Understanding Network Security Threats

Previous page
Table of content
Next page

To protect your computer against network security threats, you must have a basic understanding of the type of threats out there. Although many different types of security vulnerabilities exist, the types of attacks can be distilled into three basic types: denial of service attacks, theft of data attacks, and unauthorized use of computing and network resources. For a more detailed overview and an extensive list of additional resources, please download the following pdf: www.cert.org/archive/pdf/attack_trends.pdf

Denial of service attacks

Denial of service attacks are probably the hardest to protect against, due to the nature of sharing resources. If your system allows access from outside, perhaps by serving Web pages, how do you determine the difference between legitimate requests for data and illegitimate requests, which are designed to simply tie up your resources? Denial of service attacks are extremely easy to implement, requiring little to no technical competence on the behalf of the attacker.

A denial of service attack is a situation where a specific resource is the target of excessive or malformed traffic. Example services are a Web server, ftp server, mail server, and so on. Usually many compromised machines will be used in a denial of service attack. The end result is that if you are victim to such an attack, you will be unable to engage in the communications you expect to, as you will be tied up responding to excessive fake clients.

Denial of service attacks can also cause real headaches when they are directed at a resource that you require in order to do day-to-day tasks. For example a service that is required for most productive work on the Internet is DNS. DNS stands for Domain Name Service. DNS translates numerical IP addresses such as 17.254.0.91 to a friendlier, familiar name based address such as www.apple.com. If we didn’t have access to DNS and had to use numbered IP addresses for all communications, such as Web surfing, sending email, and so on, the Internet would be much less useful to us. DNS is a distributed database of numbers to names and is based on a system built of Root Servers. There are currently 13 Root Servers worldwide. These 13 servers are the authoritative servers for global DNS services. These 13 servers point at local DNS servers worldwide. The Root Servers serve information for what are called Top Level Domains, such as .com, .net, .org, and .edu. A successful denial of service attack against these 13 servers would render much of the Internet inaccessible to most users.

Data theft

Theft of data attacks occur when somebody from the outside manages to obtain access to your computer and takes files from your machine. These types of attacks are the most discussed in the media and elsewhere, as they often involve real financial loss. The data stolen can be personal information, such as credit card numbers and bank account information, or can be intellectual property. This kind of attack is much like a bank robbery where your personal property is stolen from you. Unlike in the physical world, you may retain copies of the files, as just copying them does not ensure destruction. Although many times data will be destroyed in the process, it is not necessarily the case. In fact much of the time that data has been stolen, the victim may be completely unaware that the theft has occurred. That is until a later time, when unauthorized financial activity occurs or similar events take place.

Unauthorized use of computing and network resources

Unauthorized use pertains to a situation where your computer or network resources are utilized by unauthorized users. Viruses are frequently responsible for such situations. The recent Nimda and Code Red viruses are examples of unauthorized use violations. The virus, once installed in your computer, then uses your computer to scan the network for other vulnerable hosts, and to attack those computers. Additionally many viruses of these types have as their goal bringing your computer into an ad-hoc network of infected computers. Once your computer is tagged in to the network, it will await further instructions. Frequently the goal is to use your computing and network resources along with those of other such compromised machines to launch denial of service attacks against large high profile Internet hosts. Microsoft is frequently a target of such attacks. Not all types of unauthorized use are virus related. Suppose someone on the Internet finds a way to connect to your computer, and is able to log in via a software bug (called a vulnerability) or a misconfiguration of some network component; the hacker then may be able to configure network services on your machine that you are unaware of. A common situation today is where an unauthorized user will create a directory on your machine and configure FTP access to that directory. You could then be the unwilling host of a treasure trove of pirated music, software, and movies. Many times such access can go unnoticed, as today’s hard disks are large enough to contain such additional data without running out of space, and broadband connections provide adequate bandwidth to support these supplementary connections alongside legitimate Internet access.



Previous page
Table of content
Next page
Mac OS X Bible, Panther Edition
Mac OS X Bible, Panther Edition
ISBN: 0764543997
EAN: 2147483647
Year: 2003
Pages: 290
Authors: Samuel A. Litt, Thomas Clancy Jr., Warren G. Gottlieb, Douglas B. Heyman, Craig Zimmerman, Warren G. Gottlieb, Douglas B. Heyman, Thomas Clancy Jr.
BUY ON AMAZON
CompTIA Project+ Study Guide: Exam PK0-003
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
Java for RPG Programmers, 2nd Edition
Cisco Voice Gateways and Gatekeepers
Cisco CallManager Fundamentals (2nd Edition)
Special Edition Using FileMaker 8
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy