UK Essays Services:

Free Help:

PGP Private Key

A) I have successfully download PGP desktop software. And made a successful installation of PGP in my PC.

Q. PGP Desktop trial license provides the following features:

Key management

HOW TO: Reconstruct Your Private Key (Windows)

Crypto Concepts

Private Key: When you install PGP Desktop you are prompted to create a keypair, which is comprised of two related keys: a public key and a private key. Your private key is used for decrypting something that was encrypted using your related public key, as well as generating digital signatures that can be verified using your public key. As its name suggests, your private key should be kept totally private, and should be protected by a strong passphrase.

Key Reconstruction For detailed technical information about Key Reconstruction, please refer to the white paper "Inside PGP Key Reconstruction" (from the PGP Corporation White Papers).

Crypto Concepts

Private Key When you install PGP Desktop you are prompted to create a keypair, which is comprised of two related keys: a public key and a private key. Your private key is used for decrypting something that was encrypted using your related public key, as well as generating digital signatures that can be verified using your public key. As its name suggests, your private key should be kept totally private, and should be protected by a strong passphrase.

Key Reconstruction For detailed technical information about Key Reconstruction, please refer to the white paper "Inside PGP Key Reconstruction" (from the PGP Corporation White Papers).

Reconstruct Your Private Key

Click the PGP Tray lock icon in your system tray and then click Open PGP Desktop:

Click the PGP Keys control box.

Select the keyring that contains your key

Click the key that you wish to reconstruct:

To reconstruct a private key, you must have its associated public key on your keyring. If you don't have a copy of your public key, you might try downloading it from a key server, such as your PGP Universal Server or the PGP Global Directory. Otherwise, contact your administrator to obtain a copy of your public key.

Now click the Keys menu and click Reconstruct:

Answer 3 of the 5 key reconstruction questions correctly, then click OK:

The answers are case sensitive, and must be entered precisely as they were when you first sent them to the server. If you are certain that nobody can see your screen, you might want to check the box labeled Show Keystrokes, so that you can verify your answers.

After you have answered 3 of the 5 key reconstruction questions correctly, you must enter and confirm a new passphrase for your private key, then click OK:

When you are notified that key reconstruction was successful, click OK:

Securing Email Messages:

HOW TO: Encrypt Email with PGP Desktop 9.x for Windows

Enable PGP Messaging

PGP Messaging is enabled by default during installation. However, if you disabled PGP Messaging during installation, there are two ways to enable this feature. They are as follows:

Locate the PGP Desktop icon (padlock) in the system tray. Click the PGP Desktop padlock and click Use PGP Email Proxy. The option will have a black check mark next to it when it is enabled.

Open PGP Desktop through the Programs/All Programs menu and select the Tools menu. Click Use PGP Email Proxy. The option will have a black check mark next to it when it is enabled.

Assign a PGP Key to a PGP Messaging Service

PGP Messaging requires a PGP Key to secure the email account(s). To assign a key to a messaging service for the first time, do the following:

When you open your email application for the first time after installing PGP Desktop, PGP will display the “Email Account Detected” window after sending/receiving mail.

Select Yes, secure this email account, and then click Next.

You may select one of many key sources. If you created a key pair during installation, then generally, the option you would select is PGP Desktop Key. You can also create a new key pair, or import a previously exported key pair.

After choosing the source, click Next.

Highlight the key to be used for this email account and click Next.

Click Finish. You are now ready to encrypt mail through this email account and proceed with section 3.

Review Default Email Encryption Policies

Two encryption policies are set by default. These policies are:

Require Encryption: [PGP] Confidential. This policy specifies that any message flagged as confidential in your email client or containing the text “[PGP]” in the subject line must be encrypted to a valid recipient public key or it cannot be sent.

Opportunistic Encryption. Specifies that any message for which a key to encrypt cannot be found should be sent without encryption (in the clear). Having this policy the last policy in the list ensures that your messages will always be sent, albeit in the clear, even if a key to encrypt it to the recipient cannot be found.

