DIRE DAWA UNIVERSITY

COLLEGE OF COMPUTING

DEPARTMENT OF COMPUTER SCIENCE

GROUP ASSIGNEMENT

Prepared By:
Name ID
1. Abel Kidane E/704/11
2. Leoul Tewodros E/730/11
3. Michael Tolera E/735/11
4. Nikodimos Endashaw E/740/11
5. Tesfa Simachew E/745/11

Submitted to : - Teacher Emuye

What is Computer Security?
Computer Security is the protection of computing systems and the data
that they store or access.
Computer Security allows the University to carry out its mission by:
- Enabling people to carry out their jobs, education, and research
- Supporting critical business processes
- Protecting personal and sensitive information
Security is keeping unauthorized entities from doing things you do not
want them access. Confidentiality, integrity, availability many cyber-security
threats are largely avoidable by the user.
- Use good, cryptic passwords that can’t be easily guessed and keep your
passwords secret
- Make sure your computer, devices and applications are current and up to
date
- Make sure your computer is protected with up-to-date anti-virus and
anti-spyware software
- Don’t click on unknown or unsolicited links or attachments, and don’t
download unknown files or programs onto your computer or other devices
- Remember that information and passwords sent via standard, unencrypted
wireless are especially easy for hackers to intercept
- To help reduce the risk, look for “https” in the URL before you enter any
sensitive information or a password (the “s” stands for “secure”)
What are the consequences for security violations?
Risk to security and integrity of personal or confidential information
E.g. identity theft, data corruption or destruction, lack of availability of critical
information in an emergency, etc.
- Loss of valuable business information
- Loss of employee and public trust, embarrassment, bad publicity, media
coverage, news reports
- Costly reporting requirements in the case of a compromise of certain types
of personal, financial and health information

Types of Security Mechanism

Network Security is field in computer technology that deals with ensuring

security of computer network infrastructure. As the network is very necessary
for sharing of information whether it is at hardware level such as printer,
scanner, or at software level. Therefore security mechanism can also be
termed as is set of processes that deal with recovery from security attack.
Various mechanisms are designed to recover from these specific attacks at
various protocol layers.
Types of Security Mechanism are :
1. Encipherment :- This security mechanism deals with hiding and covering of
data which helps data to become confidential. It is achieved by applying
mathematical calculations or algorithms which reconstruct information into
not readable form. It is achieved by two famous techniques named
Cryptography and Encipherment. Level of data encryption is dependent on
the algorithm used for encipherment.
2. Access Control :- This mechanism is used to stop unattended access to
data which you are sending. It can be achieved by various techniques such as
applying passwords, using firewall, or just by adding PIN to data.
3. Notarization :- This security mechanism involves use of trusted third party
in communication. It acts as mediator between sender and receiver so that if
any chance of conflict is reduced. This mediator keeps record of requests
made by sender to receiver for later denied.
4. Data Integrity :- This security mechanism is used by appending value to
data to which is created by data itself. It is similar to sending packet of
information known to both sending and receiving parties and checked before
and after data is received. When this packet or data which is appended is
checked and is the same while sending and receiving data integrity is
maintained.
5. Authentication exchange :- This security mechanism deals with identity to
be known in communication. This is achieved at the TCP/IP layer where
two-way handshaking mechanism is used to ensure data is sent or not
6. Bit stuffing :- This security mechanism is used to add some extra bits into
data which is being transmitted. It helps data to be checked at the receiving
end and is achieved by Even parity or Odd Parity.
7. Digital Signature:- This security mechanism is achieved by adding digital
data that is not visible to eyes. It is form of electronic signature which is added
by sender which is checked by receiver electronically. This mechanism is
used to preserve data which is not more confidential but sender’s identity is to
be notified.

What is firewall and how does it work?

- A firewall is a system that provides network security by filtering incoming

and outgoing network traffic based on a set of user-defined rules. In general,
the purpose of a firewall is to reduce or eliminate the occurrence of unwanted
network communications while allowing all legitimate communication to flow
freely. In most server infrastructures, firewalls provide an essential layer of
security that, combined with other measures, prevent attackers from
accessing your servers in malicious ways.
- Firewalls can be either hardware or software, and they form a wall between
your network and the internet or between segments of your network and the
rest of your system. Not only do firewalls keep malicious code out of your
network, but some, because they can examine data both as it comes in and
goes out, can also prevent an attacker from using your system to spread
harmful code.

