tag:blogger.com,1999:blog-14701961312820009502024-03-08T15:16:37.141-08:00Network System SecurityBy Lee LappageLee Lappagehttp://www.blogger.com/profile/15449090930576081744noreply@blogger.comBlogger8125tag:blogger.com,1999:blog-1470196131282000950.post-77437503691510177152013-06-20T01:54:00.001-07:002013-06-20T01:54:53.571-07:00M3 - Report on the similarities and differences between securing wireless and wired networked systems.<br />
<div class="MsoNormal">
When using a wired network, it is extremely difficult for an
attacker to intercept your connection and steal bandwidth, whereas when using a
wireless connection others can see and potentially access your wireless
network, sometimes within seconds, enabling them to use your bandwidth and
steal any information that is shared over the network. Wireless signals can be
picked up from somebody in a neighbouring building or sitting in a car near
your house, which is why they can be so unsecure. To make the problem worse
some routers get delivered with encryption disabled, meaning anybody can
connect to the network without having to enter a password, most homeowners
don’t know that they need to enable anything leaving them very vulnerable.</div>
<div class="MsoNormal">
The good news is that it is not very hard to make your
wireless network secure, which will both prevent others from stealing your
internet and will also prevent hackers from taking control of your computer
through your own wireless network. Changing the SSID will make it harder for
hackers to find out what router you have, if you leave the SSID as
“BtHomeHub-4106” Then any attacker will be able to see you have a Bt HomeHub,
they can then try the default admin password and could gain access to your
routers admin settings. You can even turn SSID broadcasting off, meaning when a
user searches for a wireless network, yours will not appear. You can then
connect to your network manually by supplying the SSID name. The most popular
method of securing a wireless network is using encryption such as WEP, WPA, or
WPA2. WPA2 is the most commonly used type of encryption as it is the most
secure and most updated version. Using encryption will mean that anybody trying
to connect to your network will have to enter a passphrase, without the unique
passphrase they will be denied access to the internet, therefore making your
network more secure. This however can still be bypassed my skilled attackers,
to make encryption even more secure, it is important to change the default
passphrase so it is 100% unique, this is because attackers can sometimes crack
default passphrases and still gain access to your network. Ensure you change
the passphrase to something very secure; you can do this by making it long and
including characters, numbers and symbols. </div>
<div class="MsoNormal">
The most effective and secure method is by disabling DHCP,
meaning your router will not automatically assign IP addresses to anybody that
wants to connect to the network. Instead you can assign static IP addresses and
give the router a list of MAC addresses. This means that only the computers you
have listed are able to connect to the network, making it virtually impossible
for an attacker to gain access to your network, unless they physically break in
and use your own computer. Putting your router in the middle of you house,
rather than next to a window will also help make it secure, this will mean that
anybody outside of your house will have a poor connection if they do manage to
connect to your network.</div>
<div class="MsoNormal">
Wired networks are generally considered more secure, this is
because to gain access to the network you need to be physically connected via a
wire. They are not however completely safe, there are a number of things you
can do to ensure your network stays secure. The main obvious one being the
physical security, keeping server roomed locked and only allowing access to
authorised members of staff will greatly decrease the chance of a security
breach. </div>
<div class="MsoNormal">
Using a shielded cable is another good method of keeping
your wired network secure, if you use and unshielded cable somebody could place
a tapping device on the cable and pick up all data flowing through it,
therefore accessing your data. Having cables on show is another security risk,
it is best to keep them on the ceiling or somewhere out of reach or even
underground. IPSec (Internet Protocol Security) is a set of protocols developed
to support secure exchange of packets at the IP layer. When communicating over
the network having IPSec will ensure the packets of data are not tampered with.
Having a strong security policy and training staff properly so they are aware
of the risks should also prevent any security breaches. </div>
<div class="MsoNormal">
Using security tools and applications to monitor the network
will help secure both wired and wireless networks; applications that could
protect the networks include IDS, proxies and firewalls to restrict user usage
and other things.</div>
<div class="MsoNormal">
It is ideal to have physical security for both wired and
wireless networks; this is like the first line of defence for the network. If
someone gains access to the physical network they will be able to do a lot of
damage. Also having firewalls, IDS and anti-virus is recommended for both types
of network. Keeping the operating system and all applications up to date is
also very important, this might help the software run faster and detect any new
viruses or security threats.</div>
Lee Lappagehttp://www.blogger.com/profile/15449090930576081744noreply@blogger.comtag:blogger.com,1999:blog-1470196131282000950.post-31910898648988626362013-05-28T05:41:00.001-07:002013-05-28T05:41:58.520-07:00D2 - Compare the security benefits of different cryptography techniques.<br />
<span style="font-family: Arial, Helvetica, sans-serif;"><b><u>Symmetric Cryptography</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">A Symmetric Key Algorithm is an encryption system in which the sender and receiver of a message share a single, common key that is used to encrypt and decrypt the message. The key can be a number, a word or just a string of random characters. This key is applied to a message to change the content and make it unreadable. This key could be as simple as reversing every word so it is written backwards. It acts as a password so only the sender and receiver can decrypt and read the message. Symmetric Key Systems and very simple and fast, although the main disadvantage of using this method is that you have to share the key with the receiver somehow, meaning anyone could get hold of it and decrypt your messages.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /><b><u>Stream Cipher & Block Cipher</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">A stream cipher is a type of symmetric encryption, they are designed to be exceptionally fast, much faster than any block cipher. Block ciphers operate on large blocks of data, whereas stream ciphers encrypt each plaintext digit one at a time with the corresponding digit of the keystream, to give a digit of the ciphertext stream. The encryption of plain text when using a block cipher will always result in the same ciphertext when the same key is used, whereas with a stream cipher, the transformation will vary, depending on when they are encountered during the encryption process.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /><b><u>Asymmetric Cryptography</u></b> </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Asymmetric Encryption is a method that uses two keys:</span><br />
<ul>
<li><span style="font-family: Arial, Helvetica, sans-serif;">A Public Key - Visible to everyone</span></li>
</ul>
<ul>
<li><span style="font-family: Arial, Helvetica, sans-serif;">A Private Key - Secret, Only visible to the recipient of the message.</span></li>
</ul>
<span style="font-family: Arial, Helvetica, sans-serif;">When the CEO wants to send a secure message to one of his employees, the CEO will use the employees public key to encrypt the message. This message can then only be decrypted using the employees private key, which only the employee knows. The public and private keys are related in such a way that only the public key can be used to encrypt messages and only the corresponding private key can be used to decrypt them. This method is very secure and quite simple to use, a slight disadvantage of this method is that you need to know the recipient's public key to encrypt a message, this means the organisation will need a registry of all public keys, this is stored on a server.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /><b><u>DES Encryption</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">DES is short for Data Encryption Standard, this is a encryption method that was originally developed in 1975 and standardised in 1981. DES uses a block cipher method, this means it encrypts data in blocks rather than encrypting individual characters. The key size is 64 bits, although 8 bits of they key are used for parity (Error detection), which makes the effective DES key size 56-Bits.This method is now very outdated and 56-bit key length is considered very weak.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /><b><u>Triple DES</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;">Triple DES or 3DES involves repeating the DES algorithm in
an attempt to make the message more secure. Using this method you use two or
three different keys to make the text unreadable. 3DES can work in different
modes, the mode chosen dictates the number of keys. The different modes are:</span></span><br />
<ul>
<li><span style="font-family: Arial, Helvetica, sans-serif;">DES-EEE3 - This uses three different keys for encryption,
and the data is encrypted, encrypted, encrypted.</span></li>
</ul>
<ul>
<li><span style="font-family: Arial, Helvetica, sans-serif;">DES-EDE3 - This uses three different keys for encryption and
the data is encrypted, decrypted, encrypted.</span></li>
</ul>
<ul>
<li><span style="font-family: Arial, Helvetica, sans-serif;">DES-EEE2 - This uses two different keys and the first and
third encryption processes use the same key.</span></li>
</ul>
<ul>
<li><span style="font-family: Arial, Helvetica, sans-serif;">DES-EDE2 - This is the same as DES-EDE3 but only uses two
keys, the first and third encryption processes use the same key.</span></li>
</ul>
<span style="font-family: Arial, Helvetica, sans-serif;"><b><u>Hashing</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Hashing is when you generate a number from a string of text. The hash value is much smaller than the text itself, and is generated by a formula in such a way that it is extremely unlikely that some other text will produce the same hash value. For example if John wants to send a message to Nathan, John would calculate a hash value for the message and attach it to the message itself. When Nathan receives the message, he will perform the same hashing function and compare the result with Johns. If the two values are the same, Nathan knows the message was not altered during transmission. If the values are different, Nathan will know the message has been tampered with and he would delete the message. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /><u><b>Digital Certificate </b></u></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">A Digital signature is a hash value that has been encrypted with the sender’s private key. Forging a digital signature is impossible, this means by using a signature you are eliminating the possibility of an imposter signing the document. By having a digital signature you are proving the message is from you and therefore reassuring the recipient the document is valid and it does not contain false information. </span><br />
Lee Lappagehttp://www.blogger.com/profile/15449090930576081744noreply@blogger.comtag:blogger.com,1999:blog-1470196131282000950.post-64340853199380970022013-05-28T05:36:00.000-07:002013-05-28T05:36:35.109-07:00M2 - Suggest how users can be authenticated to gain access to a networked system<span style="font-weight: bold; vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;"><u>Different Types of Access Security</u></span></span><br />
<span style="vertical-align: baseline;"></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;"><b>Identification</b></span><span style="font-weight: normal; vertical-align: baseline;"> - This is when somebody says who
they are.</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-weight: normal; vertical-align: baseline;"><br /></span><b><span style="vertical-align: baseline;">Authentication</span><span style="vertical-align: baseline;"> </span></b><span style="font-weight: normal; vertical-align: baseline;">- This is when somebody proves they
are who they say they are, this is usually through some form of ID, i.e.
Passport or Driving License. </span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-weight: normal; vertical-align: baseline;"><br /> </span><span style="vertical-align: baseline;"><b>Authorisation</b></span><span style="font-weight: normal; vertical-align: baseline;"> - This is when somebody gives you
permission to do something.</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-weight: normal; vertical-align: baseline;"><br /></span></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;"><b><u>Two Factor Standard Of Authentication</u></b></span></span><br />
<span style="font-weight: normal; vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;">Two factor standard of authentication is when two different
types of proof is necessary. For example when withdrawing money from an ATM you
would need a valid debit card and the corresponding PIN number. Two factor
standard of authentication is better and far more secure than one factor
standard authentication because it requires the attacker to gain two different
types of authentication which is much harder than finding out just one. </span></span><br />
<br />
<span style="font-family: Arial, Helvetica, sans-serif;"><b><u>Username/Password</u></b></span><br />
<span style="font-weight: normal; vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;">This method requires the user to provide a valid username
and corresponding password, if either of these is incorrect they will be denied
access. This is a good method of authentication because it requires two pieces
of confidential information, which can both be updated and changed regularly to
keep the account secure. An advantage of using this method of authentication is
that there is nothing physical that an attacker can steal, such as an ID card
or key. However, a disadvantage of this method is if an attacker got hold of
your password (either through a keylogger or by looking over your shoulder, for
example.) it would be very easy to gain access to your account.</span></span><br />
<span style="vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;"><b><u><br /></u></b></span></span>
<span style="vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;"><b><u>Biometrics Authentication</u></b></span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif; vertical-align: baseline;">Biometrics is a very unique method of authentication, this
is because it can either make decisions based on the users behaviour or their
physical attributes. I.e fingerprints, Retina Scan, Palm scan. </span><span style="font-family: Arial, Helvetica, sans-serif; vertical-align: baseline;">These are
all things an attacker can not physically steal or easily forge, which is what
makes this method so secure. </span><span style="font-family: Arial, Helvetica, sans-serif; vertical-align: baseline;">The disadvantages of this method are that it is very
expensive to set up and maintain and it can also be more time consuming than
simply entering a password.</span><br />
<span style="vertical-align: baseline;"></span><br />
<div style="font-weight: normal;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;"><br /></span></span></div>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;"><b><u>Digital Certificate</u></b></span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">A digital certificate is an attachment put on an electronic
message as a method of authenticating the person sending the message. The
certificate must be obtained through a recognized certificate authority. It
basically means when someone is sending personal information it is encrypted,
this is important for information such as credit card numbers etc when making
online purchases. The information is then decrypted once it has been sent via
the digital certificate. The main advantage of this being when a user is
entering confidential information they know they can trust the website. One of
the disadvantages is that it can be expensive to maintain.</span><br />
<br />
<span style="vertical-align: baseline;">
</span><br />
<br />
<br />
Lee Lappagehttp://www.blogger.com/profile/15449090930576081744noreply@blogger.comtag:blogger.com,1999:blog-1470196131282000950.post-6445332953146331092013-05-28T05:26:00.000-07:002013-05-28T05:34:23.601-07:00P3 - Explain what an organisation can do to minimise security breaches in networked systems<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;"><b><u>Policies and Procedures</u></b></span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;"><b><u><br /></u></b></span></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-weight: bold; vertical-align: baseline;"><u>Security Policies</u></span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;">A security policy is a document containing the rules and
regulations regarding computer network access within an organisation. The
purpose of the security policy is so that all the users within the organisation
have a set of rules to follow and also so the organisation can protect their
devices. The security policy will be constantly changing and being improved
because over time they will discover more and more things they have missed out.
It is important to have a security policy in place so that all of their data is
secure and can only be accessed by authorised people.</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;"><br /></span></span><span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-weight: bold; vertical-align: baseline;"><u>Education and training</u></span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;">All organisations should have policies in place regarding
education and training, this is to ensure all colleagues are able to use the
latest software and are aware of the latest and best techniques to use when
working on the organization's network. If a colleague regularly uses a piece of
software, and a 2013 version is released with new helpful features, training
all of your colleagues to use the latest version will cost you money, but in
return it will theoretically enable them to produce work faster and easier than
before. </span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;"><br /></span></span><span style="font-weight: bold; vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;"><u>Backup</u></span></span><br />
<span style="vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;">All organisations should have very clear policies regarding
backup. In most IT organisations a backup is taken at the end of each day to
ensure all work completed that day can not be lost. Usually at the end of each
month all backups are checked to ensure they are being taken correctly. Backups
are essential in any organisation to ensure no important files are ever lost.</span></span><br />
<span style="vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span><span style="font-weight: bold; vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;"><u>Monitoring</u></span></span><br />
<span style="vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;">Organisations should have policies in place regarding
computer monitoring for all employees. Monitoring refers to watching an
employees screen to ensure they are not doing anything they are not meant to be
doing, and that they are getting on with their work as they should be. Random
monitoring should take place at various times to ensure that the network stays
secure and no employees are trying to do anything they shouldn't be.</span></span><br />
<span style="vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span><span style="font-weight: bold; vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;"><u>Access permissions</u></span></span><br />
<span style="vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;">Access permissions are a list of rules stating what things a
user is able to do on their computer, for example some people may have access
to more data than others. Every employee working for the organisation will have
a set of access permissions unique to them, although usually it is done in
groups, for example managers will have access to more than a regular employee
would have access to.</span></span><br />
<u><b>
<span style="vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span>
<span style="vertical-align: baseline;"><span style="vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;">Clarification of User Responsibility</span></span></span></b></u><br />
<span style="vertical-align: baseline;"><span style="font-weight: bold; vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif; font-size: large;"><br /></span></span></span>
<span style="vertical-align: baseline;"><span style="vertical-align: baseline;"></span></span><br />
<div style="font-weight: bold;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;"><u>Password Policy</u></span></span></div>
<div style="font-weight: bold;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-weight: normal; vertical-align: baseline;">A password policy will dictate what an employee is allowed
to have as their password, for example how many letters it should contain and
whether or not it should contain numbers and characters. The policy will also
state that the password has to be changed every so often, usually around every
6 weeks. This is to ensure the network stays secure at all times. Password
policies are designed to keep all employees accounts safe and make it harder
for an attacker to gain access to the network.</span></span></div>
<div style="font-weight: bold;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-weight: normal; vertical-align: baseline;"><br /></span><span style="vertical-align: baseline;"><u>Data Protection Policy</u></span></span></div>
<div style="font-weight: bold;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="color: #0b0c0c; font-weight: normal; vertical-align: baseline;">A data protection policy will control how personal information is used by
the organisation, they will have to follow strict rules called ‘data protection
principles’ to ensure personal data is used and lawfully and they abide by the
data protection act.</span></span></div>
<div style="font-weight: bold;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="color: #0b0c0c; font-weight: normal; vertical-align: baseline;"><br /></span><span style="vertical-align: baseline;"><u>Software Installation</u></span></span></div>
<div style="font-weight: bold;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-weight: normal; vertical-align: baseline;">Employees cannot install any software they like on the
organization's computers, this is because software could contain harmful files
such as viruses that could access the network and the corrupt sensitive data.
When an employee needs to use a piece of software they will have to apply to
get it installed on their PC.</span></span></div>
<div style="font-weight: bold;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-weight: normal; vertical-align: baseline;"><br /></span><span style="vertical-align: baseline;"><u>Internet use policy</u></span></span></div>
<div style="font-weight: bold;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-weight: normal; vertical-align: baseline;">an internet use policy will list the do's and don'ts when
using the internet at work, for example employees are not allowed to access the
internet for personal use i.e social networking. They must only access the
internet if it is work related.</span></span></div>
<div style="font-weight: bold;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-size: large; font-weight: normal; vertical-align: baseline;"><br /></span><span style="vertical-align: baseline;"><u>Continuous Professional Development (CPD)</u></span></span></div>
<div style="font-weight: bold;">
<span style="font-weight: normal; vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;">It is important to ensure that every member of staff working
for your organisation has up to date knowledge regarding security threats.
Organising training sessions is important to ensure your network stays secure.
Your organisation should have a policy regarding CPD for IT professionals.</span></span></div>
<div style="font-weight: bold;">
<span style="font-weight: normal; vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;"><u><br /></u></span></span></div>
<span style="vertical-align: baseline;"><span style="font-family: Arial, Helvetica, sans-serif;"><b><u>Physical Security</u></b></span></span><br />
<div style="font-weight: bold;">
<span style="font-weight: normal; vertical-align: baseline;"></span></div>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;">Organisations need to physically secure their computer
systems, there is no point spending time and money preventing hackers from
gaining access to your network when somebody could easily walk into the office
and sit down at one of your physical computers connected to the network. There
are a few methods you could use to physically secure your network:</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;"><br /></span>•<span style="font-weight: bold; vertical-align: baseline;">Lock and Key </span><span style="vertical-align: baseline;">- Using a lock and key is a good
method because only the keyholders will be able to gain access, the
disadvantage of this method however, is that the key could be stolen and used
by anybody.</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;"><br /></span>•<span style="font-weight: bold; vertical-align: baseline;">CCTV/Security Guards</span><span style="vertical-align: baseline;"> - Using cameras and security guards
would be a very good method to use as it is very secure and will be harder for
an attacker to bypass. The disadvantage of this method is that it is by far the
most expensive as you will have to pay the guards a salary.</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;"><br /></span>•<span style="font-weight: bold; vertical-align: baseline;">Logging of entry</span><span style="vertical-align: baseline;"> - This is a secure method that will
only allow card holders onto the organization's premises, however it shares the
same disadvantage of the lock and key method where anybody can steal a card and
use it to gain access.</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;"><br /> </span>•<span style="font-weight: bold; vertical-align: baseline;">Biometrics Authentication </span><span style="vertical-align: baseline;">- This method allows access based on
physical attributes. I.e fingerprints, Retina Scan, Palm scan. These are all
things an attacker can not physically steal or easily forge, which is what
makes this method so secure. The disadvantages of this method are that it is
very expensive to set up and maintain and it can also be more time consuming
than simply entering a password.</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-size: large; vertical-align: baseline;"><br /></span><span style="font-weight: bold; vertical-align: baseline;"><u>Risk Assessment and Penetration Testing</u></span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="vertical-align: baseline;">Risk assessment takes place to assess what risks there are
in the workplace, for example broken chairs, loose cables and other health and
safety issues.</span><span style="vertical-align: baseline;">Penetration testing is when the company hires an ethical
hacker to try and gain access to their network, if the hacker is able to break
their system they will then be able to fix it and improve their security.</span></span><br />
<br />Lee Lappagehttp://www.blogger.com/profile/15449090930576081744noreply@blogger.comtag:blogger.com,1999:blog-1470196131282000950.post-28698425752764131192013-03-27T04:48:00.000-07:002013-03-28T13:31:30.009-07:00D1 - Discuss Recent Network Threats<b style="line-height: 18px;"><u><span style="background-color: white; font-family: Arial, Helvetica, sans-serif;">Cross-Site Scripting (XSS)</span></u></b><br />
<span style="line-height: 18px;"><span style="background-color: white; font-family: Arial, Helvetica, sans-serif;">Cross-Site Scripting is a computer security vulnerability that is mostly found in web applications. XSS allows attackers to inject client-side scripts into web pages that are then viewed by others. The people that view this web page can then be infected without even knowing as the page appears to be normal. Depending on what scripts the attacker uses the effects can range from something very minor to a major security risk. XSS can be used to gain control and bypass the authorisation process.</span></span><br />
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 18px;"><br /></span>
</span></span><br />
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 18px;"><b><u>SQL Injection</u></b></span></span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 18px;">SQL Injection is a </span><span style="line-height: 17.98611068725586px;">technique</span><span style="line-height: 18px;"> used to attack data driven applications and is implemented by adding parts of SQL statements in to entry fields within a website.This is done </span></span><span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 18px;">in an attempt to get the website to accept a newly formed rouge SQL command to the database. SQL injection is a code injection </span><span style="line-height: 17.98611068725586px;">technique</span><span style="line-height: 18px;"> that exploits a security vulnerability in an applications software. The vulnerability occurs when the user input field is incorrectly filtered. SQL commands can change database content or allow the hacker to access database information such as credit card details or passwords. To prevent this type of attack all entry fields must be correctly filtered to disallow any scripts running.</span></span><br />
<br />
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 17.98611068725586px;"><b><u style="background-color: white;">Google Hacking</u></b></span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="background-color: white; line-height: 17.98611068725586px;">The Google Hacking Database (GHDB) is a database of queries that can identify sensitive data. Google does try and prevent hackers from gaining access to this information but it is still possible to do so. Using this information hackers can essentially see a list of websites that may be vulnerable to attack. The database contains information such as log in portal pages, passwords and sensitive directories.</span></span><br />
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"><br /></span>
<b><u><span style="background-color: white; font-family: Arial, Helvetica, sans-serif;">Recent Security Breaches</span></u></b><br />
<b><u><span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"><br /></span></u></b>
<b><u><span style="background-color: white; font-family: Arial, Helvetica, sans-serif;">Twitter</span></u></b><br />
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;">On The 1st of February 2013, Twitter announced it had been subjected to unauthorised access attempts over the course of a week. Attackers were trying to gain user account</span><br />
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;">information such as usernames, email addresses, session tokens, and encrypted versions of passwords. Twitter said approximately 250,000 users accounts were breached including those of corporate employees and reporters. Twitter said the attack was not the work of amateurs, and the methods used were extremely sophisticated. </span><br />
<br />
<br />
<b><u style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;">Yahoo</span></u></b><br />
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;">In July 2012, Yahoo announced that over 450,000 email addresses and passwords had been stolen from the companies database and posted publicly online. It was later discovered that Yahoo stored these usernames and passwords without any <a href="http://networksystemsecurity.blogspot.co.uk/2013/03/p2-describe-how-networked-systems-can.html" target="_blank">encryption</a> at all, making them very easy for a hacker to get hold of. As well has having their email account compromised, Some Yahoo customers later realised there were even more problems as many of the hacked usernames and passwords were identical to those used in other website accounts, such as PayPal or online banking accounts.</span>Lee Lappagehttp://www.blogger.com/profile/15449090930576081744noreply@blogger.comtag:blogger.com,1999:blog-1470196131282000950.post-60309762442780599892013-03-19T08:46:00.001-07:002013-03-26T18:49:43.046-07:00M1 - Explain The Operation Of Different Intruder Detection Systems<b><u><span style="font-family: Arial, Helvetica, sans-serif;">Firewalls</span></u></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;">
Firewalls are designed to prevent unauthorised access to a computer or network. You can implement a firewall in both hardware and software, or a combination of both. A firewall will monitor data packets coming in and out of the network it is protecting and will enforce the company's network security policy. It filters out the packets that look suspicious and do not meet the specified security criteria. Most organisations use firewalls to protect their network from the Internet.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">There are a few different types of firewall, these are:</span><br />
<ul>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Packet Filtering Firewall</span></li>
</ul>
<ul>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Stateful Inspection Packet Filtering Firewall</span></li>
</ul>
<ul>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Proxy Firewall</span></li>
</ul>
<span style="font-family: Arial, Helvetica, sans-serif;"><b><u>Packet Firewalls</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Packet filtering was the first type of firewall to be created, a packet filtering firewall will control what data can flow into and out of a network. It will accept or reject packets of data based on a set of user-defined rules, these rules are called ACLs. ACLs are lines of text that the firewall will apply to each packet of data it receives, these lines of text provide specific information defining what packets can be accepted, and what packets must be denied. The main advantage of using a packet filtering firewall is that they are very flexible, you can easily customise the firewall and allow it to work with many different protocols and applications. Another advantage is that they are not application-dependant and they are capable of working at high speeds because they do not carry out extensive processing on the data packets. However, there are a few disadvantages of packet filtering firewalls. Due to the small number of variables used in access control decisions, they are susceptible to security breaches caused by improper configurations and they also cannot prevent attacks that employ application-specific vulnerabilities.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<b style="font-family: Arial, Helvetica, sans-serif;"><u>Stateful Firewalls</u></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Stateful inspection packet filtering tracks each connection travelling across the network. The firewall is programmed to remove packets that come from an unknown connection, only the packets that come from a known, trusted connection will be allowed through the firewall. Stateful inspection firewalls will maintain a state table that will keep track of all the communication channels, filtering decisions are based not only on user-defined rules (as in packet filtering) but also on context that has been established by prior packets that have passed through the firewall.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><u><b>Proxy Firewalls</b></u></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Proxy firewalls are very secure, this does however come at the expense of speed and functionality. Proxy firewalls are secure because unlike other types of firewall, data packets don't pass through a proxy; instead, the proxy acts as a mirror and makes a new network connection based on the request. This prevents direct connections meaning it is harder for attackers to discover the location of the network. When the proxy firewall receives the request it first looks it over for suspicious information before allowing that data to reach the protected network. The advantages of using proxy firewalls are that it is the most secure type there is, they look at information within the packets up to the application layer and they also break the connection between trusted and untrusted systems. There are however a few disadvantages, proxy firewalls can only support a limited number of applications, they generally degrade traffic performance and slow the network down and the breaking of untrusted connections can be bad for functionality.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><b><u>HoneyPots</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">This is a system where a server would be set up in the screened subnet or demilitarised zone in an attempt to lure attackers to it. This server would be set up separately from the actual server and will hold dummy information, this will trick the attacker into thinking they have found the organisations actual server. To make this server attractive to attackers the organisation would leave some ports open that are popular to attack. To help make the HoneyPot more realistic the server would contain some security software, this software will be easy enough to get through but will still reassure the attacker they have found the correct server.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">While the attacker is trying to gain access to the dummy server the organisation can monitor what the attacker does so that they can prevent future attacks to the real server and improve overall security. Some administrators may even use detailed logs to gain the identity of the attacker and either attack back or notify the police.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="line-height: 115%;"><b><u><span style="font-family: Arial, Helvetica, sans-serif;">Intrusion
Detection System (IDS)</span></u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 17.77777862548828px;">Intrusion detection systems are used to detect unauthorised entries and alert an administrator to respond. An IDS inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to compromise a system.</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 17.98611068725586px;"><b style="text-decoration: underline;">Network Based </b><u><b>IDS</b><b> </b><b>(</b></u><b style="text-decoration: underline;">NIDS)</b> <b>&</b> <b style="text-decoration: underline;">Host Based IDS (HIDS)</b></span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 17.98611068725586px;">Network based systems work by separately analysing the packets that flow through the network, this helps to find malicious data packets that could otherwise get into your system due to them being overlooked by the firewall. Whereas in host based systems the IDS will watch over the activity's on each individual system or host.</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 17.98611068725586px;"><br /></span></span>
<strong style="background-color: white; line-height: 18px;"><u><span style="font-family: Arial, Helvetica, sans-serif;">Passive & Reactive IDS</span></u></strong><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 17.98611068725586px;">Passive intrusion detection systems will look out for potential security threats and log all of this information, it will then signal alerts to the network administrator so that they can respond accordingly Reactive IDS will respond to the suspicious occurrences by logging the user being attacked off or by actively reprogramming the firewall to block all traffic from this source which will stop further contact with the untrusted source.</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 17.77777862548828px;"><br /></span></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 17.77777862548828px;"><b><u>Knowledge Based IDS</u></b></span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 17.77777862548828px;">The majority of intrusion detection systems that are widely used are knowledge based. A knowledge based IDS applies accumulated knowledge about specific attacks and system vulnerabilities. Since the IDS knows about the vulnerabilities it will look out for attempts to expose them, if an attempt is made an alarm will be triggered and the network administrator will be notified. An advantage of this type of IDS is that it has a low false alarm rate, meaning if the administrator is notified they know they need to respond straight away. There are however a few disadvantages, one being that it is difficult to gather information about known attacks and the system will need to be constantly kept up to date, this will take a large amount of time.</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 17.77777862548828px;"><br /></span></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 17.77777862548828px;"><b><u>Behaviour Based IDS</u></b></span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 17.77777862548828px;">This type of IDS will assume that an intrusion can be detected by monitoring unexpected activity and behaviour on the system. The system will compare current activity to previous behaviour, if an abnormality is discovered an alarm will be raised. The advantages of this type of IDS are that they detect attempts to exploit vulnerabilities, they are able to contribute to the discovery of new attacks and they also help detect 'abuse of privileges' attacks. The main disadvantage to this type of IDS is that there is a high false alarm rate.</span></span>Lee Lappagehttp://www.blogger.com/profile/15449090930576081744noreply@blogger.comtag:blogger.com,1999:blog-1470196131282000950.post-11054527064026312902013-03-05T03:32:00.002-08:002013-03-26T17:45:07.687-07:00P2 - Describe How Networked Systems Can Be Protected<div class="MsoNormal" style="margin: 0cm 0cm 10pt;">
<div class="MsoNormal" style="margin: 0cm 0cm 10pt;">
<div class="MsoNormal" style="margin: 0cm 0cm 10pt;">
<span style="font-family: Arial, Helvetica, sans-serif;">Emails are a very good method of communication; they do however have the potential to be harmful to a network. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span><span style="font-family: Arial, Helvetica, sans-serif;"><b><u>Spam Guard</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Spam is one of the most common email security risks. Spam involves identical emails being sent to hundreds of thousands of people in the hope that a small percentage of the recipients will open them and be interested in them. The majority of spam emails are sent to advertise a product or service; however some of these emails may contain viruses or links to phishing websites. Roughly 130 billion spam emails are sent every day, this is why it is vital that you protect your organisation against it. In addition to wasting people’s time with unwanted email, spam also uses up a lot of network bandwidth slowing the whole network down. Spammers collect email addresses from chat rooms, websites, customer lists, newsgroups, and viruses which harvest users' address books, and are sold to other spammers. Sending the emails costs the spammer nothing, so even if only one person looks at the email and buys their product they are making money. Spam guards are usually already installed on the server, for example if you use an email application such as 'Gmail' or 'Hotmail' they will already have a spam guard installed. The user configures the spam guard by marking emails as spam, every time a user does this the spam guard will update itself so the next time they receive a similar email it will automatically go into the spam folder.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span><span style="font-family: Arial, Helvetica, sans-serif;"><b><u>Hoaxing</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Hoaxing is another possible risk regarding email. Hoaxing is the act of sending fake emails to a number of recipients in an attempt to phish them. For example an attacker would send an email to somebody claiming to be their bank, asking for their personal account details. The attacker would make the email appear to be from the recipient’s bank by changing the email address; this is usually done either on a website or using specialist software. The user will look at the email address and trust the information within the email. Usually the Spam Guard will remove most hoax emails, but some emails may still get through. This is why it is a good idea to configure your organisations email server to use a MIME protocol; this is a secure email protocol that checks the identity of the sender, therefore removing any hoax threats.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span><span style="font-family: Arial, Helvetica, sans-serif;"><b><u>Secure MIME</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">As mentioned above, secure multi-purpose Internet mail extension is a widely used method of securing emails. This protocol will encrypt all incoming and outgoing emails which is vitally important for any organisation that may be exchanging sensitive information. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span><span style="font-family: Arial, Helvetica, sans-serif;"><b><u>WEP & WPA</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">WEP is short for wired equipment privacy; it is a method of encrypting data over IEEE 802.11 wireless networks. WEP is designed to provide the same level of security as wired LAN networks. Wireless networks are broadcast using radio waves meaning they are more vulnerable to tampering. WEP is a very weak method of encryption so data can be intercepted quite easily. </span><span style="font-family: Arial, Helvetica, sans-serif;">WPA stands for Wi-Fi protected access, it is another method used to secure wireless networks. WPA was designed to work with existing Wi-Fi products already configured with WEP and improve upon WEPs security features. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span><span style="font-family: Arial, Helvetica, sans-serif;"><b><u>MAC Association</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">MAC association is another method of securing a network; you set up MAC association by providing the DHCP server with a list of all of the computers MAC addresses you want to be able to access the network. This means only the computers with one of the given MAC addresses will be able to access the network. You cannot change your computers MAC address meaning it would be very difficult for an attacker to access your network.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span><span style="font-family: Arial, Helvetica, sans-serif;"><b><u>Wireless Access Point ID</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Securing your wireless access point is vital; if you don't secure it somebody may be able to access any incoming and outgoing data. One simple way that you can make it more secure is by changing the SSID (Router Name). This is because if you leave your SSID as "BTHomeHub352" the attacker will know you have a BT homehub; they can then try a list of common default passwords and may be able gain access to your network. Another very good method of securing your access point is hiding it; this means when somebody searches for Wi-Fi, your router will not appear on that list making it very secure.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span><span style="font-family: Arial, Helvetica, sans-serif;"><b><u>Shielded Cable</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Using shielded cable can provide more security, this is because when using an unshielded cable, an attacker would be able to place a tapping device on the cable and gain access to any data flowing through that cable. A shielded cable will provide an extra layer of protection meaning the attacker would not be able to listen in.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span><span style="font-family: Arial, Helvetica, sans-serif;"><b><u>Personal Access Control</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">There are many methods of access control, these are:</span><br />
<ul type="disc">
<li class="MsoNormal"><span style="font-family: Arial, Helvetica, sans-serif;">Something you know - Such as passwords, PIN numbers
etc. This is the most common type of access control although it certainly
isn’t the most secure. Anybody can potentially guess a password using
specialist software.</span></li>
</ul>
<ul type="disc">
<li class="MsoNormal"><span style="font-family: Arial, Helvetica, sans-serif;">Something you have - Such as an ID card. This is a
secure method as you will need the card to gain access; although the card
can also be lost meaning anybody could gain access.</span></li>
</ul>
<ul type="disc">
<li class="MsoNormal"><span style="font-family: Arial, Helvetica, sans-serif;">Something you are - Such as fingerprints. For example
if you had to provide a fingerprint to gain access to the server room it
would be extremely secure because only authorised people would be able to.</span></li>
</ul>
<span style="font-family: Arial, Helvetica, sans-serif;"><b><u>Encryption</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Encryption is the most effective way to secure data. Encryption is basically converting the data into an unreadable format; you will then need a secret key or password in order to decrypt it. When sending data, it will be encrypted before it is sent and then decrypted when it is received by the other user. </span><br />
<u1:p></u1:p>
<u1:p></u1:p>
<u1:p></u1:p>
</div>
</div>
</div>
Lee Lappagehttp://www.blogger.com/profile/15449090930576081744noreply@blogger.comtag:blogger.com,1999:blog-1470196131282000950.post-14905169770815126182013-02-05T03:57:00.002-08:002013-03-26T17:45:23.065-07:00P1 - Describe How Networks Can Be Attacked<strong><u><span style="font-family: Arial, Helvetica, sans-serif;">Trojans & Backdoors</span></u></strong><br />
<span style="font-family: Arial, Helvetica, sans-serif;">A Trojan is a destructive program that is hidden inside an application, at first glance it will appear to be useful software but will actually damage your computer once installed or run. For example the hacker would upload a file to the Internet called "Photoshop Cs5 For Free", within that application he would attach a Trojan Horse, anybody that downloads this file and runs it will be infected meaning the hacker could have access to thousands of computers. The Trojan can then create a backdoor by opening some of the computer ports without the user realising, these ports will then be used by he hacker to gain access to the users computer. Trojans do not reproduce by infecting other files and unlike viruses they do not self-replicate.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<b><u><span style="font-family: Arial, Helvetica, sans-serif;">Viruses</span></u></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Viruses are the most common type of threat to system security, they are man-made and can spread from computer to computer and across networks without the users even noticing. Almost all viruses are attached to an application, which means the virus can only effect your computer once you run or open the malicious program. viruses cannot spread without human action to keep them going, this means people will unknowingly continue to spread the virus by sharing infected files and forwarding emails with the viruses attached.Viruses can also replicate themselves, meaning a virus can copy itself over and over until it has used all available memory, this will bring the computer to a halt. This type of virus is very easy to produce which is part of the reason they are so dangerous. Viruses vary in severity, meaning some viruses can just contain annoying side effects such as continuously opening and closing the disk tray on your computer, and some can seriously damage you hardware, software and bring down your entire computer.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<strong><u><span style="font-family: Arial, Helvetica, sans-serif;">Worms</span></u></strong><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Worms are very similar to viruses and are sometimes considered a type of virus. Worms can spread from computer to computer, just like a virus, however, worms have the capability to travel and spread without any human action. Worms are extremely dangerous because they can also self-replicate, meaning if a single worm gains access to your computer it could send out thousands of copies of itself. For example a worm could send a copy of itself to everyone in your E-mail address book. Then, the worm will replicate itself once again and send itself out to everyone listed in each of the receivers address books, this continues to happen over and over and can cause a huge devastating effect. When the worm is on your computer it could consume so much system memory that it will cause the computer to stop responding, they can also take down web servers by consuming too much network bandwidth.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<strong><u><span style="font-family: Arial, Helvetica, sans-serif;">Off The Shelf Software</span></u></strong><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Buying off the shelf software from a third party can be risky because you have no idea what the code is like, if the software is from a small company the code may not be 100% correct and could have programming flaws. These flaws could allow hackers to gain access to your computer. It is also possible that the software you download is not 100% genuine meaning it could contain malicious software, again allowing the hacker to gain access to your computer or network. Many off-the-shelf programs also come with extra features the common user isn't aware of, these features can be used to exploit the system. Macros in Microsoft word, for example, can allow a hacker to execute programs from within the application.