Here are the 15 most common types of Internet security issues or web security problems and

some relevant steps you can take to protect yourself, your data, and your business.
1. Ransomware Attack
2. Code Injection (Remote Code Execution)
3. Cross-Site Scripting (XSS) Attack
4. Data Breach
5. Malware and Virus Infection
6. DDoS Attack
7. Credential Stuffing Attack
8. Brute Force Attack
9. Weak Passwords and Authentication Issues
10. Social Engineering
11. SPAM and Phishing
12. Insider Threat
13. Sensitive Data Leak
14. No Backups
15. Not Updating or Patching Regularly
Unfortunately, many business owners are profoundly unaware of the weaknesses and
vulnerabilities that exist within their business. The good news is, with your help, and a proactive
approach, you can work together to close most of those exploitable openings.

Working with Business Owners

The first step in protecting a business is recognizing key areas of weakness, and convincing the
business owner to take action. Many business owners have blind spots when it comes to
cybersecurity because they lack experience or deep familiarity with the subject.
 
That’s why many small businesses turn to working with an outside cybersecurity company or
consultant for this process. Cybersecurity experts will be able to quickly and easily assess the
situation, and will not only provide advice on what to do next—in many cases, they’ll actually do
it.

The Most Common Cybersecurity Weaknesses

So, what are the most common cybersecurity weaknesses faced by businesses?
Cybersecurity professionals should work with business owners to address the following, at
minimum:
1. Lack of a high-level strategy. Many businesses, especially new and small ones, simply
lack a high-level strategy for their cybersecurity needs. They don’t have any security
infrastructure in place, either because they don’t take the topic seriously or because they
deem it a comparatively low priority. However, this high-level strategy that sets the
course for your main security priorities and your general approach to preventing and
mitigating attacks is vital for success.
2. Unsecured networks. If the network isn’t secured, it’s trivially easy for nefarious parties
to gain access to your system. And once they’ve infiltrated the network, they can gain
access to practically all devices and systems connected to that network. This is a simple
 step to take, but it’s one that many business owners still neglect. It’s also a great
opportunity to demonstrate your expertise.
3. Unsecured communication channels. If the business is regularly exchanging sensitive
data, it’s also important to incorporate secure communication channels. For example, you
might invest in an encrypted, secure email platform that you use to communicate directly
with clients. Or you might establish protocols for using multifactor authentication when
sending certain types of messages.
4. Unknown bugs. Sometimes, a bug or flaw in a given app can be responsible for giving
cybercriminals an easy backdoor to your accounts. This could be an aspect of software
you’re using from a third party, or it could be a flaw in the API that connects two
different apps together. It’s impossible to prevent or detect all bugs, but you can improve
your security by proactively scanning for bugs when possible, and vetting your vendors
carefully before choosing them for your applications.
5. Outdated systems. Fortunately, most software developers and hardware manufacturers
are constantly on the lookout for security threats that could hurt their users. When they
find a problem, they issue a patch to eliminate that problem—but to make use of this
patch, you have to update your hardware or software. If the business is using outdated
systems because it isn’t updating regularly, the business could be at risk.
6. Lack of monitoring. Do you know what kind of traffic you’re seeing? Do you know the
hallmarks of an attack like a distributed denial of service (DDoS) attack, or a ransomware
attack? Would you be capable of identifying an attack in progress, and responding
accordingly? Without proper monitoring and alert systems in place, the business will be
vulnerable to these types of attacks.
7. IoT and multiple connection points. Many businesses are leveraging the power of the
Internet of Things (IoT), with multiple connection points on a single network. While this
is often associated with higher efficiency or productivity, it also means more points of
vulnerability.
8. Untrained employees. Close to 90 percent of data breaches are caused by human error.
Instead of some ultra-skilled hacker brute-forcing his way into your system, an employee
volunteers his password after getting duped, providing an opportunist an easy way to gain
access to the business’s data. That’s why untrained employees are one of your biggest
vulnerabilities. It’s vital to train employees on best practices in cybersecurity, like
teaching them to use strong passwords, helping them identify different types of attacks,
and giving them instructions on how and when to use networks that aren’t theirs. It’s also
important to retrain employees regularly, and make sure they’ve retained this
information. All it takes is one slip from one person to jeopardize the health of the entire
company.
There’s no way to protect a business against every variety of cyberattack or hack, but even the
most rudimentary security strategies can help a small business—denying opportunists the low-
hanging fruit. Talk to your employer to make sure they understand the true importance of
cybersecurity, and work with them to guard against these most important vulnerabilities.
As a result of this weakness it is possible to impersonate secure websites and email servers and
to perform virtually undetectable phishing attacks, implying that visiting secure websites is not
as safe as it should be and is believed to be. By presenting their results at the 25C3 security
congress in Berlin on the 30th of December, the experts hope to increase the adoption of more
secure cryptographic standards on the Internet and therewith increase the safety of the internet.
When you visit a website whose URL starts with "https", a small padlock symbol appears in the
browser window. This indicates that the website is secured using a digital certificate issued by
one of a few trusted Certification Authorities (CAs). To ensure that the digital certificate is
legitimate, the browser verifies its signature using standard cryptographic algorithms. The team
of researchers has discovered that one of these algorithms, known as MD5, can be misused.
The first significant weakness in the MD5 algorithm was presented in 2004 at the annual
cryptology conference "Crypto" by a team of Chinese researchers. They had managed to pull off
a so-called "collision attack" and were able to create two different messages with the same digital
signature. While this initial construction was severely limited, a much stronger collision
construction was announced by the researchers from CWI, EPFL and TU/e in May 2007. Their
method showed that it was possible to have almost complete freedom in the choice of both
messages. The team of researchers has now discovered that it is possible to create a rogue
certification authority (CA) that is trusted by all major web browsers by using an advanced
implementation of the collision construction and a cluster of more than 200 commercially
available game consoles.
The team of researchers has thus managed to demonstrate that a critical part of the Internet's
infrastructure is not safe. A rogue CA, in combination with known weaknesses in the DNS
(Domain Name System) protocol, can open the door for virtually undetectable phishing attacks.
For example, without being aware of it, users could be redirected to malicious sites that appear
exactly the same as the trusted banking or e-commerce websites they believe to be visiting. The
web browser could then receive a forged certificate that will be erroneously trusted, and users'
passwords and other private data can fall in the wrong hands. Besides secure websites and email
servers, the weakness also affects other commonly used software.
What is the data link layer?

The data link layer is the protocol layer in a program that handles the moving of data into and out
of a physical link in a network. The data link layer is Layer 2 in the Open Systems
Interconnection (OSI) architecture model for a set of telecommunication protocols.
Data bits are encoded, decoded and organized in the data link layer, before they are transported
as frames between two adjacent nodes on the same LAN or WAN. The data link layer also
determines how devices recover from collisions that may occur when nodes attempt to send
frames at the same time.
The data link layer has two sublayers: the logical link control (LLC) sublayer and the media
access control (MAC) sublayer.
As described by the IEEE 802 LAN specification, the role of the LLC sublayer is to control data
flow among various applications and services, as well as provide acknowledgement and error
notification mechanisms. The LLC sublayer can then talk to a number of IEEE 802 MAC
sublayers, which control access to the physical media for transport. It is also responsible for the
physical addressing of frames.

Two common MAC layer types include Ethernet and 802.11 wireless specifications.
Functions of the data link layer
The data link layer has three main functions:

1. It handles problems that occur as a result of bit transmission errors.

2. It ensures data flows at a pace that doesn't overwhelm sending and receiving devices.
3. It permits the transmission of data to Layer 3, the network layer, where it is addressed
and routed.
Data link layer and error detection

The data link layer ensures an initial connection has been set up, divides output data into data
frames and handles the acknowledgements from a receiver that the data arrived successfully. It
also ensures incoming data has been received successfully by analyzing bit patterns at special
places in the frames.

If an error occurs, the data link layer notifies higher-level protocols that something has happened
to the physical link. Frame sequencing capabilities within the data link layer permit the receiving
device to reorder frames that might have been transmitted out of sequence. The data link layer
verifies the packet is unimpaired.

The data link layer also manages flows by enabling devices on a link to detect congestion.
Nearby devices then transmit congestion information, so traffic can be rerouted accordingly.
The data link layer in action
You may be imagining that the data link layer on one device communicates directly with the data
link layer on another device. However, the connection is via the physical media.
 The network layer in one device wants to send some data to the network layer in another
device, across some type of connection.

