Lock up the server room:
Even before you lock down the servers, and even before you turn them on for the first time you should always ensure the there are good locks on the server room door. The sever room is the heart of your physical network, and someone with physical access to the servers, switches, router,s, cables and other devices in that room can do enormous damage.
Use rack mount servers
Rack mount servers not only take up less server room real estate, they are also easier to secure. They are normally smaller and lighter than some tower systems they can easily be locked into closed racks that one loaded with several servers, then can be bolted to the floor, making the entire sever fixture impossible to move, much less to steal.
Disable the drives
If you don't want employees copying company information to a USB stick, you can disable or remove floppy drives, USB ports and other means of external drives. To do this, you can fill the ports with glue or other substances to permanently prevent their use, although there are software mechanisms that disallow it.
Tuesday, November 27, 2012
Friday, November 23, 2012
Security Threats
Malicious Damage
What is malicious damage?
Malicious damage is when damage is caused by discretely doing something bad to a network, computer or a server. The hacker would have been set out to do corrupt, damage or even delete electronic files data or software programs in a systems in the company. This can be done on the spot if someone has direct access to the companies server room or main control room, or remotely doing it from another place via a worm or a virus. The computer misuse act seeks to make this a criminal offense.
A skilled hacker is normally the cause of making malicious damage and why do they do it? Simple... To destroy the companies records, or even get their own hands on the companies records. They can easily cause malicious damage by creating a worm or a virus and then sending it to a server or by someone downloading a file with the virus in it.
The impact on the organisation depends on how long the virus is in the network for. The longer it takes to get the virus out, the more information is lost.
Internal Threats
There are many ways that internal threats can occur. The main ways that hackers do this is by plugging in a USB hard drive or a normal USB into a computer and then upload the virus to the database and network. The company can prevent this from happening by blocking the USB slots on the computer, you can do this physically or the company can download software to block it. The main physical ways of doing this is glueing the USB ports so that no USB devices can enter. The other way is downloading software and blocking the USB ports. If the company is running the Windows Operating System, it will be easier because Windows has a built in USB blocker in the operating system itself.
External Threats
Companies are always prone to external threats to their networks.
Phishing
There are many different types of phishing viruses, but the main one is email. Lots of companies work with email so phishing is quite a big one to try and stop before staff easily get confused or think that the email is a real email and not a scam. Every day many people will come across phishing emails which are scams, the email directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social secrity and bank account numbers. This is bad because if any staff puts in the companies bank account because they thought that it is something for work, then the company will be in big trouble. Luckily, there are many email clients have anti-phishing clients built in that will detect phishing emails and delete them straight away, or even block them before they enter your email.
Computer worm
is one of the most harmless threats where it is program designed only to spread. It does not alter your system to cause you to have a nightmare with your computer, but can spread from one computer to another computer within a network or even the internet. The computer security risk here is, it will use up your computer hard disk space due to the replication and took up most of your bandwidth due to the spread. For example, if you visited a website that is know to viruses such as scam websites. A worm can easily be downloaded on to your hard drive without you noticing. In a result of this and without any fast attempts of deleting the virus, the worm will spread and take up space on your hard drive. This means that the organisation's space will keep lowering until they find the worm and destroy it.
The difference between passive and active: Passive attacks have to do with eavesdropping on, monitoring, transmission. Electronic mail, file transfers, and client/server exchanges are examples of transmissions that can be monitored by a hacker. An active attack can include modification of transmitted data and attempts to gain unauthorised access to computer systems.
Denial of Service
Virus scanners have three basic ways to find viruses. The user can scan files to see if they have virus code in them from known viruses. The user can scan files to see if the code will do virus-like things. Or the user can wait until a program does something it should not do, and flag the program as infected.
Scareware
Adware
Is a form of threat where your computer will start popping out a lot of advertisements. It can be from non-adult materials to adult materials because any ads will make the host some money. It's not really harmful, but it is annoying.
Phishing
Cookies
Cookies is not really a Malware. It is just something used by most websites to store something into your computer. It is here because it has the ability to store things into your computer and track your activities within the site. If you really don't like the existence of cookies, you can choose to reject using cookies for some of the sites which you do not know.
Trojans
Trojans look like normal pieces of software but will actually do damage once installed on run on your computer. Those on the receiving end of a Trojan Horse are usually tricked into opening them because they appear to be receiving legitimate software or files from a legitimate source. The results of when the Trojans are opened can vary. Some Trojans are designed to annoy the user, for example changing your desktop, adding silly active desktop icons etc.. or they can cause serious damage by deleting files and destroying information on your system.
A SubSeven is a backdoor Trojan for Windows 95/98, now being referred to as a Remote Administration Tool (RAT) which allows a hacker to remotely use to control and retrieve information from a system.
Tunnels
A tunnel is just a special type of connection across a network. It is basically a connection that your browser makes to web servers, except tunnels are connections that are long term and are done in a way to make the tunnel resemble a direct wire connecting two computers.
Hacking
Most governments aren't to crazy about hackers so there are not many laws for hackers.
A hacker can also be classified as:
What is malicious damage?
Malicious damage is when damage is caused by discretely doing something bad to a network, computer or a server. The hacker would have been set out to do corrupt, damage or even delete electronic files data or software programs in a systems in the company. This can be done on the spot if someone has direct access to the companies server room or main control room, or remotely doing it from another place via a worm or a virus. The computer misuse act seeks to make this a criminal offense.
A skilled hacker is normally the cause of making malicious damage and why do they do it? Simple... To destroy the companies records, or even get their own hands on the companies records. They can easily cause malicious damage by creating a worm or a virus and then sending it to a server or by someone downloading a file with the virus in it.
The impact on the organisation depends on how long the virus is in the network for. The longer it takes to get the virus out, the more information is lost.
Internal Threats
There are many ways that internal threats can occur. The main ways that hackers do this is by plugging in a USB hard drive or a normal USB into a computer and then upload the virus to the database and network. The company can prevent this from happening by blocking the USB slots on the computer, you can do this physically or the company can download software to block it. The main physical ways of doing this is glueing the USB ports so that no USB devices can enter. The other way is downloading software and blocking the USB ports. If the company is running the Windows Operating System, it will be easier because Windows has a built in USB blocker in the operating system itself.
External Threats
Companies are always prone to external threats to their networks.
Phishing
There are many different types of phishing viruses, but the main one is email. Lots of companies work with email so phishing is quite a big one to try and stop before staff easily get confused or think that the email is a real email and not a scam. Every day many people will come across phishing emails which are scams, the email directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social secrity and bank account numbers. This is bad because if any staff puts in the companies bank account because they thought that it is something for work, then the company will be in big trouble. Luckily, there are many email clients have anti-phishing clients built in that will detect phishing emails and delete them straight away, or even block them before they enter your email.
Computer worm
The difference between passive and active: Passive attacks have to do with eavesdropping on, monitoring, transmission. Electronic mail, file transfers, and client/server exchanges are examples of transmissions that can be monitored by a hacker. An active attack can include modification of transmitted data and attempts to gain unauthorised access to computer systems.
Denial of Service
Denial of service (DoS) attack is specifically designed to interrupt normal system functions and affect legitimate users; acces to the system. DoS attacks can result in a long server downtime and a massive financial loss for many companies, but the controls to mitigate the risk are very technical.
Virus:
Viruses are probably the most popular security threat for computer systems. It is a malicious program where it replicates itself and aim to only destroy a computer. The ultimate goal of a viruses is to ensure that the computer will never be able to operate, or even not operate at all.
Virus scanners have three basic ways to find viruses. The user can scan files to see if they have virus code in them from known viruses. The user can scan files to see if the code will do virus-like things. Or the user can wait until a program does something it should not do, and flag the program as infected.
Spyware
Spyware is another form of malware which is designed to spy on computers. It will send back activity to the hacker so that he can get back account details (if you have entered them into your computer). Also, if you browse on sex toys for a week every day, the attacker will try to come out with a sex toy scam to cheat on your money.
Scareware
Scareware is something that plants into your system and immediately informs you that you have hundreds of infections which you don't have. The idea here is to trick you into purchasing a fake anti-malware where it claims to remove those threats.
Keylogger
Something that keeps a record of every keystroke that you have made on your keyboard. Keylogger is a very powerful threat to steal people's login credential such as username and password. It is also usually a sub-function of a powerful Trojan.
Adware
Is a form of threat where your computer will start popping out a lot of advertisements. It can be from non-adult materials to adult materials because any ads will make the host some money. It's not really harmful, but it is annoying.
Phishing
Phishing is a fake website which is designed to look almost the actual website. The idea of this attack is to trick the user to entering their username and password into the fake login form which servers the purpose of stealing the identity of the victim. Every form sent out from the phishing site will not go to the actual server, but the attacker controlled server. Then the users bank details and other identification all goes to the hacker.
There are many different techniques used to obtain information from phishing hackers. The user could get an email from a look a like trusted site, but in fact it is a hacker. If the user clicks on it, the hacker could have created a website that looks exactly identical to the companies website - which makes this whole scheme look legit. For example, if the user is prompted to enter his details for some reason and they enter them. Then the hacker could have his details.
