackers
or script kiddies). Hacking most
likely evolved out of phreaking; the
'hacking' of telephone networks. Hackers are categorised as 'blackhat'
and 'whitehat', and a 'hack' that is motivated by political ends
is referred to as hacktivism.
Computer Security: Intrusion Methods
Threats against computer systems can be classified in three intrusion
1. Internal Intrusions - Usually the most harmful security
threat: this is where an employee of a company - or friend or family
member - physically accesses a company network or personal computer
to cause damage. This can only be stopped by physical measures and
not by computer software. Little can be done to protect against
this threat, apart from ensuring that only people who are trusted
can physically access a computer.
2. External Intrusions - This is where someone tries to
remotely attack and access computers across a computer network.
This is the easiest form of attack to defend against, and we will
examine 'external intrusions' attempted on the Internet. External
intrusions are the most common Internet security threat, because,
the Internet, by nature, is a system of remotely connected computer
3. Social Intrusions - This is where hackers pose as system
administrators etc, and ask for a username
or a password. No computer software
can stop a hacker armed with accurate information that has been
stolen. Phishing is an example of a
social intrusion threat on the Internet. Phishing is where an individual
will send an email, or another electronic message, purporting to
be from an official source and will ask for username and password
Internet Security: External Threats
Internet security threats generally come in the "form"
of external intrusions - luckily this is the easiest type of intrusion
to protect against. The problem with the Internet is that the original
designers didn't consider user privacy and data. The typical home
computer now contains sensitive data, like: credit card numbers,
bank account numbers, business contacts, and other confidential
information. Therefore, it is essential that a home computer is
protected against external access by malicious individuals.
As already stated, the Internet is a computer system that is comprised
of interconnected computer networks that use the Internet protocol
suite. The Internet uses packet switching to transit data (with
the TCP and UDP protocols) from one location (computer) to another.
Data is transmitted in packets (blocks of data). Each computer connected
to the Internet is assigned an IP address. Each computer connected
to the Internet may have multiple applications that send and receive
Therefore, ports are used by each
of these applications/processes (if an IP address is a house, then
a port would be a room within that house). Packets are sent to an
IP address (address of a home computer on the Internet) and then
routed to the port (address of the application/process). An IP address+port
number is required for communication transmissions to be completed.
IANA (Internet Assigned Numbers Authority) assign's and maintain
ports for Internet applications/processes. The following Internet
protocols have been assigned to the following ports:
- FTP - 21
- SSH - 22
- Telnet - 23
- SMTP - 25
- HTTP (Web) - 80
- Pop 3 - 110
- IMAP - 143
A computer connected to the Internet becomes vulnerable when a
port is left open and intrusion from an external source is possible.
The remedy to this issue is a firewall;
a firewall analyses all incoming and outcoming traffic through these
ports. If the firewall suspects incoming or outgoing traffic (through
a port) is unauthorized: it will block it. This is why, when a firewall
is first installed, it will ask whether an application attempting
to open a port is authorised or not.
Through the use of packet sniffers and other security tools, there
is always the possibility that an individual can intercept and read
data packets sent by computers communicating on the Internet. While
the Internet protocol suite was not strictly designed with the idea
of user privacy and data security, it does feature some protocols
that deal with security:
- Secure Sockets Layer (SSL) - encrypts packets, ideal for financial
- Transport Layer Security (TLS) - encrypts packets, ideal for
- Pretty Good Privacy (PGP) - encrypts email messages.
- IPsec - protects data at the network layer (Internet is a four
layer model) security.
The purpose of the above protocols, are therefore, to encrypt data:
so that, even if the data packets are intercepted by someone, the
person can not read them. The majority of the protocols listed above
are installed in Web browsers, email clients, and other online applications.
Internet Security: Applications
The Internet is a global system that provides a range of services,
chief amongst them being: electronic mail, file downloads, and the
World Wide Web. The majority of these services are based upon a
client-server model: a user will install a client program (browser
for example) which will use application layer protocols (http, ftp,
smtp, dns) of the Internet protocol suite to download data (transmitted
in packets) from Internet servers (computer which stores data).
