Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Understanding Internet Privacy and Security

Verified

Added on 2020/03/16

AI Summary

This assignment delves into the crucial topic of internet privacy and security. It examines various aspects, including types of internet privacy threats, the importance of secure communication protocols like HTTPS and Virtual Private Networks (VPNs), and ethical considerations surrounding online data protection. Students will gain a deeper understanding of the complexities involved in safeguarding their information in the digital world.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Advanced Network Security

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Table of Contents
Question 1: Firewall................................................................................................2
Question 2. WiFi Security.......................................................................................4
Question 3. Access Control.....................................................................................7
Question 4. HTTPS and Certificates.....................................................................8
Question 5. Internet Privacy.................................................................................10
References..............................................................................................................16
1

Question 1: Firewall
2

IP Tables - firewall software
IP Tables are the modules that are mainly used to interrelate the command outlines in
order to refer as well as fix the firewall rubrics in the form of table (Mankell and Segerberg,
2012) Mills, D. (n.d.). Firewall..
Default Policies
IP Tables contains the pre-defined chains. It is also named as the Default Policies. There
are 3 default policies. These Default Policies are tested against with the IP packets and a decision
is prepared to agree or deny the overall process.
3

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

Two common Default Policies
i. INPUT
ii. OUTPUT
INPUT
In the INPUT default policy, all the IP packets are intended to have their endpoint to the
host system.
OUTPUT
In the INPUT default policy, all the IP packets are intended to have their source from the
host system. The one more main default policy is FORWARD default policy.
Tradeoffs among the policies
Trade off or balance measure among the default policies is accepted out using the
FORWARD default policy and the IP packets namely ACCEPT AND DROP.
Question 2. WiFi Security
Answer
(a)Wi-Fi Protected Access (WPA)
Wi-Fi Protected Access is one of the security standard for the users of computing devices
equipped with the help of Wi-Fi. It is very stronger encryption algorithm which is produced by
the networking industry to modify the problems that is associated with the WEP (Laurent-
Maknavicius and Chaouchi, 2008). It enhanced upon and exchanged the unique Wi-Fi safety
standard, Wired Equivalent Privacy (WEP). The devices are linked to a WPA encrypted wireless
network, which can uses the rent keys that are dynamically altered for the communication
purpose.
4

If any request rises to alter the global key, WPA will spontaneously promote the new
security key to each and every devices on the same network without taking to manually variation
them (Aissi, Dabbous and Prasad, 2006).
Disadvantages
i. Incompatibility with the legacy hardware
ii. Increase the data packet size which leads to the longer transmission (Milliken, Selis and
Marshall, 2013).
Radio cell size is generally controlled by the transmitted power level of the wireless
device and controls interference among the radio cells. The extreme transmit power is restricted
according to regulatory region. An improper mixture of transmit power level and the antenna
increase the result in corresponding isotropic emitted power that surpasses the amount permitted
per regulatory domain.
The AP can uses the Omni directional and di-pole antenna for the communication
purpose. By altering the transmit power, the access point of the radio range is altered. The radio
range of the WI-FI is rely on the antenna power gain. To control the radio range, only one
antenna should be used in the network (Wright, 2000).
(c)RADIUS Authentication
The RADIUS (Remote Authentication Dial In User Service) protocol was initially well-
defined to allow the centralized authentication, access control and authorization for point to point
process (PPP) and SLIP dial up sessions like these prepared to dial up internet service provider
(ISP). In its place of need every NAS (network access server) to develop a list of authorized
login id and passwords. The Remote Authentication Dial In User Service access the request are
passed to AAA server and authentication server. Once the user will connects, then the network
access server transmits the RADIUS access request message to authentication, authorization and
accounting server (AAA server), relaying information such as login id and passwords, type of
port, identity of NAS and message authenticator. All of these Remote Authentication Dial In
User Service messages are passed by User Datagram Protocol which provides a sequence
number, message type, Authenticator, length, and sequence of Attribute-Value sets. When the
user need to connect to Wi-Fi network with RADIUS certification, devices establishes the
5

communication with access points and request the access to network. The access point carried
out the request to RADIUS server that returns a recommendation request back to user through
the access points.
Advantages
1. A wide range of implementation choices
The RADIUS will be implemented as a dedicated on premise server, with help of purchased
RADIUS server software or open source such as free RADIUS. Many network devices and
server operating systems have RADIUS built in, so that does not require the additional software
and hardware id needed.
2. individualized authentication
Each and every user is assigned different credential for accessing the Wi-Fi network.
3. synchronization with active directory
The device could not set up so the user network directory passwords are needs to authenticate on
Wi-Fi network, enabling one sign on for users.
Disadvantage
It uses User Data Protocol for information sharing among the NAS and the
authentication server only the password is encoded and all the information are directed in a text
format that is vulnerable to eavesdropping attacks.
(d)Manual detection of rouge APs
A rouge access point (AP) is an unauthorized access points which is plugged underwired
side of network. The Aruba operating system provides the rouge access point’s detection
functionality accessible in base OS. Formerly the Aruba operating system could categorize the
access points as a rouge and constantly provide it, the operating system should detect the access
points, detect any base station that related to it, and detect the wired system with that challenges
to interconnect.
Advantages
1. The benefits are lower time-to-detection. When the monitor mode Access Points s are
additionally configured with Adaptive Internet Service Provider, a wide range of over-
the-air dangers and attacks will be detected.
2. Many data attackers have taken advantage of unobserved rogue access points in
initiatives to not only get free Internet access, but also to view the private information.
6

