The goal of this chapter has been to give you an overview of the Internet, how it works, who administers it, and why it is inherently insecure. It should be clear that the Internet, although now a fully commercial entity, is still a community comprised of many ISPs, enterprise networks, and home users, all tied together by a collection of consensus-led management organizations, technical protocols, and a few large but critical services (such as domain name servers). Tremendous advances in technologies such as fiber optics, data storage systems, and desktop computing have allowed new and exciting applications such as e-shopping, chat, multimedia conferencing, streaming video, online gaming, and file sharing to touch the daily lives of the everyday person. However, in the end, all of these advances still utilize the same inherently insecure TCP/IP infrastructure developed in the late 1970s and early 1980s.
Fortunately, the same innovation (and desire to see the Internet be used commercially) has led to a whole industry whose purpose is to enable users to inhabit the electronic world of the Internet with a comfortable level of assurance that the information that they want to keep private can stay private. Technologies and products such as firewalls, virtual private networks, virus scanners, intrusion-detection systems, and authentication systems are all important tools that can be utilized by organizations to help secure their resources. However, security requires more than block boxes and new software. Users must be "street smart" and educated about the things they can do to prevent security compromises. Similarly, organizations should consider information security to be a critical issue and should ensure that it is considered in business planning and investments.
The remainder of this book focuses on providing you with three things:
An appreciation for the kinds of threats that are prevalent on the Internet, with a focus on the mind-set and approach used by attackers rather than a laundry list of the exploits of the day
Insight into the technical details of critical components in your network, and practical tips for securing those components
An understanding of security-specific products that can be used to significantly increase the security posture of a network