INTERNET AND NETWORK ATTACKS

- The security risk on the internet is greater as there is no central administrator present.

- An online security service is used to determine if a computer is vulnerable to an Internet or network attack.

- An online security service is a Web site that evaluates your computer to check for Internet and e-mail vulnerabilities.

COMPUTER VIRUSES A potentially

damaging computer program that affects, or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission.

WORM A program that

copies itself repeatedly, using up resources and possibly shutting down the computer or network.

TROJAN HORSE A program that

hides within or looks like a legitimate program.

A certain condition or action usually triggers the Trojan Horse

It does not replicate itself to other computers.

ROOTKIT A program that hides

in the computer and allows someone from a remote location to take full control of the location.

Once the rootkit is installed, the rootkit author can execute programs, change settings, monitor activity and access files on the remote.

A computer infected by a virus, worm, Trojan horse, or rootkit often has one or more of the following systems:- Operating system runs much slower than usual- Available memory is less than expected- Files become corrupted- Screen displays unusual message or image- Music or unusual sound plays randomly

- Existing programs and files disappear- Programs or files do not work properly- Unknown programs or files mysteriously appear- System properties change- Operating system does not start up- Operating system shuts down unexpectedly.

HOW A VIRUS CAN SPREAD THROUGH AN E-MAIL MESSAGE?

Step 3

a) Some users open the attachment and their computers become infected with the virus

b) Other users do not recognize the name of the sender of the message and they do not open it – instead they immediately delete the e-mail message.So, the computers not infected.

Step 2

They send the e-mail message to thousands of users around the world

Step 1

Unscrupulous programmers create a virus program that deletes all files.

They hide the virus in a word processing document and attach the document to an e-mail message.

SAFEGUARDS AGAINST

COMPUTER VIRUSES AND

OTHER MALWARE

Do not START A COMPUTER WITH REMOVABLE MEDIA INSERTED IN THE DRIVES OR PLUGGED IN THE PORTS.

Never open an email attachment unless you are expecting it and it is from a trusted source.

Set the macro security in programs so that you can enable or disable macros.

Many application programs such as Microsoft Word can be configured to display a warning if a user attempts to open a file that contains a macro.

Install an anti-virus program on all of your computers, update the software and virus signature files regularly.

Is a known specific

pattern of virus code.

Protects a computer against viruses by

identifying and removing any

computer viruses found in memory on

storage media.

Popular antivirus programs:

©AVG Anti-virus©avast! Antivirus©CA Antivirus©F-Secure Antivirus©Kaspersky Antivirus©McAfee VirusScan©Norton AntiVirus©Trend Micro Antivirus©Vexira AntiVirus

Scan all downloaded programs for viruses and other malware.

delete or quarantine the attachment immediately if the antivirus programs flags an email attachment as infected.

scan the media for malware before using any removable media.

Install a personal firewall program.

Stay informed about new virus alerts and virus hoaxes.

Is an e-mail message that warns users of a non-existent virus or

other malware.

BOTNETS•Is a group of compromised computers connected to network that attacks other network.•compromised computer is known as zombie where owner is unware the computer is being controlled remotely by an outsider.•Bot is a program that performs a repetitive task on a network.•cybercriminals install malicious bots on unprotected computers to create botnet.

DENIAL OF SERVICE ATTACKS (DOS ATTACK)

•is an assault whose purpose is to disrupt computer access to Internet service.•DOS attack carried out in many ways:

There are few motives for doing Dos/DDoS attacks:

Using unsuspecting computers to send influx of confusing data

messages or useless traffic to a computer network.

DDoS(Distributed DoS) attack•Zombie is used to attack computer networks.•Able to stop operations temporarily at numerous websites.

Claim political anger

Simply for recognition even it is

negative.

As a vehicle for extortion

BACK DOORS•is a program/set of instructions in a program that allow users to bypass security controls when accessing program.•Rootkit can be a back door.•programmers usually build back doors into programs during system development to save development time.•computer repair technician may install a back door while troubleshooting problems on a computer.

SPOOFING•is a technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or network.•types of spoofing computers schemes:

E-MAIL SPOOFING•Occurs when sender’s address or other components of e-mail header are altered.•Commonly used for viruses hoaxes, spam and phishing scams.

IP SPOOFING•Occurs when an intruders computer fools a network into believing its IP address is associated with a trusted source.

SAFEGUARDS AGAINST BOTNETS ,DOS / DDOS ATTACKS, BACK DOORS AND SPOOFING

FIREWALLSIs a hardware/software that protects a network’s resources from intrusion

Organizations - use firewalls to protect network resources and to restrict employees’ access to sensitive data. - use proxy server that controls which communications pass into the organization’s network.

Home and small office/home office - users protect their computers with personal firewall. - it monitors all transmissions to and from computer and may inform a user of any attempted intrusion. - some users purchase stand-alone personal firewall software.

INTRUSION DETECTION SOFTWARE

Large organizations may use intrusion detection software to identify possible security breaches.

It analyses all network traffic, assesses system vulnerabilities, identifies any unauthorized intrusions and notifies network administrators of suspicious behavoiur patterns or system breaches.

HONEYPOTSSome organizations use honeypots so that they can analyze an attack being perpetrated.

A honeypot is a vulnerable computer that is set up to entice an intruder to break into it.

Honeypots allow the organizations to learn how intruders are exploiting their network and also attempt to catch perpetrators who have been doing damage elsewhere on their network.

Hardware theft Hardware vandalism

Act of stealing computer equipment

People opening up computers and taking parts out of them and it happens in retail stores too, when people break open the package and shoplift the item.

Notebook computers of company executives are often targeted to access confidential company information illegally.

This is a combination of hardware and software theft

Hardware theft

HADWARE VANDALISME Act of defacing or destroying computer

equipment Cutting computer cable wire . Aimlessly destroying individuals or

school computers. Normally it doesnt pose threat to home

desktop computer users. Small unit system can be stolen as

their portable and able to fit in backpack or briefcases

Safeguards against hardware theft and

vandalism

PHYSICAL CONTROL ACCESS

locked doors and windows(usually for school and business) enough to protect these hardwares

install alarm system cables that lock the equipment to the desk Small locking devices also exists that require

a key to access a hard disk or a optical disk drive

TECHNOLOGICAL CONTROL ACCESS

Real time location system (RTLS)- to track and identify location aof high risk or

high valued items. RTLS place RFID tags in items to be tracked. Mobile users can install mini security system

in the notebook computer

Some of these security systems shut down the computer or sound an alarm if computer moves out of a specific distance

Some can configure to photograph the thieves when they use the computer

Tracking software can track the location of stolen notebook computer

Use passwords ,possessed objects and biometrics.

Ex: starting up a computer requires password , slide card in card reader or press you finger on a finger print reader for the hard disk to unlock

This type of security does not prevent theft but it makes the computer useless after stolen

Password protect can be used on portable devices : USB flash drives,smart phones and other devices.

This will allow only authorized users to access the devices data.

Some security system can destroy data if an incorrect password entered in a certain number of times.

You can instruct the password screen to display your name and phone number ,, so that if it was misplaced or lost someone can always contact you and return it!

THE END