This chapter focused on allowing Internet access in a secure method.
This is done by putting in place methods to disallow access to restricted sites. If browsers are allowed to connect to sites without content control, then they could be used as a vector to attack the host system. This can range from displaying unwanted or inappropriate content or pop-up ads, to using the web browser to contaminate the host system by allowing it to conduct a denial of service (DoS) attack that might crash or freeze the browser or the user's computer.
Common methods are to restrict access to selected websites by using the Restricted Zone in Internet Explorer and to use the Content Advisor software that is built into Windows XP. It’s important to refuse access to untrusted sites by varying from Internet's Explorer's default level of security, which is not sufficient to provide adequate security. The Content Advisor uses published ratings to check and limit access to individual sites.
Another important security consideration pertaining to web browsing relates to the installation of cookies on the local system. These text files are stored on the hard drive, and can be used to record information about the user by websites that are visited.
When transferring sensitive or confidential information, it's important to use the Secure Socket Layer (SSL) protocol. This protocol, denoted by the use of HTTPS in the site address header, allows the user to verify the owner of a site by a digital certificate issued by a recognized authority. This assures the user that the website is secure, and provides for authentication as well as message privacy and integrity.
When using a wireless access point, if the user fails to connect in a secure manner they can lay themselves open to interception and theft of data. While the text talks about using the Wired Equivalency Privacy (WEP) protocol to ensure that Wi-Fi connections are secure, this is actually risky as WEP passphrases are easily discoverable. More modern security protocols such as Wireless Protected Access (WPA2) have longer and more complex password strings, leading to enhanced security in their use.
No comments:
Post a Comment