Top 3 Products & Services
Dated: Aug. 13, 2004
Related CategoriesNetwork Security
Unscrupulous types who think it is cool to let destructive code on the Internet or pry into corporate databases to steal or damage data are forcing security issues to the front line of business concern.
At the core of the knowledge economy is intellectual property, which is often documented and stored on computer hard disks and other storage devices and needs to be moved from point to point using the Internet or other forms of Internet working.
With the increasing sophistication of computer based crime, companies must begin with the assumption that their IT systems and information Assets are vulnerable and look to take every step possible to establish ironclad security that can be regularly strengthened or updated to cope with the latest threats.
The Internet has become a riskier place for business, while the attacks hadn't prompted an obvious increase in large scale cyber attacks Internet Security system says overall Internet security has been hampered by a steady tide of denial of service attacks, as well as the rise of hybrid attacks including the propagation of worms such as Nimda and Code red which spread through the Web, email, Instant Messaging and file sharing.
The company compiled its data from more than 350 high volume intrusion detection sensors managed by the company around the world saying the vast majority of attacks nearly 70 percent are being launched on server port80, the same port that web traffic flows on.
Firewalls on their own cannot prevent this kind of unauthorized access and need to have additional intrusion and defense technology installed. Denial of service (DoS) attacks, hybrid threats, and port scans are typically launched over port 80. Port scanning is a common activity before an attack is launched and designed to discover details and vulnerabilities about networks. Experts predict there will be many more such worms and nastiness released to attack corporate computer systems during 2002. The threat will grow for emerging areas of computing such as broadband, wireless and Instant Messaging.
Any company with the integrity of its system and data including issues of customer privacy should be looking very closely at protecting its literaland electronic borders.
Hackers and crackers are constantly on the look out for security vulnerabilities in new or existing software, where the developer hasn't yet come up with a patch or where the company has failed to download the fix, which would eliminate the vulnerability.
The owners of storage and processing systems must take very specific steps to protect their assets and monitor their networks to counter the security threats. If you donut have such policies in place along with firewalls, antivirus scanners and intrusion detectors in place a business may not even know that its system have been attacked or corporate secrets compromised.
No part of the enterprise can be left vulnerable and a range of solutions must be deployed to ensure data and the systems them selves are secure.
A joint project of the Computer Security Institute and the FBI's San Francisco computer crime squad found 90 percent of 540 respondents surveyed detected computer security breaches during 2001, and the 44 percent claimed a total loss of $455.8 million dollars to hack attacks.
Most experts agreed that eborn viruses remain the most common threat to both home users and companies.
Hackers or Crackers:
Unauthorized visitors to other people's computers or networks. Many hackers are content with simply breaking in and leaving their mark, others maliciously crash entire computer systems, stealing or damaging confidential data, defacing Web pages and ultimately disrupting business.
Computer programs designed to replicate themselves and infect computers when triggered by a specific event. Some viruses are very destructive, they files from a hard drive or slowing down a system.
These are programs delivered with email or Web Pages containing destructive code, which attach themselves to the operating system to activate at a later time. Trojans can delete data, mail copies of themselves to email address lists and open up computers top additional attacks.
Reconnaissance Or Scanning Attacks:
Information gathering activities where hackers collect data typically through port 80 on the computer, used later to compromise networks. Usually software tools such as sniffers and scanners are used to map out network resources and exploit potential weaknesses in the targeted networks, host sand applications.
They are conducted to exploit vulnerabilities in such network areas as authentication services and the File Transfer Protocol (FTP) functionality in order to gain entry to email accounts, databases and other confidential information.
These have been the most common types of attacks historically. When the hacker cracks the password of a legitimate user, he has access to that users network resources and typically a very strong platform for getting access tothe rest of the network.
Denial of Service (DoS):
These attacks flood applications or servers with traffic in order to deny access to legitimate users. They tie up IS resources and are usually created by hackers sending large amounts of jumbled or otherwise unmanageable data to machines that are connected to corporate networks or the Internet.
Distributed Denial of Service (DDoS):
Here an attacker compromises multiple machines or hosts.
Root access Attacks:
With root access, the hacker has full control of the system and can often collect enough information to gain access to the rest of the network and other partner networks.
Unsolicited email while usually harmless can clog up the mail system and waste time and storage space.
While most attempts to prevent security breaches are focused on the world outside the business internal threats are very real. For example choosing easy to use passwords makes it easier for others to break into the network. Bringing in floppy disks from outside can spread viruses. An angry employee to boss or company can leave Virus/Trojan horse in the System that will activate after he left the company.
Now that you've gotten free know-how on this topic, try to grow your skills even faster with online video training. Then finally, put these skills to the test and make a name for yourself by offering these skills to others by becoming a freelancer. There are literally 2000+ new projects that are posted every single freakin' day, no lie!