Presentation is loading. Please wait.

Presentation is loading. Please wait.

S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.

Similar presentations

Presentation on theme: "S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many."— Presentation transcript:

1 S EC (4.5): S ECURITY 1

2 F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many of these incorporate the use of malicious software called malware. Such software might be: 1. Transferred to and Executed on the computer itself, or 2. It might attack the computer from the distance 2

3 E XAMPLE : Viruses worms Trojan horses spyware 3

4 V IRUSES : Is a software that infects a computer by inserting itself into programs that already reside in the machine. Then, when the “host” program is executed, the virus is also executed.  Some viruses transfer themselves to other programs within the computer.  Some viruses degrading portions of the operating system,  erasing large blocks of mass storage, or  Corrupting data and other programs. 4

5 WORMS : Is an independent program that transfers itself through a network, Taking up residence in computers and forwarding copies of itself to other computers. As in the case of virus, a worm can be designed merely to replicate itself or, To perform extreme damage.  A characteristic effect of a worm is an explosion of the worm’s replicated copies that degrades the performance of legitimate applications, and  Can ultimately overload are entire network or internet. 5

6 T ROJAN HORSES : Is a program that enters a computer system as good- looking program.  Such as games,  Useful utility package  Arrive in the form of attachments to inviting email messages.  When the attachment is opened, the misdeeds of the Trojan horse are activated.  Thus, email attachments from unknown sources should never be opened. 6

7 S PYWARE : Sometimes called sniffing software. Which is collects information about activities at the computer on which it resides and reports the information back to the leader of the attack.  Some companies use spyware as computer profiles.  Used for malicious purposes such as recording the symbols typed at the computer’s keyboard. (password, credit card) 7

8 P HISHING : Is a technique of obtaining information explicitly by simply asking for it. 8

9 D ENIAL OF SERVICE ATTACK : A computer in a network can be attacked by software being executed on other computers in the system. Such as denial of services. Which is the process of overloading a computer with requests. Have been lunched against large commercial Web servers on the Internet to disrupt the company’s commercial activity to a halt. 9

10 S PAM : Another problem of unwanted messages is the creation of unwanted junk email, called spam. Unlike denial of service attack, The volume of spam hardly ever sufficient to make ineffective the computer system. Instead the effect of spam is to overwhelm the person receiving the spam. Is widely adopted for phishing, Trojan horses that spread viruses. 10

11 P ROTECTION AND C URES : 1. A primary prevention technique is to filter traffic passing through a point in the network, with program called a firewall. Firewall is installed to filter messages passing in and out of the domain. Is a tool for terminating a denial of services attack. Block all incoming messages that have origin addresses within the domain (such a message would indicate that an outsider is pretending to be a member of the domain) known as spoofing. Firewall is used to protect an individual computer. 11

12 P ROTECTION AND C URES : Some variations of firewalls are designed for a specific purposes such as spam filter. Designed to block unwanted email. Other one to distinguish between desirable email and spam. 2. Proxy server : Act as an intermediary between client and server with the goal of protecting the client from unfavorable actions of the server. The server can collect a multitude of information about the domain, that be used to attack the domain. So that, the domain might contain a particular proxy server (FTP, HTTP, telnet,…) 12

13 P ROTECTION AND C URES : Each time a client within the domain tries to contact a server of that type, the client actually contact with the proxy server. Then the proxy contact the actual server. Advantages: 1. The actual server has no way to know that the proxy server is not the true client. And never aware of that actual client’s existence. And no way of domain internal features. 2. Is in position to filter all messages sent from the server to the client. (block all infected files by using FTP proxy server) 13

14 P ROTECTION AND C URES : 3. Auditing : Is an administrator primary tool for identifying problems before they grow out of control. Like: 1. Detect sudden increase in message traffic at various location within the domain. 2. Monitors the activities of the system’s firewalls. 3. Analyze the pattern of requests being made by individual computers within the administrator's in order to detect irregularities. 4. Antivirus: Which is used to detect and to remove the presence of known viruses and other infection. 5. Encryption : The goal is to prevent access to information. (password) FTPS, SSH, HTTPS, SSL (secure socket layer) 14

Download ppt "S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many."

Similar presentations

Ads by Google