Wrote Ing. Karel Perutka, Ph.D. – Faculty of Applied Informatics, Tomas Bata University in Zlin, e-mail: KPerutka@fai.utb.cz

1. INTRODUCTION
Security problems, including spam and malware, plague the Internet to the point of distracting from productive use of the network. [12] Internet security problems broadly speaking fall into two categories: insecure implementation of servers or clients (application layer) and insecure network protocols (lower layers). [6] The critical reality on the Internet is that insecure applications become available much faster than security solutions. Actively using the Internet requires accepting this fact and considering security solutions. [9] Therefore, the internet security education is necessary. It can be obtained in several ways. In 2000, Research and Educational Alliance Program (REAP) manufactured by Argus was one of the appropriate software for that kind of education [4]. This contribution maps the present state including the general vulnerabilities and general tools to improve security together with the slight outline of the Internet security future. Very interesting practical output of the security of seafaring was presented by Jasek et al. [13]

2. GENERAL VULNERABILITIES ON THE INTERNET
According to the System Administration, Networking and Security (SANS) Institute the general vulnerabilities are [2]:

• Default installs of operating systems and applications.
• Accounts with no passwords or weak passwords
• Non-existent or incomplete backups
• Large number of open ports
• Not packet filtering for correct incoming and outgoing addresses
• Non-existent or incomplete logging
• Vulnerable CGI Programs
• Unicode vulnerability
• Microsoft Remote Data Services

In 2000, FBI wished to establish a global Internet and E-commerce security agency in purpose to guarantee E-commerce security.[3]

3. TOPIC OF INTEREST AND GENERAL TOOLS TO IMPROVE SECURITY
In accordance with Norifusa [9], the Internet security is mainly focused on:

• Physical security – stealing computer
• Human security – human error
• System security – security holes of software
• Network security – using information stolen in advance
• Data security – using wiretaps or sniffer software

Serious security incidents often involve combinations of these security violations. A firewall is effective preventative method to protect internal network resources from external attack. [9] The usage the cryptography is another way. Cryptography is the primary mechanism used to protect electronic communication. Cryptography can only be applied through security protocols that exploit its protective properties. [11] There exists the analysis describing the cryptographic security mechanisms of the current Internet architecture in the area of network infrastructure, including Internet and transport layer protocols, routing, directory, and network management functions. [8] Firewall enables following:

• Separate internal networks and external networks (the Internet) by disabling direct connections between the networks.
• Require a proxy mechanism to make a connection from an internal machine to machines on external networks.
• Protect information usually used for breakings by keeping the important information such as password inside the firewall.
• Defend from many types of attack from external networks
• Detect and make notification of potential attacks.

The usage of Virtual Private Network (VPN) is another solution to protect the data from external attack. [12] VPN dynamically establishes connections with purpose and demand. Inside the VPN, applications work transparently, just as they do on a LAN. However, the VPN adds security and protection from access outside the VPN. The VPN functions as a closed network until its purpose is complete. Highly secure technology such as encryption adds undue complexity. [7] The communication is often realized by a special protocol. Modern security protocols handle numerous record types, some with nested records in each session [11] and there exists the approach how to written program describing the Internet security protocol. [1]

4. PRESENT AND FUTURE
Lack of progress in Internet security will invariably single out various entities that have a significant impact on Internet security. [10]

The present state of the Internet security is following. Governments around the world have passed little meaningful legislation related to computer crime and misuse. Some blame certainly can also legitimately be placed on vendors, who produce software with vulnerabilities that Internet attackers constantly exploit to cause Internet security breaches. Still others blame home users, who so often engage in terribly unsafe computing practices.

The fact that the Internet was not originally designed to provide security turned out to be a colossal mistake. One of the most basic principles of security engineering is that security mechanisms must be designed and implemented in up front if is they are to deliver the expected outcomes.

Is there any chance that over time Internet security will improve? The answer is “yes, but not without great cost.” The attacks will continue to increase as the Internet ramps; Web sites; attackers; electronic commerce transactions; new technology implementations with their new vulnerabilities; and new, sophisticated hacker programs, all converge in the Internet. [5]. Internet security will continue to lose ground until the Internet suddenly has a ‘meltdown’, an event of catastrophic proportions. Something like a complete shutdown of the Internet for a week or a widespread set of connection hijacking attacks resulting in enormous financial loss will motivate people to quickly provide funding for massive changes in securing the Internet. Retrofitting the Internet to incorporate the level of security it needs, will be the only viable solution. [10]

REFERENCES
[1] CHEVALIER, Y., VIGNERON, L. Rule-based Programs Describing Internet Security Protocols. Electronic Notes in Theoretical Computer Science, v. 124, i. 1-2, 2005, pp. 113-132.
[2] ECCLESTONE, R. Top 20 Internet Security Holes Listed by FBI and SANS. Computer Fraud & Security, v. 2001, i. 10, 2001, p. 6.
[3] FBI wants global Internet security organization. Network Security, v. 2000, i. 9, 2000, pp. 4-5.
[4] HENRY, K. Internet security education extends to UK. Computer Fraud & Security, v. 2000, i. 6, 2000, p. 4.
[5] KOVACICH, G. What caused the Internet security problems? Computer Fraud & Security, v. 2000, i. 4, 2000, pp. 11-14.
[6] MACHANICK, P. A distributed systems approach to secure Internet mail. Computers & Security, v. 25, i. 6, 2005, pp. 492-499.
[7] MCCLURE, B. Internet security on a budget. Computers & Security, v. 17, i. 2, 1998, pp. 155-156.
[8] MOLVA, R. Internet security architecture. Computer Networks, v. 31, i. 8, 1999, pp. 787-804.
[9] NORIFUSA, M. Internet security: difficulties and solutions. International Journal of Medical Informatics, v. 49, i. 1, 1998, p. 69-74.
[10] SCHULTZ, E. Internet security: what’s in the future? Computers & Security, v. 22, i. 2, 2003, pp. 78-79.
[11] YASINSAC, A., CHILDS, J. Formal analysis of modern security protocols, v. 171, i. 1-3, 2005, pp. 189-211.
[12] ZHAO, X., FANG, F., WHINSTON, A.B. An economic mechanism for better Internet security. Decision Support Systems, v. 45, i. 4, 2008, pp. 811-821.
[13] JASEK, R., IWEN, D., TOMASZEWSKI, J. EGNOS system and the security of seafaring and sea transport. [online]. 2008. [cit. 2008-04-13]. Available at: , ISSN 1336-9717.