dependable expert writers

With experience gained since 2003, EssayPride successfully completes 98% of all incoming orders. Select options, proceed, and consider your paper done!

Assignment type

Deadline (UTC)

Pages

Search our huge database of over 200,000 free example essays and research papers nearly on any topic imaginable!

Network Users Time Bomb Application A Virus example essay topic

2,951 words

NTC 360 - Network and Telecommunications Concepts July 31, 2005 Network Security In today's world, with so many ways to gain unauthorized access to someone's computer system, network security is very important. Almost every company has been a victim of a virus attack, hackers, or some other form of unauthorized access to their network. In this paper, I will discuss various methods that those who want this access use and ways they can be prevented. Many people feel that because they use passwords their files are secure and can't be hacked. They unknowingly leave their networks open to attack without protection thinking everything is fine. Hackers can easily get into password protected files once they have access to a computer system.

One way to prevent this is to use a firewall. A firewall prevents unauthorized users from gaining access to a system by restricting access to the entire system, not just the files on the system. Firewalls prevent access to data by using symmetric or asymmetric encryption. Symmetric encryption uses the same password to decrypt the data that it does to encrypt the data. This method allows users to be able to share the same password to gain access to the data and make any needed changes. Asymmetric encryption is different in that there are different passwords used to encrypt the data and decrypt the data.

Asymmetric is considered a little more secure as passwords don't have to be shared in order to allow someone access to the data. Each individual has his or her own password to access it. Asymmetric encryption uses public / private keys to encrypt / decrypt data. Public keys use the same encryption data to access the data that the data was encrypted with. Private, or secret, keys allow the originator of the data to encrypt it and not have to share his password with anyone. They can use their own private key to unlock the data.

Digital certificates are certificates that are guaranteed to be authentic by a Certificate Authority. The certificate authority digitally 'signs' the data stating that it is authentic. An alternative to this is Public Key Infrastructure, or PKI. PKI uses private keys to certify the data is correct and authentic. PKI is a fast growing, although time consuming, method of securely transmitting data.

Network security became necessary when hackers and other neer-do-wells discovered flaws, or holes, in the various layers of the OSI model that would allow them access to someone else's machine or network of machines. These people exploited these holes and used them to their advantage. Once these holes were discovered, securing the network became a priority. Each of the seven layers in the OSI model has it's own weaknesses and this must have it's own method of security. In an article in Certification magazine regarding network security, Kevin Song stated "There are a variety of ways to classify security vulnerabilities and attacks. It is worthwhile to briefly examine them by OSI layers.

The vast majority of vulnerabilities exhibit themselves as application-layer vulnerabilities, which are the closest to the user application. Telnet and FTP are such examples. These applications send user passwords in such a way that anyone who can sniff the network traffic will get the user's login and password to gain unauthorized access. On the presentation layer, there are various attacks against data encryption. On the session layer, Remote Procedure Call (RPC) is one of the top computer system vulnerabilities according to SANS. On the transport layer, there are exploitations using SYN flooding and TCP hijacking.

Port scanning is common technique used by hackers to identify vulnerable systems. IP spoofing is a very common network-layer attack. Frequent traffic sniffing and wiretapping are common Layer 1 and Layer 2 attacks. Wireless networking has opened new possibilities to hackers". As the vulnerabilities were exposed to light, a need for a security counter measure, or fix was required.

In most cases, the fix was found rather quickly, but not always employed by the end user. This results in major problems, the worst of which is complete loss of data, whether encrypted or not. Some of these vulnerabilities are shown on the following table, found on CACI's website (web). Malicious Threats Category Threat OSI Layer Definition Typical Behaviors Vulnerabilities Prevention Detection Counter measures Malicious Software Virus Application Malicious software that attaches itself to other software. For example, a patched software application in which the patch's algorithm is designed to implement the same patch on other applications, thereby replicating. Replicates within computer system, potentially attaching itself to every software application Behavior categories: o Innocuous o Humorous o Data altering o Catastrophic All computers Common categories: o Boot sector o Terminate and Stay Resident (TSR) o Application software o Stealth (or Chameleon) o Mutation engine o Network o Mainframe Limit connectivity.

Limit downloads Use only authorized media for loading data and software Enforce mandatory access controls. Viruses generally cannot run unless host application is running Changes in file sizes or date / time stamps Computer is slow starting or slow running Unexpected or frequent system failures Change of system date / time Low computer memory or increased bad blocks on disks Contain, identify and recover Anti-virus scanners: look for known viruses Anti-virus monitors - look for virus-related application behaviors Attempt to determine source of infection and issue alert Worm Application Network Malicious software which is a stand-alone application Often designed to propagate through a network, rather than just a single computer Multitasking computers, especially those employing open network standards Limit connectivity, employ Firewalls Worms can run even without a host application Computer is slow starting or slow running Unexpected or frequent system failures Contain, identify and recover Attempt to determine source of infection and issue alert Trojan Horse Application A Worm which pretends to be a useful program or a Virus which is purposely attached to a useful program prior to distribution Same as Virus or Worm, but also sometimes used to send information back to or make information available to perpetrator Unlike Worms, which self-propagate, Trojan Horses require user cooperation Untrained users are vulnerable User cooperation allows Trojan Horses to bypass automated controls User training is best prevention Same as Virus and Worm Same as Virus and Worm Alert must be issued, not only to other system admins, but to all network users Time Bomb Application A Virus or Worm designed to activate at a certain date / time Same as Virus or Worm, but widespread throughout organization upon trigger date Same as Virus and Worm Time Bombs are usually found before the trigger date Run associated anti-viral software immediately as available Correlate user problem reports to find patterns indicating possible Time Bomb Contain, identify and recover Attempt to determine source of infection and issue alert Logic Bomb Application A Virus or Worm designed to activate under certain conditions Same as Virus or Worm Same as Virus and Worm Same as Virus and Worm Correlate user problem reports indicating possible Logic Bomb Contain, identify and recover Determine source and issue alert Rabbit Application Network A Worm designed to replicate to the point of exhausting computer resources Rabbit consumes all CPU cycles, disk space or network resources, etc. Multitasking computers, especially those on a network Limit connectivity, employ Firewalls Computer is slow starting or running Frequent system failures Contain, identify and recover Determine source and issue alert Bacterium Application A Virus designed to attach itself to the OS in particular (rather than any application in general) and exhaust computer resources, especially CPU cycles Operating System consumes more and more CPU cycles, resulting eventually in noticeable delay in user transactions Older versions of operating systems are more vulnerable than newer versions since hackers have had more time to write Bacterium Limit write privileges and opportunities to OS files System administrators should work from non-admin accounts whenever possible Changes in OS file sizes, date / time stamps Computer is slow in running Unexpected or frequent system failures Anti-virus scanners: look for known viruses Anti-virus monitors: look for virus-related system behaviors. Spoofing Spoofing Network Data Link Getting one computer on a network to pretend to have the identity of another computer, usually one with special access privileges, so as to obtain access to the other computers on the network Spoofing computer often doesn't have access to user-level commands so attempts to use automation-level services, such as email or message handlers, are employed Automation services designed for network interoperability are especially vulnerable, especially those adhering to open standards Limit system privileges of automation services to minimum necessary Upgrade via security patches as they become available Monitor transaction logs of automation services, scanning for unusual behaviors If automating this process do so off-line to avoid "tunneling" attacks Disconnect automation services until patched or monitor automation access points, such as network sockets, scanning for next spoof, in attempt to trace back to perpetrator Masquerade Network Accessing a computer by pretending to have an authorized user identity Masquerading user often employs network or administrator command functions to access even more of the system, e. g., by attempting to download password, routing tables Placing false or modified login prompts on a computer is a common way to obtain user IDs, as are Snooping, Scanning and Scavenging Limit user access to network or administrator command functions Implement multiple levels of administrators, with different privileges for each Correlate user identification with shift times or increased frequency of access Correlate user command logs with administrator command functions Change user password or use standard administrator functions to determine access point, then trace back to perpetrator Scanning Sequential Scanning Transport Network Sequentially testing passwords / authentication codes until one is successful Multiple users attempting network or administrator command functions, indicating multiple Masquerades Since most login prompts have a time-delay built in to foil automated scanning, accessing the encoded password table and testing it off-line is a common technique Enforce organizational password policies. Make even system administrator access to password files cumbersome Correlate user identification with shift times Correlate user problem reports relevant to possible Masquerades Change entire password file or use baiting tactics to trace back to perpetrator Dictionary Scanning Application Scanning through a dictionary of commonly used passwords / authentication codes until one is successful Multiple users attempting network or administrator command functions, indicating multiple Masquerades Use of common words and names as passwords or authentication codes (so-called "Joe Accounts") Enforce organizational password policies Correlate user identification with shift times Correlate user problem reports relevant to possible Masquerades Change entire password file or use baiting tactics to trace back to perpetrator Snooping (Eavesdropping) Digital Snooping Network Electronic monitoring of digital networks to uncover passwords or other data Users or even system administrators found on-line at unusual or off-shift hours Changes in behavior of network transport layer Example of how CO MSEC affects COMPU SEC Links can be more vulnerable to snooping than nodes Employ data encryption Limit physical access to network nodes and links Correlate user identification with shift times Correlate user problem reports. Monitor network performance Change encryption schemes or employ network monitoring tools to attempt trace back to perpetrator Shoulder Surfing Physical Direct visual observation of monitor displays to obtain access Authorized user found on-line at unusual or off-shift hours, indicating a possible Masquerade Authorized user attempting administrator command functions "Sticky" notes used to record account and password information Password entry screens that do not mask typed text "Loitering" opportunities Limit physical access to computer areas Require frequent password changes by users Correlate user identification with shift times or increased frequency of access Correlate user command logs with administrator command functions Change user password or use standard administrator functions to determine access point, then trace back to perpetrator Scavenging Dumpster Diving All Accessing discarded trash to obtain passwords and other data Multiple users attempting network or administrator command functions, indicating multiple Masquerades " Sticky" notes used to record account and password information System administrator printouts of user logs Destroy discarded hard copy Correlate user identification with shift times Correlate user problem reports relevant to possible Masquerades Change entire password file or use baiting tactics to trace back to perpetrator Browsing Application Network Usually automated scanning of large quantities of unprotected data (discarded media or on-line "finger"-type commands) to obtain clues as to how to achieve access Authorized user found on-line at unusual or off-shift hours, indicating a possible Masquerade Authorized user attempting administrator command functions "Finger"-type services provide information to any and all users.

