Inside and out side attacks on computers


Attacks on a system may be from insiders who have logged into the system or outsider who prompt an innocent user to download free of cost a malicious program such as Trojan Horses or Viruses or Worms as an exciting game or music.these intruders may be thrill-seeking adolescent hackers or proffessional hackers stealing vital information for sale or disgruntled employees who want to damage the system for revenge or profit

A secure administrator must monitor physically and employing appropriate auding of the usage of resource the following activities:
1. Unauthorized attempt to use computers by any insiders
2. Browsing through system libraries and files,and modification and destruction of information by user.

3. Programming denial of service attack such as creating large number of processes by the user.

4. User trying security auditing functions and files without permission or authorization.
Attacks from inside the system

An insider is a person who has logged into a computer using legitimate username and password.in a system with long and special symbol password,breaing them to login may be difficult.However week password may be broken easily and intruder can cause damage to the user information or steal them.
These attackers also called crackers,as they break password system to gain unauthorized entries into other user's area.attacks by insiders are include:

Trojan Horses
Login Spoofing
Logic Bombs
Trap Doors

now we will discuss the attacks engineered by attackers or crackers.

Trojan Horses
A trojan Horse is a program that appear legitimate and innocents but performs illicit activity when it is run,such as stealing passwords,making the system more vulnerable to future entry or simply distroying programs or data on the hard disk.This program may even steal valuable information and send it to the site of the attacker from there without knowldge of the user.

Login Spoofing
This is a technique for collecting username and passwords of users of the system by an attacker who is an ordinary user of the system. The attackers logs in to the system and execute a program which display a login window exactly looking that of the normal login window of the system.He then leaves and the seat and may work on another terminal in the multi user system.When a new user sit down and enter the username and password,the hacker program collects data and store in a file,and then send signal to kill its shell.This log out attacker and triggers the execution of the real login program which dispaly real login window.

If the user start the login sequence by pressing a key combinitaion that the user program cannot catch,this spoof attack can be bypassed or prevented.Windows system uses Control-Alt-Del keys combination for this purpose.

Logic Bombs
This is a piece of a code that programmers(who are current employees) of a company secerly inserted into the companies production operation system or companies applications.The logic in the inserted code will be to bring down whole system when the programmer get fired,so that the company will be forced to rehire him to set the thing right.

Trap Doors
Trap doors is another security hole caused by the programmers.this is done by secretly inserting some of code to the operating system(or application) code that bypass some normal check. For examples a programmer may add code to hte login program to login using a name 'preet' or whatever be the password string.So,the programmer can login to computer of any company that loads this operating system or application.

Outsider attack
Outsider attack are mainly from computers connected through internet.Intelligence departments all over the world collect informatio exploiting the security flaws in the internet and by attracting user through irresistible web page contents.
any computer system connected to the insecure internet is vulnerable to attack,and anonymous.Easer-to-use automated tools are availble for attackers to plant attacks that cause huge destruction-sin minutes.
There are diffrent categories of external attackers,such as freelancer information broker,foreign or domestic competitors,terrorist organizations and crime syndicates.
Attacks from outside the system
virus
A virus is a program fragment that is attached to legitimate popular programs like games or other utilities with intention for infecting other programs.Normally,the virus code segment will be attached to the begining part of the executable file so that,when anybody execute it,the virus code will be execute first causing damage to the system.
Worms
A Worms is also like virus,but it can automatically spread to other coputers through the internet.A worm has two parts,the bootstrap code and the main worm code.The main worm code does all damages to the system under atack.the boot strap code may be inserted to the machine exploiting the bugs in sysytem.
When the bootstrap code get executed on the system under attack,it gets connected to the attacker's machine from it came. The attacker's machine upload the main worm on system under attack and executes there causing damage to the system


Comments

No responses found. Be the first to comment...


  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
  • Name:
    Email: