Upload
hugh-fleming
View
219
Download
0
Tags:
Embed Size (px)
Citation preview
11 Aug 2014 Computer networks 1
Computer networks
Network administrators are here to help you!
Open a ticket on http://support.unibz.it
11 Aug 2014 Computer networks 2
Computer networks What is a network
Computers External connection Terminals Printers Stand-alone hard disks VoIP telephones
Server-client architecture
11 Aug 2014 Computer networks 3
Transfer speed Network areas
Local Area Network (LAN, Intranet) Wide Area Network (WAN, Internet) Virtual Private Network (VPN)
Speed in “bits per second” (bps) Ethernet 10 Mbps Fast Ethernet 100 Mbps Gigabit Ethernet 1 Gbps Wireless 30-300 Mbps
11 Aug 2014 Computer networks 4
Communication programs Web browser
Chrome (55% of the market) Mozilla Firefox (25% of the market) Internet Explorer (10% of the market) Safari
Mail reader Outlook, Mozilla Thunderbird, Windows Live Mail Webmail and Microsoft Outlook Web App
http://webmail.unibz.it Voice over IP
Costs WhatsApp
11 Aug 2014 Computer networks 5
Posta Elettronica Certificata – PEC Standard email
No guarantee of sender’s e-mail address identity No guarantee of sender’s identity No guarantee that content has not been altered No sent proof No dispatched proof No read proof
PEC to PEC: like a raccomandata con ricevuta di ritorno
Sent proof Dispatched proof (in practice also) sender’s address identity and unaltered
content
11 Aug 2014 Computer networks 6
Posta Elettronica Certificata – PEC PEC to standard email: like a raccomandata
semplice Sent proof
Standard email to PEC: like a normal letter
Sent and dispatched proves are legal proves
Every citizen may have a free PEC address to communicate with public administration
11 Aug 2014 Computer networks 7
Search engines Crawler technique (8 billions web
pages!) Google scoring system Search tricks:
Use many keywords Quotations Advanced search Search for images
11 Aug 2014 Computer networks 8
Slow connections
Names EquipmentEffective
speedNotes
PSTNanalogical
dial-up
telephone line and modem
56 KbpsTelephone is busy during connection
ISDN
ISDN telephone line and modem
128 KbpsTelephone is busy during full speed
connection
GPRS2G
GSM mobile phone
100 KbpsTelephone is busy during connection
EDGE2.5 G
modern GSM phone
300 Kbps
11 Aug 2014 Computer networks 9
Broadband connections
Name Equipment Effective speed Notes
ADSLtelephone line and modem
500 Kbps in upload8-20 Mbps download
Congestion
Internet cable
special contract
some Gbps
UMTS3G
HSDPA
3G mobile phone
5 Mbps in upload40 Mbps in download
Speed depends strongly on environment
LTE4G
LTE mobile phone
up to 100 MbpsDepends on coverage and
contract
Wireless
Wi-Fiwireless card 30-300 Mbps
Speed depends on wireless generation
WiMaxantenna in line
of sight and modem
40 Mbps Speed depends strongly
on distance
11 Aug 2014 Computer networks 10
Broadband connections ADSL Congestion
“minimum band guaranteed” contract Digital divide
5,400,000 Italians not covered by broadband WiMax
10 Kilometers range “line of sight” problem
11 Aug 2014 Computer networks 11
Law 196/2003 on privacy
Data are divided into: personal data sensitive data
race and ethnicity, religious / philosophical / political opinions, belonging to religious / philosophical / political / workers
organization sensitive data about health and sex justice data (handled as sensitive data) genetic data (need extremely particular procedures)
11 Aug 2014 Computer networks 12
Law 196/2003 on privacy
To personal users who do not communicate data security requirements still apply
Requirements authentication with login + password or alternatives permission training or instructions backup every week all data security programs updated every 12 months (6 if
sensitive) sensitive data must be encrypted or unidentifiable
11 Aug 2014 Computer networks 13
Encryption
Scrambling technique to make text unreadable Public key for encrypting Private key for decrypting 128 bits to be sure
11 Aug 2014 Computer networks 14
Encryption for information exchange
G#4hg!
decryptencrypt
B
C
D
A
encrypt
encrypt
f@çd*s
È^£(iw,
decrypt
decrypt
message 1
message 2
message 3
message 1
message 2
message 3
D
B
C
message 1
message 2
message 3
G#4hg!
