NOTE: Free essay sample provided on this page should be used for references or sample purposes only. The sample essay is available to anyone, so any direct quoting without mentioning the source will be considered plagiarism by schools, colleges and universities that use plagiarism detection software. To get a completely brand-new, plagiarism-free essay, please use our essay writing service.
One click instant price quote
... ) and checksum-based change detection tools. Design of configuration review tools requires intimate knowledge of the system, but no knowledge of the worm code. Another class of add-on tools is the intrusion detection tool. This is somewhat analogous to the PC monitoring software, but is usually more complex. This tool reviews series of commands to determine if the user is doing something suspicious.
If so, the system manager is notified. One type of network security tool is the wrapper program. Wrapper programs can be used to "filter" network connections, rejecting or allowing certain types of connections (or connections from a pre-determined set of systems). This can prevent worm infections by "untrusted" systems. These tools do not protect a system against the exploitation of flaws in the operating system. This issue must be dealt with at the time of procurement.
After procurement, it becomes a procedural issue. Resources are available to system managers to keep them abreast of security bugs and bug fixes, such as the CERT computer security advisories. Another class of security tools which are widely employed today to protect a network against worms are the Firewall. The firewall system [GS 91 ] protects an organizational network from systems in the larger network world.
Firewall systems are found in two forms: simple or intelligent. An intelligent firewall filters all connections between hosts on the organizational network and the world-at-large. A simple firewall disallows all connections with the outside world, essentially splitting the network into two different networks. To transfer information between hosts on the different networks, an account on the firewall system is required. Human Threats Insiders, hackers and "phone phreak's" are the main components of the human threat factor. Insiders are legitimate users of a system.
When they use that access to circumvent security, that is known as an insider attack. Hackers are the most widely known human threat. Hackers are people who enjoy the challenge of breaking into systems. "Phreakers" are hackers whose main interest is in telephone systems. The primary threat to computer systems has traditionally been the insider attack.
Insiders are likely to have specific goals and objectives, and have legitimate access to the system. Insiders can plant trojan horses or browse through the file system. This type of attack can be extremely difficult to detect or protect against. The insider attack can affect all components of computer security. Browsing attacks the confidentiality of information on the system. Trojan horses are a threat to both the integrity and confidentiality of the system.
Insiders can affect availability by overloading the system's processing or storage capacity, or by causing the system to crash. These attacks are possible for a variety of reasons. On many systems, the access control settings for security-relevant objects do not reflect the organization's security policy. This allows the insider to browse through sensitive data or plant that trojan horse. The insider exploits operating system bugs to cause the system to crash.
The actions are undetected because audit trails are inadequate or ignored. Hackers The definition of the term "hacker" has changed over the years. A hacker was once thought of as any individual who enjoyed getting the most out of the the system he was using. A hacker would use a system extensively and study the system until he became proficient in all its nuances. This individual was respected as a source of information for local computer users; someone referred to as a "guru" or "wizard. " Now, however, the term hacker is used to refer to people who either break into systems for which they have no authorization or intentionally overstep their bounds on systems for which they do have legitimate access. Methods used by hackers to gain unauthorized access to systems include: Password cracking Exploiting known security weaknesses Network spoofing "Social Engineering" The most common techniques used to gain unauthorized system access involve password cracking and the exploitation of known security weaknesses.
Password cracking is a technique used to surreptitiously gain system access by using another users account. Users often select weak password. The two major sources of weakness in passwords are easily guessed passwords based on knowledge of the user (e. g.
wife's maiden name) and passwords that are susceptible to dictionary attacks (i. e. brute-force guessing of passwords using a dictionary as the source of guesses). Another method used to gain unauthorized system access is the exploitation of known security weaknesses. Two type of security weaknesses exist: configuration errors, and security bugs.
There continues to be an increasing concern over configuration errors. Configuration errors occur when a the system is set up in such a way that unwanted exposure is allowed. Then, according to the configuration, the system is at risk from even legitimate actions. An example of this would be that if a system "exports" a file system to the world (makes the contents of a file system available to all other systems on the network), then any other machine can have full access to that file system. Security bugs occur when unexpected actions are allowed on the system due to a loophole in some application program. An example would be sending a very long string of keystrokes to a screen locking program, thus causing the program to crash and leaving the system inaccessible.
A third method of gaining unauthorized access is network spoofing. In network spoofing a system presents itself to the network as though it were a different system (system A impersonates system B by sending B's address instead of its own). The reason for doing this is that systems tend to operate within a group of other "trusted" systems. Trust is imparted in a one-to-one fashion; system A trusts system B (this does not imply that system B trusts system A). Implied with this trust, is that the system administrator of the trusted system is performing his job properly and maintaining an appropriate level of security for his system. Network spoofing occurs in the following manner.
If system A trusts system B, and system C spoofs (impersonates) system B, then system C can gain otherwise denied access to system A. The system's integrity is compromised because it would allow a foreign system to mimic a friendly system, hence allowing access. "Social engineering" is the final method of gaining unauthorized system access. People have been known to call a system operator, pretending to be some authority figure, and demand that a password be changed to allow them access. One could also say that using personal data to guess a user's password is social engineering. Phone Phreak's The "phone peak" (peak for short) is a specific breed of hacker. A peak is someone who displays most of the characteristics of a hacker, but also has a specific interest in the phone system and the systems that support its operations.
Additionally, most of the machines on the Internet, itself a piece of the Public Switched Network, are linked together through dedicated, commercial phone lines. A talented peak is a threat to not only the phone system, but to the computer networks it s...
Free research essays on topics related to: unauthorized access, file system, operating system, computer security, trojan horses
Research essay sample on Trojan Horses Unauthorized Access
