When one begins to plumb the subject of computer security, a good place to start is in recognizing the enemy. Of the multitude of attacks that can be made on a system’s integrity, there are several major threats to be overcome.
Software Exploits and Buffer Overflows
Software exploits are a primary culprit. Buffer overflows are a prime target for malware “trojan” programs that lurk in your system and capture these bits of unsecured data before they can be recovered and then transmit this data back to its originator for analysis. Certain software processes, like transferring or changing a file can leave a gap between the beginning and the end of the application that can be read as the data passes through the RAM memory from one state to the other.
Even supposedly “secure” computers that are not connected in any way at all can fall victim to eavesdropping by way of the electromagnetic traffic its processes create. The FBI’s “Carnivore” program can be used to duplicate the image on a computer monitor from distances of a hundred yards or more.
Is He Who He Says He Is?
The inherent nature of humans creates several more areas of computer vulnerability. Whether it’s an actual employee or someone who has worked on becoming trusted. That person can surreptitiously infiltrate and infect systems by posing as an administrator or other authorized user and installing whatever they wish onto an unsuspecting network. Another term for this method is Social Networking.
These forms of attack are the hardest to prevent and often the most difficult to locate and remove. With direct physical access to a computer system any number of tracking, worm, key logger or listening devices can be installed. Operating system modifications can be made that can give total control of entire networks to these criminals. Even more damaging to many types of companies are the vast amounts of data that can be copied and used for unscrupulous purposes. The only real way to prevent these types of invasions would be to totally encrypt the database and keep the unencryption key secured and only accessible by a limited number of people.
Denial of Service
Other vulnerabilities can be used not to gain access but to prevent anyone from using the system. Denial of Service attacks can be launched to overload a system’s resources and prevent any use. These types of attacks are usually performed by those that have already invaded other machines and use their hidden programs to activate an entire “zombie” network to attack a server at a time. Since the “zombies” are widely scattered individual machines or networks, the instigators of these attacks are extremely hard to locate. The system of anonymous proxy servers makes it even easier to launch denial of service attacks with even less chance of tracking and arresting the culprits of such attacks.
Backdoor attacks use vulnerabilities in existing legitimate executable files and surreptitiously loaded programs to gain control of a computer system. These backdoors, some of which are built in at government insistence, are especially devious in that they are by nature, hidden and are designed to conceal their actions.
Who Really Is the Enemy?
Do you recognize the enemy? Is it that new Network Administrator that was just hired, or possibly the last ‘manager’ that called the help desk to retrieve a ‘lost’ password. Did your help desk personnel ask all of the correct security questions to make sure they were the person they said they were? Social networking is alive and flourishing and it’s everyone’s duty to try to curtail this activity.
Ron Barrett is the owner of Ron’s Computer Service, your online helpdesk for computer related problems. His ‘Bits and Bytes: Decoding the Digital World’ newsletter is published on a regular basis. Subcribe by visiting his website
Tags: computer security, denial of service, malware, social networking, zombies
Related Posts
| 
Designed By : 
Get this skin at : 