If you are building a firewall, the first thing you need to worry about is what you're trying to protect. When you connect to the Internet, you're putting three things at risk: your data (the information you keep on the computers); your resources (the computers themselves); and your reputation.
The Internet is a marvelous technological advance that provides access to information, and the ability to publish information, in revolutionary ways. But it's also a major danger that provides the ability to pollute and destroy information in revolutionary ways.
Computer security incidents are different from many other types of crimes because detection is unusually difficult. Sometimes, it may take a long time to find out that someone has broken into your site. Sometimes, you'll never know. Even if somebody breaks in but doesn't actually do anything to your system or data, you'll probably lose time (hours or days) while you verify that the intruder didn't do anything.
Your data has three separate characteristics that need to be protected: secrecy (you might not want other people to know it); (1) integrity(you probably don't want other people to change it); and availability: (you almost certainly want to be able to use it yourself). A (2) firewallis a form of protection that allows a network to connect to the Internet while maintaining a degree of security.
The most common attacks on your systems are intrusions; with intrusions, people are actually able to use your computers. Most attackers want to use your computers as if they were legitimate users. Attackers have dozens of ways to get access. They range from (3) social engineering attacks(you figure out the name of somebody high up in the company; you call a system administrator, claiming to be that person and claiming to need your password changed right now, so that you can get important work done), to simple (4) guesswork (you try account names and password combinations until one works).
Firewalls help prevent intrusions in a number of ways. Ideally, they block all ways to get into a system without knowing an account name and password. Properly configured, they reduce the number of accounts accessible from the outside that are therefore vulnerable to guesswork or social engineering. Most people configure their firewalls to use one-time passwords that prevent guessing attacks.
A (5) denial of service attack is one that's aimed entirely at preventing you from using your own computers. While flooding is the simplest and most common way to carry out a denial of service attack, a cleverer attacker can also disable services, reroute them, or replace them.
Most often, the risk of denial of service attacks is unavoidable. If you accept things from the external universe – electronic mail, telephone calls, or packages – it's possible to get flooded. The notorious college prank of ordering a pizza or two from every pizzeria in town to be delivered to your least favorite person is a form of denial of service; it's hard to do much else while arguing with 42 pizza deliverers. In the electronic world, denial of service is as likely to happen by accident as on purpose. The most important thing is to set up services so that if one of them is flooded, the rest of your site keeps functioning while you find and fix the problem. The good news is that most of these attacks are avoidable; a well-designed firewall will usually not be susceptible to them itself, and will usually prevent them from reaching internal machines that are vulnerable to them.
Some types of attacks allow an attacker to get data without ever having to directly use your computers. Usually these attacks exploit Internet services that are intended to give out information, inducing the services to give out more information than was intended, or to give it out to the wrong people. Many Internet services are designed for use on local area networks, and don't have the type or degree of security that would allow them to be used safely across the Internet.
Most people who steal information try to get access to your computers; they're looking for usernames and passwords. Fortunately for them, and unfortunately for everybody else, that's the easiest kind of information to get when (6) tapping a network. Username and password information occurs quite predictably at the beginning of many network interactions, and such information can often be reused in the same form.
Network taps, which are usually called (7) sniffers, are very effective at finding password information but are rarely used by attackers to gather other kinds of information. Getting more specific information about a site requires either extreme dedication and patience, or the knowledge that the information you want will reliably pass through a given place at a given time.
There are several types of protection against (8) information theft. A properly configured firewall will protect you against people who are trying to get more information than you intended to give. Once you've decided to give information out across the Internet, however, it's very difficult to protect against that information's reaching an unintended audience, either through misauthentication (somebody claiming to be authorized, when he or she isn't) or through sniffing (somebody simply reading information as it crosses a correctly authorized channel). For that matter, once you have given the information to somebody, you have no way to prevent that person from distributing it to other people.
(From Building Internet Firewalls,
by E. Zwicky, S. Cooper & D. Chapman)
Task 3. Decide if the statement is true, false or there is no information
in the text.
1. The Internet is a major danger that provides the ability to pollute and destroy information in revolutionary ways.
2. When you connect to the Internet, you're putting only one thing at risk: the information you keep on the computers.
3. Computing resources are natural resources that belong by right to the world at large.
4. A denial of service attack is aimed entirely at preventing you from using your own computers.
5. Network sniffing is often used for destroying computer data.
6. If you share the information with somebody, it is impossible to prevent that person from distributing it to other people.
Task 4.Answer the questions.
1. What are you trying to protect on your systems?
2. Which antivirus software or service do you use? Does it help to increase your computer security?
3. What types of attacks do you know?
4. Can simple accidents or stupidity be the threat for computer security?
Task 5. Choose the correct words.
1. A person who illegally accesses somebody else's computer over the Internet is called a __________.
A. pirate B. guest C. hacker
2. A website which (in theory) cannot be accessed by a hacker is _________.
A. strong B. secure C. clean
3. A website which can only be viewed by authorised people has ________ access.
A. reduced B. small C. restricted
4. Unwanted advertising e-mails are popularly known as _______.
A. garbage B. spam C. ham
5. Software which blocks attempts by others to access your computer over the internet is called a __________.
A. firewall B. fire blanket C. fire engine
6. It's essential to ________ your anti-virus protection regularly.
A. up-to-date B. date back C. update
7. Anti-virus software can _______ your computer for viruses.
A. flood B. review C. scan
8. Anti-virus software can also _______ viruses on removable media, such as floppy disks.
A. detect B. control C. see
9. When your anti-virus software subscription ______ it's a good idea to renew it immediately.
A. ends B. stops C. expires
10. Sites that ask for your credit card number or other personal information should use a secure server, so the data you send is ______.
A. coded B. encrypted C. translated.
11. The _______ symbol means that a web-page is secure.
A. smile B. SOS C. padlock
12. I couldn't book my flight online because the airline's system was _____.
A. down B. up C. over
Task 6. Match the malware with the damage.
3. trojan horse
4. keystrokelogger or keylogger
A. collects and sends private information from the infected computer to a third party
B. an undesirable program which can replicate itself across a network
C. allows a hacker to access private information when he/she wishes
D. a program which adds itself to an executable file, and can cause considerable damage to the data on the infected computer
E. records characters that are typed into a computer
Task 7. Read the text and fill in the gaps with the words below.