 On the sending device, the network layer passes the data to the appropriate data link
layer. This layer encapsulates the data to create a frame, and passes the frame to the
media.
 The final part of the data link layer converts the bits of the frames into the electrical,
wireless, or optical signals that are sent along the link medium.
 When the frame is received, the receiving device’s data link layer decapsulates the data
from the frame and passes it up to the receiver’s network layer.
We say that the data link layer is providing a service to the network layer by transporting its
data in frames across the link.
TCP/IP stands for Transmission Control Protocol/ Internet Protocol. It is a set of
conventions or rules and methods that are used to interconnect network devices on the Internet.
The internet protocol suite is commonly known as TCP/IP, as the foundational protocols in the
suite are Transmission Control Protocol and Internet Protocol.
It chooses how the information will be traded over the web through end-to-end communications
that incorporate how the information ought to be organized into bundles (bundles of data),
addressed, sent, and received at the goal.
This communication protocol can also be utilized to interconnect organize devices in a private
network such as an intranet or an extranet.
History of TCP/IP:
The Defense Advanced Research Projects Office (DARPA), the investigation department of the
U.S. Department of Defense, made the TCP/IP shown in the 1970s for utilization in ARPANET,
a wide zone organize that gone before the web.
TCP/IP was initially planned for the Unix working framework, and it has been built into all of
the working frameworks that came after it.
Characteristics of TCP/IP:
 Share Data Transfer: The TCP allows applications to create channels of
communications across a network. It also permits a message to be separated into smaller
packets before they are transmitted over the web and after that collected in the right order
at the destination address. So, it guarantees the solid transmission of data across the
channel.
 Internet Protocol: The IP address tells the packets the address and route so that they
reach the proper destination. It includes a strategy that empowers portal computers on the
internet-connected to arrange forward the message after checking the IP address.
 Reliability: The most vital feature of TCP is solid data delivery. In arrange to supply
unwavering quality, TCP must recover information that’s harmed, misplaced, copied, or
conveyed out of arranging by the Arrange Layer.
 Multiplexing: Multiplexing can be achieved through the number of ports.
 Connections: Before application forms can send information by utilizing TCP, the
devices must set up a connection. The associations are made between the harbor numbers
of the sender and the collector devices.
TCP/IP Layers
 Application Layer An application layer is the topmost layer within the TCP/IP model.
When one application layer protocol needs to communicate with another application
layer, it forwards its information to the transport layer.
 Transport Layer It is responsible for the reliability, flow control, and correction of data
that is being sent over the network. There are two protocols used in this layer are User
Datagram Protocol and Transmission control protocol.
 Internet/Network Layer It is the third layer of the TCP/IP Model and also known as the
Network layer. The main responsibility of this layer is to send the packets from any
network, and they arrive at the goal irrespective of the route they take.
  Network Access Layer It is the lowest layer of the TCP/IP Model. It is the combination
of the Physical Layer and the Data link layer which present in the OSI Model. Its main
responsibility is to the transmission of information over the same network between two
devices.
How TCP/ IP works?
 TCP/IP employs the client-server demonstration of communication in which a client or
machine (a client) is given a benefit (like sending a webpage) by another computer (a
server) within the network.
 Collectively, the TCP/IP suite of conventions is classified as stateless, which suggests
each client request is considered new since it is irrelevant to past requests. Being stateless
liberates up network paths so they can be utilized continuously.
 The transport layer itself, is stateful. It transmits a single message, and its connection
remains open until all the packets in a message have been received and reassembled at
the destination.
 The TCP/IP model differs from the seven-layer Open System Interconnection (OSI)
model designed after it.
Application/Uses of TCP/IP
Some Real-Time Applications are:
 Simple Mail Transfer Protocol(SMTP): It helps to send email to another email address.
 File Transfer Protocol(FTP): It is used for sending large files.
 Dynamic Host Configure Protocol(DHCP): It assigns the IP address.
 Telnet: Bi-directional text communication via a terminal application.
 HyperText Transfer Protocol(HTTP): Used to transfer the web pages.
 Domain Name System(DNS): It translates the website name to IP addresses.
 Simple Network Time Protocol(SNTP): It provides the time of a day to the network
devices.
Benefits of TCP/IP
 It is an industry–standard demonstrate that can be viably deployed in commonsense
organizing problems.
 It is interoperable, i.e., it permits cross-platform communications among heterogeneous
networks.
 It is an open convention suite. It isn’t claimed by any specific established and so can be
utilized by any individual or organization.
 It may be versatile, client-server engineering. This permits systems to be included
without disturbing the current services.
 It allots an IP address to each computer on the organize, hence making each device to
be identifiable over the arrange. It allots each location a space title. It gives the title and
addresses determination administrations.
Challenges of TCP/IP:
 It is not generic in nature. So, it comes up short to represent any protocol stack other
than the TCP/IP suite. For the case, it cannot depict the Bluetooth connection.
  It does not clearly isolate the concepts of services, interfacing, and protocols. So, it isn’t
appropriate to portray unused advances in modern networks.
 It does not recognize between the data link and the physical layers, which has
exceptionally distinctive functionalities.
 The information interface layer ought to concern with the transmission of outlines. On
the other hand, the physical layer ought to lay down the physical characteristics of the
transmission.
 In this, model the transport layer does not guarantee delivery of packets.

Packet Filter Firewall and Application Level Gateway

No one can deny the fact that the dynamic rise of the Internet has brought the world closer. But
at the same time, it has left us with different kinds of security threats. To ensure the
confidentiality and integrity of valuable information of a corporate network from outside attacks,
we must have some robust mechanism. This is where the Firewall comes into the picture. 

