Documents

Document 4

Categories
Published
of 2
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Related Documents
Share
Description
....
Transcript
  Threats to E-Commerce Servers-Part II By Ravi Das, HTG Solutions Our last article was the first in this E-Commerce Security track series !n the last article, we e amine# the #ominantrole E-Commerce has an# will $lay into the near term an# the future % formal #efinition of E-Commerce was $rovi#e#, as well as the im$ortance of takin& a $roactive stance on security issues The s$ecific threats a&ainst E-Commerce Servers were also e amine#, which inclu#e#'( The Human Element) ( *iruses an# +orms) ( Troan Horses) ( o&ic Bom.s) ( Denial Of Service %ttacks) ( /in& Of Death) ( S01 2loo#in&) ( /hishin& %ttacks) ( Data /acket Sniffin&) ( !/ S$oofin&) ( /ort Scannin&) ( Tra$#oors an# Back#oors This article, /art !!, will e amine the various tools an# metho#s that are availa.le to $rotect your E-Commerce Server from the a.ove mentione# threats as well as other threatsThis article is #ivi#e# into the followin& sections'345 Solutions To Threats 2rom % +ireless /ers$ective'6% Technical Discussion Of The Data /acket6 Threats from +ireless' Social En&ineerin& an# 7an !n the 7i##le %ttacks6% Solution' %uthentication-The 8se of Secure Sockets ayer 6% Solution' Encry$tion-The 8se of Secure Shell6% Solution' Tunnelin&-The 8se of *irtual /rivate 1etworks395 Solutions To Threats 2rom % Har# +ire# /ers$ective'6% Solution' The 8se of 2irewalls6% Solution' The 8se of Routers6% Solution' The 8se of 1etwork !ntrusion Devices Solutions To Threats From A Wireless Perspective The threats to E-Commerce Servers #escri.e# in the last article can .e initiate# from .oth a har# wire# source as wellas a wireless source %lthou&h wireless security will .e covere# in much more #etail in a su.se:uent article, this sectionwill #escri.e in some #etail the im$lications of threats to E-Commerce Servers from wireless, an# solutions to thosethreats +ireless a$$lications are certainly makin& their mark in to#ay;s E-Commerce worl# !n fact, these a$$licationseven has its own term, known as <7o.ility Commerce= or sim$ly, <7-commerce= 7-Commerce is e $ecte# to makea .i& s$lash, es$ecially in wireless entertainment services, &eneratin& more than >9? .illion an# havin& a customer .aseof 9@ .illion .y 9AA 3Source' 45 But, 7-Commerce $oses one of the &reatest threats to E-Commerce Servers to#ayThis is so .ecause when your customer connects to your we.site to $lace an or#er, for e am$le, at a <+i-2i= or <HotS$ot=, from a Star.uck;s caf, the #ata $ackets are leavin& the confines of your customer;s la$to$ com$uter to the $ointof !nternet access Since this is a wireless connection, the #ata $ackets are literally flyin& in the air 3as o$$ose# to a  har# wire# connection, where the #ata $ackets travel in the confines of the network ca.le5 !t is at this $oint a hacker can interce$t the #ata $ackets an# cause havoc to your E-Commerce Server %s an E-Commerce .usiness owner, younee# to consi#er the risks $ose# .y wirelessHowever, .efore we &o any further, a #etaile# an# technical #iscussion of what a #ata $acket is warrante# at this $oint The #ata $acket will .e a central core in su.se:uent E-Commerce articles, therefore an un#erstan#in& of what it really is is im$ortant The Data Packet %ll of the information we sen# over the !nternet, whether it is e-mail or transferrin& files from one com$uter to the other, ten# to .e very lar&e chunks of #ata These lar&e chunks of #ata are .roken #own into much smaller chunks, known as <#ata $ackets= So for e am$le, the e-mail you sen# is actually .roken #own into much smaller chunks, which are the #ata $ackets 0ou may .e askin& at this $oint, <+hy is my e-mail .ein& .roken #own into so many smaller chunks of #ata= +ell, it is these small chunks of #ata that allow for the instantaneous sen#in& of e-mail to your reci$ient, such as your .i& E-Commerce customer !f you were to have sent this e-mail as one massive chunk, it woul# take a very lon& time for your customer to receive your e-mail %n# as .usiness owners, we are all very familiar with the a#a&e <time is money=% #ata $acket 3the small chunks of #ata5 consist of $rimarily three thin&s'%5 % Hea#er section)B5 % Data section)C5 % Trailer sectionThe Hea#er section consists of the source a##ress, an# the #estination a##ress The source a##ress i#entifies your com$uter as the sen#er, an# the #estination a##ress i#entifies the com$uter where the #ata is su$$ose# to &o 3the reci$ient5 !n this case of sen#in& e-mail, the #estination a##ress is the com$uter of your E-Commerce customer The Hea#er also contains clock information, in or#er to synchronie the e act transmission timesThe Data section consists of the actual #ata-for e am$le, the content of the messa&e of the e-mail you are sen#in& to your E-Commerce customerThe Trailer section consists of a mathematical al&orithm, s$ecifically calle# the Cyclical Re#un#ancy Check, or CRC The CRC hel$s to make sure that the #ata sent in the #ata $acket remains intact So, when your .i& E-Commerce customer receives your e-mail, it is the CRC which has insure# that the messa&e remaine# intact when you sent it Essentially, the CRC &enerates a num.er a num.er on the #ata $acket when it leaves the source com$uter +hen the #ata $acket reaches the #estination com$uter, which is your E-Commerce customer, this num.er is calculate# a&ain .y the CRC !f the num.er remains the same, it means the #ata has arrive# in a sta.le state, an# intact However, if the results are #ifferent, it means that the #ata was altere# or chan&e# in some manner #urin& transmission !n this case, the altere# #ata $acket is then sent .ack to the source com$uter for retransmission % #ata $acket is #ia&ramme# in Dia&ram F4 DIAGRAM  Threats !rom Wireless-Social En ineerin an# Man In the Mi##le Attacks /rotection from wireless threats #e$en#s a lot u$on the $lace which $rovi#es the wireless connection, in the e am$le we have .een usin&, Star.uck;s !t woul# $rimarily .e the res$onsi.ility of each caf to make sure that they have im$lemente# reasona.le security
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks