SAFEGUARDING THE INTERNET :

Network devices transport communications required for data and

services. These devices include routers, firewalls, switches, servers,
and so on. Network devices are perfect targets for cyber criminals.
Several methods to protect various network devices are as
follows:
1.Routers. 2.Switches. 3.Firewalls
1. Routers :
Routers communicate with each other to recognize the most ideal
way to convey traffic to various networks. Routers use routing
protocols to make routing choices. Routers can also integrate other
services. These operations make routers prime targets. The primary
threat to network routers are hacking and remote access, attacks
against routing protocols. A few strategies to ensure routers are
advanced configuration settings, use of secure routing protocols with
authentication, and so forth.
2. Switches :
The main threat to network switches are theft, hacking, attacks
against network protocols. Implementation of port security is required
to protect network switches. Port security restricts the number of
valid MAC addresses permitted on a port. The switch enables access
to devices with authorized MAC (Media Access Control) addresses
while it declines other MAC addresses. MAC address is an
extraordinary identifier given to a network interface controller.
3. Firewalls :
A firewall is a network security device, either hardware or software-
based, which monitors all incoming and outgoing traffic and based on
a defined set of security rules accepts, rejects, or drops that specific
traffic.
 1. Accept: allow the traffic
 2. Reject: block the traffic but reply with an “unreachable
error”
 3. Drop: block the traffic with no reply
A firewall is a type of network security device that filters incoming and
outgoing network traffic with security policies that have previously
been set up inside an organization. A firewall is essentially the wall
that separates a private internal network from the open Internet at its
very basic level.

HISTORY OF FIREWALL :
Before Firewalls, network security was performed by Access
Control Lists (ACLs) residing on routers. ACLs are rules that determine
whether network access should be granted or denied to specific IP
address. But ACLs cannot determine the nature of the packet it is
blocking. Also, ACL alone does not have the capacity to keep threats
out of the network. Hence, the Firewall was introduced. Connectivity
to the Internet is no longer optional for organizations. However,
accessing the Internet provides benefits to the organization; it also
enables the outside world to interact with the internal network of the
organization. This creates a threat to the organization. In order to
secure the internal network from unauthorized traffic, we need a
firewall.
Types of Firewall :
Firewalls can be categorized based on their generation.

1. Packet Filtering Firewall :

Packet filtering firewall is used to control network access by
monitoring outgoing and incoming packets and allowing them to pass
or stop based on source and destination IP address, protocols, and
ports. It analyses traffic at the transport protocol layer (but mainly
uses first 3 layers). Packet firewalls treat each packet in isolation.
They have no ability to tell whether a packet is part of an existing
stream of traffic. Only It can allow or deny the packets based on
unique packet headers. Packet filtering firewall maintains a filtering
table that decides whether the packet will be forwarded or discarded.
2. Stateful Inspection Firewall
Stateful firewalls (performs Stateful Packet Inspection) are able to
determine the connection state of packet, unlike Packet filtering
firewall, which makes it more efficient. It keeps track of the state of
networks connection travelling across it, such as TCP streams. So the
filtering decisions would not only be based on defined rules, but also
on packet’s history in the state table.
3. Software Firewall
A software firewall is any firewall that is set up locally or on a cloud
server. When it comes to controlling the inflow and outflow of data
packets and limiting the number of networks that can be linked to a
single device, they may be the most advantageous. But the problem
with software firewall is they are time-consuming.
4. Hardware Firewall
They also go by the name “firewalls based on physical appliances.” It
guarantees that the malicious data is halted before it reaches the
network endpoint that is in danger.
5. Application Layer Firewall
Application layer firewall can inspect and filter the packets on any OSI
layer, up to the application layer. It has the ability to block specific
content, also recognize when certain application and protocols
(like HTTP, FTP) are being misused. In other words, Application layer
firewalls are hosts that run proxy servers. A proxy firewall prevents the
direct connection between either side of the firewall, each packet has
to pass through the proxy.
6. Next Generation Firewalls (NGFW)
NGFW consists of Deep Packet Inspection, Application
Inspection, SSL/SSH inspection and many functionalities to protect the
network from these modern threats.
7. Proxy Service Firewall
This kind of firewall filters communications at the application layer, and
protects the network. A proxy firewall acts as a gateway between two
networks for a particular application.
8. Circuit Level Gateway Firewall
This works as the Sessions layer of the OSI Model’s . This allows for the
simultaneous setup of two Transmission Control Protocol (TCP)
connections. It can effortlessly allow data packets to flow without using
quite a lot of computing power. These firewalls are ineffective because
they do not inspect data packets; if malware is found in a data packet,
they will permit it to pass provided that TCP connections are
established properly.

