Computers and Privacy

Previous page
Table of content
Next page

When computers were standalone systems that were easily controlled by a central administrative group, keeping data out of the hands of those who didn't need to see it was already difficult. Usernames and passwords were designed to restrict individual users and their actions, as well as track the actions they performed. File and resource protections enforced by operating systems made it simple to keep most prying eyes out of sensitive files, but where there's a will, there's usually a way, and even operating system resource-protection techniques have their vulnerabilities.

For example, many passwords are either easy to guess or easy to obtain. If you don't enforce a strict security policy in your network, often users will use passwords that are so simple it makes a joke out of using passwords at all. Passwords such as the name of the local football team, a spouse, a child, or even a pet are often used because they're easy to remember. It is a good idea to create passwords using both uppercase and lowercase letters and alphabetic and numeric characters. These techniques can go a long way toward preventing a hacker from using a simple dictionary attack against your network. This kind of attack simply involves using a program that cycles through all the words in a dictionary to see whether any match up to your password. Hackers don't use just any dictionary, but instead can find huge lists of possible passwords (names, city names, baseball teams, and others we've just mentioned) to use. Another type of dictionary attack can be performed on Unix systems if the hacker steals the password file. Because the encryption scheme is known for most Unix systems, the program can simply encrypt every word found in a dictionary and compare it to the encrypted version in the simple /etc/passwd file!

Tip

If you wonder what levels of security passwords afford your network, try calling a user. Tell him you work for the help desk and you need to know his password. Chances are that more than half the time the user will give you his password. So much for password security. This method of breaching security is known as social engineering.


When you consider the environment today, with large-scale networks and connections to the Internet, the security issues become even more complex and difficult to manage using simple schemes, such as username/password authentication. Encrypting the actual data files themselves, especially when they are to be transferred across an untrusted network link, can solve a large part of this problem.

Encryption techniques should be seriously considered in an environment in which security is considered an important part of the network and not assumed to be taken care of by the standard username/password mechanism.



Previous page
Table of content
Next page
Upgrading and Repairing Networks
Upgrading and Repairing Networks (5th Edition)
ISBN: 078973530X
EAN: 2147483647
Year: 2006
Pages: 411
Authors: Scott Mueller, Terry William Ogletree, Mark Edward Soper
BUY ON AMAZON
Certified Ethical Hacker Exam Prep
Strategies for Information Technology Governance
Systematic Software Testing (Artech House Computer Library)
Managing Enterprise Systems with the Windows Script Host
MySQL Cookbook
Microsoft WSH and VBScript Programming for the Absolute Beginner
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy