Electronic Commerce Infrastructure

Individual Assignment
(Wireless Security, Internet Security, Internet Viruses)

Name
UCD Number
NIBM Number
Batch

:
:
:
:

P.V.N. Withanage.
08297126
B08140
2008/2010

National University of Ireland, Dublin University College Dublin

Table of Content
WIRELESS SECURITY ........................................................................................................................... 3
Computer Network ..........................................................................................................................................................3
Types of Computer networks ..........................................................................................................................................3
What is Wireless Networking? ........................................................................................................................................4
The Use of Wireless Networking ....................................................................................................................................4
The benefits of wireless Networking includes.................................................................................................................4
How Does Wireless Work? .............................................................................................................................................5
Wireless Network System Components ..........................................................................................................................5
Users of wireless network ...............................................................................................................................................6
Computer Devices ...........................................................................................................................................................6
What is wireless security? ...............................................................................................................................................6
Why Wireless Security is important? ..............................................................................................................................7
How to eliminate the above risks security risks ..............................................................................................................8
Possible steps towards securing a wireless network include ...........................................................................................8
Some of the other methods of protecting wireless network are: ......................................................................................8
The key players of wireless network security..................................................................................................................9

INTERNET SECURITY.......................................................................................................................... 10
What is Internet? ...........................................................................................................................................................10
The Internet Society ......................................................................................................................................................10
Internet Security ............................................................................................................................................................11

INTERNET VIRUSES ............................................................................................................................ 14

What is a Virus? ............................................................................................................................................................14
Types of Viruses ............................................................................................................................................................14
The key players of Internet Virus Security ....................................................................................................................15

REFERENCES ...................................................................................................................................... 17
NOTES ................................................................................................................................................. 17

Wireless Security
Computer Network
A computer network is an interconnection of a group of computers. Networks may be classified by
what is called the network layer at which they operate according to basic reference models
considered as standards in the industry such as the four-layer Internet Protocol Suite model. While
the seven-layer Open Systems Interconnection (OSI) reference model is better known in academia,
the majority of networks use the Internet Protocol Suite (IP) as their network model.

Types of Computer networks

Virtual private Network(VPN)
Local Area Network (LAN)
Campus Area Network (CAN)
Metropolitan Area Network (MAN)
Storage-area Network (SAN)
Wide Area Network (WAN)
Global Area Network (GAN)
Internetwork
Intranet
Extranet

What is Wireless Networking?

While the term wireless network may technically be used
to refer to any type of computer network which is stated
above with wireless, the term is most commonly used to
refer to a telecommunications network whose
interconnections between computers is implemented
without the use of wires, such as a computer network
(which is a type of communications network). Wireless telecommunications networks are
generally implemented with some type of remote information transmission system that uses
electromagnetic waves, such as radio waves, for the carrier and this implementation usually
takes place at the physical level or "layer" of the network.

The Use of Wireless Networking

From time to time the use of wireless networking have increased
very rapidly, wireless has become popular due to ease of
installation, and location freedom with the gaining popularity of
laptops. Public businesses such as coffee shops or malls have begun
to offer wireless access to their customers; some are even provided
as a free service. Large wireless network projects are being put up
in many major cities. Google is even providing a free service to Mountain View, California
and has entered a bid to do the same for San Francisco. New York City has also begun a pilot
program to cover all five boroughs of the city with wireless Internet access.
The popularity of wireless LANs is a testament primarily to their convenience, cost
efficiency, and ease of integration with other networks and network components. The
majority of computers sold to consumers today come pre-equipped with all necessary
wireless LAN technology.

The benefits of wireless Networking includes

Convenience
The wireless nature of such networks allows users to access network resources from
nearly any convenient location within their primary networking environment (home
or office). With the increasing saturation of laptop-style computers, this is
particularly relevant.
Mobility
With the emergence of public wireless networks, users can access the internet even
outside their normal work environment. Most chain coffee shops, for example, offer
their customers a wireless connection to the internet at little or no cost.
Productivity
Users connected to a wireless network can maintain a nearly constant affiliation
with their desired network as they move from place to place. For a business, this
implies that an employee can potentially be more productive as his or her work can
be accomplished from any convenient location.

