110074564joshua pawes sister.com site
unit 32 network system security (week 4) Posted on September 24, 2012 There are several different forms of attacks Denial of services virus Phishing Identity theft Hacking Piggy backing Brute force attack Trojans/worms software exploitation ARP cache poisoning Virus A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. This could be a outside attack via the internet or could be a inside attack via a USB or another physical device been connected. There should be several updates to this such as having a virus checker maybe the AVG one they are a trusted anti-virus software producer you should keep this up-to-date and run this quite a lot to check your files to help keep you system secure also run this on every file when downloading of the internet or of a eternal device e.g. a USB device. Phishing Phishing is attempting to get information such as usernames, passwords and credit card details by making out to be a trustworthy site. This is an outside attack that over the internet by making a sight look like another such as PayPal and then sending emails out saying you need to log in or change your password. Tell your work place about these kind of emails and you could block them all to the spam folder and only allow certain contacts to contact you also do not give out the business personal email address to any one use your own not the business one. Identity theft Identity theft is the miss use of someone’s identity or personal identifying information to obtain credit services or other benefits under the name of the person whose identity has been stolen and this can lead to some one attacking your system. This can be an outside attack by getting personal data over the internet and going on a other persons accounts or an inside attack by using a ID to access a system of an organisation. You can help prevent from this by using ID badges with their face on having security and people checking them having a retina or fingerprint scanner to log in if it’s a log in via VM ware you should have a list of computers that are allowed to accesses the system via VM ware monitor email traffic for key words been sent out to the public such as password. Hacking Computer hacking is when someone modifies computer hardware or software in a way that alters the creator’s original intent. People who hack computers are known as hackers. Hackers are usually real technologies who enjoy learning all they can about computers and how they work. This is usually an outside attack over the internet to access a organisations computers/server but can also be an attack with inside help to hack these. To help prevent this use encrypted passwords secrets make system security harder to break by having different privilege area passwords so if someone does get n they will struggle to get in to the hardest/ highest levelled area and you should find out about them before they get there because it will take more time. Piggy backing Piggybacking is a particularly interesting type of information attack, as it can be done both electronically and physically. Both are equally threatening and potentially dangerous breaches of security, and both usually involve some type of inside aid to form the attack usually someone working in the organisation opens a port to let a extra computer on to the network you can find out if this is happening by looking at how many devices are connected on to your network. You can prevent this by using a mac address table so when the device connects it comes up with a mac address so you can monitor which computers are connecting to your network and there for if any one who isn’t registered connects it will come up and you know that something is wrong. Denial of services A distributed denial-of-service attack is one in which a lot of compromised systems attack a single target, thereby causing denial of services for users of the system. The traffic of incoming messages to the system forces it to shut down there for denying service to the system to users. This is an outside attack where you have lots of computers that send messages to a server from different locations on the planet to crash the server and bring it to a standstill and un usable. To prevent this this try to direct traffic to another service spread the load so that your server does not crash and also it will take them a lot more computers to crash you if you have a lot of servers to carry the load. Brute force attack A bruit force attack is a harm full piece of software that does not try to decrypt any of your information but instead just tries password after pass word after pass word to get in to your account for example if you have an easy password such as your favourite colour purple for example it will be fairly easy to get where as if you put it as *PuRple11028750 then it will be much harder to get. This can be plugged via USB and used as an inside attack to log on. Trojans/worms Rootkits A root kit is a Trojan/worm that is a piece of harmful software that hides in programs that you download of the internet or open in emails that go on your system undetected and gather information and makes it self-have higher privileges on your system without you knowing a way to find out if you have one and try to prevent from this is using Prevention root kit analyser tool. This is an outside attack that when you download a piece of data it may be in it if the data has been changed. Software exploitation A software exploitation attack is when a hacker uses a floor in a application or a piece of software to gain access to your system and use zero days that are found you can protect against this by closing al of the gaps and looking and getting rid of any of your vulnerability’s in your system. This is an outside attack to help prevent this try to make sure your program has no floors and regularly bring new updates up keeping anyone who is trying to busy. ARP cache poisoning This kind of attack is also known as (man in the middle attacks) This is a form of hacking and allows the hacker to be the middle man and receive data from one person before it gets the person who receives it and has the chance to modify/change the data before it is received. Both the sender and the receiver have no idea of this attack taking place because the attacker is spoofing the MAC address. Spoofing the MAC address is basically looking and seeing a floor in this and the copying it so that when data is sent to that address you receive it. The attacker has to have a higher signal so that the client chooses to connect to them rather than the proper host. The launch of using 802.x authorisation can now bypass the use of this attack and stop it from happening. Task 2 Embedded devices are accepted now more than ever. Due to the advance in mobile devices you are able to track them is now easier than ever. As a consequence to this devices are at a high risk from viruses making them when you connect tow a wireless network more dangerous than ever There for because of this if you give out a Wi-Fi code ad do not protect your system then the mobile device may contain a virus that could then transfer on to your network via your Wi-Fi and affect your system in a way and make it even more venerable to attack this could cause loss of money, loss of data, the time to get the data back and if customer personal data is lost also the trust of the customers will be as well. D1 There have been several recent network threats such as: new version of black hole exploit kit released. This is a form of malware it is undetectable with the use of anti-virus software due to new updates this impacts an organisation due to the fact that you can be losing data without anyone knowing that this is happening this will cost you money and time to work out that you are missing data. The police Trojan this gets on to your computer and locks it saying that you have to pay an amount to get it unlocked a bit like a ransom but it is pretending to be the government this can have major effects on an organisation due to the fact that if they don’t get it unlocked they lose money and time and if they wipe the system they will lose money and time even with a backup reinstalling it and if they pay up depending on how big there organisation is it could be quite a lot so either way they lose out. https://www.facebook.com/video/video.php?uv=464685176886215¬if_t=video_processed
Report this ad
Report this ad
S H A R E TH IS : Twitter
This entry was posted in Uncategorized by joshedd. Bookmark the permalink [https://110074564joshua.wordpress.com/2012/09/24/unit-32-network-system-security-week-4/] .