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Disadvantage
Radio Frequency scanning needs more time and it is boring, that detect the rogue Access
Point only, when scanning is processed. RF scanning technique is also do influence on the
costing and also it is not so accurate and effective.
Question 3. Access Control
The password and user name information is stored at the database in the organization website. It
is stored in the encrypted form,that is hash format with salt. Because the hacker uses the random
table to find out the password in the database even the password is in the form of hash values.
The passwords is divided into two types. That is administratively assigned and another
one is not administratively assigned. In case of the secure passwords that are not administratively
assigned, the system fails to identify that 2 user have used the same passwords. The passwords
are kept in Hash table with in the file or a database. The password length, combination of special
characters, use of capital and small letter can makes the passwords difficult and the hash value of
the difficult passwords. And these passwords are hard to track (Zhang et al., 2004). This is the
7

important reason why even after a cruel attack, the hacker was not able to hack the strong
passwords.
The password is stored in the hash of a salted form. The long random salt is combined with the
users password, after the combined process the hash value is calculated for the combined
password and salt. This value is stored in the website database.so it made difficult for the
malicious user.
Question 4. HTTPS and Certificates
Each client have their own certificate, it is called as client certificate. For the purpose of
authenticating so that the client for using the server certificate, client certificate is sent to the
server (Instantssl.com, 2017). HTTP protocol provides a link that could connect the server and
the client. Digital server certificate is essential to create a HTTP (Blackstone and Lewis, 2007).
The server certificate id verification is made by the codes assistance, these codes are
called as response codes. 1XX, 2XX, 3XX, 4XX AND 5XX are some of the response code that
is provide by the server certificate. These codes has a number of sub codes in it, each sub code is
responsible for different type of responses.
8

For the purpose of generating the digital signatures Public keys are used. A corresponding
private key is used constructing the public key(Robert Heaton, 2017).
Algorithm
 Hash value is created with the hashing algorithm this is the initial phase of the signature
generation.
 By owner’s private key the hash value get signed.
 Verification is done over the signature.
 A message and the signature is required for the verification process.
 Then the hash value is been verified against the signature that is used in the public key.
It should be kept in memory that each and every certificate that is been issued by the CA
can be compromised while a particular CA is compromised. Several types of attack like
unauthorized access, malicious code attack, Denial of Service attack and unsuitable usage can be
caused while proceeding the CA compromising.
9

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

Question 5. Internet Privacy
1. An explanation of the technique
Web proxy
Web proxies are used to change the IP addresses during the process of browsing. By
using this, one could change the IP addresses in quick and easy way (Levmore and Nussbaum,
2012). It is portable one. Because it doesn’t need any additional software installation and
computer network setting modification. It provides the web pages. It serves as a search engine. It
provides SSL security for Web (Harvard Gazette, 2017). It is used for encrypting process. It
encrypts the communication between the proxy and user. It is common to the some type proxy
such as advertisement removal, user agent masking and cookie management. Its cache could be
used for all users.
TOR
TOR stands for The Onion Router. It is an administration. It is provided for using the
internet with security. With the help of TOR, IP addresses is removed the locals. It provide the
access for clients to interface the system by enabling the immediate association (Kasser, 2000).
10

VPN
The abbreviation of VPN is Virtual Private Network. It has the encryption tool. By using
the encryption tool, the internet users protect their information or data. The content restrictions
problem is removed by the VPN. In the VPN, the user has ability to enable the sports streams,
chat on forums and download the music. The blocked data or information in the web could be
accessed by the internet user with the help of VPN. The users access the internet from the VPN
server, because the VPN connections are provided to the VPN server. The VPN connections are
also used at mobile, laptops and desktop. Several types of VPN are there. The VPN is separated
based on the protocol, security and scope. Types of VPN Protocols PPTP, SSTP, OPEN VPN,
IKENv2 and L2TP/IPsec. To avoid the content blocks during the browsing, the IP addresses are
changed. The VPN is used to change the IP address. It is also helpful to reduce IP bans across the
web (Cis-india.org, 2017).
Benefits of VPN
1. It provides secure connection
2. Private access is provided by the VPN
3. It has high speed bandwidth.
4. It has the ability to choose location according to the need of user.
5. It has perfect Usability.
11

2. A diagram showing the addresses learnt by a malicious user if the technique is used.
Web proxy
The hacker hack IP address or domain name of the client using DDOS attack. He sends
information to server through the web proxy such a client.
12

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

TOR
The user access the information from the internet through the TOR network. TOR network is
used to protect the user information by encrypting a data.so the user information cannot be
accessed by the malicious user.
13