 Deployment
Initial setup of an infrastructure-based wireless network requires little more than a
single access point. Wired networks, on the other hand, have the additional cost and
complexity of actual physical cables being run to numerous locations (which can
even be impossible for hard-to-reach locations within a building).
Expandability
Wireless networks can serve a suddenly-increased number of clients with the
existing equipment. In a wired network, additional clients would require additional
wiring.
Cost
Wireless networking hardware is at worst a modest increase from wired
counterparts. This potentially increased cost is almost always more than outweighed
by the savings in cost and labor associated to running physical cables.

How Does Wireless Work?

Wireless networks utilize components similar to wired networks; however, wireless networks
must convert information signals into a form suitable for transmission through the air
medium. Even though wireless networks directly contribute only to a portion of the overall
network infrastructure, attention to all network functions is necessary to counter impairments
resulting from the wireless medium. This chapter discusses concepts common to all types of
wireless networks, with emphasis on components and information signals.

Wireless Network System Components

A wireless network consists of several components that support communications using radio
or light waves propagating through an air medium. Some of these elements overlap with
those of wired networks, but special consideration is necessary for all of these components
when deploying a wireless network. Below figure illustrates these primary components.

Users of wireless network

A user can be anything that directly utilizes the wireless network. One of the most common
types of user is a person. For example, a business traveler accessing the Internet from a
public wireless LAN at an airport is a user. In some cases, however, the user might not be
human. A robot, for example, might receive instructions over a wireless network from a
central computer that controls a manufacturing process. Because the wireless network exists
to serve the user, the user is the component that receives the benefits of a wireless network.
As a result, users are an important part of the wireless network.

Computer Devices
Many types of computer devices, sometimes referred to as clients, operate on a wireless
network. Some computer devices might be specifically designed for users, whereas some
computer devices are end systems. In generally, any computer device might communicate
with any other computer device on the same wireless network. Below figure illustrates an
assortment of computer devices for wireless networks.

What is wireless security?

In General - Wireless security is the prevention of unauthorized access or damage to
computers using wireless networks.

Why Wireless Security is important?

Wireless networks are very common, both for organizations and individuals. Many laptop
computers have wireless cards pre-installed. The ability to enter a network while mobile has
great benefits. However, wireless networking has many security issues. Crackers have found
wireless networks relatively easy to break into, and even use wireless technology to crack
into wired networks.
The risks to users of wireless technology have increased as the service has become more
popular. There were relatively few dangers when wireless technology was first introduced.
Crackers had not yet had time to latch on to the new technology and wireless was not
commonly found in the work place. However, there are a great number of security risks
associated with the current wireless protocols and encryption methods, and in the
carelessness and ignorance that exists at the user and corporate IT level. Cracking methods
have become much more sophisticated and innovative with wireless. Cracking has also
become much easier and more accessible with easy-to-use Windows-based and Linux-based
tools being made available on the web at no charge.
Also there are other issues such as a wired network been hacked using a wireless network
technology for instant - Some organizations that have no wireless access points installed do
not feel that they need to address wireless security concerns? There was a incident were a
group of company have estimated that 95% of all corporate laptop computers that were
planned to be purchased in 2005 were equipped with wireless. Issues can arise in a
supposedly non-wireless organization when a wireless laptop is plugged into the corporate
network. A cracker could sit out in the parking area and break in through the wireless card on
a laptop and gain access to the wired network.

There are several types of unauthorized access to computer networks

1. Accidental association
2. Malicious association
3. Ad-hoc networks
4. Non-traditional networks
5. Identity theft (MAC spoofing)
6. Man-in-the-middle attacks
7. Denial of service
8. Network injection
We could consider the above unauthorized access to computer networks types as threats to
any type of a network. A secured network should over come all the above factors to protect
its network from these threats.

How to eliminate the above risks security risks

Risks from crackers are sure to remain with us for any foreseeable future. The challenge for
IT personnel will be to keep one step ahead of crackers. Members of the IT field need to keep
learning about the types of attacks and what counter measures are available.
There are many technologies available to counteract wireless network intrusion, but currently
no method is absolutely secure. The best strategy may be to combine a number of security
measures.

Possible steps towards securing a wireless network include

All wireless LAN devices need to be secured.
All users of the wireless network need to be educated in wireless network security.
All wireless networks need to be actively monitored for weaknesses and breaches.