It can be compared with a security guard standing at the entrance of a minister’s home. He keeps
an eye on everyone and physically checks every person who wishes to enter the house. It won’t
allow a person to enter if he/she is carrying a harmful object like a knife, gun, etc. Similarly,
even if the person doesn’t possess any banned object but appears suspicious, the guard can still
prevent that person’s entry. 
The firewall acts as a guard. It guards a corporate network acting as a shield between the inside
network and the outside world. All the traffic in either direction must pass through the firewall. It
then decides whether the traffic is allowed to flow or not. The firewall can be implemented as
hardware and software, or a combination of both. 

 
Packet Filters –

Packet filter firewall

 It works in the network layer of the OSI Model. It applies a set of rules (based on the
contents of IP and transport header fields) on each packet and based on the outcome,
decides to either forward or discard the packet.
 Packet filter firewall controls access to packets on the basis of packet source and
destination address or specific transport protocol type. It is done at the OSI (Open
Systems Interconnection) data link, network, and transport layers. Packet filter firewall
works on the network layer of the OSI model.
 Packet filters consider only the most basic attributes of each packet, and they don’t need
to remember anything about the traffic since each packet is examined in isolation. For
this reason, they can decide packet flow very quickly.
 Example: Filter can be set to block all UDP segments and all Telnet connections. This
type of configuration prevents outsiders from logging onto internal hosts using Telnet and
insider from logging onto external hosts using Telnet connections.
Application Gateways –

Application level gateway

 Application-level gateway is also called a bastion host. It operates at the application
level. Multiple application gateways can run on the same host but each gateway is a
separate server with its own processes.
 These firewalls, also known as application proxies, provide the most secure type of data
connection because they can examine every layer of the communication, including the
application data.
 Example: Consider FTP service. The FTP commands like getting the file, putting the file,
listing files, and positioning the process at a particular point in a directory tree. Some
system admin blocks put command but permits get command, list only certain files, or
prohibit changing out of a particular directory. The proxy server would simulate both
sides of this protocol exchange. For example, the proxy might accept get commands and
reject put commands.
It works as follows:
Step-1: User contacts the application gateway using a TCP/IP application such as HTTP.  
Step-2: The application gateway asks about the remote host with which the user wants to
establish a connection. It also asks for the user id and password that is required to access the
services of the application gateway.  
Step-3: After verifying the authenticity of the user, the application gateway accesses the remote
host on behalf of the user to deliver the packets.
Difference :
Packet filter Application-level
Simplest Even more complex
Screens based on connection rules Screens based on behaviour or proxies
Auditing is difficult Activity can audit
Low impact on network performance High impact on network performance
Network topology can not hide Network topology can hide from the attacker
Packet filter Application-level

Transparent to user Not transparent to the user

See only addresses and service protocol type Sees full data portion of a packet
 
A packet filtering firewall is a network security feature that regulates the flow of incoming and
outgoing network data. Each packet containing user data and control information is examined
and tested by the firewall using a set of pre-defined rules. If the packet passes the test, the
firewall allows it to proceed to its destination. Those who fail the test are disqualified. Firewalls
inspect packets by looking at rule sets, protocols, ports, and destination addresses.
How does Packet Filtering Firewall work?
Packets are structured data units. Because they divide communications into small bits and
transport them independently across the network, these networks are fault-tolerant.
In order to display accurate information, packages are reordered after passing through the
firewall and arriving at their destination.
Packet switching, when done correctly, increases network channel capacity and decreases
transmission delay and communication efficiency. Packets include two essential components:
 Data is directed to the correct location using packet headers. They include internet
protocol (IP) elements, addressing, and any other data needed to deliver packets to their
destination.
 The user data contained within the packet is referred to as the payload. This is the data
that is trying to get somewhere.
Packet filtering firewalls allow or deny network packets based on the following criteria:
 The source IP address is where the packet is being sent from.
 The packet’s address is the destination IP address.
 Protocols: Protocols include data transfer protocols such as session and application
protocols (TCP, UDP, ICMP).
 Ports include source and destination ports, as well as ICMP types and codes.
 Flags include TCP header flags such as whether the packet is a connect request.
 The physical interface (NIC) that the packet is passing through (incoming or outgoing).
What Are the Various Types of Packet Filtering Firewalls?
There are four types of packet filtering:
 Dynamic packet filtering
 Static packet filtering
 Stateless packet filtering
 Stateful packet filtering
Example of Packet Filtering Firewalls
Packet filters examine each TCP/IP packet, looking at the source and destination IP and port
addresses. You can create rules that allow only known and established IP addresses while
blocking all unknown or unknown IP addresses.
Denying outsiders access to port 80, for example, would prevent all outside access to the HTTP
server, because most HTTP servers run on port 80. You can also configure your firewall to allow
only packets intended for your mail or web server while rejecting all others.