|
|
|
Games people play
THE COMPUTER was invented to calculate formulas and to derive equations at high speed. However, as time passed and technology improved, the internet became a part of everyday life. People now use computers at their offices as well as in their homes.
However, like most things computers can have two kinds of impact — positive and negative. Many people now use computers for negative activities. Viruses and cyber-fraud are common examples. Similarly, over the years hackers have diversified their targets and enhanced their techniques.
In the past we heard commonly of “viruses”, but now we have “worms” and “Trojans” as well. The computer virus, of course, gets its name from the biological virus. The word itself comes from a Latin word meaning “slimy liquid or poison”.
A virus can be defined as: A program or code that replicates itself onto files with which it comes in contact. That is, a virus can infect other programs, the boot sector, partition sector or a document that supports macros, by inserting itself or attaching itself to that medium. Most viruses only replicate, though many can do damage to a computer system or a user’s data as well.
Worms
A worm is a program that makes and facilitates the distribution of copies of itself, for example, from one disk drive to another, or by copying itself using email or another transportation mechanism. The worm may cause damage and compromise the security of the computer. It may arrive via exploitation of a system vulnerability or when an infected e-mail is clicked.
Trojan Horses
A Trojan Horse portrays itself as something other than what it is at the point of execution. While it may advertise its activity after launching, this information is not apparent to the user beforehand. A Trojan Horse neither replicates nor copies itself, but causes damage or compromises the security of the computer all the same. A Trojan Horse must be sent by someone or carried by another program and may arrive in the form of a joke program or software of some sort.
The malicious activity of a Trojan Horse may be anything undesirable for a computer user, including data destruction or compromising a system by providing a means for another computer to gain access, thus bypassing normal access controls.
Anti-virus programs
To avoid loss of important data there are many anti-virus programs which detect viruses, worms and Trojan Horses from their databases and destroy them. They are powerful enough to check the threads of new viruses that are not in their databases.
When discussing data security, the more important topics are hacking, cracking, DoS, breaching network and tools used in hacking.
Hacking is an act of penetrating computer systems to gain access to them. To some, hacking is an art, a skill by which one can enter or gain access to any resource or network without permission. In comparison, cracking is simply the act of getting into a software without authorization.
Theoretically, a hacker is someone who is well-versed in programming, resources and all things relating to the matrix of a computer. Due to this capability, he or she can gain access to your network, computers and websites.
As opposed to hackers, crackers are people who try to get unlawful access to computers programs to fetch information. This is normally done through secretly installed programs like Trojans or ‘backdoor’ programs. Crackers also try to gain access to files, data or other targeted resources through the use of software that tries combinations of passwords to find the correct one for accessing a computer.
Over the years, different methods have been employed to hack different networks and sites. Some of the techniques are only used to slow down networks and sites, due to which access to them sometimes gets denied and the users face a lot of problems.
A Denial of Service (DoS) attack is the form of security breach that does not usually result in theft of information or other loss. However, these attacks can cost the target person or company a great deal of time and money.
A few forms of DoS attacks are:
Buffer overflow
In this case, DoS attacker simply sends considerably more traffic to a network address, in an effort to overwhelm its processing/buffer capacity. These attacks can be carried out, for instance, by sending e-mails with attachments of files with 256-character file names to Netscape and Microsoft mail programs.
Teardrop
This type of DoS attack exploits the way the Internet Protocol (IP) requires a packet, which is too large for the next router to handle, to be divided into fragments. The fragment packet identifies an offset to the beginning of the first packet that enables the entire packet to be reassembled by the receiving system. In the teardrop attack, the attacker’s IP puts a confusing offset value in the second or later fragments. If the receiving operating system does not have a plan for this situation, it can cause the system to crash.
Smurf
In this kind of attack, the executor sends an IP ping request as an acknowledgement to a receiving site. The ping packet specifies that it will be broadcast to a number of hosts on the same network. In that specific packet it is also declared that the request is from another network address, the target address that is to receive the DoS.
This method of address masking is called spoofing the return address, due to which lots of ping replies flood back to the innocent addresses on the network. Due to this flooding, the host will no longer be able to receive or identify the real request.
Similarly, computer systems are facing threats in which they generally remain normal. However, a hacker copies all the required information just by hacking into the system.
Breaking a password is not as simple as you might think. Special techniques and algorithm are used to break a password. Most common techniques are known as KeyLogger, Brute Force Attack and Dictionary Attacks.
Keystroke Logger is a program that runs in the background, records all the keystrokes. Once the keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. These programs are commonly named as Rootkits and RATs (Remote Administration Trojans).
Brute Force Attacks are so named due to their capability to try every possible code and combination for deciphering the password until success is achieved. The algorithm of a Brute Force Attack depends on the key field of password.
A Dictionary Attack will work more quickly than a Brute Force Attack because a combination of passwords are always stored in its database. However, Brute Force Attacks are more likely to succeed as compared to a dictionary attack.
The writer is an IT Professional hamadalee@hotmail.com
|
|
|
|