Some of the other methods of protecting wireless network are:

MAC ID Filtering
Most wireless access points contain some type of MAC ID filtering that allows the
administrator to only permit access to computers that have wireless functionalities that
contain certain MAC IDs.
Static IP Addressing
Disabling at least the IP Address assignment function of the network's DHCP server,
with the IP addresses of the various network devices then set by hand; will also make it
more difficult for a casual or unsophisticated intruder to log onto the network.
WEP encryption
WEP stands for Wired Equivalency Privacy. This encryption standard was the original
encryption standard for wireless. As its name implies, this standard was intended to
make wireless networks as secure as wired networks.
LEAP
This stands for the Lightweight Extensible Authentication Protocol. This protocol is
based on 802.1X and helps minimize the original security flaws by using WEP and a
sophisticated key management system.
PEAP
This stands for Protected Extensible Authentication Protocol. This protocol allows for a
secure transport of data, passwords, and encryption keys without the need of a
certificate server. This was developed by Cisco, Microsoft, and RSA Security.

 TKIP
This stands for Temporal Key Integrity Protocol and the acronym is pronounced as teekip. This is part of the IEEE 802.11i standard. TKIP implements per-packet key mixing
with a re-keying system and also provides a message integrity check. These avoid the
problems of WEP.

The key players of wireless network security

CISCO

Symantec
Check Point
Juniper
Trend Micro
D-Link
MacAfee

We expect to see the wireless network security technology to develop in

following areas in the next few years.

Currently the devices which is used for wireless networking doesnt contain all the
security features which is needed to secure the wireless network you need more than
one unit to include reasonable amount of security features. We expect new devices to
be developed which includes all the necessary security features such as - MAC ID
filtering, Static IP addressing, WEP encryption, LEAP, PEAP, TKIP, RADIUS,
WAPI, WPA, WPA2 etc.

Also these features should enabled by default. So that even a non computer professional
user want to implement a wireless network at his/he home! They can make sure that the
network is secured

We expect the technology to be implemented in every geographic area. So that users

can access the internet in a secured way where ever they go.

We expect the all the wireless routers to distribute a trusted radio waves which doesnt
fade for a given geographic distribution location.

Internet Security
What is Internet?
The Internet, sometimes called simply "the Net," is a worldwide system of computer
networks - a network of networks in which users at any one computer can, if they have
permission, get information from any other computer (and sometimes talk directly to users at
other computers). It was conceived by the Advanced Research Projects Agency (ARPA) of
the U.S. government in 1969 and was first known as the ARPANET. The original aim was to
create a network that would allow users of a research computer at one university to be able to
"talk to" research computers at other universities. A side benefit of Arpanets design was that,
because messages could be routed or rerouted in more than one direction, the network could
continue to function even if parts of it were destroyed in the event of a military attack or
other disaster.
Today, the Internet is a public, cooperative, and self-sustaining facility accessible to hundreds
of millions of people worldwide. Physically, the Internet uses a portion of the total resources
of the currently existing public telecommunication networks. Technically, what distinguishes
the Internet is its use of a set of protocols called TCP/IP (for Transmission Control
Protocol/Internet Protocol). Two recent adaptations of Internet technology, the intranet and
the extranet, also make use of the TCP/IP protocol.
The most widely used part of the Internet is the World Wide Web (often abbreviated
"WWW" or called "the Web"). Its outstanding feature is hypertext, a method of instant crossreferencing. In most Web sites, certain words or phrases appear in text of a different color
than the rest; often this text is also underlined. When you select one of these words or
phrases, you will be transferred to the site or page that is relevant to this word or phrase.
Sometimes there are buttons, images, or portions of images that are "clickable." If you move
the pointer over a spot on a Web site and the pointer changes into a hand, this indicates that
you can click and be transferred to another site. The standards for internet have been created
by the internet society.

The Internet Society

The Internet Society (ISOC) is a nonprofit organization founded in 1992 to provide
leadership in Internet related standards, education, and policy. With offices in Washington,
DC, USA, and Geneva, Switzerland, it is dedicated to ensuring the open development,
evolution and use of the Internet for the benefit of people throughout the world.
The Internet Society provides leadership in addressing issues that confront the future of the
Internet, and is the organization home for the groups responsible for Internet infrastructure
standards, including the Internet Engineering Task Force (IETF) and the Internet Architecture
Board (IAB).
The Internet Society acts not only as a global clearinghouse for Internet information and
education but also as a facilitator and coordinator of Internet-related initiatives around the
world. For over 15 years ISOC has run international network training programs for
developing countries and these have played a vital role in setting up the Internet connections
and networks in virtually every country connecting to the Internet during this time.

