Page 220 - DCAP207_NETWORKS_DCAP406_COMPUTER_NETWORKS
P. 220
Unit 14: Network Security
levels of network security. This helps at the instance when login information is Notes
compromised, the damage can at least be limited in scope.
6. Maliciously-Coded Websites: Maliciously coded Websites create chartable websites
enabling a user to make donations and thus stealing the vital personal information.
Maliciously coded websites are also used to enter networks for installing keylogger.
Information regarding some charitable institution should be obtained from security
certified sites.
7. Password Attacks: A ‘Password Attack’ includes a number of techniques used by hackers
to steal passwords. Some of them are listed below:
Brute-force: It is method in which a hacker tries to guess a password by repeatedly
entering in new combinations of words and phrases compiled from a dictionary to
steal the password. Developing difficult to guess usernames and passwords can
prevent it.
Packet sniffers: It has been discussed above.
IP-spoofing: Like honeypots, IP spoofing involves the interception of data packets by
a computer successfully pretending to be a trusted server/resource.
8. Zombie Computers and Botnets: ‘Zombie’ computer is a computer under seize of a spammer
who has infected the computer attached to a network with malware so that it acts as a tool
of a spammer by silently sending out thousands of emails from the owner’s email address.
Thus, an innocent user’s computer sends thousands of spam messages without the
knowledge of the user. The spammers organize zombie computers into small groups
called ‘botnets’. These ‘botnets’ then transmits spam including phishing attempts, viruses
and worms. The botnets normally send spamming and phishing attacks.
9. Denial-of-Service attack (DoS): Denial-of-Service attack (DoS) is an attack method to
deny the access to webpages of a website or network to the legitimate users.
14.4 Data Encryption
Encryption is a technique to hide data from unauthorized persons by encoding data so that it
may not viewed and modified. The process of data encryption involves converting the data into
encrypted data called ciphertext using a mathematical formula called an algorithm. These
algorithms generate a key and then encapsulate the message with this key. Two types of
encryptions such as asymmetric and symmetric are in vogue. The presentation layer deals with
the translation, encryption/decryption, authentication and compression, which are explained
as below:
14.4.1 Translation
It converts the complex data structures used by an application strings, integers, structures, etc.
into a byte stream that may be transmitted across the network. The message is represented in
such a way that communicating machines agree to the format of the data being exchanged. For
example, ASCII or EBCDIC character set.
The translation may be direct or indirect. In direct translation method, ASCII code is translated
as the EBCDIC at the destination machine. In the indirect method, the ASCII code is first translated
to a standard format at the source machine itself before transmission. The destination machine
converts it into EBCDIC code. Direct method is not desirable with obvious reason as the
destination machine needs to deal with several computers in the network and therefore are
required to have a table of conversion for different data formats. The indirect method that
LOVELY PROFESSIONAL UNIVERSITY 213
