Internet is a vast range of services


Internet is a vast range of services, to provide communicate by host to host. Some people grab data and some people send information these client-server architecture. In today many company budget for secure the system because hackers any time can cause vulnerable attack to damage a part of service or whole system. Like attacker will follow Internet temporary files, cookies and hack IP address.

Task - 1

  1. Encryption:
    1. The use of EFS file sharing in Windows XP provides another opportunity for data recovery by adding additional users to an encrypted file. Although the use of additional users cannot be enforced through policy or other means, it is a useful and easy method for enabling recovery of encrypted files by multiple users without actually using groups, and without sharing private keys between users. Ref:
    2. We cannot encrypt a file for multiple users in Windows 2000.
    3. Following these steps, helping to complete procedure:

      1. Start Microsoft Windows Explorer, and then select the encrypted file that we want to add additional users to.
      2. Right-click the encrypted file and then clickProperties.
      3. ClickAdvancedto access the EFS settings.
      4. ClickDetailsto add additional users.
      5. ClickAdd. TheAdddialog box will display any other EFS-capable certificates in the personal store or those of any other users who may be in system "Other People" and "Trusted People" certificate stores.
      6. Select the certificate of the user who we want to add, and then clickOK. will be returned to theDetailstab, and the tab will show the multiple users who will have access to the encrypted file and the users' EFS certificates.
      7. Repeat this process until we have added all the users who want to add. ClickOKto register the change and continue.
    4. Windows XP and Windows Server 2003 now perform revocation checking on all certificates for other users when they're added to an encrypted file. For performance reasons, users that hold a private key and recovery agent certificates are not checked for revocation, they are only verified for time validity. However, user certificates that do not contain a CDP (Certificate Revocation List Distribution Point) extension (such as those from some 3rd party CAs) will not be validated for revocation status when added to a file. If the user does not chain to a trusted root CA certificate, or the certificate is not installed in the Trusted People certificate store, the user will be warned before adding the certificate.
  2. Different results can occur when moving or copying encrypted files between locations. For example, when copying an encrypted file from a local machine to a server on the network, different results of the copy operation will occur depending on the operating system being used on the server. In general, copying a file will inherit the EFS properties of the target, but a move operation will not inherit the EFS properties of the target folder.
  3. When copying an encrypted file:

    • If using Windows 2000 and the target server is running Microsoft® Windows NT Server 4.0, the file will be silently decrypted and copied to the server. If using Windows XP or Windows Server 2003, the user will be warned and prompted to allow the decryption operation.
    • If the target server is running Windows 2000 or Windows Server 2003, and the machine account of the server is trusted for delegation in the Active Directory, the file will be silently decrypted and copied to the server where it will be re-encrypted using a local profile and encryption key.
  4. Once EFS uses a certificate, it is cached on the local machine. This eliminates the need for looking up users in Active Directory every time a new user is added to an encrypted file. Certificates that are part of a certificate chain, and self-signed certificates, can be used and cached. When a user certificate that is part of a certificate chain is added to an encrypted file, the certificate will be cached in the current user's "Other People" certificate store as shown like.
  5. When we want to complete these tasks must be logging on as an administrator to perform these steps, because these provide permission only for administrator. EFS are sensitive and secure system so un-authorized or gust cannot use or modify this tasks. So that administrator wants to know capability of total system with good knowledge of EFS and system user name and password.
  6. In general, the best practice for organizations to follow regarding data recovery is to deploy a public key infrastructure (PKI) to issue certificates to users and data recovery agents that are issued from a certification authority (CA). The Microsoft Enterprise Certification Authority makes it easy for users to automatically get certificates for use by EFS.

Other best practices include:

Using more than one DRA per domain, and storing the actual private keys for the DRAs on a medium (floppy disk, CD-ROM, etc.) that can be secured and retrieved only when appropriate security policies and practices have been followed. DRAs may be defined at the site, domain or OU like any other Group Policy, and may be combined as an aggregate policy based on the organization of Active Directory.

Task - 2

  1. A cookie is a small piece of information written to the hard drive of an Internet user when he or she visits a website that offers cookies. Cookie files are extremely small, comprising no more than 255 characters and 4k of disk space. Cookies can contain a variety of information, including the name of the website that issued them, where on the site the user visited, passwords, and even user names and credit card numbers that have been supplied via forms. Cookies are supposedly only retrievable by the site which issued them, and link the information gathered to a unique ID number assigned to the cookie "so that...information is available from one session to another.
    • Using cookies sties can determine:
    • How many visitors arrive
    • How many are new versus repeat visitors
    • How often a visitor has visited.

    Cookies can store internet access information which more help full to protect company or personal privacy. Cookies will browse faster data and save website information.

    URL History: URL history is a list of website information. When user can access website it can store URL history information this most interesting feature is most popular browser. URL history stored in browser Address bar shows a list of the web sites which recently visited.

    Clear URL Historyhelps clear URL history as well as other history tracks in Internet Explorer, MSN Explorer, Maxthon (MyIE2), Firefox, Safari, AOL browser, Opera, Mozilla and Netscape.

    URL History can determine:

    • 1Website information list
    • Access more quickly
    • Visiting information
    • How often a visitor has visited a website.

    Internet temporary files: Atemporary Internet fileis a file that is located on hard drivethat abrowseruses to storeWeb sitedata for everyWeb pageorURLaddress that you visit. When theWeb serversends the Web page files to the browser, they are stored in afileso that the next time we visit the same Web site the browser takes the data from the temporary Internet file. Loading the Web site in this way from a temporary Internet file is calledcaching.

    Cookies: here I've capture some types of cookie

  2. Internet Temporary files: On a Windows-based computerTemporary Internet Filesis actually the name of the directory used by Internet Explorerto cache the pages visit. Many different types of files are saved to the Temporary Internet Files folder when we visit a Web page, such as HTML, images, JavaScript, style sheets,video files,cookiesand more.
  3. In windows xp: In internet explorer go tools General
  4. Windows xp there easily graphical window to manage cookies, url history, and internet temporary files. In Netscape: Select "Edit", then "Preferences", and then click on "Advanced". At the bottom of the window are cookie settings.

  5. In many way we can delete cookies, internet temporary files and url history. Many companies provide automated deleting cookies, internet temporary files, and url history tools for deleted and manage. Like ccleaner is a most popular tool to deleting those files. Manually we can use in windows xp, internet explorer 6.

Task - 3

  1. Excessive use of Internet: Forensic investigator tools is a tool for investigate Internet URL, Cookies, history and Internet temporary files. Many companies provide forensic tools and so popular for reason these can find out when access banned website, unauthorized software and total history login information. These can maintain system admin and daily checked by forensic investigators tools. Forensic investigator has GUI and command mode both provide extra feature. Internet is wide range of service, some service harmful for the system so want to protect unexpected prevent attack.
  2. Visits to banned web sites: Firefox is the best browser available out there. When we are accessing proxy sites or similar sites ensure that we use Firefox not Internet Explorer.
  3. Internet censoring is now everywhere.

    Proxy also allows visiting sites that have banned user IP. This might be a forum or just a website or blog from which you or other users on IP range have been barred access. The banned icon is like-

    Top 10 methods to access banned websites-

    1. Use IP address: This is the simplest way to bypass domain name based access restrictions. Instead of the domain name such as use the direct IP address. To find the IP address use one of the free host to IP online conversion tools such as this.
    2. Use Google cache: If are not bothered whether the content is latest on a site, Google cache is best. Do a Google search for the site and then click on the cached link below the search results.
    3. Use an Anonymizer: In this method we access a third party site which in turn routes in request to the required server. Some services provide URL encryption also. The problem is that most of these servers are no longer free.
    4. Use Online Translation Tools: In this method, we can use the translation service as a web proxy.
    5. Use Google Mobile search: Google mobile searchworks, but output may not be optimal. This is very similar to using a Web proxy.
    6. Use a public Proxy server: There are many free proxy servers out in the Web.
    7. Get web pages via email: This is useful if we need a single Web page.
    8. Use Tor Distributed Proxy: This is useful if you need a single Web page.
    9. Your own proxy server: This is an advanced technique and is probably the best.
    10. Use alternate content providers: When everything fails, we can use alternate service providers. For example if Gmail is blocked at place, we can take another obscure mail address and enable email forward at Gmail.
  4. Use of unauthorized software: Installing Unauthorized software programs on the computer at work may seem harmless or even beneficial. However, software from unauthorized sources can create many problems. For example:
    • Freeware and low-cost software downloaded from the Internet or distributed on floppy disks or CDs can contain viruses that will infect the system and spread to other computer on the network.
    • Unauthorized software may be poorly written, intended for use with different operant operating system, or have conflicts with currently installed software that can cause it to crash your computer or send unwanted messages on the network.
    • Unauthorized software might be pirated, which could subject the University to penalties in case of a software audit.

Task - 4

  1. Privacy and surveillance: Security and Surveillance Technology issues have become crucial in a rapidly growing world. It is inconceivable to imagine today's businesses thriving without resorting to some sort of surveillance technique. Business is simply an industry that's vulnerable to crimes such as theft and pilferage, encouraging the need for effective and reliable business security techniques. Today, business security is a million-dollar industry, thanks to its popularity for residential, commercial and even personal use. The wordsurveillancemay be applied to observation from a distance by means of electronic equipment (such as CCTV cameras), or interception of electronically transmitted information (such as Internet traffic or phone calls). It may also refer to simple, relatively no- or low-technology methods such as human intelligence agents andpostal interception.
  2. Surveillance is very useful to governments and law enforcement to maintainsocial control, recognize and monitor threats, and prevent/investigatecriminalactivity. With the advent of programs such as theTotal Information Awarenessprogram andADVISE, technologies such ashigh speed surveillance computers andbiometricssoftware, and laws such as theCommunications Assistance For Law Enforcement Act, governments now possess an unprecedented ability to monitor the activities of their subjects.

