Chapter 4: Internet Security
• Internet
– A global network that allows devices connected to it to exchange
information
– Composed of networks to which devices are attached
– Not owned or regulated by any organization or government entity
– Computers loosely cooperate to make the Internet a global information
resource
– Two main Internet tools:
• World Wide Web and email
• World Wide Web (WWW)
– Better known as the web
– Internet server computers that provide online information in a specific
format
– Websites- group of webpages that are link together
• Hypertext Markup Language (HTML)
– Allows Web authors to combine text, graphic images, audio, video, and
hyperlinks
• Web browser
– Displays the words, pictures, and other elements on a user’s screen
• Hypertext Transport Protocol (HTTP)
– Standards or protocols used by Web servers to distribute HTML
documents
– Subset of Transmission Control Protocol/Internet Protocol standards
(TCP/IP)
• Web browser on the user’s computer sends a request to a remote web server
– Web server responds by sending the HTML document to the user’s local
computer
– User’s web browser displays the document
• Transfer-and-store process
– Entire document is transferred and then stored on the local computer
before the browser displays it
– Creates opportunities for sending different types of malicious code to the
user’s computer
• Email
• Estimate: over 2.3 million emails are sent per second
• Two different email systems in use today
• An earlier email system uses two TCP/IP protocols:
– Simple Mail Transfer Protocol (SMTP)
• Handles outgoing mail
, – Post Office Protocol (POP or POP3)
• Responsible for incoming mail
Internet Mail Access Protocol (IMAP)
– A more recent and advanced email system
– Email remains on the email server and is not downloaded to user’s
computer
– Mail can be organized into folders on the server
– Can be read from any device
• Desktop computer, tablet, smartphone, etc…
– Current version is IMAP4
• Email attachments
– Documents attached to an email message
– Encoded in a special format
– Sent in a single transmission with email message
• Internet Security Risks
• Variety of risks from using the Internet
– Browser vulnerabilities
– Malvertising
– Drive-by-downloads
– Cookies
– Email risks
• Browser Vulnerabilities
(Browser receives html code translate it and show it as web page to the user.
If the html code is malicious the browser will show it without checking the
code, which is the browser vulnerabilities.)
• In early days of web, users viewed static content
– Information that does not change
• Today, users demand dynamic content
– Content that changes (animation or customized info)
• Scripting code
– Computer code that commands the browser to perform specific actions
– JavaScript is the most popular scripting code
• JavaScript
– Embedded in HTML document
• Internet
– A global network that allows devices connected to it to exchange
information
– Composed of networks to which devices are attached
– Not owned or regulated by any organization or government entity
– Computers loosely cooperate to make the Internet a global information
resource
– Two main Internet tools:
• World Wide Web and email
• World Wide Web (WWW)
– Better known as the web
– Internet server computers that provide online information in a specific
format
– Websites- group of webpages that are link together
• Hypertext Markup Language (HTML)
– Allows Web authors to combine text, graphic images, audio, video, and
hyperlinks
• Web browser
– Displays the words, pictures, and other elements on a user’s screen
• Hypertext Transport Protocol (HTTP)
– Standards or protocols used by Web servers to distribute HTML
documents
– Subset of Transmission Control Protocol/Internet Protocol standards
(TCP/IP)
• Web browser on the user’s computer sends a request to a remote web server
– Web server responds by sending the HTML document to the user’s local
computer
– User’s web browser displays the document
• Transfer-and-store process
– Entire document is transferred and then stored on the local computer
before the browser displays it
– Creates opportunities for sending different types of malicious code to the
user’s computer
• Estimate: over 2.3 million emails are sent per second
• Two different email systems in use today
• An earlier email system uses two TCP/IP protocols:
– Simple Mail Transfer Protocol (SMTP)
• Handles outgoing mail
, – Post Office Protocol (POP or POP3)
• Responsible for incoming mail
Internet Mail Access Protocol (IMAP)
– A more recent and advanced email system
– Email remains on the email server and is not downloaded to user’s
computer
– Mail can be organized into folders on the server
– Can be read from any device
• Desktop computer, tablet, smartphone, etc…
– Current version is IMAP4
• Email attachments
– Documents attached to an email message
– Encoded in a special format
– Sent in a single transmission with email message
• Internet Security Risks
• Variety of risks from using the Internet
– Browser vulnerabilities
– Malvertising
– Drive-by-downloads
– Cookies
– Email risks
• Browser Vulnerabilities
(Browser receives html code translate it and show it as web page to the user.
If the html code is malicious the browser will show it without checking the
code, which is the browser vulnerabilities.)
• In early days of web, users viewed static content
– Information that does not change
• Today, users demand dynamic content
– Content that changes (animation or customized info)
• Scripting code
– Computer code that commands the browser to perform specific actions
– JavaScript is the most popular scripting code
• JavaScript
– Embedded in HTML document