There are many different techniques used to obtain information from phishing hackers. The user could get an email from a look a like trusted site, but in fact it is a hacker. If the user clicks on it, the hacker could have created a website that looks exactly identical to the companies website - which makes this whole scheme look legit. For example, if the user is prompted to enter his details for some reason and they enter them. Then the hacker could have his details.
CookiesCookies is not really a Malware. It is just something used by most websites to store something into your computer. It is here because it has the ability to store things into your computer and track your activities within the site. If you really don't like the existence of cookies, you can choose to reject using cookies for some of the sites which you do not know.
Trojans
Trojans look like normal pieces of software but will actually do damage once installed on run on your computer. Those on the receiving end of a Trojan Horse are usually tricked into opening them because they appear to be receiving legitimate software or files from a legitimate source. The results of when the Trojans are opened can vary. Some Trojans are designed to annoy the user, for example changing your desktop, adding silly active desktop icons etc.. or they can cause serious damage by deleting files and destroying information on your system.
A SubSeven is a backdoor Trojan for Windows 95/98, now being referred to as a Remote Administration Tool (RAT) which allows a hacker to remotely use to control and retrieve information from a system.
Piggybacking
Piggybacking is accessing another persons internet to gain network access rather than any malicious intent, but it can slow down data transfer for legitimate users of the network. If the companies network is vulnerable when the purpose is data theft, dissemination of viruses, or some other illicit activity. If a company has not locked their network, the company is then prone to piggybackers. If piggybackers start to piggyback the companies network, then the network may become slow for the companies staff at transferring things, surfing the web and more.
Tunnels
A tunnel is just a special type of connection across a network. It is basically a connection that your browser makes to web servers, except tunnels are connections that are long term and are done in a way to make the tunnel resemble a direct wire connecting two computers.
Probes
Probes are generally used for the purpose of learning the state of a network. For example, an empty message can be sent simply to see whether the destination actually exists. Ping is also classified as a probe because it is a common utility for sending messages across the network to see if they exist. This could be helpful to a company's network because it could help technicians trace dropouts in the network, and where the destinations end and if they exist or not.
Hacking
Most governments aren't to crazy about hackers so there are not many laws for hackers.
A hacker can also be classified as:
- A person who enjoys learning details of a programming language or system
- A person who enjoys actually doing the programming rather than just theorizing about it
- A person capable of appreciating someone else's hacking
- A person who picks up programming quickly
- A person who is an expert at a particular programming language or system, as in "UNIXhacker"
Another term for a hacker and is quite a popular term is a person who attempts to break into computer systems. Typically, this kind of hacker would be proficient programmer or an enginner with quite a bit of knowledge understating the weak spots in security system. This brings it on to hiring hackers for companies. Some companies actually hire hackers to find weak spots in their security systems and fix it for the company.
Hacking and the Law
There are several laws in the U.S. forbidding the practice of hacking. For example, 18 U.S.C 1029, concentrate on the creation, distribution and use of codes and devices that give hackers unauthorized access to computer systems. With this law, the language of the law only specifies using or creating such a device with the intent to defraud. So, an accused hacker could argue that he just used the devices to learn how security systems worked.
Another important law is 18 U.S.C. 1030, part of which forbids unautorised access to government computers. Even if a a hacker just wants to get into the system, he or she could be breaking the law and be punished.
Punishments can range from big fines to jail time. Minor offenses may earn a hacker a few months in probation, while other offenses could be so severe that the sentence could be 20 years in jail.
Other countries have similar laws, some are more vague that the American legislation. A recent German law forbids possession of "hacker tools." According to a few critics, they say that the law is a broad and over the top.
Hacking and the Law
There are several laws in the U.S. forbidding the practice of hacking. For example, 18 U.S.C 1029, concentrate on the creation, distribution and use of codes and devices that give hackers unauthorized access to computer systems. With this law, the language of the law only specifies using or creating such a device with the intent to defraud. So, an accused hacker could argue that he just used the devices to learn how security systems worked.
Another important law is 18 U.S.C. 1030, part of which forbids unautorised access to government computers. Even if a a hacker just wants to get into the system, he or she could be breaking the law and be punished.
Punishments can range from big fines to jail time. Minor offenses may earn a hacker a few months in probation, while other offenses could be so severe that the sentence could be 20 years in jail.
Other countries have similar laws, some are more vague that the American legislation. A recent German law forbids possession of "hacker tools." According to a few critics, they say that the law is a broad and over the top.
Subscribe to:
Comments (Atom)