B030710154

Lecture 10: Cyberlaw

2009-10-23T23:57:00.000+08:00

Cyberlaw

Cyber law is rules in cyber world or internet. Cyber law created to prevent internet or cyber world from computer crime. Reason why computer crime hard to define are because creating and changing laws are slow processes, which is very much out of pace with a technology that is progressing as fast as computing. Then a computer can perform many roles in a crime, particular computer can be the subject, object or a medium of a crime. Which is means computer can act as an attacker, or as a victim, or as a medium use to attack the victim which means use to hack, phishing and so on. Based on this problem cyber law exists.

Cyber Law in Malaysia

DIGITAL SIGNATURE ACT 1997 it provides for the regulation of the public key infrastructure. The Act makes a digital signature as legally valid and enforceable as a traditional signature.

COPY RIGHT ACT 1997 Copyright serves to protect the expression of thoughts and ideas from unauthorized copying and/or alteration. With convergence of Information and Communication Technology (ICT), creative expression is now being captured and communicated in new forms (example: multimedia products, broadcast of movies over the Internet and cable TV). These new forms need protection. Copy right act rules the new and converged multimedia environment.

TELEMEDICINE ACT 1997 Healthcare systems and providers around the world are becoming interconnected. People and local healthcare providers can thus source quality healthcare advice and consultation from specialists from around the world, independent of geographical location. This act provide any registered doctor may practice telemedicine but healthcare providers must obtains the license to do so.

COMPUTERS CRIME ACT 1997 As computing becomes more central to people’s life and work, computers become both targets and tools of crime. This Act offense everything that would harm the computer system.

COMMUNICATION AND MULTIMEDIA ACT 1998 Convergence of technologies is driving convergence of telecommunications, broadcasting, computing and content. This Act creates a new system of licenses and defines the roles and responsibilities of those providing communication and multimedia services and provides for the existence of the Communication and Multimedia Commission, the new regulatory authority

Lecture 9: Legal and Ethical Issues in Computer Security

2009-10-16T23:20:00.000+08:00

Legal and Ethical Issues in Computer Security

Law is a rule of conduct or action prescribed or formally recognized as binding or enforced by a controlling authority. Ethics is a set of moral principles or values or the principles of conduct governing an individual or a group.

Differences between law and ethic:

LAW

· Formal, documented

· Interpreted by courts

· Established by legislature representing everyone

· Applicable to everyone

· Priority determined by courts if two laws conflict

· Enforceable by police and courts

ETHIC

· Described by unwritten principles

· Interpreted by individuals

· Presented by philosophers, religions, professional group

· Personal choice

· Priority determined by individual if two principles conflict

The key difference between laws and ethics is that laws carry the sanction of a governing authority and ethics do not. Organizations formalize desired behaviors in documents called policies. Policies must be read and agreed to before they are binding. Civil law represents a wide variety of laws that are used to govern a nation or state. Criminal law addresses violations that harm society and are enforced by agents of the state or nation. Tort law is conducted by means of individual lawsuits rather than criminal prosecution by the state.

Three general categories of unethical and illegal behavior:

o Ignorance

§ ignorance of the law is no excuse, however ignorance of policy and procedures is

o Accident

§ Individuals with authorization and privileges to manage information within the organization are most likely to cause harm or damage by accident

o Intent

§ Intent is often the cornerstone of legal defense, when it becomes necessary to determine whether or not the offender acted out of ignorance, by accident, or with specific intent to cause harm or damage

Ethic Concepts

Deterrence is the best method for preventing an illegal or unethical activity. Deterrence can prevent an illegal or unethical activity from occurring. Deterrence requires significant penalties, a high probability of apprehension, and an expectation of enforcement of penalties.

Lecture 8: Wireless LAN Security

2009-10-09T22:52:00.002+08:00

Wireless Security

Wireless LAN is a connection to network without using a cable. Connection in wireless LAN usually at 1Mbps and 2 Mbps. Wireless LAN use radio frequency to transmit the data, and it can go through the building. Signals of wireless LAN weakened by wall, floor and interference. Wireless LAN 802.11 focus on physical layer and data link layer.