The information is usually assumed safe but can give clues to passwords (e. g., spouse's name) Destroy discarded media When on open source networks especially, disable "finger"-type services Correlate user identification with shift times or increased frequency of access Correlate user command logs with administrator command functions Change user password or use standard administrator functions to determine access point, then trace back to perpetrator Spamming Spamming Application Network Overloading a system with incoming message or other traffic to cause system crashes Repeated system crashes, eventually traced to overfull buffer or swap space Open source networks especially vulnerable Require authentication fields in message traffic Monitor disk partitions, network sockets, etc. for overfull conditions Analyze message headers to attempt trace back to perpetrator Tunneling Tunneling Network Any digital attack that attempts to get "under" a security system by accessing very low-level system functions (e. g., device drivers, OS kernels) Bizarre system behaviors such as unexpected disk accesses, unexplained device failures, halted security software, etc. Tunneling attacks often occur by creating system emergencies to cause system re-loading or initialization Design security and audit capabilities into even the lowest level software, such as device drivers, shared libraries, etc. Changes in date / time stamps for low-level system files or changes in sector / block counts for device drivers Patch or replace compromised drivers to prevent access Monitor suspected access points to attempt trace back to perpetrator Unintentional Threats Category Threat OSI Layer Definition Typical Behaviors Vulnerabilities Prevention Detection Countermeasures Malfunction Equipment Malfunction All Hardware operates in abnormal, unintended mode Immediate loss of data due to abnormal shutdown Continuing loss of capability until equipment is repaired Vital peripheral equipment is often more vulnerable than the computers themselves Replication of entire system including all data and recent transactions Hardware diagnostic systems On-site replication of hardware components for quick recovery Software Malfunction Application Software behavior is in conflict with intended behavior Immediate loss of data due to abnormal end Repeated system failure when re-fed "faulty" data Software developed using ad how rather than defined formal processes Comprehensive testing procedures and software designed for graceful degradation Software diagnostic tools Backup software and robust operating systems facilitate quick recovery Human Error Trap Door (Back door) Application System access for developers inadvertently left available after software delivery Unauthorized system access enables viewing, alteration or destruction of data or software Software developed outside defined organizational policies and formal methods Enforce defined development policies Limit network and physical access Audit trails of system usage, especially user identification logs Close Trap Door or monitor ongoing access to trace back to perpetrator User / Operator Error All Inadvertent alteration, manipulation or destruction of programs, data files or hardware Incorrect data entered into system or incorrect behavior of system Poor user documentation or training Enforcement of training policies and separation of programmer / operator duties Audit trails of system transactions Backup copies of software and data On-site replication of hardware Physical Threats Category Threat OSI Layer Definition Typical Behaviors Vulnerabilities Prevention Detection Countermeasures Physical Environment Fire Damage N / A Physical destruction of equipment due to fire or smoke damage Physical destruction of systems and supporting equipment Systems located near potential fire hazards, e. g., fuel storage tanks Off-site system replication, while costly, provides backup capability On-site smoke alarms Halon gas or FM 200 fire extinguishers mitigate electrical and water damage Water Damage N / A Physical destruction of equipment due to water (including sprinkler) damage Physical destruction of systems and supporting equipment Systems located below ground or near sprinkler systems Off-site system replication Water detection devices Computer rooms equipped with emergency drainage capabilities Power Loss N / A Computers or vital supporting equipment fail due to lack of power Immediate loss of data due to abnormal shutdown, even after power returns Continuing loss of capability until power returns Sites fed by above-ground power lines are particularly vulnerable Power loss to computer room air conditioners can also be an issue Dual or separate feeder lines for computers and supporting equipment Power level alert monitors Uninterruptible Power Supplies (UPS) Full-scale standby power facilities where economically feasible Civil Disorder / Vandalism N / A Physical destruction during operations other than war Physical destruction of systems and supporting equipment Sites located in some overseas environments, especially urban environments Low profile facilities (no overt disclosure of high-value nature of site) Physical intrusion detection devices Physical access restrictions and riot contingency policies Battle Damage N / A Physical destruction during military action Physical destruction of systems and supporting equipment Site located in-theater Off-site system replication OPEC and low profile to prevent hostile targeting Network monitoring systems Hardened sites Based on just the information contained in the CACI table, it's obvious that Network Security is mandatory requirement for all networks. As information accessibility grows, so will the need to protect it. By protecting your network from the onset, you can help prevent the problems caused by those who want unauthorized access to your network.

Bibliography

web feature. asp? article id = 580&zone id = 9 web white paper. html web p. asp? id = 1142 web.

Things every student should keep in mind

Free example essays found anywhere online are available to anyone, which makes them used, re-used, paraphrased, and abused millions of times.
Watch out, some are poorly written!
We strongly discourage you to submit free essays or any of their parts for credit at your school -- they are easily detected by PLAGIARISM CHECKERS.
Get a brand-new, 100% original paper that will be written especially for you following YOUR EXACT instructions.

100% money back, no questions asked if you paper is plagiarized (this won't happen anyway).

We use a simple but effective principle: one satisfied customer will come back for more, but one who was cheated and misled will tell 10 others too.

Our clients are treated with the highest level of respect that a legitimate student deserves. You, as a customer, will feel this attitude starting from your first contact with our essay service and all the way through.

A significant percentage of cheap essay writing services have also been the source of complaints from students for selling cut and pasted work off the net -- this is a world away from the personalized essay service that EssayPride offers. All our guarantees are always kept -- we are nothing without quality, affordable prices, and the high degree of customer satisfaction!

What our customers say

Piotr S.
Toronto, Canada

I am an ESL student and I am only learning how to write good papers in English. Thanks to EssayPride I am mastering this skill much faster. They help me because they always respond any questions and explain me things I do not understand. They also strictly follow the deadlines and I am never late with my assignments. Thank you very much, guys, your hard work is appreciated. I will surely be ordering more.

Lindsay M.
Winston Salem, NC

Oh my Gosh! My life has become sooo much easier after I've come across this website. I am a working student, so sometimes I am too overwhelmed with so many things and I really need a hand with my papers. I am glad I have found a company I can trust. I have confidence in these guys, because they proved to be good quite a few times.

Kirk N.
Austin, TX

I never leave reviews for products or services because I am quite particular and picky. Surprisingly enough, EssayPride has managed to satisfy all of my requirements, even though I asked for several alterations to the paper they've sent initially. My assignments are quite complicated and it is essential to possess a certain level of knowledge in order to write a decent paper. These guys have managed, so I give them four stars.

Emma Ch.
Birmingham, UK

Customer service is very responsive to your queries, they answer any question within an hour. Even if you have a problem with an order, you can contact them and they will fix it promptly. The quality of writing is very good, writer knows what he is talking about. I had a very positive experience using this website, I will be a returning customer.

Travis J.
Perth, Australia

I used this website more than once and every time my experience turned out to be extremely positive. I think their price-quality ratio is very good, because I couldn't find anyone writing better than these guys, who would work for this money. Thank you!

Myung O.
Seoul, South Korea

I am a Korean student studying in the US. I would like to thank essaypride staff, especially writer Jeff P., for helping me out so much. My grades are good with all your help and I keep calm about the results of my year.

Boyi Zh.
St. Louis, MO

As probably any student, I was quite hesitant about asking somebody else to do my assignments at first. However, after EssayPride has sent me my first paper and I've read it, I understood that I could actually learn a lot from them. The research they've done was impressive and I understood the topic even better than after going to class and reading my textbook. I am not using this website to "cheat", I am using it as a tutoring service, they help me to understand the material better.

Order ANY essay at an affordable price!

Samples of professionally written essays produced by our company. Feel the difference!

Free example essays, top 50

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X-Z

Our website uses cookies. By continuing, you agree to their use. Learn more, including how to control cookies.