E-Security

Warning! MyCSSMenu may have been blocked by IE-SP2's active content option. This browser feature blocks JavaScript from running locally on your computer.

This warning will not display once the menu is on-line. To enable the menu locally, click the yellow bar above, and select "Allow Blocked Content".

To permanently enable active content locally...

1: Select 'Tools' --> 'Internet Options' from the IE menu.
2: Click the 'Advanced' tab.
3: Check the 2nd option under 'Security' in the tree (Allow active content to run in files on my computer.)

Top 3 Products & Services

1.
2.
3.

Essential Products & Services

Dated: Aug. 13, 2004

Related Categories

Network Security
By Najmi

Unscrupulous types who think it is cool to let destructive code on theInternet or pry into corporate databases to steal or damage data are forcingsecurity issues to the front line of business concern.

At the core of the knowledge economy is intellectual property, which isoften documented and stored on computer hard disks and other storage devicesand needs to be moved from point to point using the Internet or other formsof Internetworking.

With the increasing sophistication of computer based crime, companies mustbegin with the assumption that their IT systems and information Assets arevulnerable and look to take every step possible to establish ironcladsecurity that can be regularly strengthened or updated to cope with thelatest threats.

The Internet has become a riskier place for business, while the attackshadn't prompted an obvious increase in large scale cyber attacks InternetSecurity system says overall Internet security has been hampered by a steadytide of denial of service attacks, as well as the rise of hybrid attacksincluding the propagation of worms such as Nimda and Code red which spreadthrough the Web, email, Instant Messaging and file sharing.

The company compiled its data from more than 350 high volume intrusiondetection sensors managed by the company around the world saying the vastmajority of attacks nearly 70 percent are being launched on server port80,the same port that web traffic flows on.

Firewalls on their own cannot prevent this kind of unauthorized access andneed to have additional intrusion and defense technology installed. Denialof service (DoS) attacks, hybrid threats, and port scans are typicallylaunched over port 80. Port scanning is a common activity before an attackis launched and designed to discover details and vulnerabilities aboutnetworks. Experts predict there will be many more such worms and nastinessreleased to attack corporate computer systems during 2002. The threat willgrow for emerging areas of computing such as broadband, wireless and InstantMessaging.

Any company with the integrity of its system and data including issues ofcustomer privacy should be looking very closely at protecting its literaland electronic borders.

Hackers and crackers are constantly on the look out for securityvulnerabilities in new or existing software, where the developer hasn't yetcome up with a patch or where the company has failed to download the fix,which would eliminate the vulnerability.

The owners of storage and processing systems must take very specific stepsto protect their assets and monitor their networks to counter the securitythreats. If you donut have such policies in place along with firewalls, antivirus scanners and intrusion detectors in place a business may not even knowthat its system have been attacked or corporate secrets compromised.

No part of the enterprise can be left vulnerable and a range of solutionsmust be deployed to ensure data and the systems themselves are secure.

A joint project of the Computer Security Institute and the FBI's SanFrancisco computer crime squad found 90 percent of 540 respondents surveyeddetected computer security breaches during 2001, and the 44 percent claimeda total loss of $455.8 million dollars to hack attacks.

Most experts agreed that eborn viruses remain the most common threat to bothhome users and companies.

Common Terms

Hackers or Crackers:

Unauthorized visitors to other people's computers or networks. Many hackersare content with simply breaking in and leaving their mark, othersmaliciously crash entire computer systems, stealing or damaging confidentialdata, defacing Web pages and ultimately disrupting business.

Viruses:

Computer programs designed to replicate themselves and infect computers whentriggered by a specific event. Some viruses are very destructive, they filesfrom a hard drive or slowing down a system.

Trojan Horses:

These are programs delivered with email or WebPages containing destructivecode, which attach themselves to the operating system to activate at a latertime. Trojans can delete data, mail copies of themselves to email addresslists and open up computers top additional attacks.

Reconnaissance Or Scanning Attacks:

Information gathering activities where hackers collect data typicallythrough port 80 on the computer, used later to compromise networks. Usuallysoftware tools such as sniffers and scanners are used to map out networkresources and exploit potential weaknesses in the targeted networks, hostsand applications.

Access Attacks:

They are conducted to exploit vulnerabilities in such network areas asauthentication services and the File Transfer Protocol (FTP) functionalityin order to gain entry to email accounts, databases and other confidentialinformation.

Password Attacks:

These have been the most common types of attacks historically. When thehacker cracks the password of a legitimate user, he has access to that usersnetwork resources and typically a very strong platform for getting access tothe rest of the network.

Denial of Service (DoS):

These attacks flood applications or servers with traffic in order to denyaccess to legitimate users. They tie up IS resources and are usually createdby hackers sending large amounts of jumbled or otherwise unmanageable datato machines that are connected to corporate networks or the Internet.

Distributed Denial of Service (DDoS):

Here an attacker compromises multiple machines or hosts.

Root access Attacks:

With root access, the hacker has full control of the system and can oftencollect enough information to gain access to the rest of the network andother partner networks.

Spam:

Unsolicited email while usually harmless can clog up the mail system andwaste time and storage space.

Internal Threats:

While most attempts to prevent security breaches are focused on the worldoutside the business internal threats are very real. For example choosingeasy to use passwords makes it easier for others to break into the network.Bringing in floppy disks from outside can spread viruses. An angry employeeto boss or company can leave Virus/Trojan horse in the System that willactivate after he left the company.

Now that you've gotten free know-how on this topic, try to grow your skills even faster with online video training. Then finally, put these skills to the test and make a name for yourself by offering these skills to others by becoming a freelancer. There are literally 2000+ new projects that are posted every single freakin' day, no lie!

Previous Article

Next Article

m.gokulnath's Comment

very usefull

19 Mon Mar 2012

Report Abuse

Admin's Reply:

Name	Valid Name
Email
Comments	Some Comments!!
Enter Number

Subscribe to Newsletters