CHAPTER I: NETWORK SECURITY
With the spread of Hackers and Hacking incidents, the time has come, when not only system administrators of servers of big companies, but also people who connect to the Internet by dialing up into their ISP, have to worry about securing their system. It really does not make much difference whether you have a static IP or a dynamic one, if your system is connected to the Internet or an Ethernet system, and then there is every chance of it being attacked.
The challenge of operating a secure web site is very real. The 1999 Information Security Industry Survey conducted by ICSA reports the number of companies that have been attacked by hackers jumped 92 percent from 1997 to 1998. The losses from security breaches averaged US$256,000 and a total of more than US$23 million for the 91 businesses surveyed. CERT, which monitors reports of computer network security breaches from around the world, has registered a steep rise in the number of reported incidents in the past few years (see chart below).
The current mainstay for securing web transactions is the Secure Socket Layer, or SSL, developed by Netscape and embedded in standard browsers. The SSL security protocol is used to create a secure session between a user and a web server using digital certificates. SSL provides for the encryption of data transmitted between client and server, allows for server authentication, ensures the integrity of messages, and can also provide for client authentication. It is very likely that the browser you are using provides SSL security When needed. The cryptographic strength (that is, how secure it is) depends on the length of the key used. SSL uses public key cryptography to send data between client and web server during a secure session. Public key...