Chapter 3

Computer Communication
and Security

Chapter 3 Objectives
Communications
and Network
terminology and
applications

Various
communications
devices, media,
and procedures

Type of Computer
Networks

Describe the types

of computernetwork & Internet
security risks

Identify ways to
safeguard against
Network-based
attacks

Techniques to
prevent Network
Attacks

Communications
What are computer communications?

Process in which two or more computers or devices transfer data, instructions, and
information

Communications
What is needed for successful communications?
Sending device
Initiates instruction to transmit data, instructions, or information. Commonly in software
forms
Communications device
Connects the sending device to the communications channel

Communications channel
Media on which data, instructions, or information travel
Communications device
Connects the communications channel to the receiving device
Receiving device

Accepts transmission of data, instructions, or information

Communication Software
What is communications software?
Programs that help users
establish connection to
Internet, other network,
or another computer

Programs that help users

manage transmission of
data, instructions,
and information
Programs that provide an
interface for users to
communicate with one
another

Communication Devices
What are examples of communications
devices?
Common types are [dial-up modems, ISDN & DSL
modems, broadband/cable modems] For
Internet Communication, and [network cards,
wireless access points, routers, and
hub/switches] for General Computer Network
Communications

Communication Devices
What is a modem?

Converts digital signals to analog signals and vice versa

Notebook computers often use PC Card modem

Dial Up Modems

Cable and Wireless Broadband Modems

Faster Internet Connection

Communications Devices
What is a network card?
Adapter card, PC Card, or
compact flash card that
enables computer or
device to access network
Sometimes called network
interface card (NIC)

Communications Devices
What is a wireless access
point?
Central communications
device that allows
computers and devices to
transfer data wirelessly
among themselves or to
wired network

Communications Devices
What is a router?
Connects computers and
transmits data to correct
destination on network
Routers forward data on
Internet using fastest
available path

Communications Devices

Communications Devices
What is a switch/hub?
Device that provides
central point for cables in
network

Communications Channel
What is a channel?
Transmission media on which data travels in
communications system

Transmission media
are materials
capable of carrying
one or more signals

Bandwidth is
amount of data
that can travel
over channel

Transmission Media
Physical
Optical Fiber
Twisted Pair
Cables
Coaxial Cable

Wireless
Communications
Sattelite
Microwave Radio
Cellular Radio (2G,
2,5G, 3G, etc)
Broadcast Radio
(Wi-fi, Bluetooth)
Infrared

Computer Network
What is a network?
Collection of computers
and devices connected
via communications
devices and
transmission
media

Computer Network
What is a local area
network (LAN)?
Network in limited
geographical area such
as home or office
building
Metropolitan area
network (MAN)
connects LANs in city or
town

Computer Network
How to Join a computer into a LAN

IP address is a numerical label assigned to each device

(e.g., computer, printer) participating in a computer
network

Computer Network
What is a wide area
network (WAN)?
Network that covers
large geographic area
using many types of
media
Internet is worlds
largest WAN

Computer Network
What is a client/server
network?
One or more computers act
as server and other
computers, or clients, access
server

Computer Network
What is an Intranet?
Internal network that uses Internet technologies

Makes information accessible to employees

Typically includes connection to Internet

Extranet allows customers or suppliers to access

part of companys intranet

Network Risks & Security

Computer Security Risks

What is a computer security risk?
Action that causes loss of or damage to computer
system
Mostly happened when computer connected into
a network
Easier to access, more unpredictable than attacking
unattended computer

Computer Viruses, Worms, and Trojan Horses

What are viruses, worms, and Trojan horses?

Virus is a potentially
damaging
computer
program

Can spread
and
damage
files

Worm copies
itself repeatedly,
using up
resources
and possibly
shutting down
computer or
network

Trojan horse hides

within
or looks like
legitimate program
until triggered

Does not
replicate
itself on
other
computers

Payload
(destructive
event) that is
delivered when
you open file, run
infected program, or
boot computer with
infected disk
in disk drive

Computer Viruses, Worms, and Trojan Horses

How can a virus spread through an e-mail

message?
Step 1. Unscrupulous

Step 2. They use

programmers create a virus

program. They hide the
virus in a Word document
and attach the Word
document to an e-mail
message.

the Internet to send

the e-mail message
to thousands of
users around the
world.