encrypt
encrypt
encrypt
f@çd*s
È^£(iw,
decrypt Trb:-ò°§
Dr4^\|ò9
%$&/òL
decrypt
decrypt
11 Aug 2014 Computer networks 15
Encryption for data storage
encrypt
decrypt
A secret data
D(£ò§*+]dH
secret
data A
encrypt decrypt
A secret data
D(£ò§*+]dH
%£)(“84jhg
ds?ì
11 Aug 2014 Computer networks 16
Digital signature
Law 82/2005 Private key for encrypting Public key for decrypting Keys given by certification authorities Combination with PEC Keys expiration
Temporal mark
11 Aug 2014 Computer networks 17
Digital signature
documentencryp
t decrypt
decrypt
decryptdocument
document
document
G#4$h&à?-2y
BC
D
A
false
document
encrypt decrypt
decrypt
decrypt2?=zx:-ki
2?=zx:-ki
2?=zx:-ki
Y&”:ò[fgj?’^
d
B
C
D
11 Aug 2014 Computer networks 18
Comparison with handwritten signature
Digital signature Handwritten signature
Who can signNeeds keys from certification authority and proper tools
Everybody instantly
Who can verify
Everybody (with proper tools)
Handwriting analysts
Verification reliability
Sure for some yearsSubjective in dubious cases, no time limit
Temporal duration
Some years (can be renewed)
Until other reliable signatures are available
Mass signatures
Some seconds for all documents (with proper tools)
Some seconds per document
Date reliability
Objective if temporal markBased on other subjective elements (paper’s and ink’s age)
11 Aug 2014 Computer networks 19
Electronic vs digital signature
Electronic signature automatic signature through username
and password Qualified electronic signature
and a certification authority guarantees it
Digital signature and uses encryption
11 Aug 2014 Computer networks 20
Passwords
11 Aug 2014 Computer networks 21
Passwords
What can be done with your password? Steal personal data Steal other people’s data Steal money Delete and modify data Steal identity Start illegal activities
11 Aug 2014 Computer networks 22
Passwords
Most people have the following passwords:
A standard computer can try 4 billion passwords per second
password dragon monkey
123456 pussy 696969
12345678 baseball abc123
1234 football 12345
qwerty letmein
11 Aug 2014 Computer networks 23
Passwords Law 196/2003
Avoid personal data in the password Change password every 6 months (3 if sensitive
data) Minimum 8 characters
Better also: Mix letters, strange characters and numbers Do not use words Use different passwords for different purposes Beware of passwords stored in programs
Test your password robustness on https://howsecureismypassword.net What to do in case of employee’s absence
11 Aug 2014 Computer networks 24
Alternatives to password Law 196/2003 allows biometric identification
methods
fingerprints
hand palm
retina scanning
voice identification
11 Aug 2014 Computer networks 25
Extra security Adding physical methods to standard password
smartcard token key OTP with display OTP USB phone SMS phone call
11 Aug 2014 Computer networks 26
Viruses
What does a virus do? Infect Survive Duplicate Damage
Virus infection symptoms computer is slow to start unwanted and annoying pop-ups many system errors
11 Aug 2014 Computer networks 27
Viruses
User’s responsible behaviors downloaded files and email attachments CD, DVD, USB pendrives strange websites updated programs updated antivirus beware when installing free programs!
Anti-viruses Checking the whole hard disk Checking suspect files Always running
11 Aug 2014 Computer networks 28
Types of viruses Trojan horse
looks like a good program Key logger
records your keyboard activity (to get passwords) Back door
opens a port on your computer (to let external users in) Adware
displays advertisement Spyware
spies your activity (to get passwords or for spam targeting) Ransomware
demands money to avoid damage or justice problems
11 Aug 2014 Computer networks 29
Spam
“unsolicited” “unwanted” “bulk” email Advertisement: gambling, pornographic websites,
medicines, risky investments, software… Chain letters Frauds Phishing
Sender is always counterfeited Do not click on links! Do not answer!!! Where do they get my email address? Antispam and blacklists
11 Aug 2014 Computer networks 30
Phishing
11 Aug 2014 Computer networks 31
Phishing
11 Aug 2014 Computer networks 32
Phishing example
2,000,000 emails sent 5% arrive to existing users: 100,000 5% of users read the email: 5,000 2% of readers believe in the email: 100 $1,200 from each user
Gain: $120,000
In 2005 Mr. David Levi gained $360,000 from 160 people using Phishing on eBay website
11 Aug 2014 Computer networks 33
Safe navigating
Navigation security Phishing Viruses
Download Save Antivirus Open Avoid visiting and downloading from
untrustworthy websites Keep Explorer and Windows up-to-date
Intercept your data Secure connection SSL: httpS
11 Aug 2014 Computer networks 34
Attacks from outside
Denial of Service zombie computers
Firewall which internal program which external address what amount of traffic which kind of data
Windows Seven Firewall
11 Aug 2014 Computer networks 35
Backup Why backup?
Source: The Cost of Lost Data. The importance of investing in that “ounce of prevention” by David M. Smith
40%
29%
13%
6%
9%3%
Hardware failureHuman errorSoftware corruptionVirusesTheftHardware destruc-tion
11 Aug 2014 Computer networks 36
Backup Law 196/2003
backup every week What to backup?
Your data files emails, contacts, calendar Program configuration files Difficult-to-find stuff
Where to backup? another hard disk online backup systems: Dropbox, GoogleDrive, Box,
Amazon RAID techniques
11 Aug 2014 Computer networks 37
RAID – Redundant Array of Independent Disks
JBOD – Just a Bunch Of Disks 2 disks
RAID 0 2 disks, fast
RAID 1 2 disks but space as for 1, safe vs crash, 24h service Most common solution
RAID 10 4 disks but space as for 2, fast, safe vs crash , 24h
service
None of these techniques is safe versus viruses or human errors!
11 Aug 2014 Computer networks 38
JBOD
11 Aug 2014 Computer networks 39
RAID 1
11 Aug 2014 Computer networks 40
RAID 0
11 Aug 2014 Computer networks 41
RAID 10