The security threat posed in this model is client programs which
have been designed with inherent security flaws.
The most popular service on the Internet is the World Wide Web.
The World Wide Web is accessed by browsers: which is a client program
that downloads webpages from web servers and renders them for a
user to read. Security threats to a browser are two-fold.
can be embedded into webpages and can pose a multi-tude of security
issues. Users tend to need a security program - installed internally
in the browser or externally - which will scan every webpage before
it is accessed to warn the user of any security threat.
The next security threat posed by browsers is security holes within
the client program. For example, Internet Explorer version 6 is
noted for having over 20 unpatched vulnerabilities: most notable
ActiveX and DHTML document object model vulnerability. Plugins -
like toolbars - which are installed into browsers can also compromise
Internet security. Therefore, users should always install the latest
version of a browser, and only install plugins from trusted software
Finally, there is the manipulation of the host
file in an operating system: this results in a spoofed version
of a official website being loaded - for example a spoofed version
of a banking website - and the spoofed website will record login
details etc. This type of browser exploit is referred to as pharming.
Email has possible been the cause of the majority of Internet threats
to home users. Email, by standard, is simple a text based messaging
service, and text emails pose no security threat. It was when emails
began to support HTML code and attachments that security issues
with the technology became a serious problem. Spam email messages
often includes harmful HTML code and attachments are often installed
with viruses and other malicious software. Older webmail systems
did not include features to scan emails to warn users of any potential
threat. Present day, 2014, webmail and email clients are far more
secure, and usually scan every email before a user accesses it.
Another security issue posed by email is phishing and scamming
emails. This is where an email will purport to be from an official
source - such as a bank, building society, network administor -
and will ask for personal details. These emails can look genuine:
due to the email address being spoofed;
the content of the email using the correct logo of the business;
and the "tone" of the message conveying fear if the user
does not comply with the request. Of course, if a user does comply
with the request, then the ramifications can expand, and the overall
threat posed to the user and the services he/she uses on the Internet
Another security threat posed to email is that messages are transferred
via mail servers: during this process of transporting a email message
from one user to another, the message can potentially be intercepted.
If the data packets of the email message are successfully intercepted,
then the contents of the email message can be read. The solution
to this issue is to encrypt the email message.
There are many client programs - file sharing programs like Napster
or instant messaging programs like ICQ - which allow users to download
files from servers located on the Internet or to exchange files
between one another. These client programs tend to use the file
transfer protocol (FTP) to facilitate the download and upload of
files via the client program. FTP does not pose a threat to the
security of the user, but the files downloaded do. The following
category on this page will examine malicious downloaded software.
Internet Security: Malicious Software
As was shown above, the majority of services provided on the Internet
are based upon a client-server model. In this model, client programs
download data from servers connected to the Internet. A security
threat is created when data is downloaded that includes, or, is
classified as: malicious software. Some types of malicious software
include: adware, viruses, malware, trojan horses and worms. The
level of threat posed by these programs varies from minimal to great.
Malicious software can be downloaded by mistake from: email attachments,
download sites, hidden in genuine looking software, and from compromised
websites. Some malicious software can remotely control a computer
(referred to as a zombie machine) and
can be used to engage in denial of service
attacks (denial of service attacks are used to make Internet services
Other viruses record keystrokes,
sometimes targeting login details: so as to engage in identity theft.
Anti-virus software is the only way to remove malicious software
already residing on a computer system. Anti-virus programs may not
be able to remove serious security threats, and the computer may
need to be reset to it's factory settings. Anti-virus programs should
scan the majority of files downloaded from the Internet: this should
ensure that the computer avoids becoming infected.
The threat posed by malicious software is largely dependent upon
the behaviour Internet users. The user can mitigate the threat of
this software by installing the correct and up-to-date software:
anti-virus programs, anti-malware programs, firewall, and web protection.
Likewise, the behaviour of the user can mitigate the threat: the
more a user downloads, the higher the risk, and, if the user downloads
data from unknown sources, the higher the risk.