Computer Threats and Security

Backdoor, Trojan, rootkit

The aim of backdoor and rootkit is to take possession of a machine subsequently through an infection made via backdoor. A backdoor is a program placed by a black hacker that allows him to access the system. It may have much functionality such as keyboard-sniffer, display spying etc. Trojans act like backdoor and Trojan but also modify the existing program in the operating system. It allows black hacker to control the system without being detected. A rootkit can be in normal or kernel mode.

Social Engineering

Social engineering is manipulating a person or persons into divulging confidential information. Even corporate executives can be tricked into revealing the most secret information.

What can be done to prevent your computer?

  • Never give out your password to anyone.
  • Any system administration should have the ability to change your password without having to know the old password.

Password Attacks

Password guessing is ineffective except in targeted cases. In Dictionary Attacks passwords are stored in computers as hashes and these hashes can sometimes get exposed. So check all known words with the stored hashes.

Computer security Issues

Vulnerability is a point where a system is susceptible to attack. A threat is a possible danger to the system. The danger might be a person (a system cracker or spy), a thing (a faulty piece of equipment) or an event (natural calamity) that might exploit the system vulnerability. Counter measures are techniques for protecting your system

Achieving Security

Man techniques exists for computer and network security

  • Cryptography
  • Antivirus software
  • Firewall
  • Secure network

In addition, users have to practice “Safe computing”

  • Not downloading from unsafe websites
  • Not opening unknown attachments
  • Not trusting what you see on the websites
  • Avoid scams

Computer security involves providing appropriate levels of assurance of:

  • Availability of computer services and data/ information stored in computing systems.
  • Confidentiality of data/information stored in computing systems
  • Integrity of computing systems and data/information stored in the system
  • Auditability of usage of computing systems and access to data/information of the system
  • Non-repudiabilty of  transactions initiated by individuals and organization

Major Security Challenges in Distributed Computing Environment

  • It is difficult to centralize security
  • Clients create weak links in security
  • Diversity of clients increases the problem
  • Every protocol used in the client server communication at every layer of OSI model has inherent security related weaknesses

Types of Security threats

  • Unauthorized users
  • Misrepresentation or spoofing
  • Unauthorized invocation of services
  • Corruptions of functions or operations
  • Denial of services

Major Solutions

  • Authentication i.e. proving the identity of a person or system
  • Access control i.e. limiting who and what can gain access to
    • System and their components
    • Network Devices
    • Applications
    • Data
    • Encryption i.e. transforming data in a manner such that they cannot be meaningfully read because they are garbled
    • Auditing and monitoring

Some proven system security measures

  • Requiring everyone to select and use a good password
  • Setting appropriate password aging parameters
  • Using third party authentication
  • Running updated antivirus software
  • Setting restrictive file access permissions
  • Limiting privileges to the minimum needed to get the job done
  • Setting appropriate levels of auditing and inspecting logs frequently
  • Running personal firewalls
  • Restricting dial-in-access
  • Backing up critical computing systems as often as appropriate
  • Encrypting files stored on hard drives
  • Implementing appropriate physical security measures