VIRUSES :
A virus is a fragment of code embedded in a legitimate program.
Viruses are self-replicating and are designed to infect other programs.
They can wreak havoc in a system by modifying or destroying files
causing system crashes and program malfunctions. On reaching the
target machine a virus dropper inserts the virus into the system.
Various types of viruses:
1.File Virus:
This type of virus infects the system by appending itself to the end of
a file. It changes the start of a program so that the control jumps to
its code. After the execution of its code, the control returns back to
the main program. Its execution is not even noticed. It is also called
a Parasitic virus because it leaves no file intact but also leaves the
host functional.
2.Boot sector Virus:
It infects the boot sector of the system, executing every time system
is booted and before the operating system is loaded. It infects other
bootable media like floppy disks. These are also known as memory
viruses as they do not infect the file systems.
3.Macro Virus:
Unlike most viruses which are written in a low-level language(like C or
assembly language), these are written in a high-level language like Visual
Basic. These viruses are triggered when a program capable of executing a
macro is run. For example, the macro viruses can be contained in
spreadsheet files.

4.Source code Virus:

It looks for source code and modifies it to include virus and to help spread it.

5.Encrypted Virus:

In order to avoid detection by antivirus, this type of virus exists in encrypted

form. It carries a decryption algorithm along with it. So the virus first
decrypts and then executes.

6.Stealth Virus:

It is a very tricky virus as it changes the code that can be used to detect it.
Hence, the detection of viruses becomes very difficult.

7.Directory Virus:

This virus is also called called File System Virus or Cluster Virus. It infects the
directory of the computer by modifying the path that is indicating the
location of a file.

8.FAT Virus :
The File Allocation Table is the part of the disk used to store all
information about the location of files, available space , unusable
space etc.
This virus affects the FAT section and may damage crucial
information.

Digital Certificate
Digital certificate is issued by a trusted third party which proves
sender’s identity to the receiver and receiver’s identity to the sender.
A digital certificate is a certificate issued by a Certificate Authority
(CA) to verify the identity of the certificate holder. Digital certificate is
used to attach public key with a particular individual or an entity.
Digital certificate contains
 Name of certificate holder.
  Serial number which is used to uniquely identify a certificate,
the individual or the entity identified by the certificate
 Expiration dates.
 Copy of certificate holder’s public key.
 Digital Signature of the certificate issuing authority.
 Digital certificate is also sent with the digital signature and the
Advantages of Digital Certificate
1.NETWORK SECURITY :
Complete, layered strategy is required by modern cybersecurity
methods, wherein many solutions cooperate to offer the highest level
of protection against malevolent actors. An essential component of
this puzzle is digital certificates, which offer strong defence against
manipulation and man-in-the-middle assaults.
2.VERIFICATION : Digital certificates facilitate cybersecurity by
restricting access to sensitive data, which makes authentication a
crucial component of cybersecurity. Thus, there is a decreased
chance that hostile actors will cause chaos. Compared to other
popular authentication methods like biometrics or one-time
passwords, certificates are flexible.
3.BUYER SUCCESS : Astute consumers demand complete assurance
that the websites they visit are reliable. Because digital certificates
are supported by certificate authority that users’ browsers trust, they
offer a readily identifiable indicator of reliability.
Disadvantages of Digital Certificate :
1.Phishing attacks: To make their websites look authentic,
attackers can fabricate bogus websites and obtain certificates. Users
may be fooled into providing sensitive information, such as their login
credentials, which the attacker may then take advantage of.
2. Weak encryption: Older digital certificate systems may employ
less secure encryption methods that are open to intrusions.
3.Misconfiguration: In order for digital certificates to work, they
need to be set up correctly. Websites and online interactions can be
attacked due to incorrectly configured certificates