Create New Email Encryption Policies

If you would like to create additional encryption policies, the steps to do so are described as follows:

Open PGP Desktop.

Locate the PGP Messaging control box on the left. This will display different configured services and the Messaging Log options.

Within the PGP Messaging control box, select a configured service (e.g. username@domain.com). The settings for the service appear in the PGP Messaging work area, including the list of existing security policies. This is the right hand pane.

Click New Policy in the PGP Messaging Control box OR pull down the Messaging menu and click New Messaging Policy.

After the Message Policy dialog appears, enter a description of the policy in the top field offered.

Specify the conditions to be met and the action to be performed.

Securing Instant Messaging:

HOW TO: Use the PGP Desktop 9.x AOL Instant Messenger Proxy for Windows

This article describes how to encrypt AOL Instant Messenger sessions with PGP Desktop 9.x for Windows.

Details

AIM sessions between two systems running PGP Desktop 9.x are protected automatically when PGP Desktop 9.x is installed and the PGP AIM Proxy is enabled.

Both AIM users MUST have PGP Desktop 9.x installed for the session to be encrypted. It is not sufficient that one user have PGP Desktop installed. Both must have the AIM Proxy enabled. Both users also have to be added to the buddy list in the AIM settings.

Enable PGP AIM Proxy

The PGP AIM Proxy is enabled by default if the option was not unchecked during installation. If the proxy is disabled, there are two ways to enable it. These methods are as follows:

Click on the PGP Desktop padlock in the system tray. Click Use PGP AIM Proxy. The option will have a check by it when enabled.

Open PGP Desktop through Start>Programs>PGP menu. Pull down the Tools menu, and click Use PGP AIM Proxy.

TASK-2

Q. Briefly describe why the TCP/IP networks are considered unsecured ?

Threats to TCP/IP Security

1. Introduction

Security Technologies

With the rapid growth of interest in the Internet, network security has become a major concern for companies throughout the world. The fact that the information and tools needed to penetrate the security of corporate networks are widely available has increased that concern. Because of this increased focus on network security, network administrators often spend more effort protecting their networks than on actual network setup and administration. New tools that probe for system vulnerabilities, such as IIS (Internet Security Scanner) assist in these efforts, but these tools only point out areas of weakness instead of providing a means to protect networks. Thus, as a network administrator, you must constantly try to keep abreast of the large number of security issues confronting you in today's world. This section describes many of the security issues that arise when connecting a private network to the Internet.

Security Issues when Connecting to the Internet

When connecting a private network to the Internet, you are physically connecting your network to more than hundreds of thousands of unknown networks and all their users. Although such connections open the door to many useful applications and provide great opportunities for information sharing, most private networks contain some information that should not be shared with outside users on the Internet. The key questions behind most Internet security issues:

Protecting Confidential Information

Confidential information can reside in two states on a network. It can reside on

physical storage media, such as a hard drive or memory, or it can reside in transit

across the physical network wire in the form of packets. These two information states

present multiple opportunities for attacks from users on your internal network, as well

as those users on the Internet. We are primarily concerned with the second state,

which involves network security issues. The following are five common methods of

attack that present opportunities to compromise the information on your network:

· Network packet sniffers

· IP spoofing

· Password attacks

· Man-in-the-middle attacks

When protecting your information from these attacks, your concern is to prevent the

theft, destruction, corruption, and introduction of information that can cause

irreparable damage to sensitive and confidential information. This section describes

these common methods of attack and provides examples of how your information can

be compromised.

1.3.1 Network Packet Sniffers

A packet sniffer is a software application that uses a network adapter card in

promiscuous mode (a mode in which the network adapter card sends all packets received on the physical network wire to an application for processing) to capture all network packets that are sent across a local-area network. Because several network applications distribute network packets in clear text, a packet sniffer can provide its user with meaningful and often sensitive information, such as user account names and passwords. If you use networked databases, a packet sniffer can provide an attacker with information that is queried from the database, as well as the user account names and passwords used to access the database.

1.3.2 IP Spoofing

An IP spoofing attack occurs when an attacker outside your network pretends to be a trusted computer either by using an IP address that is within the range of IP addresses for your network or by using an authorised external IP address that you trust and to which you wish to provide access to specified resources on your network.

1.3.3 Password Attacks

Password attacks can be implemented using several different methods, including brute-force attacks, Trojan horse programs (discussed later in the section), IP spoofing, and packet sniffers. Although packet snuffers and IP spoofing can yield user accounts and passwords, password attacks usually refer to repeated attempts to identify a user account and/or password; these repeated attempts are called brute-force attacks.

1.3.4 Man-in-the-Middle Attacks

A man-in-the-middle attack requires that the attacker have access to network packets that come across the networks. An example of such a configuration could be someone who is working for your Internet service provider (ISP), who can gain access to all network packets transferred between your network and any other network

B)Here describing bellows about the technologies are employed in securing TCP/IP implementation:

1) Secure Socket Layer(SSL)

Originally developed by Netscape, SSL - short for Secure Sockets Layer - has been universally accepted on the World Wide Web for authenticated and encrypted communication between clients and servers. SSL works by using a public key to encrypt data that's transferred over the SSL connection.

Secure TCP/IP Connections with SSL

SSL makes use of a public key infrastructure (PKI) to operate. The server operating securely generally obtains an SSL key and certificate pair from an issueing authority. It then makes these available on the server itself and announces the availability within the protocol exchanges between the server and client.

With SSL support compiled in, the PostgreSQL server can be started with SSL enabled by setting the parameter SSL to on in postgresql.conf. When starting in SSL mode, the server will look for the files server.key and server.crt in the data directory, which should contain the server private key and certificate, respectively. These files must be set up correctly before an SSL -enabled server can start. If the private key is protected with a passphrase, the server will prompt for the passphrase and will not start until it has been entered.

SSL objectives and architecture

Which problems does SSL target? The main objectives for SSL are:

Authenticating the client and server to each other: the SSL protocol supports the use of standard key cryptographic techniques (public key encryption) to authenticate the communicating parties to each other. Though the most frequent application consists in authenticating the service client on the basis of a certificate, SSL may also use the same methods to authenticate the client.

Ensuring data integrity: during a session, data cannot be either intentionally or unintentionally tampered with.

2) IPsec

Internet Protocol security (IPsec) is a framework of open standards for protecting communications over Internet Protocol (IP) networks through the use of cryptographic security services. IPsec supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. The Microsoft implementation of IPsec is based on standards developed by the Internet Engineering Task Force (IETF) IPsec working group.

IPsec is supported by the Microsoft Windows Vista, Windows Server 2008, Windows Server 2003, Windows XP, and Windows 2000 operating systems and is integrated with the Active Directory service. IPsec policies can be assigned through Group Policy, which allows IPsec settings to be configured at the domain, site, or organizational unit level

One of the weaknesses of the original Internet Protocol is that it lacks any sort of general purpose mechanism for ensuring the authenticity and privacy of data as it is passed over the internetwork. Since IP datagrams must usually be routed between two devices over unknown networks, any information in them is subject to being intercepted and even possibly changed. With the increased use of the Internet for critical applications, security enhancements were needed for IP. To this end, a set of protocols called IP Security or IPSec was developed

3) Kerberos: An Authentication Service for Computer Networks

Kerberos is the name of a computer network authentication protocol, which allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner. It is also a suite of free software published by Massachusetts Institute of Technology (MIT) that implements this protocol. Its designers aimed primarily at a client-server model, and it provides mutual authentication — both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.

Limitations of Kerberos

Limitations of Kerberos have been described in the literature [1]. Though most are a matter of preference or apply to V4 and early drafts of V5, a few are fundamental and are discussed here. In particular, Kerberos is not effective against password guessing attacks; if a user chooses a poor password, then an attacker guessing that password can impersonate the user. Similarly, Kerberos requires a trusted path through which passwords are entered.