802.11 Physical layer

Originally three alternative physical layers

o Two incompatible spread-spectrum radio in 2.4Ghz ISM band

§ Frequency Hopping Spread Spectrum (FHSS)

· 75 channels

§ Direct Sequence Spread Spectrum (DSSS)

· 14 channels (11 channels in US)

One diffuse infrared layer
802.11 speed

o 1 Mbps or 2 Mbps

802.11 Data link layer

— Layer 2 split into:

o Logical Link Control (LLC).

o Media Access Control (MAC).

— LLC - same 48-bit addresses as 802.3.
— 802.11 always slower than equivalent 802.
— MAC - CSMA/CD not possible.

o Can’t listen for collision while transmitting.

— CSMA/CA – Collision Avoidance.

o Sender waits for clear air, waits random time, then sends data.

o Receiver sends explicit ACK when data arrives intact.

o Also handles interference.

o But adds overhead.

Wireless 802.11 has two modes, instructure and ad-hoc mode. Instructure mode can have one access point or basic service set(BSS) and also can have two or more BSS perform as single subnet, most corporate LAN use in this mode. Ad-hoc or peer to peer is useful for easy and quick wireless network.

802.11 can be divided into:

1. 802.11a

— 802.11a ratified in 2001
— Supports up to 54Mbps in 5 Ghz range.

o Higher frequency limits the range

o Regulated frequency reduces interference from other devices

— 12 non-overlapping channels
— Usable range of 30 metres
— Average throughput of 30 Mbps
— Not backwards compatible

2. 802.11g

— 802.11g ratified in 2002
— Supports up to 54Mbps in 2.4Ghz range.

o Backwards compatible with 802.11b

— 3 non-overlapping channels
— Range similar to 802.11b
— Average throughput of 30 Mbps
— 802.11n due for November 2006

o Aiming for maximum 200Mbps with average 100Mbps

Three basic security services defined by IEEE for the WLAN environment

o Authentication

§ provide a security service to verify the identity of communicating client stations

o Integrity

§ to ensure that messages are not modified in transit between the wireless clients and the access point in an active attack

o Confidentiality

§ to provide “privacy achieved by a wired network”

Lecture 7: Security in Application

2009-09-25T15:07:00.000+08:00

Security in Application

Email is an electronic application, it’s a message made of string ASCII characters. Email has two part, header and body. Header part used to state the sender and email recipient. Body part is content of the message or email.

Security in email:

· Confidentiality

· Data origin authentication

· Message integrity

· Non-repudiation of origin

· Key management

MIME. Short for Multipurpose Internet Mail Extensions, a specification for formatting non-ASCII messages so that they can be sent over the Internet. Many e-mail clients now support MIME, which enables them to send and receive graphics, audio, and video files via the Internet mail system. In addition, MIME supports messages in character sets other than ASCII.

Email Security Threads.

Two main group:

o Threats to the security of e-mail itself

o Threats to an organisation that are enabled by the use of e-mail.

Loss of confidentiality.

o E-mails are sent in clear over open networks.

o E-mails stored on potentially insecure clients and mail servers.

o Ensuring confidentiality may be important for e-mails sent within an organisation.

Loss of integrity.

o No integrity protection on e-mails; body can be altered in transit or on mail server.

Lack of data origin authentication.

o Is this e-mail really from the person named in the From: field?

o How many Kenny.Paterson’s are there?

o Recall SMTP directly over telnet allows forgery of all e-mail fields!

o E-mail could also be altered in transit.

o Even if the From: field looks fine, who was logged in as Kenny.Paterson when the e-mail was composed?

o Sharing of e-mail passwords common.

Lack of non-repudiation.

o Can I rely and act on the content? (integrity)

o If so, can the sender later deny having sent it? Who is liable if I have acted?

o Example of stock-trading via e-mail.

Lack of notification of receipt.

o Has the intended recipient received my e-mail and acted on it?

o A message locally marked as ‘sent’ may not have been delivered.

SSH or Secure Shell is initially designed to replace insecure rsh, telnet utilities, seecure remote administration (mostly of Unix systems), and Extended to support secure file transfer and e-mail. SSH provides security at Application layer, only covers traffic explicitly protected. Applications need modification, but port-forwarding eases some of this.

Application in SSH:

Anonymous ftp for software updates, patches...

o No client authentication needed, but clients want to be sure of origin and integrity of software.

Secure ftp.

o E.g.upload of webpages to webserver using sftp.

o Server now needs to authenticate clients.

o Username and password may be sufficient, transmitted over secure SSH transport layer protocol.

