Internet protocols and security
In order to understand computer security, it is important for readers that are not familiar with internet technology, to learn a few basic concepts and find out more about Internet protocols and how computers work when connected to the Internet.
Most computers today are connected amongst themselves through a worldwide network also known as the Internet. Users may be familiar with the physical devices that allow their computer to connect to the Internet (cables, routers and such) but in most cases they are unaware about Internet protocols and how these protocols can affect computer security. So here is some brief information about how Internet networking works. When two computers are connected in a network (and this applies to Internet connections as well) they are using data packets to send and receive information from/to the other computer. Each data packet has two different sections, the packet header containing important information about the source and destination of the packet and similar description information, and the packet body that contains the actual data to be transmitted. When a computer receives a network packet, it reads the packet header and finds out information about source and destination of the packet, and then it decides what to do with the packed based on this information. The packet can then be sent to another computer if needed (here a special set of rules known as routing table can be used) or delivered to a special port on the same computer, if the packet is intended to be used by an application running on the same computer. And here we go a bit further into detail with internet protocols and how they work.
In order to properly communicate amongst themselves, Internet-connected computers need some sort of 'common language' to be able to understand each other, not to mention that there is a huge variety of configurations and operating systems communicating together via Internet protocols. The basis of Internet communication is a protocol called TCP-IP. We should be aware that TCP-IP is actually a set of two protocols. The IP protocol handles routing - it works by establishing the path a packet takes in order to reach the destination computer, while the TCP protocol is responsible about the data itself and makes sure the data is received at the destination in good state and that information is not lost during transit. Now computers need to be able to identify themselves, in order to send data to the right computer, or to receive data only from a specific computer or set of computers. This identifier is commonly known as IP address - therefore IP addresses are like a home address for a computer, allowing sender computer to properly identify the right destination computer in order to send network packets to it.
It is easy to understand why IP addresses have their own role in computer security. First of all, you cannot hide your IP address; if you do that, you will no longer be connected to the internet, its like when the mailman cannot find your home and therefore he cannot deliver any letters to you. Your IP address also contains additional information about you; it can tell a remote attacker where is your computer located, geographically around the world. Through some additional techniques like ICMP Ping for example, an attacker can find out whether your computer is up and running, and if it is, the attacker may then prepare to launch a full attack on your computer and attempt to take control over it. And at this stage, an attacker may use special tools like port scanning software and protocol analyzers in order to identify active ports on your computer and then attempt to identify flaws in your computer's security that can be exploited and then the attacker will be able to take full or partial control over your computer.
Which brings us to explaining ports and servers. Let's say that a network packet has reached the right destination computer. What happens then? The computer needs to decide what to do with the packet, and it does that through a special identifier known as Port. Ports are identified by type (please note that there are TCP and UDP ports, and they are numbered from 1 to 65535) and port number, and there is a special assignment for certain known ports. For example TCP port 80 is usually mapped to web servers, meaning that if your computer runs web server software and hosts websites, it will usually have port 80 active in listening mode to allow other computers to connect to it.
Please note that any computer can be a server, and act like a server simply by running applications that are configured to work as server applications. Such applications usually take control over specific ports, for example a web server will take control over TCP port 80 and set it to 'Listening'. When in listening state, a TCP port basically is opened to the world and awaiting for incoming connections. Whenever such connection request is detected, the application will decide whether to allow the connection to be established or not (and it usually is) and then allow the connection to fully establish by accepting the request. From this point further, the two computers will begin communicating in both ways, and in many cases the user does not know what they are talking about (which can be scary, isn't it?). Anyway, the point is - server applications can be dangerous for your computer and compromise security as a whole, if they are not configured properly. If you are not fully aware how to configure such server applications properly, it is recommended not to run any. Most home users do not need to run server applications at all. However, there are types of common applications that act as servers as part of their common functionality - for example, instant messengers usually act as servers for specified ports. This means that you need to enforce security when running such applications, by making sure you are using the most recent version of the program and that all security patches available for it have been applied. Also, the operating system itself contains services that run as servers on various ports; it is therfore extremely important for your computer security, to make sure your computer is updated in order to block all security flaws, out of the reach of any attacker. On Windows based computers, use Windows Update and Automatic updates to keep your computer secure from such exploitable flaws in your operating system.
