Salam

Monday, 4 June 2012


Legal rights to which the creator of intellectual property ‐ original creative works‐ are entitled
– Who has the right to use, perform, or display the creative work
– What legally can be done with that work
– How long the creator retains right to the property
– And other related restrictions
3 main types of intellectual property rights
– Copyrights
– Trademarks
– Patents


Many of the ethical issues that face IT professionals involve privacy. For example:
  • Should you read the private e-mail of your network users just “because you can?” Is it okay to read employees’ e-mail as a security measure, to ensure that sensitive company information isn’t being disclosed? Is it okay to read employees’ e-mail to ensure that company rules (for instance, against personal use of the e-mail system) aren’t being violated? If you do read employees’ e-mail, should you disclose that policy to them? Before or after the fact?
  • Is it okay to monitor the Web sites visited by your network users? Should you routinely keep logs of visited sites? Is it negligent to not monitor such Internet usage, to prevent the possibility of pornography in the workplace that could create a hostile work environment?
  • Is it okay to place key loggers on machines on the network to capture everything the user types? Screen capture programs so you can see everything that’s displayed? Should users be informed that they’re being watched in this way?
  • Is it okay to read the documents and look at the graphics files that are stored on users’ computers or in their directories on the file server?
Remember that we’re not talking about legal questions here. A company may very well have the legal right to monitor everything an employee does with its computer equipment. We’re talking about the ethical aspects of having the ability to do so.
As a network administrator or security professional, you have rights and privileges that allow you to access most of the data on the systems on your network. You may even be able to access encrypted data if you have access to the recovery agent account. What you do with those abilities depend in part on your particular job duties (for example, if monitoring employee mail is a part of your official job description) and in part on your personal ethical beliefs about these issues.

Network Security

Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer networkand network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.


Attacks Against IPA number of attacks against IP are possible. Typically, these exploit the fact that IP does not perform a robust mechanism for authentication , which is proving that a packet came from where it claims it did. A packet simply claims to originate from a given address, and there isn't a way to be sure that the host that sent the packet is telling the truth. This isn't necessarily a weakness, per se , but it is an important point, because it means that the facility of host authentication has to be provided at a higher layer on the ISO/OSI Reference Model. Today, applications that require strong host authentication (such as cryptographic applications) do this at the application layer.
IP Spoofing.This is where one host claims to have the IP address of another. Since many systems (such as router access control lists) define which packets may and which packets may not pass based on the sender's IP address, this is a useful technique to an attacker: he can send packets to a host, perhaps causing it to take some sort of action.
IP Session Hijacking.
This is a relatively sophisticated attack, first described by Steve Bellovin. This is very dangerous, however, because there are now toolkits available in the underground community that allow otherwise unskilled bad-guy-wannabes to perpetrate this attack. IP Session Hijacking is an attack whereby a user's session is taken over, being in the control of the attacker. If the user was in the middle of email, the attacker is looking at the email, and then can execute any commands he wishes as the attacked user. The attacked user simply sees his session dropped, and may simply login again, perhaps not even noticing that the attacker is still logged in and doing things.


HTML


HTML is a language for describing web pages.

  • HTML stands for Hyper Text Markup Language
  • HTML is not a programming language, it is a markup language
  • A markup language is a set of markup tags
  • The purpose of the tags are to describe page content
HTML Documents = Web Pages
  • HTML documents describe web pages
  • HTML documents contain HTML tags and plain text
  • HTML documents are also called web pages

HyperText Markup Language (HTML) is the main markup language for displaying web pages and other information that can be displayed in an web browser.
HTML is written in the form of HTML elements consisting of tags enclosed in angle brackets (like <html>), within the web page content. HTML tags most commonly come in pairs like <h1> and </h1>, although some tags, known as empty elements, are unpaired, for example <img>. The first tag in a pair is the start tag, the second tag is the end tag (they are also called opening tags and closing tags). In between these tags web designers can add text, tags, comments and other types of text-based content.

The purpose of a web browser is to read HTML documents and compose them into visible or audible web pages. The browser does not display the HTML tags, but uses the tags to interpret the content of the page.
HTML elements form the building blocks of all websites. HTML allows images and objects to be embedded and can be used to create interactive forms. It provides a means to create structured documents by denoting structural semantics for text such as headings, paragraphs, lists, links, quotes and other items. It can embed scripts in languages such as JavaScript which affect the behavior of HTML web pages.

Web conference

Web conferencing refers to a service that allows conferencing events to be shared with remote locations. In general the service is made possible byInternet technologies, particularly on TCP/IP connections. The service allows real-time point-to-point communications as well as multicastcommunications from one sender to many receivers. It offers information of text-based messages, voice and video chat to be shared simultaneously, across geographically dispersed locations. Applications for web conferencing include meetings, training events, lectures, or short presentations from any computer

Web conferencing is a simpler form of video conferencing whereby participants sit at their own computers, and are connected to each other via the internet. It’s ideally designed for meetings and conferences involving a small number of people. The University supports the Adobe Connect web conferencing application. Users will need to provide their own webcam and headsets which can be attached to a PC or laptop.

Email and FTP


EMAIL
Electronic mail, commonly known as email or e-mail, is a method of exchanging digital messages from an author to one or more recipients. Modern email operates across the Internet or other computer networks. Some early email systems required that the author and the recipient both be online at the same time, in common with instant messaging. Today's email systems are based on a store-and-forward model. Email servers accept, forward, deliver and store messages. Neither the users nor their computers are required to be online simultaneously; they need connect only briefly, typically to an email server, for as long as it takes to send or receive messages.
An email message consists of three components, the message envelope, the message header, and the message body. The message header contains control information, including, minimally, an originator's email address and one or more recipient addresses. Usually descriptive information is also added, such as a subject header field and a message submission date/time stamp.
Originally a text-only (7-bit ASCII and others) communications medium, email was extended to carry multi-media content attachments, a process standardized inRFC 2045 through 2049. Collectively, these RFCs have come to be called Multipurpose Internet Mail Extensions (MIME).
Electronic mail predates the inception of the Internet, and was in fact a crucial tool in creating it,[2] but the history of modern, global Internet email services reaches back to the early ARPANET. Standards for encoding email messages were proposed as early as 1973 (RFC 561) Conversion from ARPANET to the Internet in the early 1980s produced the core of the current services. An email sent in the early 1970s looks quite similar to a basic text message sent on the Internet today.

FTP
File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host to another host over a TCP-based network, such as the Internet. It is often used to upload web pages and other documents from a private development machine to a public web-hosting server. FTP is built on a client-server architecture and uses separate control and data connections between the client and the server.[1] FTP users may authenticate themselves using a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that hides (encrypts) the username and password, and encrypts the content, SSH File Transfer Protocol may be used.

The first FTP client applications were interactive command-line tools, implementing standard commands and syntax. Graphical user interfaces have since been developed for many of the popular desktop operating systems in use today,[2][3] including general web design programs like Microsoft Expression Web, and specialist FTP clients such as CuteFTP.

Web Searching and Web Resource Evaluation

What is web browser?

A web browser is a software application that enables a user to display and interact with text, images, and other information typically located on a web page at a website on the World Wide Web or a local area network. It is a software that gives a user access to the World Wide Web. Web browsers often provide a graphical interface that lets users click buttons, icons, and menu options to view and navigate Web pages..

Web tools: Search Engine

A search engine is a computer program that does the following:
1. allows user to submit a query that consists of a word / phrase
2. searches the database
3. returns a list (hits) that may consist of web pages, images, information and other types of files which match the query
4. allows user to revise and resubmit query

Computer software program designed to help users of the Internet locate information on the World Wide Web. It collects and indexes Internet resources ( Web pages, Usenet Newsgroups, programs, images, etc. ) and provides a keyword search system allowing the user to identify and retrieve resources. There are many search engines available and each is different in their scope, search protocols, and appearance.
Some common search engines are: Alta Vista, Google, Yahoo, Excite, Lycos, and HotBot.



Criteria for Internet Resource Evaluation

Students need to learn to evaluate the quality of information they find on the web as well as other information resources such as books, magazines, CD-ROM, and television. Ask students to be skeptical of everything they find. Encourage them to compare and contrast different information resources. Consider the following ideas:

Authority. Who says? Know the author.
  • Who created this information and why?
  • Do you recognize this author or their work?
  • What knowledge or skills do they have in the area?
  • Is he or she stating fact or opinion?
  • What else has this author written?
  • Does the author acknowledge other viewpoints and theories?
Objectivity. Is the information biased? Think about perspective.

  • Is the information objective or subjective?
  • Is it full of fact or opinion?
  • Does it reflect bias? How?
  • How does the sponsorship impact the perspective of the information?
  • Are a balance of perspectives represented?
  • Could the information be meant as humorous, a parody, or satire?
Authenticity. Is the information authentic? Know the source.

  • Where does the information originate?
  • Is the information from an established organization?
  • Has the information been reviewed by others to insure accuracy?
  • Is this a primary source or secondary source of information?
  • Are original sources clear and documented?
  • Is a bibliography provided citing the sources used?
Reliability. Is this information accurate? Consider the origin of the information.

  • Are the sources truth worthy? How do you know?
  • Who is sponsoring this publication?
  • Does the information come from a school, business, or company site?
  • What's the purpose of the information resource: to inform, instruct, persuade, sell? Does this matter?
  • What's their motive?
Timeliness. Is the information current? Consider the currency and timeliness of the information.

  • Does the page provide information about timeliness such as specific dates of information?
  • Does currency of information matter with your particular topic?
  • How current are the sources or links?
Relevance. Is the information helpful? Think about whether you need this information.

  • Does the information contain the breadth and depth needed?
  • Is the information written in a form that is useable (i.e. reading level, technical level)?
  • Is the information in a form that is useful such as words, pictures, charts, sounds, or video?
  • Do the facts contribute something new or add to your knowledge of the subject?
  • Will this information be useful to your project?
Efficiency. Is this information worth the effort? Think about the organization and speed of information access.

  • Is the information well-organized including a table of contents, index, menu, and other easy-to-follow tools for navigation?
  • Is the information presented in a way that is easy to use (i.e., fonts, graphics, headings)?
  • Is the information quick to access?