Secure remote administration.

o SysAdmin (client) sets up terminal on remote machine.

o SysAdmin password protected by SSH transport layer protocol.

o SysAdmin commands protected by SSH connection protocol.

Guerilla Virtual Private Network.

o E.g. use SSH + port forwarding to secure e-mail communications.

Lecture 6: Security in Network

2009-09-11T14:38:00.003+08:00

Security in Network

A computing network is a computing environment with more than one independent processor and maybe multiple users per system and the distance between computers is not considered. Computers and user terminals which are connected to the network are known as network node. I n network user can send and receive message, executing program and obtaining status.

Basic terminology in network

É Node is single computing system in a network.

É Host is a single computing system's processor.

É Link is a connection between two hosts.

É Topology is the pattern of links in a network

Network topologies

1. Bus Topology

To provide a single communication network on which any node can place information and from which any code can retrieve information. One attachment in bus terminology not impacts the other nodes.

2. Star topology

Has switch as a central. The central switch receives all messages, identifies the addresses, selects the link appropriate for that addresses and forwards the messages.

3. Ring Topology

To connect a sequence of nodes in a loop or ring. Can be implemented with minimum cabling.

4. Mesh Topology

Each node can conceptually be connected directly to each other node and routing logic can be used to select the most efficient route through multiple nodes.

Advantages in network computing

· Resource sharing is used to reduce maintenance and storage costs.

· Increased reliability means if one system fails users can shift to another.

· Distributing the workload means workload can be shifted from a heavily loaded system to an underutilized one.

· Expandability is system is easily expanded by adding new nodes.

Disadvantages in network computing

· Sharing, access controls for a single system may be inadequate.

· Complexity, a network may combine two or more systems with dissimilar operating systems with different mechanisms for interhost connection. Complexity of this nature makes the certification process extremely difficult.

· Unknown perimeter is one host may be a node on two or more different networks.

· Many points of attack, access controls on one machine preserves the secrecy of data on that processor. However, files stored in a remote network host may pass through many host machines to get to the user.

· Unknown path may be many paths from one host to another and users generally do not have control of how their messages are routed.

· Label formats differences is a problem which may occur in multilevel systems is that the access labels may have different formats since there is no standard

· Anonymity is attack can passed through many other hosts in an effort to disguise from where the attack originated

Network Security problem area:

Authentication

Deals with determining whom you are talking to before entering into a business deal or before revealing sensitive information

Secrecy

What usually comes to mind when people think about network security

Non-repudiation

Deals with signature

Integrity control

Keeping information is not modified, add or delete by unauthorized user

Lab 5: Web Application Security

2009-09-04T23:40:00.000+08:00

Web Application

Web application is an application that can be accessed using a web browser over a network. It is developed using browser-supported language such as HTML, JavaScript, PHP, ASP and etc. We also can use software such as dreamweaver to create a web application. The script produced is then rendered by common web browser. User can access web application anywhere and at any time, but user need to connect to a network connection and there is a web browser installed on the machine. This ease of usage makes web application popular among

internet user. Moreover the ability to update and maintain web applications without distributing and installing software on potentially thousands of client computers contribute to the popularity of the webapp. Nowadays webapp is used for accessing mail, online banking, online shopping, online reservation, wikis and many other functions.

The Open Web Application Security Project (OWASP) is an open community that focuses on improving the security of application software. Anyone can join this community and contribute an idea for developing secure software. OWASP provide free material such as article on secure programming, security testing guide and much more but all of the material is under free software license.

WebGoat

WebGoat is simulation toolkit used to demonstrate how we can exploit the vulnerabilities of a poorly design web application. WebGoat provide hints and code to fexploit the vulnerabilities. WebGoat will keep track on the progress of the user on every lesson they completed, user can see their level of competence in trying to solve every problem given in the lesson.The primary goal of the WebGoat project is simple, to create a de-facto interactive teaching environment for web application security.

WebScarab

WebScarab is another tool to expose the working of an HTTP(S) based application, whether to allow the developer to debug otherwise difficult problems, or to allow a security specialist to identify vulnerabilities in the way that application has been designed or implemented. WebScarab can use in any platform because it developed use JAVA programming language. WebScarab can intercept HTTP and HTTPS communication.

