User Access To The Service example essay topic

In most cases cable or DSL companies such as Comcast or Direct PC are just a single type of Internet connection company. But sometimes companies acquire these one-connection companies to make their companies bigger and better such as AOL buying Time Warner. As these companies get bigger and start to offer more types of connections they also start to have more security conflicts. AOL's software for its dial up connection has a firewall built in to it, the firewall protects it users from hackers and unwanted programs from running. And the software works almost perfectly for keeping unwanted people or programs out, but the only catch is you have use their software.

Road Runner, which is now part of AOL, is a cable company, which only provides high-speed Internet access, not full proof security. This problem leaves you open for hackers that are randomly barraging Internet connected PC's with "pings" or "port scans", probing to find unprotected PCs. Once found, a hacker can compromise your PC with a dangerous Internet threat such as a Trojan horse, spyware or even a malicious worm (Zone Labs). Since AOL doesn't provide any type of firewall or hacker protection while you have a cable connection with them they do suggest certain types of firewall software to buy.

For single end users they suggest you use firewall software like Norton's Personal Firewall, which costs around $49.95, or Net Barrier 2.0 if you own a Macintosh. Both of these software packages include basic features for a single end user, for instance the ability to delete your cookies and the ability to set up filters or rules to a computer. For network users AOL suggest that you use firewall software such as Zone Alarm Pro 3.0 which costs $49.95 for a one-user license and goes up from there. Zone Alarm Pro 3.0 not only provides cookie control, pop-up ad control but also provides email protection and it can suspend 46 different file types. Unlike other personal firewalls, Zone Alarm Pro includes Program Control to protect against known and unknown threats. With Zone Alarm Pro, you can control the ability to specify which programs are trusted to access the Internet, by monitoring all outbound traffic.

You can also block and make your computer invisible on the internet-"if you can't be seen, you can't be hacked" (Zone Labs). Another type of software that they suggest is C & C Software's Conseal Firewall. Conseal starts out at $69.95 for a one-user license and goes up to $6,839.95 for an unlimited user license. Conseal provides full support for Windows 2000 and Windows XP along with email notification and a Windows Explorer style interface. But that's not all; it also lets you set separate rules to each network adaptor in your system to traffic passing of the Internet interface or a LAN.

Conseal also provides time-sensitive rules which allow you to set permissions for only certain times of day. A example of the time -sensitive rules would be if employees could only get on to the Internet from 8: 00 a.m. to 5: 00 p.m. on weekdays. Or if you " re a devious network administer you can make it so that the employees can only get on the network on Saturday and Sunday. Either way this option cuts down the time that a hacker can use to get on your network. Conseal Firewall even has an option where you can control all the protocols that you receive so that you block NETBEUI and IPX protocols. And finally it does not only protect your computer when it is running but when it is booting up as well (VisNetic Firewall).

All operating systems have their security issues and their vulnerabilities but in particular Windows has had a recent security problem of hackers gaining access to users accounts through Outlook 2000. Since Outlook 2000 has the ability to make your Microsoft Word an email editor, when Outlook displays an HTML e-mail, it applies Internet Explorer security zone settings that disallow scripts from being run. However, if the user replies to or forwards a mail message and has selected Word as the e-mail editor, Outlook opens the mail and puts the Word editor into a mode for creating e-mail messages. Scripts are not blocked in this mode. An attacker could exploit this vulnerability by sending a specially malformed HTML e-mail containing a script to an Outlook user who has Word enabled as the e-mail editor.

If the user replied to or forwarded the e-mail, the script would then run, and be capable of taking any action the user could take. The vulnerability only affects Outlook users who use Word as their e-mail editor. Users who have enabled the feature introduced in Office XP SP 1 to read HTML mail as plain text are not vulnerable. For an attacker to successfully exploit this vulnerability, the user would need to reply to or forward the malicious e-mail. Simply reading it would not enable the scripts to run, and the user could delete the mail without risk.

Another problem that has to do with Widows is that unauthorized personal can get into authorized places through a flaw in the SMTP service. An SMTP service installs by default as part of Windows 2000 server products and as part of the Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5. (The IMC, also known as the Microsoft Exchange Internet Mail Service, provides access and message exchange to and from any system that uses SMTP). A vulnerability results in both services because of a flaw in the way they handle a valid response from the NTLM authentication layer of the underlying operating system. By design, the Windows 2000 SMTP service and the Exchange Server 5.5 IMC, upon receiving notification from the NTLM authentication layer that a user has been authenticated, should perform additional checks before granting the user access to the service. The vulnerability results because the affected services don't perform this additional checking correctly.

In some cases, this could result in the SMTP service granting access to a user solely on the basis of their ability to successfully authenticate to the server. An attacker who exploited the vulnerability could gain only user-level privileges on the SMTP service, thereby enabling the attacker to use the service but not to administer it. The most likely purpose in exploiting the vulnerability would be to perform mail relaying via the server. Exchange 2000 servers are not affected by the vulnerability because they correctly handle the authentication process to the SMTP service. The vulnerability would not enable the attacker to read other users' email, nor to send mail as other users. Best practices recommend disabling unneeded services.

If the SMTP service has been disabled, the mail relaying vulnerability could not be exploited. The vulnerability would not grant administrative privileges to the service, nor would it grant the attacker the ability to run programs or operating system commands. Windows is not only the operating system that has problems in its network security but Mac OS X has to. A pretty recent problem was an unchecked buffer in the Macintosh Internet Explorer 5.1 and in the office program as well. The first vulnerability is when buffer associated with the handling of a particular HTML element is overrun. Because of support for HTML in Office applications, this flaw affects both IE and Office for Macintosh.

A security vulnerability results because an attacker can levy a buffer overrun attack against IE that attempts to exploit this flaw. A successful attack would have the result of causing the program to fail, or to cause code of the attacker's choice to run as if it were the user. The second vulnerability can allow local Apple Scripts to be invoked by a web page. This vulnerability can allow locally stored Apple Scripts to be invoked automatically without first calling the Helper application. The Apple Scripts would run as if they had been launched by the user, and could take the same actions as any Apple Script legitimately launched by the user. The Apple Script would have to already be present on the system; there is no way for an attacker to deliver an Apple Script of her choosing through this vulnerability.

Successfully exploiting this issue with Office files requires that a user accept files from an unknown or un-trusted source. Users should never accept files unknown or un-trusted sources. Accepting files only from trusted sources can prevent attempts to exploit this issue. A successful attack using HTML email would require specific knowledge of the user's mail client and cannot be mounted against PC users. A successful attack using an HTML web page would require the attacker to lure the user to visiting a site under her control. Users who exercise caution in their browsing habits can potentially protect themselves from attempts to exploit this vulnerability.

On operating systems that enforce security on per-user basis, such as Mac OS X, the specific actions that an attacker's code can take would be limited to those allowed by the privileges of the user's account {Macosxsercurity). As you can see network problems never go away despite that people think if the change their software they won't have any more problems. I think that the Zone Alarm Pro 3.0 and Conseal Firewall software will help you against hackers some cases like if you have nothing on your system now, but the only sure, secure way to know that your computer is going to be safe from hackers, when your on the network or working on your computer at home is to turn it off when your done with it.

Bibliography

Page Cable Modem and Mac Security Information. SercureMac. com 28 April 2002 web and Protections.
SercureMac. com 28 April 2002 web version of VisNetic Firewall is 1.
03. C&C Software. 27 April 2002 web Do You Make a Open Network Trustworthy.
Sy Gate. com 27 April 2002 web Steps to trust.
htm Macintosh OS X Security. SercureMac. com 28 April 2002 web OS X Security 2.
SercureMac. com 28 April 2002 web OS X Security 3.
SercureMac. com 28 April 2002 web Alarm 3.
0. Zone Labs 28 April 2002 web.