  3. ID cards and security: today id cards is most high identification technology follow most of the company and organization for security purpose. Id card most includes unique identification number. Unauthorized person cannot access the without ID card. First name and last name include for naming convention purpose. Picture attached is not mandatory issue these will mention company law.
  4. Smart ID Card-

    • This was an initiative of the Thaksin administration. The idea was to issue each and every Thai citizen with an ID card with a computer chip planted inside which could hold very large information about its holder.
    • There were concerns about the following issues:
    • Health records
    • Criminal records
    • Credit histories
    • Political affiliations
    • Individual profiles for marketing purposes
  5. Voting technology and security: Electronic voting(also known ase-voting) is a term encompassing several different types ofvoting, embracing both electronic means of casting a vote and electronic means of counting votes.

Electronic voting technology can includepunch cards,optical scan voting systemsand specialized voting kiosks (including self-containedDirect-recording electronic (DRE) voting systems). It can also involve transmission ofballotsand votes via telephones, privatecomputer networks, or theInternet.

Electronic voting technology can speed the counting of ballots and can provide improvedaccessibilityfor disabled voters. However, there has been contention, especially in theUnited States, that electronic voting, especially DRE voting, could facilitateelectoral fraud.

Electronic voting machines represent a grave threat to fair and accurate elections, a threat that every American -- Republican, Democrat or independent -- should be concerned about. Because they're computer-based, the deliberate or accidental actions of a few can swing an entire election. The solution: Paper ballots, which can be verified by voters and recounted if necessary.

Task - 5

  1. Buffer overflow (overrun): A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold or when a program attempts to put data in a memory area past a buffer. In this case, a buffer is a sequential section of memory allocated to contain anything from a character string to an array of integers. Writing outside the bounds of a block of allocated memory can corrupt data, crash the program, or cause the execution of malicious code.
    • Stack overrun: The threat was first seen widely in 1988 and it is still an active attack methodology in 2000. A buffer overrun attack was one of the mechanisms reportedly utilized to deploy the malicious agents used on the Solaris-based servers in the recent DDoS attacks.
    • Astack buffer overflowoccurs when a program writes to amemoryaddress on the program'scall stackoutside of the intended data structure; usually a fixed length buffer. Stack buffer overflow bugs are caused when a program writes more data to a buffer located on the stack than there was actually allocated for that buffer. This almost always results in corruption of adjacent data on the stack, and in cases where the overflow was triggered by mistake, will often cause the program to crash or operate incorrectly. This type of overflow is part of the more general class of programming bugs known asoverflows. The most common form of buffer overrun exploitation is to attack buffers allocated on the stack. Stack buffer overrun attacks are designed to achieve two mutually dependent goals:
    • Insert Malicious Code: The malicious user provides an input string that is actually executable binary code that is native to the machine being attacked. Typically this code is simple, and does something similar to exec(”sh”) to produce a root shell.
    • Change the Return Address: There is a stack frame for a currently active function above the buffer on the stack that is being attacked. The stack buffer overrun changes the return address to point to the attack code. When the function returns, instead of jumping back to where it was called from, it jumps to the attack code. In many cases the malicious code is preceded by a block of NOP instructions which reduces the accuracy required to guess the exact return address for the malicious code. If the return addresses lands anywhere within the block of NOP instructions the malicious code will be executed.
  2. Heap overrun: Memory that is dynamically allocated by an application for variable storage is called the heap. In the typical heap buffer overrun attack, variables such as passwords, file names and a saved uid in the heap are overwritten by the malicious user. Heap overrun attacks are not as common as stack buffer overrun attacks but they can be effective in providing unauthorized privileged access for the intruder. Early heap buffer overrun vulnerability was found in BSDI crontab in 1996. This heap buffer overrun involved passing a long file name which overran its buffer in the heap. The overrunning data wrote over the fields in the heap which held the user's user name, password, uid, gid, etc. When used maliciously, one could easily change the privileges associated with the user / application by changing the uid/gid to 0.
  3. Array indexing error:
  4. Common consequence of array indexing error are-

    Integrity Availability- Unchecked array indexing will very likely result in the corruption of relevant memory and perhaps instructions, leading to a crash, if the values are outside of the valid memory area.

Integrity- If the memory corrupted is data, rather than instructions, the system will continue to function with improper values.

Confidentiality Integrity- Unchecked array indexing can also trigger out-of-bounds read or write operations, or operations on the wrong objects; i.e., "buffer overflows" are not always the result. This may result in the exposure or modification of sensitive data.

Integrity- If the memory accessible by the attacker can be effectively controlled, it may be possible to execute arbitrary code, as with a standard buffer overflow and possibly without the use of large inputs if a precise index can be controlled..

In the code snippet below, an unchecked integer value is used to reference an object in an array.

public String getValue(int index) {

return array[index];



Task - 1:


Task - 2:


Task - 3:


Task - 4:


Task - 5:


Please be aware that the free essay that you were just reading was not written by us. This essay, and all of the others available to view on the website, were provided to us by students in exchange for services that we offer. This relationship helps our students to get an even better deal while also contributing to the biggest free essay resource in the UK!