These days, organizations invest heavily in security for their information systems. IS security attacks are a daily occurrence and the need for security grows with the sophistication of such attacks.
Information Security is "the protection of information systems against unauthorized access or modification and against Denial of Service to authorized users or provision of service to unauthorized users".
Some of the main threats to security are:
Denial of Service
Dos attacks exploit known vulnerability in specific applications, operating systems protocols or services. They deny authorized users access to information or computers e.g websites. The most common types are SYN, Ping of Death (POD) and Distributed Denial of Service (DDOS) attacks.
SYN Attacks: Utilizes the TCP 3 way handshake to establish a conneciton between 2 PCS. Normally PC1 sends a synpack, PC2 responds by a syn/ack pack, and PC1 then sends an ack pack. The attacke floods the second PC with fake synpack requests with non-existant IP's on the first PC so steps 2 & 3 cant be completed.
Ping of Death: Ping is a tool used to test if a host is reachable across a network. An attacker sends a pack of > 64k (normal packs are 56 bytes). Some older systems cant habdle the packet size and crash.
Distributed Denial of Service Attacks: These target multiple systems, target bandwidth, or the resources of a system. The attack uses a client program to connect to master's compromised systems that control and issue commands to thousands of zombie agents. These compromised systems run the attack to generate traffic. These collections of compromised systems are called BotNets.
Malware is code installed without permission or knowledge of the user. Types of Malware include:
Viruses: Viruses replicate by attaching themselves to executable files and run before the file is executed
Trojans: A trojan is a piece of software that appears to solve a desirable function, but in actual fact facilitates unauthorized access to the users PC
Worm: A computer worm is a self replicating program that services on its own. It spreads by expoiting vulnerabilities in the OS.
Logic Bombs: Logic bombs are deliberately installed, generally by an authorized user. Tney sit dormant until a certain event triggers them e.g. date/time. It can damage records, databses and delete files.
No comments:
Post a Comment