Hi. For the course Introduction to TCP/IP, this chapter is about Internet Security, and it's going to deal with the following four topics. Top Ranking Internet Attacks, Growing Security & Threat Issues, Internet & Cyber Attacks, and Internet Security & Protection Techniques. For the course introduction to TCP/IP, this chapter is going to focus on Internet and Cyber Attacks, and we're going to start off with the first lecture which is on Top Ranking Internet Attacks. Now, if you look at this pie chart, this is from the 2016 McAfee Labs, which is the threat report that has the Top 7 network attack types of quarter four in 2015. And as you can see, from this wide blue area that is 36 percent, it starts off with browser attacks, then it has brute force attacks, denial of service attacks, SSL attacks, scans, then it has DNS attacks, backdoor attacks, and the others combined for overall nine percent. Let's get into some of the details. We'll start with browser attacks which is ranked as number one, and has a dominating 36 percent of the overall number different types of attacks. And this is where attackers disguise malware as an application or an update, and a technique called phishing is used. I have a separate lecture on phishing in this course, and so therefore, I'll explain the details at that time. The browser users are tricked into downloading the hidden malware, and the browser intruded malware attacks the operating system or the application on your PC or your mobile device. And it can be defended by updates to the browser, operating system and applications. Then, brute force attacks ranks as number two at 19 percent. Where repeated attempts to decode a password or a pin number is attempted brute forcely over and over again. Easy common passwords are tested. In addition, what we call a Dictionary attack is also attempted. What is this? Well, all the words in a dictionary are actually used and see if this is actually your password. It can be defended by frequent and well-selected passwords, and you change them frequently, and also by avoiding logging in too frequently. Then we have denial of service attacks, DoS attacks. This ranks as number three at 16 percent. Attacks a computer, a server, or network to block communication and services, to denial the services that it normally should be operating on, it should be providing. Attackers overload target with more requests than the target system can handle. Common targets are online banking, email, and commercial websites. A DDoS attack, which is a distributed denial of service, uses multiple distributed computers to conduct the DoS attack. This can be defended by anti-virus software, firewalls, and email filters. The next we have is SSL (secure sockets layer) attacks. And this ranks as number four at 11 percent. SSL is used to set up a secure encryption protected link between a website and a browser, as well as, an email server and the email users application. Now, in early connection's stage, the SSL attacker will intercept user information, and they will try to look what is going on before this information gets encrypted and exchanged. What are they looking for? Well, access passwords, cookies, authentication tokens, and other things. Attackers try to gain sensitive data such as credit card information, social security numbers, and other things and use that for other type of attacks. Then, we have scans. This ranks as number five at three percent. Attackers scan for open computer ports that can be used to gain access to the computer. Attackers repeatedly send messages to computer ports to find security vulnerabilities. And scans are commonly used before launching an attack onto a computer, a network, a server, or a comprehensive system. Next we have DNS attacks, which are domain name server attacks. This ranks as number six at three percent. Now, DNS is used to change domain names into IP addresses. And DNS spoofing which is also known as DNS cache poisoning, is an attack that changes the domain names IP address to a wrong IP address. DNS spoofing is used for DNS hijacking. Well, DNS hijacking is used to redirect a user to a bogus website or the hackers computer. And the dangerous and scary thing about this is that the user does not know that they're connected to a bogus server or they're connected to the hackers computer. This can be defended by using a random source port and updating server security patches very frequently. Next we have backdoor attacks. This is ranked as number seven at three percent. Now, a backdoor is a computer remote access application. It is used by developers and administrators, and it is powerful because it bypasses the security system. In other words, if a developer needed to go and fix a bug in his program, then it would need to go through the backdoor to go in and access the entire framework of programs, and then go and fix it and then be able to come out. This is what a backdoor is used for. So it gives you direct access to the core software, to the core control capabilities. So therefore, if a hacker was able to get in through the backdoor, you can imagine the amount of damage that could be made by that act. Hackers trying to gain access through malicious backdoors in hardware or software components, and it's defending by updating your security patches. These are the references that I use and I recommend them to you.