Lecture 5: Database Security

2009-09-04T20:12:00.000+08:00

Database Security

Database security is a protection located in database to protect from unauthorized access. Database security become important because information is critical resource in enterprise, securing become billion dollar industry, and people want to protect their confidential information.

Characteristic of good database security:

Data independence
Shared access
Minimal redundancy
Data consistency
Data integrity

In database there are four levels of security:

Physical security (such as medium safekeeping and fire protection or fire wall)
Operating system security ( use of an access control matrix)
DBMS security (protection and query mechanism)
Data encryption (standard data encryption and using RSA Method)

The first three levels in database security cannot provide a totally satisfactory solution because it’s hard to control disclosure of raw data and confidential data in distributed database, invalid to control sensitive data. To solve the problem, used encryption method, data is encrypted into cipher text and only be decrypted using decryption key.

Privacy mean unauthorized user cannot disclose data inside database.

Integrity mean unauthorized user cannot modify data inside database.

Availablelity mean authorized user can access database unfailingly.

Reliability and integrity:

Database integrity is concern to protect whole database from damage.
Element integrity is concern specific values of element only can be changed by authorized person.
Element accuracy is concern correct values are written in database.

Sensitive data is data that should not be made public. There are many factor can make data become sensitive; data is inherently sensitive, declared sensitive, from sensitive source, or sensitive in relation to previously disclosed information.

Lab 4: Cryptography Extended

2009-08-28T23:54:00.001+08:00

Cryptography Extended

In this lab we learn that cryptography algorithm can be classified into two categories, symmetric and asymmetric. Symmetric is using same key to encrypted and decrypted the plain text whereas asymmetric using different key to encrypted and decrypted plain text.

Symmetric can divide to:

1. Substitute encryption

· In substitute encryption, character in plain text being substitute with another character. Each character can be substitute with one character or multiple characters. Caesar cipher is example of substitute with one character and Vigenere cipher is example of substitute with multiple characters. Caesar cipher is easy to break by using brute force attack; an attacker can easily try every combinations of character to break the code as the numbers of possibility is 26. Vigenere cipher is an improvement from Caesar cipher.

2. Transposition encryption

· This method is change the location of characters or reordering the character in plain text. The first character in plain text might be placed on fifth position and fifth character might be placed in another location in plain text.

Asymmetric encryption involves two key in encryption and decryption. The encryption key is called public key and decryption key called private or secret key. These algorithms allow the public key to be publicized, which means people with the public key can encrypt the plain text and the proper recipient with the private key can decrypt the plain text. To produce this to key used RSA algorithm. RSA is founded by Rivest, Shamir and Adleman of MIT in 1977.

Lecture 4: Operating System

2009-08-28T23:40:00.001+08:00

OPERATING SYSTEM

Memory protection is preventing one process from corrupting the memory. There are methods for protecting memory:

· Fence is preventing faulty user program from destroying part of the resident portion of the operating system. There are two types of fence:

o Fixed fence( predefined memory access)

§ A method to confine user to one side of the boundary.

o Register fence (used hardware register)

§ Contain address of the end of the operating system.

Relocation is a process of changing all address to reflect actual address which the program is located.
Base / Bound Register is useful in knowing how much space is available and checking overflows
Tagged Architecture is used to solve problem in contiguous nature and all or nothing situation for sharing.
Segmentation is divide process into pieces with different rights.

o Benefits of segmentation

§ Each address reference checked for protection

§ User cannot access to unpermitted segment

§ User can share access with different rights.

o Problem in segmentation

§ Segments cause fragmentation of main memory because they are varying sizes.

§ If swapping is used then additional memory management techniques must be employed

§ The operating system’s lookup of the name in the table can be slow

Paging is divide program into equal size; frame is divide memory into equal size.

o Advantages of paging

§ Each page is the same size thus fragmentation is reduced

§ Addressing beyond a page is not a real problem since a carry just refers to the next page.

o Disadvantages of paging

§ Loss of individual access rights since there is not necessarily a relationship between lines of code in a page (unlike program segmentation)

Combine paging with segmentation used to break each segment into equal sized pages.

o Advantages of combining segmentation with paging

§ Retained the logical unity of the segment

§ Permitted differentiated protection for the segments

o Disadvantage

§ Added an additional layer of translation for each address

Password is a character of string that used to authenticate identity of user.

Authentication is verification of someone identity who generated some data.

Lab 3: Authetication and Basic Cryptography

2009-08-09T20:20:00.000+08:00

Authentication is a process to identify something or someone to prove that claims by the subject is true.

Authentication principles:

- The claimant demonstrates knowledge of something,

e.g. password.

- The claimant demonstrates possession of something,

e.g. a physical key or card.

- The claimant exhibits some required immutable characteristics,

e.g. a finger print.

- Evidence is presented that the claimant is at some particular place or time.

- The verifier accepts that some other party, who is trusted, has already established authentication.

Cryptography is one of main tools for privacy which makes the information is unintelligible for unauthorized person. One of cryptography methods is encryption. Encryption not prevents access to the information or data, but it ensures unauthorized person cannot understand the content of the information. The original message is known as plain text and encrypted massage known as the chipper text. Encryption covers both encoding and enciphering, encoding is translating words into other words and enciphering is translating symbols or letters.

Factors in security of encryption:

1. The algorithm must be very hard to decrypt on the basis of cipher text alone.

2. Priority secrecy of the key, not secrecy of the algorithm.

There are two types of cryptography, symmetric and asymmetric. The difference between these two methods is only in number of key use to encrypt and decrypt. In symmetric method use same key to encrypt and decrypt data whereas asymmetric use for encrypt and decrypt is different.

Lecture 3: Program Security

2009-08-07T23:10:00.000+08:00

Program Security

Secure program is preventing program from any vulnerability. There are two type of program error, no malicious and malicious.

Non malicious program error:

Buffer over flows

o Array bound in the system is accidentally not checked.

Incomplete mediation

o Data being exposed or uncontrolled.

Malicious code is unanticipated effect in programs generated on intent of damage. Malicious program has two types, need host program and independent. Need host program mean the code need a host before it does harm into the system. Independent means malicious program can harm the system directly and does not need a host.

Need host program:

Trapdoor is writing undocumented entry point into code for debugging can allow unwanted user.
Logic boom is malicious code that activates on a event.
Trojan is a program that performs useful function but sometime it performs an unexpected function.
Virus is a code that copy itself to executable program to runs it functions (modify files or OS).

Independent program:

Worm is a code that can replicate itself through a network.
Bacteria / rabbit is a code that will replicate itself until it exhausted the resource or until it fills all disk space.

Difference of virus and worm

Virus:

Need host
Activated by external action
Replication limited to virtual system
Only can attack single platform

Worm:

Self contained
Activated by creating process
In network replication occurs across communication link.
Can shut down entire network.

Virus has many types like listed below:

Parasitic virus is a virus that attach itself into executable files and runs when host program run.
Memory resident virus is virus that lodged in main memory as part of residual operating system.
Boot sector virus is infects the boot sector and spread when the OS boots up.
Stealth virus is a virus that designed to hide from virus scanning programs.
Polymorphic virus mutates in new host to prevent from detection.

We can prevent our system from infected by the virus by using detection tools, identification tools or removal tools. Scanner and disinfector are the most popular tools to protect our system from virus. Do not open any attachment, downloaded files, and floppy disk unless they have been scanned. Other ways to prevent the system from virus are by using commercial software from established vendor and update the antivirus at least once a week. There is no real way to measure the amount of damage that malicious code can do, all one can do is estimate it.

Lab 2: Goal of Information Technology

2009-07-30T20:20:00.003+08:00

Goal of Information Technology Security

Information security provides a protection for the information, system, and hardware that use to store that information. Confidentiality, integrity and availability are goals of information security. Confidentiality provides privacy and protection to data in computer, which means only an authorized person can access the data. Integrity used to make only authorized person that can modify the data. To provide data integrity can use encryption. Availability make the data can be access any time without failure by an authorized person. These three elements must be balance, if not it will affect the functionality of the system. Combination of these three elements will provide a security for the data.

1. Convert FAT32 to NTFS

There are two type of partition in windows, FAT32 and NTFS. Difference between these two types is FAT32 not offer local file security. You need to convert FAT32 to NTFS to get local file security. To convert FAT32 drive into NTFS, just follow this step:

a. Open your winserv03 virtual machine and log on as Administrator (don’t forget to take a snapshot of your virtual machine before start the task)

b. Click Start

c. Click Run and type cmd to run command prompt.

d. Use command chkntfs d: to check whether the drive use NTFS or not. You will see message “D: is not dirty”, it means no corruption in that drive.

e. If drive is FAT32, use command convert d: /fs:ntfs to convert your drive into NTFS.

f. If the drive has volume label, enter it when prompted.

g. Use command chkntfs d: to make sure the drive is NTFS

h. Restart your computer.

2. Make Authorized folder

Data confidentiality is making sure those people whom access the certain data actually have that access. NTFS can used to protect from intruders whom may have physical access to the data. In this task, we will need 2 user accounts.

Creating User Account

a. Go to Start > Administrative Tools > Computer Management

b. Choose Local User and Groups, double click on user folder.

c. Right click on the pane and choose New user, fill up the information.

Creating data Confidentiality between 2 Accounts

a. Log on to windows as Administrator.

b. Open drive D and create new folder name Confidentiality.

c. Open Confidentiality folder and create folder name User1folder.

d. To secure the folder, right click on the folder and click Properties.

e. Click Security tab ( only available in NTFS)

f. Click on Advance button and uncheck the box “Allow inheritable permission from parent to propagate to this object”.

g. You will receive a message box, click Copy to retains the permissions.

h. Click Add, and new window will pop up.

i. Type User1 as object name and click Check Names, then click Ok.

j. Click Allow full control in permission entry windows, and then click Ok.

k. Remove the others username except Administrator, System, and User1, and click Ok.

l. Close all windows and log off.

m. Log on as User2, can you open folder User1Folder?

Lecture 2: Athentication and Basic Cryptography

2009-07-28T22:07:00.000+08:00

In lecture 2 we learn about authentication and basic cryptography. Authentication is identity of someone who generates data being verified. Authentication used to protect information or data from active attack. There are many classification to verify identity of someone, we can use password, by identity card such as smart card or passport, using physical characteristic such as finger print and retina, and also by signature. Password is a character of string that used to authenticate identity. To make password hard to guessed we must combine number and letter, uppercase and lowercase, and also include symbol in the password. Even though we already combine all those things to create password, is not impossible the password being guessed by the hacker. To prevent that there is a method, cryptography method. Cryptography is convert plain text into cipher text. The idea of cryptography is to disguise the information and make it meaningless to unauthorized user.

Cryptography terminology:

Plain text is the original text.
Cipher text is the coded text.
Cipher - algorithm for transforming plaintext to ciphertext
Key - info used in cipher known only to sender/receiver
Encipher (encrypt) - converting plaintext to ciphertext
Decipher (decrypt) - recovering ciphertext from plaintext
Cryptography - study of encryption principles/methods
Cryptanalysis (codebreaking) - study of principles/ methods of deciphering ciphertext without knowing key
Cryptology - field of both cryptography and cryptanalysis

Caesar cipher is letters A to W is encrypted by being represented by the letter that occurs three places after it in the alphabet. This cipher used by Julius Caesar in Gallic wars. Another way to protect the information is using digital signature. Digital signature is like hand written signature, its depend on the sender and same for all the message.

Virtualization & VMware

2009-07-19T13:43:00.006+08:00

Virtualization Problem in developing new computer system is operating system for develop the system only compatible with the hardware from same vendor and cannot be implemented in another machines that have different architecture. For example, Windows application binaries will not directly execute on another processor. Virtualization used to eliminates these constraint and enables a much higher degree of portability and flexibility . Virtualization produced by adding software to an execution platform and give it appearance of different platform. Virtual Machine Virtual machine is one of virtualization environment or duplicate of real machine. Virtual machine environment created by Virtual Machine Monitor (VMM). VMM reproduces everything from the CPU instruction to the I/O devices in software of operating system which it run on. The underlying operating system is called host operating system, the operating system which runs on VMM is called guest operating system. Host operating system and guest operating system can be the same or different type of operating system. For example, Windows can runs as host operating system and Fedora as guest operating system and vice versa. VMware Workstation VMware is example of a more recent VMM that has been developed. Another close environment which also provides virtualization is called emulator. Difference between emulator and VMM is VMM only let one guest operating system that run on the host system. VMware makes it possible for PC user to use multiple operating system in same PC. User can run multiple OS side by side and by just clicking mouse you can switch to different OS and share files by just drag and drop. VMware also have ability to preserves the state by taking a "snapshot", so user can do testing on virtual machine without worying the system will corrupt. VMware Installation VMware can be downloaded from http://www.vmware.com/download/ws/ Installation

Double click VMware launcher to start the installation wizard.
Click Next.
Choose Typical set up (if you already familiar with VMware you can choose Custom to choose features that you want to instal).
Choose the location for VMware installation.
Configure the sortcut and then click Next.
Click Install to start the installation, this will take several minutes to finish.
Enter the Serial Number for VMware (you can get the serial number inside your VMware folder).
Click Finish to finish the installation.