VPN
VPN is a virtual private network, which provide the security for the user. This method used to
increase the network security and privacy to both the private and public networks, such as
Internet and Wi-Fi Hotspots. Often it is used by the many organizations to protect their
confidential information.
14

3. A recommendation of who or what this technique is good for(consider the
advantages of this technique compared to the other techniques, and consider the
skills and/or requirements of different users)
Compared to the three Technologies, the VPN has more advantages and skills for the
users.
Advantages of Web Proxy
1. It is ideal for web surfing.
2. It has ability to loosen the geo-restricted streaming sites.
3. It is used to prevent the network and internet restrictions.
4. To use the proxy, cost is not needed.
Disadvantages
1. The third party could easily access the data. Because the data is not in encrypted form.
2. It is inconvenient one.
3. Many web proxy are blocked by website.so it is has no use.
Advantages of TOR
1. The ISP has ability to told the browsed data.
2. To loosen the geo-restricted sites.
3. It requires no cost.
4. the combination of TOR and VPN is perfect.
Disadvantages of TOR
1. It requires bandwidth.
2. It is slow for unlocking the US websites.
Advantages of VPN
1. It is faster compared to the TOR and Proxy.
2. It has anti DDOS protection and anti-malware.
3. It has ability to exhaust the stiff competition.
4. It has the ability to unblock the US based websites.
Disadvantage of VPN
1. It is expensive one.
15

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4.What a malicious user would need to do to compromise the privacy (i.e. Learn both C
and S) if the technique was used.
Web proxy
The DDOS attack is done in the Web proxy. DDOS stands for Distributed denial of
service. It provide the in access to the intended users. Two methods of DDOS attack is happen.
Flood attack and crashing service. The flood attack is happen, when the system occurs more
traffic from server to buffer. It reduce speed of the system.
TOR
NSA attack is happen at the TOR. It creates the Fingerprints, to find the HTTP request
from TOR network to server. It is loaded to the database of the NSA system. By using the
analysis tool like turmoil, the NSA provide network traffic on the internet.
VPN
The session Hijacks attacks is done in the VPN. The hackers stole the sequence numbers and IP
addresses. When the communication is running between server and client, that time the attackers
start their process. The hacking is depend on the server security.
16

References
Aissi, S., Dabbous, N. and Prasad, A. (2006). Security for mobile networks and platforms.
Norwood, Mass.: Artech House.
Blackstone, W. and Lewis, W. (2007). Commentaries on the laws of England. Clark, NJ:
Lawbook Exchange.
Cis-india.org. (2017). Internet Privacy in India — The Centre for Internet and Society. [online]
Available at: https://cis-india.org/telecom/knowledge-repository-on-internet-access/internet-
privacy-in-india [Accessed 6 Oct. 2017].
French, S. and Pendarakis, D. (2004). Optical Virtual Private Networks: Applications,
Functionality and Implementation. Photonic Network Communications, 7(3), pp.227-238.
Harvard Gazette. (2017). When it comes to internet privacy, be very afraid, analyst suggests.
[online] Available at: https://news.harvard.edu/gazette/story/2017/08/when-it-comes-to-internet-
privacy-be-very-afraid-analyst-suggests/ [Accessed 6 Oct. 2017].
Instantssl.com. (2017). HTTP to HTTPS | What is a HTTPS Certificate. [online] Available at:
https://www.instantssl.com/ssl-certificate-products/https.html [Accessed 6 Oct. 2017].
Kasser, B. (2000). Practical Internet. Indianapolis, Ind.: Que.
Larson, S. (2017). The uncertain future of Internet privacy. [online] CNNMoney. Available at:
http://money.cnn.com/2017/04/05/technology/internet-privacy-future/index.html [Accessed 6
Oct. 2017].
Laurent-Maknavicius, M. and Chaouchi, H. (2008). Mobile and wireless networks security.
Singapore: World Scientific.
Levmore, S. and Nussbaum, M. (2012). The offensive Internet. Cambridge, Mass.: Harvard
University Press.
Mankell, H. and Segerberg, E. (2012). Firewall. London: Vintage.
Milliken, J., Selis, V. and Marshall, A. (2013). Detection and analysis of the Chameleon WiFi
access point virus. EURASIP Journal on Information Security, 2013(1).
Mills, D. (n.d.). Firewall.
Robert Heaton. (2017). How does HTTPS actually work? | Robert Heaton. [online] Available at:
https://robertheaton.com/2014/03/27/how-does-https-actually-work/ [Accessed 6 Oct. 2017].
Wright, M. (2000). Virtual Private Network Security. Network Security, 2000(7), pp.11-14.
17

Zhang, Z., Zhang, Y., Chu, X. and Li, B. (2004). An Overview of Virtual Private Network
(VPN): IP VPN and Optical VPN. Photonic Network Communications, 7(3), pp.213-225.
18

1 out of 19

+13062052269

info@desklib.com

Understanding Internet Privacy and Security

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Network Security and Internet Privacy

Wireless Network Security Analysis

Wireless Network Security Analysis

Web Proxies, VPNs, and Tor: Anonymity, Security, and Privacy

Network Security and Internet Privacy

Network Security Essentials