Kerberos Utilities

Several utility programs must be installed on the workstation to allow users to obtain Kerberos credentials (kinit), destroy credentials (kdestroy), list credentials (klist), and change their Kerberos password (kpasswd). Some sites choose to integrate the Kerberos login tool ``kinit'' with the workstation login program so that users do not need to type their password twice.

TASK-3

Q : What is UNIX and how it is different from windows?

UNIX is an operating system which was developed by Bell Labs, which was a subsidiary of the American Telephone and Telegraph company. UNIX was written to run the computers which control telephone switches, and is designed to use the least amount of memory possible. As far as I know, there is no Graphical User Interface, or GUI, available for use with UNIX. Widows is an operating system designed by Microsoft, and is made to be used as a GUI. The early versions of Windows, up through Windows 2000, used Microsoft Disc Operating System, or MS-DOS, to carry out the commands initiated by pointing at an icon and clicking on it. Windows XP uses a new operating system, NT, which was also designed by Microsoft, to carry out those commands.

UNIX VS. WINDOWS NT COMPARISON

We use Unix BSDI operating systems for all of our servers because of the superior performance, flexibility and cost efficiency that Unix BSDI offers. The following is a comparison of the BSDI system to the Windows NT system.

Efficiency

Unix offers more performance at 32MB than Windows NT offers at 64MB. Unix is usually more proficient in the use of its memory, especially when dealing with network services. Because Unix requires less memory and processor time than Windows NT, a Unix based system has more memory and processor power for other computer functions.

Performance

With Unix and Windows NT running on 133MHz PC's, Unix ran 27% faster than Windows NT when reading static HTML content, and with API generated content, Unix is between 47% and 197% faster. For CGI contents, Unix is 77% faster than Windows NT. Communications Week tested "five muscular Web servers" and reported the results in their magazine dated May 05, 1997 (issue 661):

... three companies sent us twin-CPU machines. Two companies with BSDi-based Unix operating systems sent single-CPU machines and asked us to compare them to those of the two-CPU crowd ... a BSDi-powered, single-CPU system [kept] up with-and in some cases outperformed twin-CPU machines running Windows NT. excerpt from CommunicationsWeek May 05, 1997, Issue: 661 (link known to be valid as of 1 May 1998)

Reliability

Individuals and subsystems running on Windows NT crash far more frequently than a Unix system. Unix has been reliable for years due to its dependable software and technology.

Remote Management

Unix was designed and implemented with remote management in mind. This enables system administrators to remotely perform management operations from another building or across the world. Windows NT is configured so that most of the administrative programs have to be run on the physical machine, without the ability to remotely control the machine.

Internet Services

Unix has included things such as SMTP (Email), NNTP (News), Telnet, and DNS. All of these protocols and services were somehow forgotten by Windows NT. They can be covered up with third party products and Microsoft's own programs. However, none of these programs and products can compare to Unix in terms of flexibility and power.

Price Comparison

With the Unix server's cost at approximately one fourth that of the Windows NT server, it allows us to provide you with a more cost effective and powerful way to be on the Internet.

Much of the previous information was obtained from the BSDI website. For additional information about why Unix is superior to Windows NT please refer to the

The following table lists the major differences between Oracle8i on Windows NT and on UNIX. For Oracle database administrators moving from a UNIX platform to Windows NT, this information may be helpful in understanding the Windows NT features that are relevant to Oracle.