Hardware Firewalls

A hardware firewall is a system that works independently from the

computer it is protecting as it filters information coming from the internet into
the system. If you have a broadband internet router, it likely has its own
firewall.
To protect your system, a hardware firewall checks the data coming in
from the various parts of the internet and verifies that it is safe. Hardware
firewalls that use packet filtering examine each data packet and check to see
where it is coming from and its location. The data the firewall collects about
each packet is then compared to a permissions list to see if it fits the profile of
data that should be discarded. A hardware firewall can protect all the
computers attached to it, making it an easily scale able solution.

Software Firewalls

A software firewall is a program used by a computer to inspect data that

goes in and out of the device. It can be customized by the user to meet their
needs. Like hardware firewalls, software firewalls filter data by checking to
see if it—or its behavior—fits the profile of malicious code.
Software firewalls can monitor traffic trying to leave your computer as well,
preventing it from being used to attack other networks or devices. A software
firewall has to be installed on each computer in the network. Therefore, a
software firewall can only protect one computer at a time.

How Does a Firewall Protect Data?

Firewall filters keep harmful data outside your computer. Some of the top
risks from which firewalls protect your computer include backdoors,
denial-of-service (DoS) attacks, macros, remote logins, spam, and viruses.
Backdoors are “doorways” to applications with vulnerabilities that
attackers exploit to get inside. This includes operating systems that may have
bugs that hackers can use to gain access to your computer.
DoS attacks are executed when a hacker requests permission to connect
to a server, and when the server responds, it cannot find the system that
made the request. When this is done again and again, the server gets flooded
and has to expend so much power to deal with the mass of requests,
rendering it unable to meet the needs of legitimate visitors. In some cases, the
server has to come offline completely. There are some firewalls that can
check whether the connection requests are legitimate, and thus, protect your
network from DoS attacks.
Macros refer to scripts run by applications to automate processes. A
macro can contain a series of dependent steps that are all launched by one
command. Hackers design or purchase macros intended to work within
certain applications. A macro can be hidden inside seemingly innocent data,
and once it enters your computer, it wreaks havoc on your system. A firewall
can detect malicious macros as it examines the packets of data that attempt
to pass through.
Remote logins are often used to help someone with a computer issue.
However, in the hands of the wrong person, they can be abused, particularly
because remote logins provide nearly complete access to your system.
Spam can sometimes include links to malicious websites. These types of
sites activate malicious code that forces cookies onto a computer. The
cookies create backdoors for hackers to gain access to the computer.
Preventing a spam attack is often as simple as not clicking on anything
suspicious in an email, regardless of who the sender appears to be. A firewall
can inspect your emails and prevent your computer from getting infected.
Viruses, once on a computer, copy themselves and spread to another
device on the network. Viruses can be used to do a variety of things, ranging
from relatively harmless activity to erasing data on your computer. Firewalls
can inspect data packets for viruses, but it is better to use antivirus software
in conjunction with a firewall to maximize your security.
Five types of firewall include the following:
- packet filtering firewall
- circuit-level gateway
- application-level gateway (aka proxy firewall)
- stateful inspection firewall
- next-generation firewall (NGFW)
Firewall devices and services can offer protection beyond standard
firewall function. For example, by providing an intrusion detection or
prevention system (IDS/IPS), denial-of-service (DoS) attack protection,
session monitoring, and other security services to protect servers and other
devices within the private network. While some types of firewalls can work as
multifunctional security devices, they need to be part of a multilayered
architecture that executes effective enterprise security policies.

1. Packet filtering firewall:- operate inline at junction points where devices

such as routers and switches do their work. However, these firewalls don't
route packets; rather they compare each packet received to a set of
established criteria, such as the allowed IP addresses, packet type, port
number and other aspects of the packet protocol headers. Packets that are
flagged as troublesome are, generally speaking, unceremoniously dropped --
that is, they are not forwarded and, thus, cease to exist.
2. Circuit-level gateway:- Using another relatively quick way to identify
malicious content, circuit-level gateways monitor TCP handshakes and other
network protocol session initiation messages across the network as they are
established between the local and remote hosts to determine whether the
session being initiated is legitimate -- whether the remote system is
considered trusted.
3. Application-level gateway:- This kind of device technically a proxy and
sometimes referred to as a proxy firewall functions as the only entry point to
and exit point from the network. Application-level gateways filter packets not
only according to the service for which they are intended as specified by the
destination port but also by other characteristics, such as the HTTP request
string.
4. Stateful inspection firewall:- State-aware devices not only examine each
packet, but also keep track of whether or not that packet is part of an
established TCP or other network session. This offers more security than
either packet filtering or circuit monitoring alone but exacts a greater toll on
network performance.
5. Next-generation firewall:- A typical NGFW combines packet inspection
with stateful inspection and also includes some variety of deep packet
inspection (DPI), as well as other network security systems, such as an
IDS/IPS, malware filtering and antivirus.
While packet inspection in traditional firewalls looks exclusively at the
protocol header of the packet, DPI looks at the actual data the packet is
carrying. A DPI firewall tracks the progress of a web browsing session and
can notice whether a packet payload, when assembled with other packets in
an HTTP server reply, constitutes a legitimate HTML-formatted response.

NAT

NAT stands for network address translation. It’s a way to map multiple
local private addresses to a public one before transferring the information.
Organizations that want multiple devices to employ a single IP address use
NAT, as do most home routers.
Types of NAT are three different types of NATs. People use them for different
reasons, but they all still work as a NAT.
1. Static NAT:- When the local address is converted to a public one, this NAT
chooses the same one. This means there will be a consistent public IP
address associated with that router or NAT device.
2. Dynamic NAT:- Instead of choosing the same IP address every time, this
NAT goes through a pool of public IP addresses. This results in the router or
NAT device getting a different address each time the router translates the
local address to a public address.
3. PAT:- stands for port address translation. It’s a type of dynamic NAT, but it
bands several local IP addresses to a singular public one. Organizations that
want all their employees’ activity to use a singular IP address use a PAT, often
under the supervision of a network administrator.

What Is a Proxy Server?

A proxy server is a system or router that provides a gateway between

users and the internet. Therefore, it helps prevent cyber attackers from
entering a private network. It is a server, referred to as an “intermediary”
because it goes between end-users and the web pages they visit online. A
proxy server is essentially a computer on the internet that has an IP address
of its own.

Proxy Servers and Network Security

Proxies provide a valuable layer of security for your computer. They can
be set up as web filters or firewalls, protecting your computer from internet
threats like malware. This extra security is also valuable when coupled with a
secure web gateway or other email security products. This way, you can filter
traffic according to its level of safety or how much traffic your network or
individual computers can handle.
- Improve security
- Secure employees internet activity from people trying to snoop on them
- Balance internet traffic to prevent crashes
- Control the websites employees and staff access in the office
- Save bandwidth by caching files or compressing incoming traffic

How a Proxy Works

Because a proxy server has its own IP address, it acts as a go-between

for a computer and the internet. Your computer knows this address, and
when you send a request on the internet, it is routed to the proxy, which then
gets the response from the web server and forwards the data from the page
to your computer’s browser, like Chrome, Safari, Firefox, or Microsoft Edge.
Benefits of a Proxy Server
Proxies come with several benefits that can give your business an advantage:
- Enhanced security: Can act like a firewall between your systems and the
internet. Without them, hackers have easy access to your IP address, which
they can use to infiltrate your computer or network.
- Private browsing, watching, listening, and shopping: Use different proxies to
help you avoid getting inundated with unwanted ads or the collection of
IP-specific data.
- Access to location-specific content: You can designate a proxy server with
an address associated with another country. You can, in effect, make it look
like you are in that country and gain full access to all the content computers in
that country are allowed to interact with.

Caching proxy

Caching proxy is a type of Internet/network caching technique that

enables a proxy server to save recent and frequent website/webpage
requests and data requested by one or more client machines.
It is a means to accelerate webpage and website requests by saving an
instance of frequently used content and resources locally on the proxy server.
Caching proxy can also be referred to as web proxy caching.
Caching proxy primarily enables improving website access times,
minimizing data download and lowering bandwidth usage. Caching proxy
works when the proxy server analyzes and stores an instance or some
proportion of data for the frequently used websites and/or Internet based
resources.
When a client request is made for any webpage or resource that matches
data stored locally in a proxy cache, the proxy server instantly retrieves and
delivers the data. The resource being stored on a local proxy server is
delivered much faster and uses less bandwidth it would require to download it
from the destination server.