* 11 *

Internet security

Self-test questions

  1. Explain why there is a need for a secure version of DNS. What is wrong with DNS today, and how does DNSSEC improve on this situation?
  2. Describe the process by which SSL negotiates security properties for encryption during connection to a remote host.
  3. Explain the difference between HTTPS and SET (Secure electronic transactions) for making online purchases.

Graded problems

The purpose of this week's problems is to get you to think about how the things you have learned in the previous weeks fit together into the "big picture". Internet security is no different than any other kind of security. It is just more extensive!

  1. Draw a fault tree for a host machine attached to a local area network. Hint: the type of operating system will make a difference to the availabilty of access controls etc.
  2. The functioning of most parts of the Internet depends heavily on the DNS (Domain Name Service).
  3. As we have seen earlier, bugs in systems can be exploited in often surprising ways. The IPv4 protocol is a simple protocol, designed in an age when normal users did not have their own access to a network.
  4. IPSec, or secure IP, was designed as part of IPv6. CIDR masks on routers IPSec filters on windows 2000 IP chains linux

    Host based security versus firewall... User based versus host based...

    SIGNATURES -- PGP stuff....