Creating Disk Image

RunVMware, from Home tab click New Virtual Machine, to open the virtual machine wizard.
Click Next to continue.
Choose Typical configuration, then click Next.
Choose the type of OS to be installed on virtual machine.
Name the virtual machine and specify where the disk image for virtual machine will be stored in hard disk.
For the Network Type select Use host-only Networking.
Specify disk capacity for virtual machine. Initially the size of disk image you created is small and as you installed virtual machine with OS and software, the will increase up to the storage capacity set in this configuration. Select Allocate disk space now and click Finish, this will take several.
Click Close to end the installation wizard.

Installing Windows Server 2003 in virtual machine

Place Windows Server 2003 installer CD in cdroom drive.
From command menu click start the virtual machine or you can click start button on toolbar.
Once virtual machine start booting, you will see windows server 2003 installation page, just follow windows server 2003 installation steps.
After installation finish, you will see windows server 2003 login page.
Click on the console to start using windows server 2003, to get mouse pointer back to host desktop use CTRL + ALT.
To take a snapshot of your OS, just clicking button snapshot on toolbar, use button Revert if anything happened to your OS and choose your previous state.
To manage size of your console, you can click on Quick switch or select Full screen from View on the toolbar.

Regards ^^

Introduction to Information Security

2009-07-18T12:25:00.013+08:00

Information security

What is security?? Security is state of being secure from any danger and protected from those whom would do harm. Information security mean that information is being protected and also the system and hardware for transmit the information being protected. There are 3 step for being secure: 1. Detection Detect any danger that may harm your system by using scanner such as virus scanner, internet scanner, and Web server scanner. 2. Prevention By setting your proxy and turn on your firewall, you already prevent your system from any danger such as virus. 3. Recovery Recover your system when it being infected by virus or anything that would damage your system. you can use cryptography technique. Security principles : Confidentiality is prevention of unauthorized disclosure of information. Integrity is prevention of unauthorized modification of information. Availability is prevention of unauthorized withholding of information. Security attack is classified into 2 types, passive attack and active attack. Passive attacks is monitoring the transmission. Usually used to obtain the information that is being transmitted. Passive attacks divide into 2 types, release of message content and traffic analysis. Active attacks is involve some modification of data stream or creation of false stream to obtain an authorization of the data. Types of active attacks are masquerade, replay, modification of messages, and denial of services.

Passive attacks vs. Active attacks
Passive attacks
o   Very difficult to detect
o   Feasible to prevent the success of this attack
o   Prevention rather than detection
·         Active attacks
o   Difficult to prevent
o   Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them
o   If the detection has a deterrent effect, it may also contribute to prevention.
There are several ways to deal with harm that occurs when a threat is realized against a vulnerability.
Prevent it, by blocking the attack or closing the vulnerability.
Deter it, by making the attack harder, but not impossible.
Detect it, either as it happens or some time after the fact.
Deflect it, by making another target more attractive.
Recover from its effect.
Encryption is making the interpretation is meaningless by scrambling the data without the intruder's knowing how the scrambling was done. Encryption enable us to provide security while accomplishing an important system or network task.

Security services:
Authentication is assurance that the communicating entity is the one claimed or assurance that the source of received data is as claimed.
Access control is prevention of unauthorized use of resource.
Data confidentiality is protect data from unauthorized disclosure.
Data integrity is assurance that the data received is as sent by authorized entity.
Non repudiation is to proof that the data sent by specified party and received by specified party.
Security mechanism is any process that is designed to detect, prevent, or recover from any security attack. Security mechanism divided into 2 classes,  and Specific Security Mechanisms and Pervasive Security Mechanisms.





  

Prologue to my blog

2009-07-18T10:14:00.003+08:00

Hi, wellcome to my blog.

Here's my little oasis to share thoughts about anythings, especially about information technology security which i have learn at my campus.

Please leave your comments as you please, but keep it clean from any vulgar word.

Regards ^^