Step 3a. Some

Step 3b. Other users do not

users open the

attachment and
their computers
become infected
with the virus.

recognize the name of the

sender of the e-mail message.
These users do not open the
e-mail message. Instead they
delete the e-mail message.
These users computers are not
infected with the virus.

Computer Viruses, Worms, and Trojan Horses

What are some tips for preventing virus,

worm, and Trojan horse infections?
Never download or
install suspicious
software from
untrusted sources
If the antivirus
program flags an
e-mail attachment
as infected, delete
the attachment
immediately

Install an antivirus
program on all of your
computers

Check all
downloaded
programs for
viruses, worms,
or Trojan horses

Never open an
e-mail attachment
unless you are
expecting it and
it is from a
trusted source

Install a personal
firewall program

DOS & Backdoor

What is a denial of service (DOS) attack and
back door?
A denial of service attack is an assault which
disrupts computer access to an Internet service
such as the Web or e-mail

A back door is a program or set of instructions

in a program that allow users to bypass
security controls when accessing a computer
resource

Spoofing
What is spoofing?
Makes a
network
or Internet
Transmission appear legitimate

IP spoofing occurs when an intruder

computer fools a network into believing
its IP address is from a trusted source
Perpetrators of IP spoofing trick their
victims into interacting
with a phony Web site

Solutions
Best way to prevent spoofing and DOS is to
build a firewall

Implemented on network or installed on host as

software (personal firewall)

Solutions
What is firewall?
Security system consisting of hardware and/or
software that prevents unauthorized intrusion

Solutions
What is personal firewall?
Program that protects personal computer and its data from
unauthorized intrusions
Monitors transmissions to and from computer
Informs you of attempted intrusion

Unauthorized Access and Use

Unauthorized Access
Use of a computer or network without
permission.
By connecting to it and then logging in as a
legitimate user.
Do not cause damages.
Merely access the data, valuable information or
programs in the computer.
In some manners, can be categorized as
Information theft

Unauthorized Access and Use

Unauthorized Use
Use of a computer or its data for unapproved or
illegal activities.
Ex: gaining access to a bank computer and
performing an unauthorized bank transfer etc.

Solutions
How to prevent unauthorized access and use?
Make a good use of authorization control

Solutions (Cont.)
How to make good passwords?
GOOD

Example:
@k|_|-@n@6-4L4Y
Longer, alay-er, better

NEVER USE IT

Your birth-day
Your mother/dad/lover name
Very predictable words
Plain, not combinated
characters is weak against
brute-force attacks

Solutions (Cont.)
How to prevent unauthorized access and use?
Disable file and printer sharing on Internet connection

File and
printer
sharing
turned off

enable just
when you need it

Solutions (Cont.)
How to make information thief lifes much
harder?
Use encryption
Safeguards against information theft
Process of converting plaintext (readable data) into
ciphertext (unreadable characters)
Use key to generate cipherkey as combinations
To read the data, the recipient must decrypt, or
decipher, the data
See the demonstration

Internet Security Risk

Information Sniffing, How?

H or L can get all sensitive un-encrypted information

passed on network such as username and password

Internet Security Risk

Website phising, How?

Impersonated Login Page

Username,
Passwords,
Credit cards details

https://ib.bankmandiri.co.id/retail/Login.do?action=form

https://ib.bangmandiri.co.id/retail/Login.do?action=form
Username,
Passwords,
Credit cards details

Normal Login Page

Bank Mandiris
Server

Crackers Computer

Internet Security Risk

Website phising commonly
spread using emails and
social media
Best implemented when
combined with social
engineering technique.

Internet Security Risk

Social engineering is an nontechnical, outside hacker's use
of psychological tricks on
legitimate users of a computer
system, in order to gain the
information (usernames and
passwords) one needs to gain
access to the system.
It utilizes two human weakness:
no one wants to be considered
ignorant
human trust

Solutions
Web browsers provide secure data
transmission
Many Web browsers
use encryption

Secure site
Choose Web site that
uses encryption to
secure data
Valid Digital
certificate
Guarantees Web site
is legitimate

Solutions
Provides encryption of
all data that passes
between client and
Internet server
Web addresses
beginning with https
indicate secure
connections

Solutions
Protect yourselves from social engineering
Be educated, aware, and a little bit paranoid.
Never give out:
Usernames / ID numbers
Passwords / PIN numbers
System information
Credit card numbers
Schedules
Other Sensitive data
Be aware of what is being asked

End of Chapter 3