10

Internet Security
Internet security is the prevention of unauthorized access and/or damage to computer
systems via internet access. Most security measures involve data encryption and
passwords. Data encryption is the translation of data into a form that is unintelligible
without a deciphering mechanism. A password is a secret word or phrase that gives a
user access to a particular program or system.
Internet security has become a serious issue for anyone connected to the net. Even if you
don't think you have anything worth protecting on your computer, it's still important that you
keep it locked down.
Your files are not the only thing at stake here. If someone gains access to your computer, it
can be used as a "zombie" for hacking into other computer, hiding the trail of the person who
is actually doing it.
How would you like to get a call from your local police telling you that there's been a virus
attack that has been traced back to your computer?
No, even if your computer isn't used for anything critical you need to run security software
such as an antivirus and a firewall.
These programs will keep your computer "hidden" from prying eyes over the internet, as well
as protected from viruses and other malware that can be spread through email or other
methods.
You also need to make sure you're familiar with the different types of security threats so you
can deal with them if they ever come up.

Internet security professionals should be fluent in the four major aspects:

Penetration testing

Intrusion Detection

Incidence Response

Legal / Audit Compliance

What devises or what method should be used to secure the threats from
internet.

Routers
Network Address Translation (NAT) typically has the effect of preventing connections
from being established inbound into a computer, whilst permitting connections out. For a
small home network, software NAT can be used on the computer with the Internet
connection, providing similar behavior to a router and similar levels of security, but for a
lower cost and lower complexity.

11

Firewalls
A firewall blocks all "roads and cars" through authorized ports on your computer, thus
restricting unfettered access. A stateful firewall is a more secure form of firewall, and
system administrators often combine a proxy firewall with a packet-filtering firewall to
create a highly secure system. Most home users use a software firewall. These types of
firewalls can create a log file where it records all the connection details (including
connection attempts) with the PC.

Virus Guards
A virus guard will prevent your computer been infected by viruses, spy ware, malware
etc. Virus guard will protect your computer from been infected from the above
mentioned threats both when you are on the net as well as when you are offline and also
it will clean and disinfect the existing viruses on your computer if it exists. When you
consider the current situation a virus guard has become essential resource for computer.

Above figure will illustrate how to implement a security system to prevent the threats from the
internet.

Basically, a firewall is a barrier to keep destructive forces away from your property. In fact, that's
why its called a firewall. Its job is similar to a physical firewall that keeps a fire from spreading
from one area to the next. As you read through this article, you will learn more about firewalls,
how they work and what kinds of threats they can protect you from.

12

We expect to see the Internet Security technology to develop in following areas

in the next few years.

Currently internet contains millions of malicious pages! And mainly these sites are
used for purposes such as theft! We w expect the Internet Society to try and implement
a method eliminate these pages from the internet.

Also we expect the internet browser to be more intelligent in regard to these security
issues on the internet.

The key players of Internet Security

IBM.

Symantec.

Trend Micro

AVG

Sophose

MacAfee

Zone Alarm etc.

13

Internet Viruses
What is a Virus?
A program or piece of code that is loaded onto your computer without your knowledge and
runs against your wishes. Viruses can also replicate themselves. All computer viruses are
manmade. A simple virus that can make a copy of itself over and over again is relatively easy
to produce. Even such a simple virus is dangerous because it will quickly use all available
memory and bring the system to a halt. An even more dangerous type of virus is one capable
of transmitting itself across networks and bypassing security systems.
Since 1987, when a virus infected ARPANET, a large network used by the Defense
Department and many universities, many antivirus programs have become available. These
programs periodically check your computer system for the best-known types of viruses.
Some people distinguish between general viruses and worms. A worm is a special type of
virus that can replicate it self and use memory, but cannot attach itself to other programs but I
consider worm as a virus.

Types of Viruses

Malware
Malware is software designed to infiltrate or damage a computer system without the
owner's informed consent. It is a portmanteau of the words malicious and software. The
expression is a general term used by computer professionals to mean a variety of forms
of hostile, intrusive, or annoying software or program code.