Most computers today are connected amongst themselves through a worldwide network also known as the Internet. Users may be familiar with the physical devices that allow their computer to connect to the Internet (cables, routers and such) but in most cases they are unaware about Internet protocols and how these protocols can affect computer security. So here is some brief information about how Internet networking works. When two computers are connected in a network (and this applies to Internet connections as well) they are using data packets to send and receive information from/to the other computer. Each data packet has two different sections, the packet header containing important information about the source and destination of the packet and similar description information, and the packet body that contains the actual data to be transmitted. When a computer receives a network packet, it reads the packet header and finds out information about source and destination of the packet, and then it decides what to do with the packed based on this information. The packet can then be sent to another computer if needed (here a special set of rules known as routing table can be used) or delivered to a special port on the same computer, if the packet is intended to be used by an application running on the same computer. And here we go a bit further into detail with internet protocols and how they work.
In order to properly communicate amongst themselves, Internet-connected computers need some sort of 'common language' to be able to understand each other, not to mention that there is a huge variety of configurations and operating systems communicating together via Internet protocols. The basis of Internet communication is a protocol called TCP-IP. We should be aware that TCP-IP is actually a set of two protocols. The IP protocol handles routing - it works by establishing the path a packet takes in order to reach the destination computer, while the TCP protocol is responsible about the data itself and makes sure the data is received at the destination in good state and that information is not lost during transit. Now computers need to be able to identify themselves, in order to send data to the right computer, or to receive data only from a specific computer or set of computers. This identifier is commonly known as IP address - therefore IP addresses are like a home address for a computer, allowing sender computer to properly identify the right destination computer in order to send network packets to it.
It is easy to understand why IP addresses have their own role in computer security. First of all, you cannot hide your IP address; if you do that, you will no longer be connected to the internet, its like when the mailman cannot find your home and therefore he cannot deliver any letters to you. Your IP address also contains additional information about you; it can tell a remote attacker where is your computer located, geographically around the world. Through some additional techniques like ICMP Ping for example, an attacker can find out whether your computer is up and running, and if it is, the attacker may then prepare to launch a full attack on your computer and attempt to take control over it. And at this stage, an attacker may use special tools like port scanning software and protocol analyzers in order to identify active ports on your computer and then attempt to identify flaws in your computer's security that can be exploited and then the attacker will be able to take full or partial control over your computer.
Which brings us to explaining ports and servers. Let's say that a network packet has reached the right destination computer. What happens then? The computer needs to decide what to do with the packet, and it does that through a special identifier known as Port. Ports are identified by type (please note that there are TCP and UDP ports, and they are numbered from 1 to 65535) and port number, and there is a special assignment for certain known ports. For example TCP port 80 is usually mapped to web servers, meaning that if your computer runs web server software and hosts websites, it will usually have port 80 active in listening mode to allow other computers to connect to it.
Please note that any computer can be a server, and act like a server simply by running applications that are configured to work as server applications. Such applications usually take control over specific ports, for example a web server will take control over TCP port 80 and set it to 'Listening'. When in listening state, a TCP port basically is opened to the world and awaiting for incoming connections. Whenever such connection request is detected, the application will decide whether to allow the connection to be established or not (and it usually is) and then allow the connection to fully establish by accepting the request. From this point further, the two computers will begin communicating in both ways, and in many cases the user does not know what they are talking about (which can be scary, isn't it?). Anyway, the point is - server applications can be dangerous for your computer and compromise security as a whole, if they are not configured properly. If you are not fully aware how to configure such server applications properly, it is recommended not to run any. Most home users do not need to run server applications at all. However, there are types of common applications that act as servers as part of their common functionality - for example, instant messengers usually act as servers for specified ports. This means that you need to enforce security when running such applications, by making sure you are using the most recent version of the program and that all security patches available for it have been applied. Also, the operating system itself contains services that run as servers on various ports; it is therfore extremely important for your computer security, to make sure your computer is updated in order to block all security flaws, out of the reach of any attacker. On Windows based computers, use Windows Update and Automatic updates to keep your computer secure from such exploitable flaws in your operating system.
This information is provided without any warranties of any kind. Use it at your own risk. Terms and conditions