Internet Security

Web Security

• URL (Uniform Resource Locator): Identifies the address of a web page.

• HTML (Hypertext Markup Language): The standard markup language for documents designed to be displayed in a web browser.

• Web Page: A document formatted in HTML that can include text, images, and interactive elements.

• Client-Side Scripts: Executed by the client (browser). E.g., JavaScript.

• Server-Side Scripts: Executed by the server before sending data to the client. E.g., PHP, Python.

• Cookies: Used to track the state of individual visitors for maintaining sessions (e.g., shopping cart data).

• Session Management: Involves tracking user interactions using cookies and scripting languages.

Threats to Web Applications

• Cross-Site Scripting (XSS): A script modifies files or software on the client’s device, often from a malicious website.

• Server Authentication Failures:

  • Domain mismatch: May or may not be an issue.

  • Expired certificates: Often still safe.

  • Revoked certificates: Unsafe.

  • Invalid digital signature: Unsafe.

• Server Masquerades: Attacks that undermine SSL/TLS encryption by using bogus certificates or stolen private keys.

• SQL Injection: A type of attack that manipulates a website's database through malformed input (e.g., in a form).

Protection for Web Applications

• Client-Side Security:

  • Same Origin Policy: Ensures that scripts are restricted to the same domain, protocol, and port.

  • Sandboxing: Limits the script’s ability to access client resources.

• SSL/TLS (Secure Sockets Layer/Transport Layer Security): Ensures encrypted communication and server authentication.

Email Security

• Email Standards:

  • Formatting Standards: Define layout, attachments, and encoding.

  • Protocol Standards: Define how messages are exchanged between servers and users.

  • MIME (Multipurpose Internet Mail Extensions): Encodes non-ASCII content (e.g., images, encrypted data) in emails.

Email Protocols

• Mailbox Protocols: Allow email retrieval from a server.

  • POP3: Simple protocol for retrieving email.

  • IMAP: More advanced, allows synchronized email management.

  • MAPI: Microsoft-specific, used with Exchange.

• Delivery Protocols: Used to send emails between servers.

  • SMTP (Simple Mail Transfer Protocol): Used for sending emails.

Email Security Issues

• Sniffing Risks: Unauthorized interception of email.

• Spam: Unsolicited emails often involved in fraud or illegal activity.

• Phishing: Fraudulent emails directing users to fake websites to steal credentials.

• Email Viruses: Malicious attachments that spread via email.

Email Protection

• DKIM (DomainKeys Identified Mail): Prevents email spoofing by verifying sender addresses.

• SPF (Sender Policy Framework): Ensures email comes from authorized servers.

• DMARC (Domain-based Message Authentication, Reporting, and Conformance): Determines if DKIM or SPF is in play.

• Spam Prevention:

  • Whitelists: Lists of email servers that avoid handling spam.

  • Blacklists: Lists of servers identified as sending spam.

  • Pattern Matching: Filters emails based on known spam patterns.

Phishing:

• A social engineering attack using fraudulent emails to gather user credentials.

• Example: Spam directing users to a fake banking website.

Email Viruses:

• Contain executable attachments that propagate the virus when opened. Often spread to email contacts from the infected user's address book.

Conclusion

• Web security involves protecting against attacks such as SQL injections, XSS, and server masquerades. Key protections include SSL/TLS and scripting defenses.

• Email security addresses threats like phishing, spam, and email viruses. Protections include DKIM, SPF, and DMARC for authentication, along with email filtering techniques.