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<b><u><span style="font-family: Arial, Helvetica, sans-serif;">OS Configuration</span></u></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Many system administrators install operating systems on all the PC's within their network using the default settings, resulting in many potential vulnerabilities remaining unpatched. These systems can also be misconfigured or left at the lowest common security setting to increase ease of use for the user; this may result in vulnerability.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<b><u><span style="font-family: Arial, Helvetica, sans-serif;">Coding Error In Customised Software</span></u></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Customised applications usually aren't tested thoroughly for security vulnerabilities when developers are writing the code, this can leave many programming flaws that a hacker could exploit allowing them to gain access to your computer system or network. It is not uncommon for a team of people to work on the code for an application, meaning when all of their code is put together it makes it even easier to overlook errors.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<b><u><span style="font-family: Arial, Helvetica, sans-serif;">Spyware</span></u></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Spyware is a type of malicious software used to monitor user activity and gather information to send back to the hacker. It is possible for spyware to gather information such as email addresses passwords and even credit card numbers. Spyware is usually spread through email attachments or hidden within software, just like Trojan horses. Hackers can also monitor keystrokes, scan files on the hard drive and look through other applications and files using spyware.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><b><u><br /></u></b><b><u>Keylogger</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">A Keylogger is a type of surveillance software used to record every keystroke you enter. These keystrokes will automatically be written into a log file and can be sent to a specified receiver. keyloggers are often used by employers to ensure employees are not doing anything they shouldn't on their work computers, however keyloggers can easily be embedded into spyware allowing hackers to see everything you type, including usernames and passwords. This will then enable them to gain access to your account.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<b><u><span style="font-family: Arial, Helvetica, sans-serif;">Rootkits</span></u></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Rootkits are another type of malicious software, they are activated before your system's operating system has completely booted up making them difficult to detect. Rootkits can get onto your computer hidden within software you download or attached to emails you open. A Rootkit will allow somebody to administratively control your computer, meaning they can install files, monitor user activity, create hidden user accounts, access logs and even change the computers configuration; all without you even noticing, this is what makes them so dangerous. Rootkits are also able to intercept data from terminals, network connections and even the keyboard.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<b><u><span style="font-family: Arial, Helvetica, sans-serif;">Denial Of Service (DoS)</span></u></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Denial of service is a malicious attack designed to bring down a website or network by flooding it with too much traffic. Hackers use DoS attacks to prevent users from accessing the website or network they are attacking, while these attacks do not usually result in any financial gain for the hacker, they will cost the organisation time and money while their network is down, the hackers usually perform these attacks to show off or just to see if they could do it.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<u><b><span style="font-family: Arial, Helvetica, sans-serif;">Distributed Denial Of Service (DDoS)</span></b></u><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Distributed denial of service is a malicious attack very similar to DoS, again designed to bring down a website or network by flooding it with traffic. However, it is done in a slightly different and more effective way. The hacker will usually upload a file to the Internet or send out mass emails to try and infect as many people as possible with Trojans, these Trojans will usually have no effect on the computer so that the end user is completely unaware their computer is infected. The hacker will then essentially be in control of all the computers he has infected, this could be hundreds of thousands. He can then use all of these computers to target a single website or network to perform a Denial of service attack, this effectively makes it impossible to stop the attack by simply blocking a single IP. It is also very difficult to tell legitimate user traffic from the attackers as the infected computers are spread all over the world.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<b><u><span style="font-family: Arial, Helvetica, sans-serif;">Dictionary Attack</span></u></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;">A dictionary attack is a method hackers use to try and gain access to an account by trying every word in the dictionary as the users password. This is done using software that will repeatedly try to guess the password from a pre-arranged list of words.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<b><u><span style="font-family: Arial, Helvetica, sans-serif;">Brute Force Attack</span></u></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;">A Brute force attack is similar to a dictionary attack in that the hacker will try to gain access to an account by using software to repeatedly guess their password. Instead of just trying every word in the dictionary, a brute force attack will try literally every combination possible, out of all of the characters, letters and numbers there are on your keyboard. This type of attack is usually more successful than the dictionary method, but does however take longer to do.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><b><u><br /></u></b><b><u>Phishing</u></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Phishing is the act of sending out mass emails, usually claiming to be the users bank or a trusted company such as Facebook or Paypal, in an attempt to scam the user into entering their personal details. The email will direct the user to a website where they will be asked to update personal information such as credit card details, usernames, passwords etc. The website will look identical to the organisations website, however it will be fake and will send the details straight to the hacker. These types of attacks are usually done so that the hacker can get some sort of financial gain.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">For example the hacker would send an email out using an email address very similar to 'Info@Paypal.co.uk', the email would contain professional looking formatting and text including the company's logo etc. It would say something like "The connection between your bank account and paypal has expired, please log on to our site here and update these details", the user will then click on the link and it will look identical to the paypal website, the user will then enter their details and the hacker will then be able to gain access to their account.</span><br />
Lee Lappagehttp://www.blogger.com/profile/15449090930576081744noreply@blogger.com