In recent months, the keyword for companies and IT professionals is this: “cybersecurity”.
But what do we mean by cybersecurity? Let’s take a step back: it ran the year 1985 and Apple went out with its flagship model MAC SE, an all-in-one monster as we would say today with as many as 2 drive 800kb and a microprocessor MC68000 on board capable of working at the powerful frequency of 16Mhz with 8 bit bus and CRT screen in grayscale. Connectivity: Keyboard, Mouse and some auxiliary for centronics printers and external color monitors. No wi fi, no LAN and no bluetooth. everything was done locally and .. if you had to do a program there were no github or source sharing where the community came in handy: all the code, often in assembler or cobol had to be inserted locally.
Only an external modem, an adapter that transformed the bits of a serial port into tone sequences made them compatible with the transmission systems for the voice, could connect to the external node, to the powerful 1200bps or 1.2Kbps or 0.0012Mbps to exchange messages and information mainly textual, with a unique way of identifying: the famous “Login”
Substantial difference with today’s world: then the connection was point-point to today instead we are part of the network, or if before there was the provider to ensure access to the network, today the provider in most cases is limited to open the door and to assign you a public ip that is, make you part of the WAN.
Did I run too much? Let’s see it simpler: broadly we assimilate the internet world to a big city that we call WAN the inhabitants call them HOST, the streets we call NETWORK or NETWORK, the round ones we call SWITCH, the postmen we call ROUTER and the police that watches over the thefts we call it FIREWALL We will call the mailboxes END POINT or NODE
Here at this point we put our beautiful little package that Riccardo wants to send to Mark who lives on the other side of the street. here is this package we call it IP Packet
Like any self-respecting package, the IP packet must have the content inside it and out the indications on the sender that we will call SOURCE and the recipient we will call DEST. You will not miss the zip code we will call SUBNET. We also insert a warranty seal that we will call CHECKSUM which guarantees the security that nobody opens the package.
Now imagine the path of the package using the terms just assigned: Riccardo after completing the IP package with SOURCE, DEST and CHECKSUM puts it in a NODE. The NETWORK composed of ROUTER reads the sender and destination information and will forward the package to the final post office (ROUTER) by reading the contents of the SUBNET and comparing it with its own: if the number does not match the package will be sent back to the network without being touched . Only when the IP of DEST will be equal to that of the final node will be opened, controlled the CHECKSUM and removed from the NETWORK.
Okay, I do not want to explain all the internet in 4 lines but the goal is to simplify: Imagine that an attacker wants to steal your mail package: what are the most sensitive points? Surely departure and arrival because in the network everything goes alone you will think, right? error! Imagine that in the city an attacker puts a street and a street equal to yours, but false and the unaware courier delivers to him instead of you: here you have just suffered a SPOOFING or your package containing important data is finished by another without you realize it.
Imagine instead that you have a close curiosone and opens the packages in your mailbox before you can receive them to know what you buy: this is the SNIFFING. You say: hey but I put the warranty seal! But your neighbor has access to the TCP IP protocol and can put the seal back on without you realizing it …
There are many similarities between the postal world and the internet world, and just like the goods, the data are values and we need to protect them. And every point in the city can be a potential vulnerable point to lose information (LEAK). I tell you the last two that I like very much when I explain it, the DoS or the Denial of service attack and the Buffer Overflow:
Imagine that your mailbox is full and you do not have time to empty it that fills up again, and you do not have time to read all the letters received: If you are an office it is obvious that you will not be able to answer all the requests so you will have your employees who work at full strength with an almost final result and a “hiccup” operation. Here this is a DoS attack or send thousands of packets at the same time to the usual address.
Imagine instead of receiving a package that is slightly smaller than the hole in your letters: the postman inserts it but then nothing will come in until you remove it, and all incoming mail will be sent back to the sender: here you have a BUFFER OVERFLOW attack.
Who saves you from this security pandemonium? the FIREWALL, first of all, monitoring the transport of the packages, the PROVIDERS that protect the NODES with anti-intrusion systems, and the CIFRATURES that make the data only be decrypted to those who know the key. And on our HOST or us, how can we defend ourselves against the bad guys (MALICIOUS) who want to access our information?
A good security starts from the knowledge of the enemy: consult with your trusted computer to know the most common attacks, often few and right measures of CYBERSECURITY to avoid irreversible damage and continue to use the services of NETWORKING in security.