Feature	On UNIX...	On Windows NT...
Services	UNIX daemons are similar to services on Windows NT.	Oracle registers a database instance as a service (OracleServiceSID). To connect to and use an Oracle instance, an Oracle service is created during the database creation process and associated with the Oracle database. Once a service is created with the Oracle database, the service can run even while no user is logged on. This feature enables server security while running the Oracle database. To Access Services: By default, services run under the SYSTEM account. Choose Start > Settings > Control Panel > Services to access the Services dialog box. OracleServiceSID and other Oracle services appear here.
Processes and Threads	Each Oracle background process exists as a separate process, for example, ora_dbw0_V816.	All Oracle background, dedicated server, and client processes are threads of the master ORACLE process. All the threads of the ORACLE process share resources on Windows NT. This multithreaded architecture is highly efficient, allowing fast context switches with low overhead. To View Processes: Use the Oracle Administration Assistant for Windows NT to view processes or kill individual threads. Choose Start > Programs > Oracle - HOME_NAME > Database Administration > Oracle Administration Assistant for Windows NT. Right-click the SID, for example V816, and choose Process Information. Note: The Microsoft Management Console (MMC) is launched when the Oracle Administration Assistant for Windows NT is started on Windows NT 4.0. Oracle Corporation has integrated several database administration snap-ins into the MMC.
File Sizes	UNIX file system (UFS) or journalled file system (JFS). Maximum file size supported by most vendors is now 32 GB. The Oracle block sizes vary between 2-8K.	Oracle can be installed on FAT and NTFS file systems. By default, Oracle runs under the SYSTEM account, which does not have access to NTFS volumes, unless it is granted. The maximum file size for FAT is 4 GB; for NTFS, 16 Exabytes (EB). The Oracle block size is 8K. The maximum number of blocks per data file is 4 million. The maximum number of data files per database depends on block size. When calculating database limits, the total maximum capacity of the database remains the same regardless of the way the bits are split up.

Initialization Parameters: Multiple Database Writers

You can specify more than one database writer process with the initialization parameter DB_WRITERS.

Multiple database writers can help, for example, when a UNIX port does not support asynchronous I/O.

DB_WRITERS, which writes dirty buffers to disk, is not supported. Windows NT supplies its own I/O slaves and uses them to see if I/O is complete.

Multiple DB_WRITERS might cause synchronization problems.

Direct Writes to Disk

Oracle uses the O_SYNC flag to bypass the file system buffer cache. The flag name depends on the UNIX port.

Oracle bypasses the file system buffer cache completely.

Memory Resources

The resources provided by the default kernels are often inadequate for a medium or large Oracle database.

The maximum size of a shared memory segment (SHMMAX) and maximum number of semaphores available (SEMMNS) may be too low for Oracle recommendations.

Fewer resources are needed for interprocess communication (IPC) because the operating system is thread-based and not process-based. These resources, including shared memory and semaphores, are not adjustable by the user.

Q: Describe the deferences between Host Intrution Detection Sensors (HIDS) and Network Intrution Detection Sensors(NIDS).

Network Intrusion Detection(NIDs)

NIDs primary responsibility is to monitor, detect and identify malicious activity on a network. Once suspicious activity is detected, an alert is generated for each activity.

The difference between HIDs and NIDs is that NID deals with data transmitted from host to host (data in transit) while HID are only concerned with the activity on the host computer. For example, a HID would be used to combat internal threats to a system by monitoring user activity, usage patterns and behavior.

The diagram above represents the typical NIDS scenario where an attempt has been made to funnel the traffic through the NIDS device on the network. It does not take a genius to see that if you had to isolate a single machine and take the machine away from the network like is done by many business people when in transit that NIDS would be very flawed. The Red device represents where the NIDS has been installed

Host Intrusion Detection (HIDs)

This real-time monitoring device alerts the administrator when a specific event has occurred such as a new user being added or any abnormal usage patterns. Host intrusion detection software detect threats aimed at your critical hosts or servers.