Metamorphic code
In computer virus terms, metamorphic code is code that can reprogram itself. Often, it
does this by translating its own code into a temporary representation, edit the temporary
representation of itself, and then write itself back to normal code again. This procedure
is done with the virus itself, and thus also the metamorphic engine itself undergoes
changes. This is used by some viruses when they are about to infect new files, and the
result is that the "children" will never look like their parents. The computer viruses that
use this technique do this in order to avoid the pattern recognition of anti-virus
software: the actual algorithm does not change, but everything else might.

Computer worm
A computer worm is a self-replicating computer program. It uses a network to send
copies of itself to other nodes (computer terminals on the network) and it may do so
without any user intervention. Unlike a virus, it does not need to attach itself to an
existing program. Worms almost always cause harm to the network, if only by
consuming bandwidth, whereas viruses almost always corrupt or modify files on a
targeted computer.

14

Trojan horse
This article refers to a form of malware in computing terminology. For other meanings,
see Trojan horse (disambiguation)
In the context of computing and software, a Trojan horse, or simply Trojan, is a piece
of software which appears to perform a certain action but in fact performs another such
as a computer virus. Contrary to popular belief, this action, usually encoded in a hidden
payload, may or may not be actually malicious, but Trojan horses are notorious today
for their use in the installation of backdoor programs. Simply put, a Trojan horse is not
a computer virus. Unlike such malware, it does not propagate by self-replication but
relies heavily on the exploitation of an end-user (see Social engineering). It is instead a
categorical attribute which can encompass many different forms of codes. Therefore, a
computer worm or virus may be a Trojan horse. The term is derived from the classical
story of the Trojan horse.

Spy Ware
Spy ware is computer software that is installed surreptitiously on a personal computer
to intercept or take partial control over the user's interaction with the computer, without
the user's informed consent.
While the term spy ware suggests software that secretly monitors the user's behavior,
the functions of spy ware extend well beyond simple monitoring. Spy ware programs
can collect various types of personal information, such as Internet surfing habit, sites
that have been visited, but can also interfere with user control of the computer in other
ways, such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses, or diverting
advertising revenue to a third party. Spy ware can even change computer settings,
resulting in slow connection speeds, different home pages, and loss of Internet or other
programs. In an attempt to increase the understanding of spy ware, a more formal
classification of its included software types is captured under the term privacy-invasive
software.

The key players of Internet Virus Security

Macafee

Symantec

Trend Micro

AVG

Sophose

Kaspersky

Zone Alarm

Panda

F-Secure

Lithium Pen Pal (The first Sri Lankan Antivirus)

15

We expect to see the Internet Virus Security technology to develop in following

areas in the next few years

According to my knowledge most of these viruses on the internet comes when you
brows porn sites so my fact is to eliminate these porn sites or warn the owner of them
for their content of viruses on their web sites. This is a responsibility of all the ISPs
around the world.

Have more sophisticated online virus scanners to eliminate viruses once they are
available on the World Wide Web.

Currently most of these virus guards doesnt protect computers from each and every
type of viruses. Therefore we create Lithium Pen Pal virus guards to consider this
fact and develop an efficient virus guards which does not take much of the computer
recourses.

About Lithium Pen Pal

Lithium Pen Pal was developed by a collage student of National Institute of Business Management Sri
Lanka around April 2007. Lithium Pen Pal is a Co-Antivirus software that is designed to support people
in Sri Lanka to who has to wait for virus definitions for a long time until foreign companies create
definitions to the Sri Lankan virus pool. Lithium Pen Pal promises quick updates on virus definitions
and the smooth run of your systems. You can use Lithium Pen Pal to defend your PC against computer
viruses and other various threats that can make your system slow, unreliable or unusable.
The software was initiated as a individual experiment and due to proven success of 8 months of alpha
testing at NIBM Labs, the NIBM Governing council accepted the software to be up to the standards of
the industry and deployed in their premises. NIBM Labs hosted the testing ground for the developer and
carries the title to this date.
Today
Lithium Pen Pal started its beta releases on February 1st 2008 and looking forward for a brighter future
in antivirus industry, protecting data and saving time of Sri Lankan computer users.
Visit: www.lithium.lk

16

References
Wireless Security, Internet Security
Data Communication and Networking (Fourth Edition)
Author -: Forouzan

Internet Viruses
Lithium Pen Pal (The first Sri Lankan Antivirus Software)
Visit: www.lithium.lk

Notes

17