Premium Essay

Threats and Attacks to Computer Network

In: Computers and Technology

Submitted By qwer
Words 934
Pages 4
Chapter 4 Threats and Attacks to a Computer Network
Research shows that “threats to the computers and networks have been an issue since computers began to be used widely by the general public. Nowadays, any computer or network that is connected to the Internet is at risk” (http://infopeople.org/resources/security/basics/threats_vulnerabilities.html, 2008)
There are unlimited different types of threats exists in computer networking field but in this report mainly six different common but important threats were discussed.
4. 1 Spoofing

Spoofing is a technique used to hide identity of traffic originator or assume identity of trusted entity or fooling a computer into believing which actually you are not. The most common spoof is email where a hacker pretend to be a different internet address from the one you have just to gain his/her credit card no, passwords, personal information or to theft any identity. Spoofing normally involves sending many packets/messages pretending to be a real legitimate person and spoofed IPs are very hard to back track. There are many different types of spoofing, such as ▪ IP addresses, MAC addresses changing attacks ▪ Link alteration ▪ DNS server spoofing attack ▪ Content theft ▪ E-mail address changing attack

4.2 How Penetration Attack Works?
Penetration attack is basically to an attempt to break the security features of a system in order to understand the system or system design and implementation. The main purpose of penetration is to identify methods of gaining access to a system by using common tools and techniques and it can be performed after careful consideration, notification and planning.
This attack is carried out by network scanning to obtain the sensitive data and here is an example what type of information can be gathered from this penetration testing. ✓ Domain Name System (DNS) interrogation. ✓…...

Similar Documents

Premium Essay

Computer Networks

...security. Finally, two detailed case studies are given: UNIX/Linux and Windows 2000. Structured Computer Organization, 4th edition This widely-read classic, now in its fourth edition, provides the ideal introduction to computer architecture. It covers the topic in an easy-to-understand way, bottom up. There is a chapter on digital logic for beginners, followed by chapters on microarchitecture, the instruction set architecture level, operating systems, assembly language, and parallel computer architectures. Operating Systems: Design and Implementation, 2nd edition This popular text on operating systems, co-authored with Albert S. Woodhull, is the only book covering both the principles of operating systems and their application to a real system. All the traditional operating systems topics are covered in detail. In addition, the principles are carefully illustrated with MINIX, a free POSIX-based UNIX-like operating system for personal computers. Each book contains a free CD-ROM containing the complete MINIX system, including all the source code. The source code is listed in an appendix to the book and explained in detail in the text. About the Author Andrew S. Tanenbaum has an S.B. degree from M.I.T. and a Ph.D. from the University of California at Berkeley. He is currently a Professor of Computer Science at the Vrije Universiteit in Amsterdam, The Netherlands, where he heads the Computer Systems Group. He is also Dean of the Advanced School for Computing and Imaging, an......

Words: 292171 - Pages: 1169

Premium Essay

Threats to Computer Networks

...OF CONTENT Introduction 2 Threats 2 • State-sponsored espionage and sabotage of computer networks 2 • Monster DDoS attacks 2 • The loss of visibility and control created by IT consumerization and the cloud 2 • The password debacle 3 • The insider threat 3 UAE CASE 3 Precaution 4 Conclusion 4 Bibliography 5   Introduction As the requirement of the paper I will explain the types of fraud may face by the organisation computer networks. Along with I will discuss two cases of such fraud in UAE and finally I will discuss possible precautions to mitigate the risk of such frauds. In recent year the computer network threats become technically more advanced, sophisticated, more organised and at the same time difficult to detect. It is important to mention that these attacks not only damage network security for financial frauds but this also aim to disable and reliability of the infrastructure as well, which may cause worse type of threat to the national security. (Tom Cross and Eric Savitz, Forbes Staff, 2012) Threats Most respected financial magazine FORBES has mentioned five main security threats to the computer networks which includes. • State-sponsored espionage and sabotage of computer networks o In 2012 a very famous virus called Flame was discovered which was not traced by the software in years. Similarly virus named Shamon destroyed the data of oil and energy companies and made the machines unbootable. • Monster DDoS attacks o DDos stands for the......

Words: 1014 - Pages: 5

Premium Essay

Malicious Attacks and Threats

...Malicious Attacks and Threats Malicious Attacks and Threats As the lead Information Systems Security Engineer it is my job to ensure that the ongoing threat of malicious attacks and vulnerabilities to the organizations computer network are kept to a minimum so that highly sensitive data will continue to remain protected. However, recent reports from the CIO suggest that there has been a small amount of malicious activity reported on the network. The CIO is requesting I look into the current network infrastructure and make necessary changes to the network so that the system remains free from the threat and vulnerability of future malicious activity that would impact the organizations network. Attacks on computer systems and networks occur by the billions every year and are on a dramatic increase. Many organizations have invested vast amounts of money in computer networks, only to find out that although it is providing means of improving the efficiency and productivity of the organization it also exposes the organization to possible malicious attacks and threats. Such attacks have been the most challenging issue for a majority of Information System Security Engineers where they utilize the necessary resources to protect the network from these vulnerabilities. The greatest overall threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant. When the action is malicious, some motivation or......

Words: 1172 - Pages: 5

Premium Essay

Computer Network

...Week 2 – Case Study SEC-280 11-9-2013 The first point that I will address consist on the multiple dangers that computer networks are exposed, that are in majority done by perpetrators that get access to servers of Windows and Linux to explode their vulnerabilities.. The use of these codes or malware in the form of viruses, worms, time bombs or any peculiar name this individuals use to give to their destructive toys, are a major concern to the protection of confidential information. Data so sensitive that in their majority is composing of identity, credit, and property information so well collected and compiler that is plenty for the creation of a clone of a company or a person. These identity theft atrocities are not limit to the software and information appropriation; also the attacks diminish computer performance, affecting their velocity and cause computers to crash. The CIO should possess a compendium of way’s to defend his network, and a rapid decision capability to take decisions in a short time period. Furthermore, in general terms security; as we can define “ the act of provide a sense or protection against lost, attack or harm”, can use or integrate a complete protection plan. Depending on the resources of the company the integration of a security plan that can integrate “the five pillars of security IT security operation: policy and audit management, access management, infrastructure and hardware security and incident response.” The real world presents to us a...

Words: 591 - Pages: 3

Premium Essay

Computer Network

...Computer Network A computer network is a group of computers that are interconnected by electronic circuits or wireless transmissions of various designs and technologies for the purpose of exchanging data or communicating information between them or their users. Networks may be classified according to a wide variety of characteristics. This article provides a general overview of types and categories and also presents the basic components of a network. Introduction A computer network allows sharing of resources and information among devices connected to the network. The Advanced Research Projects Agency (ARPA) funded the design of the Advanced Research Projects Agency Network (ARPANET) for the United States Department of Defense. It was the first operational computer network in the world.[1] Development of the network began in 1969, based on designs developed during the 1960s. For a history see ARPANET, the first network. Purpose Facilitating communications Using a network, people can communicate efficiently and easily via e-mail, instant messaging, chat rooms, telephony, video telephone calls, and videoconferencing. Sharing hardware In a networked environment, each computer on a network can access and use hardware on the network. Suppose several personal computers on a network each require the use of a laser printer. If the personal computers and a laser are connected to a network, the personal computers users each can access the laser printer on the network, as they......

Words: 3658 - Pages: 15

Premium Essay

Threats to Computer Security

...Threats to Computer Security Source: An Introduction to Computer Security: The NIST Handbook National Institute of Standards and Technology Technology Administration U.S. Department of Commerce Special Publication 800-12 Computer systems are vulnerable to many threats that can inflict various types of damage resulting in significant losses. This damage can range from errors harming database integrity to fires destroying entire computer centers. Losses can stem, for example, from the actions of supposedly trusted employees defrauding a system, from outside hackers, or from careless data entry clerks. Precision in estimating computer security-related losses is not possible because many losses are never discovered, and others are "swept under the carpet" to avoid unfavorable publicity. The effects of various threats varies considerably: some affect the confidentiality or integrity of data while others affect the availability of a system. 1. Errors and Omissions Errors and omissions are an important threat to data and system integrity. These errors are caused not only by data entry clerks processing hundreds of transactions per day, but also by all types of users who create and edit data. Many programs, especially those designed by users for personal computers, lack quality control measures. However, even the most sophisticated programs cannot detect all types of input errors or omissions. A sound awareness and training program can help an organization reduce the number and......

Words: 1147 - Pages: 5

Premium Essay

Malicious Attacks and Threats

...Malicious Attacks and Threats     As the lead Information Systems Security Engineer it is my job to ensure that the ongoing threat of malicious attacks and vulnerabilities to the organizations computer network are kept to a minimum so that highly sensitive data will continue to remain protected.   However, recent reports from the CIO suggest that there has been a small amount of malicious activity reported on the network.   The CIO is requesting I look into the current network infrastructure and make necessary changes to the network so that the system remains free from the threat and vulnerability of future malicious activity that would impact the organizations network.     Attacks on computer systems and networks occur by the billions every year and are on a dramatic increase.   Many organizations have invested vast amounts of money in computer networks, only to find out that although it is providing means of improving the efficiency and productivity of the organization it also exposes the organization to possible malicious attacks and threats.   Such attacks have been the most challenging issue for a majority of Information System Security Engineers where they utilize the necessary resources to protect the network from these vulnerabilities.   The greatest overall threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant.   When the action is malicious, some motivation or goal is generally behind the attack.  ......

Words: 305 - Pages: 2

Premium Essay

Computer Network

...TRADEMARK LAW AND CYBERSPACE Paras Nath Singh M.Tech. Cyber Security Centre for Computer Science & Technology Central University of Punjab, Bathinda (Punjab). Abstract—Trademark law aids consumers who use trademarks in the marketplace to identify swiftly and without problems a product they liked or disliked in the past, distinguishing among the different competing manufacturers of a product. No one is entitled to sell or deliver commodities under the appearance that the commodities derive from someone else. The importance of consumer protection cannot be overemphasized and the average consumer standard should remain the central point of the inquiry, even under domain name litigation. Replacing the initial interest confusion doctrine is one decisive step, along with the introduction of a doctrine representing the fact that there should be no confusion at the point the sale, and this doctrine would intervene to allow for the capacity of the consumer to choose freely the products they want. Keywords: - trademarks; cyberspace; generic; domain names I. INTRODUCTION Trademarks have been used to designate the source or origin of products for years and a trademark is “any word, name, symbol, or device, or any combination thereof”1 used by a company to identify itself as the source of particular goods and distinguish its goods from those manufactured or sold by competitors. Section 2 of the Canadian Trademark Act2 considers “trademarks” as: * a mark that......

Words: 2830 - Pages: 12

Free Essay

Network Based Threat Research

...Network Based Threat Research CMGT/431 24 Aug 2015 Network Based Threat Research With advancements in the ever growing internet with more and more individuals becoming accustomed to using the web as a means of communicating the opportunity for outside sources to gain ones information is expanding daily. Recently the Department of Defense’s Joint Staff became the latest target in a spear phishing attack. For over two weeks more than 4,000 users on the Defense network have been shut down by this attack (Starr, 2015). Where are all these threats originating from? They are from every location on the universe within the United States, China, Russia and even our own allies (Starr, 2015). Provide a description of a few network based threats The recent attack on the Department of Defense was a spear phishing attack. These are attacks through emails sent to employees with hopes that they open the link. Once the link is opened they give up their network credentials and it allows an outside source into a network. Denial-of-servie (DoS) and distributed-denial-of-service (DDoS) are attacks from one or more devices that are targeted at a server that creates so much traffic or demands for services that the target cannot respond to legitimate requests (TechTarget, 2000-2015). Figure 1: In a DDoS attack, multiple devices (red) flood a server with requests, overwhelming the server and blocking legitimate users (green). Malware or malicious software is any software that is...

Words: 810 - Pages: 4

Premium Essay

Ndividual- Network Based Threat Research

...Individual: Network Based Threat Research There are so many people who are connected to network and with the passing time, the amount of people connected through network is increasing even more. As the network connectivity is increasing, the threats to security are also increasing. Network security and network-based threats are the most significant vulnerabilities that need to be maintained as it involves information, which is transferred between computers. There are several pieces of information, which is case sensitive and is vulnerable to outside attack. The network security is also exposed to hackers attack and is subject to various malicious threats that can endanger the sensitivity of information and pose a threat to network. The various network-based threats are pumped into the network all over the world and are a significant matter for consideration at the moment (Godbole, 2008). Network based threats There are various network-based threats some of which are explained below: * Viruses and Worms: Virus is a coded program or coded information that is transmitted or loaded into the computer unintentionally and run on the system. It exploits the system without the knowledge and wish of the system owner and can create huge damage and harm to the computer. Freezing or hanging of computer after opening a mail or coded information is an example of virus attack through network. The downloading of virus onto the computer system will affect the entire computer network......

Words: 789 - Pages: 4

Free Essay

Denial of Service Attacks in Network Security

...Denial of service attacks in Network security introduction and short history of DoS attacks: Denial of service attacks are one of the major threat to the modern computer networks.It has been said that first DDoS attack was launched in 1999 against the IRC server of university of minnesota which affected 227 systems and server was down for several days.Another DoS attack was documented in the week of feb 7 2000.A 15 year old canadian hacker named “mafiaboy” performed a series of DoS attack against some sites like ebay and amazon.Companies suffered from 1.7 billion of damage.After that it became the best way of hacking among cybercriminals. People used to perform these attacks for profits.Hackers will follow the procedures like mafiaboy and ask for the money.In 2005 ,it became more easy to implement those attacks ,a boy of 18-yr old named Farid Essabar developed a worm called MyTob which used to open a backdoor in Ms windows hosts and connect to the remote IRC server.The computer then used to wait for the commands from the servers.Farid was arrested for distributing the worm.This was surely not the last case.DDoS attacks were used to attack and money extortion. As name suggests Denial of Service aka DoS, it’s main objective is to make the system to deny the legitimate service requests. Basically DoS attacks are performed by exhausting the resources of the computer like processing power,network bandwidth,TCP connection and service buffers,CPU cycles and so on.Hackers......

Words: 2218 - Pages: 9

Premium Essay

Computer Threats

...Yvette R Williams Strayer University Computer Threats Professor Richard Carroll June 18, 2010 The worst thing about computers are the bugs and viruses. There is a myriad of information and opportunities on the internet but if you do not have adequate protection it will be the same as if your were crossing an intersection blind folded. In the beginning when email had become popular one of the worst things what would happen was that someone would intercept your message and use that information for illegal gain. Then came the bugs or viruses that would be secretly embedded in your attachments. Now we have threats that are far worse than anything I would have ever imagined. There are people for who knows what reason, who creates programs just to shut down computer networks. It is true that not every instance of a bug or virus is about money. I had a professor who has a family member who not only wrote viruses and sent them out, but was also a collector of computer viruses. For the life of me I still cannot figure out why. Then there are the people who do this for monetary gain. These people have ways that are unimaginable for you and I to think of ways to steal personal information from others. Look at the social websites like Face book, Twitter and MySpace just to name a few. People are putting all types of personal information on these sites. We believe that these sites are harmless and who would care about what schools we graduated from or what cities we live......

Words: 940 - Pages: 4

Free Essay

Evaluating the Security of Computer Networks

...Evaluating the Security of Computer Networks Security in Systems Architecture and Applications SE579 2 Table of Contents Evaluating the Security of Computer Networks I. Vulnerabilities A. Design Flaws B. Poor Security Management C. Incorrect Implementation II. Firewalls A. Packet Filtering B. Circuit Level Gateway Proxy Server C. Application Gateway III. Antivirus A. Scans IV. Intrusion Detection Systems V. Disadvantages VI. Conclusion 3 One of the major computing challenges in today’s economy is the lack of adequate security over the information computer networks, and internet applications in which business, government, and economy depend on. Businesses have become more dependent on information. The gathering, organizing, managing, finding, and analyzing of information are crucial to businesses. Computer viruses created by hackers cost businesses $55 billion in 2003. In 2011, a single instance of hacking on the Play Station cost Sony more than $170 million, while Google lost $500,000 due to hacking in 2005.(Coyne) 2003 Single instances of hacking may cost as much as $600,000 to $7m a day......

Words: 2281 - Pages: 10

Free Essay

Potential Maclicious Attacks and Threats

...Assignment 1: Identifying Potential Malicious Attacks, Threats, and Vulnerabilities Shauna Video games have been around for many years. As technology progresses unfortunately so does the security risks that come with online gaming. “The number of American households which play video games is a roughly 65%.” (Source 2) With any network organization you want to make sure that you keep on top of vulnerabilities of anything that reaches out to the internet. Computers and servers that touch the internet are ones that must be scanned. As a company you have to make sure that you configure the security settings for the operating system, internet browser and security software. As a company you also want to set personal security policies for online behavior. There also needs to be an antivirus installed on the network like Norton or Symantec which blocks threats targeting the vulnerabilities. “With the firewalls you want to configure them in the reputable internet security program to block unsolicited request communication.” (Source 1) Email server needs to be sure that spam doesn’t get through the network. The ways that spam works is unwanted email messages get solicited to a large number of recipients. “Spam should be a major concern in your infrastructure since it can be used to deliver email which can include Trojan horses, viruses, worms’ spyware and targeted attacks aimed specifically in obtaining sensitive and personal identification information...

Words: 1027 - Pages: 5

Premium Essay

Phases of a Computer Attack

...THOMAS FORD IT255 MR. CARTER LIST PHASES OF A COMPUTER ATTACK Phase 1 - Reconnaissance Reconnaissance is probably the longest phase, sometimes lasting weeks or months.  The black hat uses a variety of sources to learn as much as possible about the target business and how it operates, including * Internet searches * Social engineering * Dumpster diving * Domain name management/search services * Non-intrusive network scanning Phase 2 - Scanning Once the attacker has enough information to understand how the business works and what information of value might be available, he or she begins the process of scanning perimeter and internal network devices looking for weaknesses, including * Open ports * Open services * Vulnerable applications, including operating systems * Weak protection of data in transit * Make and model of each piece of LAN/WAN equipment Phase 3 - Gaining Access Gaining access to resources is the whole point of a modern-day attack.  The usual goal is to either extract information of value to the attacker or use the network as a launch site for attacks against other targets.  In either situation, the attacker must gain some level of access to one or more network devices. In addition to the defensive steps described above, security managers should make every effort to ensure end-user devices and servers are not easily accessible by unauthenticated users.  This includes denying local administrator access to business users and closely......

Words: 485 - Pages: 2