Industrial Security: An Introduction to the Internet
Talk Presented: Oct. 3, 1996
Ernest von Rosen (ernest@amgmedia.com)
website: http://www.amgmedia.com



map

Source: Internet Info Society
http://info.isoc.org/infosvc/

mpeg of Sept. 30, 1996
alternate pic

Source: Matrix Information and Directory Services, Inc. (MIDS)
http://www.mids.org/index.html


Starting on the Internet
http://www.screen.com/
understand/start.nclk


Introduction to the Internet
http://www.sils.umich.edu/
~fprefect/inet/intro.html


The Basics: A review

Before we jump and surf on the World Wide Web (WWW) we'll take a quick look at the building blocks that build the Internet as a whole and the multi-media component called the "Web".

the Internet: a network of computers

  • Built over 20 years ago by the academic and defense industries to allow for network communication independent of a central mainframe
  • Cross-platform communication: talk between Mac, PC, Unix and others
  • Language to "talk" called TCP/IP, information is passed through "routers" over a "backbone"
  • Internet is now global in nature, spans the globe
  • Access is through an Internet Service Provider (ISP) through a modem connection
  • Bandwidth, the size of the "pipe", determines access speed (14.4K, 28.8K modem, ISDN, T1)
  • Cost of access depends on bandwidth-average Vancouver cost $20/month
  • Nobody owns the Internet, no one organization of "president" of the Internet
  • The Internet is not a closed "BBS" type service like CompuServe or America Online (AOL)

Domains: your electronic Real Estate

  • the Internet is split up into virtual Real Estate sections called "domains"
  • top level domains include ".com", ".edu", ".gov", ".net", ".org"
  • domains assist in the routing of information, used in both your email address and web address (URL). Eg: ernest@amgmedia.com for email; www.amgmedia.com for URL
  • anyone can register their own sub-level domain with the central registry called INTERNIC
  • strategic and marketing advantage to registering domains. Eg. Chocolate.com, security.com


Eudora Tips and Tricks
http://www.makinwaves.com/eudora/


Email: sending messages

  • Send messages to anyone, around the world, on the Internet for the price of your local phone call
  • Message composed in simple text, or ASCII format
  • Allows for pictures, sound files, multimedia, etc. sent as binary attachments
  • Messages follow a "store and forward" model (DEMONSTRATION)
  • One message can be received by several by using mass emailing (often called Spamming if done incorrectly)
  • Messages improve communication, cost virtually nothing, are fast, can be used as a "to do list", work between companies


the W3C Consortium
http://www.w3.org/pub/WWW/


the origins of the World Wide Web
http://www.seas.upenn.edu/
~lzeltser/WWW/


Beginer's Guide to the Internet
http://www.ncsa.uiuc.edu/General/
Internet/WWW/HTMLPrimer.html


Web Development Guide
http://www-slis.lib.indiana.edu/
Internet/programmer-page.html


Get the latest versions now..
netscape now!

internet explorer

the World Wide Web: multimedia resources

  • World Wide Web arose from the need to cross-index publicly available files on computers called "servers"
  • By clicking on a "hyper-text link" the viewer would be electronically directed to the appropriate computer with the necessary file. Originally text only.
  • Pages are built using a markup language called "HTML"
  • Mosaic allowed viewers, or "clients" to view files in a richer multi-media environment. Point and click with the mouse, see both pictures and text.
  • Browsers evolved including the two most popular: Netscape and now Microsoft Explorer
  • Growth of the Web Exponential as people find it easier to create their own homepages and find readily available servers to post their material
  • Web has become richer in multi-media to support movie files, sound bytes, text, pictures, etc.
  • Backend programming, CGI scripts, allow for a more dynamic environment
  • Java and ActiveX components are software pieces that are fully transportable and perform specific actions on the clients computer (again for a richer experience)


a sample newsgroup
sci.crypt.research


security
alt.security


security
comp.security.misc


security
alt.hacker


Newsgroups: ongoing discussions

  • USENET news is a collaborative discussion which is posted around the world
  • Computer servers pass latest information and notes, or "threads" to develop ongoing discussions
  • Over 18,000 different topics available-everything from soup to nuts
  • A newsreader lets you read and post messages to the USENET newsgroups
  • Newsgroups provide unique communities of shared interests or viewpoints, often provide solutions to hard-to-find answers
  • Best place to look is for the Frequently Asked Questions (FAQs)
. Now That You Are A Qualified Surfer

Understanding the concepts behind the web allows you to more effectively use the 'Net as a tool for your communication and information research needs.

Finding your way around on the Web

  • The dynamic and easily accessible nature of the web quickly allowed for the development of both directories and search engines
  • Caveat: when you find something on the Internet you assume the reliability and integrity of the source and provider of the information


Yahoo: Industrial Security
http://www.yahoo.com/
Business_and_Economy/Companies/
Security/


Directories
  • The greatest directory, with popular historical significance, is YAHOO
  • Allows for access to links from both topic levels and key word searches
  • Many individuals started their own pages of links establishing a Web reputation of having the best list of bookmarks relating to a particular subject
  • The sharing of links quickly became a manner of generating traffic to a particular website


Digital's Alta Vista
http://www.altavista.digital.com


Concept based searching: Excite
http://www.excite.com


Infoseek
http://www.infoseek.com


OpenText
http://www.opentext.com


For Newsgroups: DejaNews
http://www.dejanews.com


Search Engines
  • Search Engines are either humans or software code ("knowbots" "spiders") which seek out new websites on the web and develop an index of them locally on a server
  • Users on the Internet can then access the search engine and query it using keywords or concepts
  • The battle of the search engines quickly became an exercise of more, bigger and faster machines
  • The best place to start when looking for information on the Internet

Talking securely: Encryption

  • Communication over the Internet is "unsecured" for the most part
  • Largest threat to email is where it is stored on the server waiting for you to pick it up
  • Catching email in transit is a much greater feat (less of a problem)
  • Confidential information should be passed in an encrypted format
  • Issues surrounding the export of encryption from the United States
  • Sources: RSA, Netscape, etc.
.

Moving Money: Secure Commerce Transactions

  • Issue of transmitting credit card information from the client (browser) to the server
  • Netscape initiated the Secure Server Transaction (key on the bottom left of the screen)
  • Information passes in an encrypted format to the server
  • Still the issue of storing information securely on the server after the transaction has been completed
  • Cybercash, cybercheque, digital money, all have far reaching consequences once the flow of money has been installed on the 'Net
How the Security Professional Can Benefit From the Web

The Industrial Security Expert can use the Internet and the World Wide Web to communicate, source information, advertise, collaborate, facilitate transactions, provide customer support 24 hours a day, 7 days a week to a global audience at minimal comparable cost



American Society for Industrial Security
http://www.asisonline.org/


Canadian Society for Industrial Security
http://fox.nstn.ca/~csis/


The Commercial and Industrial Security Corporation
http://www.tdb.gov.sg/
singbiz/c/sb_c4.html


National Industrial Security Program Operating Manual (NISPOM)
http://www.tscm.com/Nispom.html


American Society for Industrial Security BBS
http://www.sun.ac.za/local/
admin/asis/bbs/
msgs.html


Sigma Group International
http://chelsea.ios.com/~glenz/
index.html#menu


Lethbridge course on retail and industrial security
http://www.lethbridgec.ab.ca/
02/prog_ris.html


The Freedonia Group - Security, Electronics & Communications
http://www.freedoniagroup.com/
secure.htm


Finding Information

  • On who else in your industry is on the web (www.yahoo.com)
  • On support organizations (www.altavista.digital.com, www.infoseek.com, www.excite.com)
  • Industry Bulletins (listserves)
  • Potential customers (www.dejanews.com)
  • Your competition (search engines)
  • Supplies and Sources (search engines)
  • What they are saying about you (www.dejanews.com)
  • Investigative Resources (list of names, addresses, phone numbers, etc.)

Communicating with colleagues

  • A listserve is a mailing list dedicated to specific topics.
  • Can be both moderated and unmoderated
  • "Subscribe" to a listserve

Communicating with clients

  • Communicate with your clients on an ongoing basis or provide resources on the Web
  • An exercise in building "community" and "support"
  • Best way to attract and keep your customers
email lists
  • Start up an electronic newsletter for your customers and watch it grow
  • Provide timely information in small news "bytes" with links to supporting online documents
  • Great method for generating and renewing visitors to your site
Websites
  • Provide an online catalogue of your products and services
  • Make your customer feel "at home" and allow them to communicate to others via your site
  • Information should be up to date (weather reports, political situations, consular advice)
  • Support documents and resources can be downloaded from the site
integrating communications systems
  • Internet allows you to integrate with your clients communications systems: i.e. Lotus Notes


Spies Like Us (CDN)
http://www.ads-online.on.ca/spy/


Surveillance and Security Items
http://www.getset.com/
abbys/spy-vs-spy/


http://spy-vs-spy.com/


Corporate Investigative Services
http://www.hsv.tis.net/
~pvteye/source.html


http://www.hsv.tis.net/
~pvteye/text.html


ELECTRONIC SURVEILLANCE
http://www.enter.net/
~eavesdrper/


Security / Hacking Links
http://cutter.sincom.com/
~waldo/security.html


Resource Sourcing

  • Engineers and contractors can find supplies and materials online
  • Eg: security equipment

Investigation

  • Publicly available databases, names, numbers, locations, photos, etc.
The Next Steps
  • Now that you are ready to put your business online, start with the following steps

Register domains

  • Protect your name and strategic investment, register your domain(s)
  • Cost approx. $150, name must be registered with a server and INTERNIC
  • INTERNIC charges approx. $50US per year
  • A thriving industry exists where others register domains knowing their strategic value
  • Domains allow for a complete integration of your email and website
  • Multiple email boxes off the same domain for an entire company

Get an Internet Account

  • Get an account with an Access Provider (ISP)
  • Cost approx. $20/month
  • Requires a Mac (LC475 or higher) or PC (486 or higher) and a modem
  • Dedicated or shared line (fax or data line within offices)

Surf and Play on the Web

  • Become comfortable with the Web
  • Send email
  • Participate in discussions, IRC chat, etc.
  • Try out newer technologies to appreciate speed, bandwidth and the present limitations on the technology
  • Visit competitors sites to see what they do well and how you would improve on it

Make Contact and Communicate

  • Establish ongoing online relationships with customers and colleagues
  • Learn to deal with "information overload"

Build a Presence