Difference between revisions of "The Basics of Email and Web Security"
(→Spam and Hoax Email) |
|||
| Line 21: | Line 21: | ||
The secure version of MIME, known as S/MIME, was developed to allow for the encrypted email transmission of data over public networks. S/MIME uses RSA based asymmetric encryption and is supported by most modern email client applications. | The secure version of MIME, known as S/MIME, was developed to allow for the encrypted email transmission of data over public networks. S/MIME uses RSA based asymmetric encryption and is supported by most modern email client applications. | ||
| − | == Spam | + | == Dealing with Spam Email == |
Whilst it is impossible to arrive at exact numbers, it is widely believed that spam email now accounts for as much as 40% of all traffic on the internet. The time employees spend deleting unwanted spam messages is believed to cost businesses in the United States alone in excess of $2 billion. a year in terms of lost productivity. | Whilst it is impossible to arrive at exact numbers, it is widely believed that spam email now accounts for as much as 40% of all traffic on the internet. The time employees spend deleting unwanted spam messages is believed to cost businesses in the United States alone in excess of $2 billion. a year in terms of lost productivity. | ||
| Line 27: | Line 27: | ||
Clearly spam email messages are a serious issue which must be addressed by system administrators and IT security employees. A number of solutions to the problem are available but none, unfortunately provide 100% certainty of either eliminating all spam, or guaranteeing that legitimate messages will not be incorrectly categorized as spam. | Clearly spam email messages are a serious issue which must be addressed by system administrators and IT security employees. A number of solutions to the problem are available but none, unfortunately provide 100% certainty of either eliminating all spam, or guaranteeing that legitimate messages will not be incorrectly categorized as spam. | ||
| − | One solution is to subscribe to ''email blacklists''. These are services which maintain a registry of known spam senders which can be used to isolate spam messages. Unfortunately | + | One solution is to subscribe to ''email blacklists''. These are services which maintain a registry of known spam senders which can be used to isolate spam messages. Unfortunately many spammers send email using the open relays of legitimate email servers thereby disguising their true identity and limiting the usefulness of email blacklists. |
| + | |||
| + | Another option is to install spam filtering software which blocks spam based on algorithms which scan messages for patterns and word sequences which are common to spam messages. Once again, this solution is only partially effective, resulting in some spam making it through filters and some valid messages being tagged as spam (so called ''false positives''). | ||
| + | |||
| + | A common and effective way to eliminate the volume of spam on the internet is for system administrators to shut down ''mail relaying''. Spammers often use programs which scan port 25 (the SMTP port) of systems connected to the internet looking for open relays. Having found an open relay they use this to send vast volumes of spam messages out. Such messages appear to originate from the system with the open relay (almost always a legitimate business with no connections to the spammer) thereby making it difficult to track down the spammer and minimizing the effectiveness of email blacklists. | ||
Revision as of 19:24, 19 February 2008
For all its speed and convenience email is not without a few potential security problems. First and foremost is the fact that it is often transmitted over the public internet rendering confidential information susceptible to interception. Anyone who has used an email account for more than a few days will also be painfully aware of the problems posed by the massive volumes of spam that inundate email in boxes throughout the world. The broad use and accessibility of Instant messaging also brings with it security threats and challenges.
A comprehensive security strategy also needs to take into consideration the risks associated with users using web browsers to access and provide information over the World Wide Web.
Each of these areas will be discussed in this chapter of Security+ Essentials together possible steps that can be taken to ensure a more secure IT environment.
Email Security
One of the biggest problems with email is that the messages are transmitted over the public internet. This means that it is theoretically possible for malicious parties to intercept email message transmissions and thereby gain access to what may be confidential information or data. The best way to avoid this is to use encryption to protect sensitive data when it is transmitted over the internet. Two such solutions are S/MIME and PGP.
Pretty Good Privacy (PGP)
PGP is based on the Pretty Good Privacy technology developed by Phillip Zimmerman in the early 1990's. The PGP program uses either RSA or Diffie-Hellman asymmetric encryption to encrypt messages before they are sent and to decrypt them on arrival at their destination.
In addition to encrypting email messages, PGP also attaches a digital signature to the messages which can be used by the recipient to verify that the message has not been modified in any way since it was transmitted.
Secure Multipurpose Internet Mail Extension (S/MIME)
The standard MIME protocol extends the Simple Mail Transfer Protocol (SMTP) to enable the inclusion of non-ASCII (i.e non-plain text) attachments such as binary, photo and audio files in email messages.
The secure version of MIME, known as S/MIME, was developed to allow for the encrypted email transmission of data over public networks. S/MIME uses RSA based asymmetric encryption and is supported by most modern email client applications.
Dealing with Spam Email
Whilst it is impossible to arrive at exact numbers, it is widely believed that spam email now accounts for as much as 40% of all traffic on the internet. The time employees spend deleting unwanted spam messages is believed to cost businesses in the United States alone in excess of $2 billion. a year in terms of lost productivity.
Clearly spam email messages are a serious issue which must be addressed by system administrators and IT security employees. A number of solutions to the problem are available but none, unfortunately provide 100% certainty of either eliminating all spam, or guaranteeing that legitimate messages will not be incorrectly categorized as spam.
One solution is to subscribe to email blacklists. These are services which maintain a registry of known spam senders which can be used to isolate spam messages. Unfortunately many spammers send email using the open relays of legitimate email servers thereby disguising their true identity and limiting the usefulness of email blacklists.
Another option is to install spam filtering software which blocks spam based on algorithms which scan messages for patterns and word sequences which are common to spam messages. Once again, this solution is only partially effective, resulting in some spam making it through filters and some valid messages being tagged as spam (so called false positives).
A common and effective way to eliminate the volume of spam on the internet is for system administrators to shut down mail relaying. Spammers often use programs which scan port 25 (the SMTP port) of systems connected to the internet looking for open relays. Having found an open relay they use this to send vast volumes of spam messages out. Such messages appear to originate from the system with the open relay (almost always a legitimate business with no connections to the spammer) thereby making it difficult to track down the spammer and minimizing the effectiveness of email blacklists.
