Downloaded 10 times
Uploaded byCarolyn Brockman
Computer security
This document provides an overview of computer security topics including types of malicious programs like viruses, worms, and trojans. It discusses how these programs spread and common threats. The document also outlines different safeguards against security issues such as hardware theft, software theft, information theft, system failure, and wireless vulnerabilities. Students are assigned to read the rest of the computer security booklet and prepare for a take home test.
More Related Content
Computer security
- 1. Computer Security Part 1 of2 Small book by Shelly Cashman that came with text.
- 2. Top 10 HackersWho Got Caught
- 3. Gerald Martin hacked intothe system of a company that competed with his. – NY Times
- 4. Anonymous “A LeaderlessHacker Group”
- 6.
- 7. Internet and NetworkAttacks Virus Worm Trojan Rootkit Infects, negatively altering the way computer works Copies itself repeatedly, using up resources Needs certain condition to trigger, does not replicate Allows person to take over your computer from remote location.
- 9. Figure 10-2 frompg 385
- 10. Trojan Programs, 3. 90% Viruses, 7.00 % Network Worms,89.1 0% Malicious Program Types http://www.securelist.com/en/analysis/151436695/Virus_Review_2002 Portable Media, 1.3 0% Internet, 2. 30% Email, 93.4 0% Main Virus Threat
- 11. Safeguards against computer virusesand other malware
- 13. Figure 10-5 frompg 388 of your book
- 14.
- 15. Hardware Theft andVandalism
- 16. Software Theft • End-UserLicense Agreement (EULA)
- 17.
- 18. Information Theft (DigitalSignature)
- 19. System Failure Uninterruptible PowerSupply (UPS)
- 20. Backing Up –The Ultimate Safeguard
- 21. Wireless Security Wireless AccessPoint (WAP)
- 23.
- 24. For Next Time •Read the rest of the Computer Security booklet, page 398 to the end (p. 408). Be prepared to take home test.
Editor's Notes
- #3 “Computer Security Risk” is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability.Cybercrime is one of FBI’s Top 3 priorities.Hacker, originally a complimentary word for a computer enthusiast, now has a derogatory meaning and refers to someone who accesses a computer or network illegally. Some hackers claim the intent of their security breaches is to improve security.Cracker also is someone who accesses a computer or nework illegally but has the intent of destroying data, stealing information, or other malicious action. Both hackers and crackers have advanced and network skills.Script kiddie same intent as a cracker but does not have the technical skills and knowledge. Script kiddies use prewrittten hacking and cracking programs to break into computers.
- #4 Unethical employees break into their employers’ computers for a variety of reasons. Some simply want to explois a security weakness. Others seek financial gains from selling confidential information. Disgruntled employees may want revenge.Cyberextortionists is someone who uses em-mail as a vehicle for extortion. These perpetrators send an organization a threatening e-mail message indicating they will expose confidential information, exploit a security flaw, or launch an attack that will compromise the organization’s network – if they are not paid a sum of money.Cyberterroists-some
- #5 Cyberterroists-someone who uses the Internet or network to destroy or damage computers for political reasonss. The cyberterrorist might target the nation’s air traffic control system, electricity-generating companies, or a telecommunications infrastructure. Cyberterrorismusuuallyreuires a team of highly skilled individuals, millions of dollars, and several years of planning.Anonymous: Leaderless Hacker Group
- #8 Computer viruses, worms, Trojan Horses and Rootkits virus- potentially damaging computer program that affects, or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission. Once the virus infects the computer, it can spread throughout and may damage files and system software, including the operating system. worm; program that copies itself repeatedly, for example in memory or on a network, using up resources and possibly shutting down the computer or network Trojan horse a program that hides within or looks like a legitimate program. A certain condition or action usually triggers the Trojan horse. Unlike a virus or a worm, A Trojan horse does not replicate itself to other computers. rootkit- a program that hides in a computer an allows someone from a remote location to take full control of the computer. Once the rootkit is installed, the rootkit author can execute programs, change settings, monitor activity, and access files on the remote computerMalwarePayloadoperating system runs much slower than usualAvailable memory is less than expectedFiles become corruptedScreen displays unusual message or imageUnknown programs or files mysteriously appearMusic or unusual sound plas randomlyEisting programs and files disappearPrograms or files do not work properlySstem properties changeOperating system does not start upOperating system shutds down unexpectedly
- #10 More than 300,000 computer Web sites can infect your computer.Open an infected fileRuns an infected programBoots the computer with an infected removable media inserted in a drive or plugged into a portConnects an unprotected computer to a networkWhen a certain condition or event occurs such as computer’s clock changing to a specific date.A common way computer an become infected is through email.
- #11 Interesting Information, according to Securelist.com, a virus review for 2002, http://www.securelist.com/en/analysis/151436695/Virus_Review_2002 Two graphs stood out.Malicious Program Types Trojan Programs 3.9%, Viruses 7.0%, and Network Worms 89.1%AndMain Virus Threat Sources Portable Media 1.30%, Internet 2.30%, Email 96.40%
- #12 Anti virus programVirus signatureVirus definitionTips for preventing viruses and other malware. trusted sourceantivirus programsVirus signatureVirus definition- known specific code of virus codeQuarintine- a separate area of a hard disk that holds the infected file until the infection can be removed.Refer to TIPS for PREVENTING VIRUSES AND OTHER MALWARE
- #13 Botnets- a group of compromised computers connected to a network such as the Internet that are used as part of a network that attacks other networks, usually for nefarious purposes. A compromised computers, known as a zombie, is one whose owner is unaware the computer is being controlled remotely by an outsider. Cybercriminals use botnets to send spam via e-mail, spread viruses and other malware, or commit a denial of service attack.Denial of Service Attacks- disrupt computer access to an internet services such as the Web or emailBack Doors bypass security controlsSpoofing appear legitimate to a vitim or a network
- #14 Safeguards against Botnets, DoS Attacks, Back Doors and SpoofingFirewallsIntrusion Detection software
- #15 Safeguards against unauthorized access and useIdentifying and authenticating usersUser names and passwordsPossessed objects- any object you must carry to gain acess to a computer or comuter facility, badges, cards, smart cards, and keysBiometric devicesDigital Forensics
- #16 Safeguards Against Hardware Theft and Vandalism
- #17 Safeguards Against Software TheftLockup copies of your CDs
- #18 Safeguards against Information TheftEncryptionDigital signature
- #20 Safeguards against system failureAmount of protection to power strip is “proportiona to cost” the more expensive the more protection.Be sure to have protection for your modem, telephone lines, DSL lines, Internet cable lines and network lines.
- #21 Backing upBack upRestore
- #22 Wireless Access Point (WAP) should be configured so tha tit does not broadcast a netowrk name. configured so that certain devices can access it.
- #23 Wi-Fi Protected Access (WPA)- security standard that imiproves on older security standards by authenticating network users and providing more advanced encryptions tehnicques.
- #24 802.11i network, sometimes called WPA2, the most recent network security standard, conforms to the governments security standards and uses ore sophisticated encryption techniques than WPA.Way beyond me!