Comparative analysis of HIDS vs. NIDS

Function	HIDS	NIDS	Comments
Protection on LAN	****	****	Both systems protect you on your LAN
Protection off LAN	****	-	Only HIDS protects you when you are off the LAN
Ease of Administration	****	****	The admin of NIDS and HIDS is equal from a central admin perspective.
Versatility	****	**	HIDS are more versatile systems.
Price	***	*	HIDS are more affordable systems if the right product is chosen.
Ease of Implementation	****	****	Both NIDS and HIDS are equal form a central control perspective
Little Training required	****	**	HIDS requires less training than NIDS
Total cost of ownership	***	**	HIDS cost you less to own in the long run
Bandwidth requirements on (LAN)	0	2	NIDS uses up LAN bandwidth. HIDS does not.
Network overhead	1	2	The NIDS has double the total network bandwidth requirements from any LAN
Bandwidth requirements (internet)	**	**	Both IDS need internet bandwidth to keep the pattern files current
Spanning port switching requirements	-	****	NIDS requires that port spanning be enabled to ensure that your LAN traffic is scanned.
Update frequency to clients	****	-	HIDS updates all of the clients with a central pattern file.
Cross platform compatibility	**	****	NIDS are more adaptable to cross platform environments.
Local machine registry scans	****	-	Only HIDS can do these types of scans.
Logging	***	***	Both systems have logging functionality
Alarm functions	***	***	Both systems alarm the individual and the administrator.
PAN scan	****	-	Only HIDS scan you personal area networks. (unless you have the $ to get a NIDS for your home)
Packet rejection	-	****	Only NIDS functions in this mode.
Specialist knowledge	***	****	More knowledge is required when installing and understanding how to use NIDS from a network security perspective.

TASK-4

A) How a variety of overruns and format string bugs can alter the program flow on program.

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.

In July 2000, a vulnerability to buffer overflow attack was discovered in Microsoft Outlook and Outlook Express. A programming flaw made it possible for an attacker to compromise the integrity of the target computer by simply it sending an e-mail message. Unlike the typical e-mail virus, users could not protect themselves by not opening attached files; in fact, the user did not even have to open the message to enable the attack. The programs' message header mechanisms had a defect that made it possible for senders to overflow the area with extraneous data, which allowed them to execute whatever type of code they desired on the recipient's computers. Because the process was activated as soon as the recipient downloaded the message from the server, this type of buffer overflow attack was very difficult to defend. Microsoft has since created a patch to eliminate the vulnerability.

B) Five methods of causing havoc by unauthorized altering of memory using a buffer overflow:

C) Three C++ functions which renders a program vulnerable to buffer overrun attacks:

Programming languages C and c++ are most commonly associated with buffer overflows, because they provide no built-in protection against accessing or overwriting data in any part of memory and do not check that data written to an array (the built-in buffer type) is within the boundaries of that array.

Using Buffer Protection

Activating buffer protection is a simple matter of turning on the /GS compiler switch. Using Visual Studio, the switch can be activated from the Code Generation option page on the C/C++ tab (as shown in Figure 2). By default, the setting will be disabled for the Debug configuration and enabled for the Release configuration.

Figure 2: Setting the /GS Switch

The example code above is in C. There are three points worth making here: First: Last I checked (just now, in the VC++ debugger), the stack grows downward on x86. This means that nCount's address will be LOWER than that of pBuff: Somebody writing "forward" (toward higher addresses) off the end of pBuff won't ever touch nCount. Instead, it'll corrupt memory "lower down" on the stack, in particular the return address for myMethod(). THAT is the vulnerability people get upset about. Second: foo() is not on the stack. It's code. If you put its code on the stack right after myMethod()'s locals... wait, where do those locals live on the stack anyway? Why, they live "above" some housekeeping stuff, "below" which live the locals for whoever called it. Where's THAT, you ask? You want an address? Could be anything. You won't know until runtime, because that's how the stack works. a() calls b(), b() calls c(), and maybe this time c() calls d(), or maybe it calls e() because bazfaz happens to be nonzero at the moment -- or whatever. Each one "rents" space on the stack when it's called, and hangs onto that space until it exits, and then that space is used by the next function called. The stack grows and shrinks, and everything on it is written in sand. Putting the code for foo() at some arbitrary point on the stack makes no sense at all. That's not what the stack is for. Third: Scribbling on foo() wouldn't EXECUTE foo(), anyway. In fact, it'd pretty well guarantee that foo() will NOT be executed until somebody loads the image again.

A well recognized method of Preventing Buffer Overflows

Buffer overflow vulnerabilities are the result of poor input validation: they enable an attacker to run his input as code in the victim. Even when care has been taken to validate all inputs, bugs might slip through and make the application insecure. This article presents the various options available to protect against buffer overflows. These methods either check for insecure function calls statically, look for overflow during runtime dynamically or prevent execution of code on the stack.

Non-executable stack: In this method the stack is configured not to hold any executable code. Kernel patches are available for both Linux and Solaris for configuring a non-executable stack. Data execution prevention in Windows XP and 2003 also protect the stack against buffer overflow. This method protects against stack-based buffer overflow attacks. Heap-based overflows and static data segment overflows cannot, however, be prevented by this technique.

Static Analysis: In static analysis the source code is parsed for dangerous library calls and race conditions to detect potential buffer overflows. Functions like strcpy and sprintf are vulnerable to buffer overflows, so source code scanners are used to look for incorrect use of these functions. RATS and SPLINT are two such tools; however static analysis is riddled with false positives.

Dynamic runtime protection: Buffer overflow conditions are detected during the actual running of the program in this method, and an attack thwarted. Different techniques of dynamic runtime analysis are:

Canary: When a function call is made, a “canary” is added to the return address; if a buffer overflow occurs, the canary will be corrupted. So, before returning to the parent function, the “canary” is checked again to see if it has been modified. Stack Guard uses this technique by implementing it as a patch to the GCC complier; this causes minimum performance delays. Free BSD also has a patch available to do this.

Reference

Internet system administration

Internet security

http://www.Google.com ..

http://www.amazon.com

http://www.maxwideman.com

http://www.yahoo.com

Bibliography

Internet security, volume two of administrating web servers, security & Maintenance,

Eric Larson

Brain stephenson

Published by, Pearson education inc.

ISBN: 1-90234-359-x

Security in Internet approach

Thomas crain,

Published by, Pearson education inc.

Appendices

Summary

PGP Desktop trial license provides the following features:

Key management:

When managed by a PGP Universal Server, PGP Desktop 9.x provides a secure recovery mechanism for private keys, called Key Reconstruction. As its name suggests, Key Reconstruction can be used to reconstruct (or restore) your private Key if you have forgotten its pass phrase, or if you have deleted your private Key.

Securing Email Messages:

When PGP Messaging is enabled, you will find that PGP will begin encrypting your email accounts by default. This will occur when you open your email application for the first time after installing PGP Desktop 9.x, and you send/receive email.

Securing Instant Messaging:

AIM sessions between two systems running PGP Desktop 9.x are protected automatically when PGP Desktop 9.x is installed and the PGP AIM Proxy is enabled.

SSL:

With the evolution of e-business, data security has become very important for Internet users. The Secure Socket Layer (SSL) protocol ensures that the transfer of sensitive information over the Internet is secure.

IPSEC:

IPSec was initially developed with IPv6 in mind, but has been engineered to provide security for both IPv4 and IPv6 networks, and operation in both versions is similar. There are some differences in the datagram formats used for AH and ESP depending on whether IPSec is used in IPv4 and IPv6, since the two versions have different datagram formats and addressing.

KERBEROS:

Kerberos is the name of a computer network authentication protocol, which allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner.

UNIX:

Windows NT:

Microsoft's Windows NT server is well known. This also is a multi-user and multitasking operating system. It is younger compared to UNIX, but Windows operating system is well established in the PC market and users are reasonably comfortable with it. Windows NT market is gaining a higher and higher share in the server market.

Host Intrusion Detection (HIDs)

Network Intrusion Detection(NIDs)

NIDs primary responsibility is to monitor, detect and identify malicious activity on a network. Once suspicious activity is detected, an alert is generated for each activity.

We provide a professional essay writing service that thousands of our customers use as an effective way of improving their grades, improving their research and saving them lots of time.