Internet Attacks
Information transmitted over networks has a higher degree of security risk than information kept on a company's premises. In a business, network administrators usually take measures to protect a network from security risks. On the Internet, where no central administrator is present, the security risk is greater.
Viruses, Worms & Trojan Horses
Every unprotected computer is susceptible to the first type of computer security risk--a computer virus, worm, and/or Trojan Horse.
A computer virus is man-made. It is a computer program that can alter the way a computer works without the user’s knowledge or permission.
A worm is a program that copies itself repeatedly, for example in memory or on a network, using up computer resources and possibly shutting down the computer or network.
A Trojan horse (named after the Greek myth) is a program that hides within or looks like a legitimate program. A certain condition or action usually triggers the Trojan horse. Unlike a virus or worm, a Trojan horse does not replicate itself to other computers.
A computer infected by a virus, worm, or Trojan horse often has one or more of the following symptoms:
- Screen displays unusual message or image
- Music or unusual sound plays randomly
- Available memory is less than expected
- Existing programs and files disappear
- Files become corrupted
- Programs or files do not work properly
- Unknown programs or files mysteriously appear
- System properties change
Computer viruses, worms, and Trojan horses deliver their payload on a computer in five basic ways:
- Opens an infected file
- Runs an infected program
- Boots the computer with an infected disk in a disk drive
- Connects an unprotected computer to a network
- By users opening infected email attachments
Many computer viruses turn out to be hoaxes or myths. Hoaxes are false alerts about viruses that don't exist. Here are two sites which lists computer virus hoaxes: Hoax Warnings On The Run and Computer Virus Myths.
Safeguards against Computer Viruses, Worms, and Trojan Horses
You can take several precautions to protect your computer at home:
Do not start a computer with removable media in the drives. CD and DVD drives should be empty, the floppy disk drive should not contain a disk, etc. During the startup process, a computer may attempt to execute the boot sector on a media in certain drives. Even if the attempt in unsuccessful, any virus on the boot sector of removable media can infect the computer's hard drive.
Never open an email attachment. Unless you are expecting an attachment and it is from a trusted source (i.e. friend, relative, co-worker). If the email message is from an unknown source or untrusted source, delete the email message immediately--without opening or executing any attachments.
Install an antivirus program. This program protects a computer against viruses by identifying and removing any computer viruses found in memory, on storage media, or on incoming files. Most antivirus programs also protect against worms and Trojan horses.
Denial of Service Attacks
A denial or service attack (DoS attack), is an assault whose purpose is to disrupt computer access to an Internet service such as the Web or email. Perpetrators carry out a DoS attack in a variety of ways.
The victim computer network eventually jams, blocking legitimate visitors from accessing the network. A more devastating type of DoS attack is the Distribute DoS (DDoS) attack, in which multiple unsuspecting computers are used to attack multiple computer networks. DDoS attacks have been able to stop operations temporarily at numerous Web sites including Yahoo! Amazon.com, eBay, and CNN.com.
The computer that a perpetrator uses to execute the DoS or DDoS attack, known as a zombie, is completely unaware it is being used to attack other systems.
Back Doors
A back door is a program or set of instructions in a program that allow users to bypass security controls when accessing a program, computer, or network. Once perpetrators gain access to unsecure computers, they often install a back door or modify an existing program to include a back door, which allows them to continue to access the computer remotely without the user's knowledge. Some worms leave back doors, which have been used to spread other worms or to distribute junk email from the unsuspecting victim computers.
Programmers often build back doors into programs during system development. These back doors save development time because programmer can bypass security controls while writing and testing programs. If the programmer fails to remove the back door before releasing the software, a perpetrator could use the back door to gain entry to a computer or network.
Spoofing
Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or network. Several types of spoofing schemes exist. One type, called IP spoofing, occurs when an intruder computer fools a network into believing its IP address is associated with a trusted source.
Perpetrators of IP spoofing trick their victims into interacting with the phony Web site. For example, the victim may provide confidential information or download files containing viruses, worms, or other malicious programs.
Firewalls
A firewall is a collection of hardware and/or software intended to protect a computer or computer network from attack. In theory, firewalls are needed whenever a computer is continually connected to an outside network, like the Internet. In other words, it is a fireproof layer between the outside user (source of the fire) and the vulnerable inside computer system. With the increased use of "always on" Internet connection in homes (like DSL, cable, satellite connections), firewalls are becoming an important home PC necessity. Cost for this software is usually less than $50.
Common firewall activity includes monitoring and controlling FTP (File Transfer Protocol which is used in uploading and downloading files) sessions and continuous monitoring of the server.
Now it's time to complete the worksheet for this section. Click on this hyperlink to take you to your worksheet.
This site was created by
Laura Parcell for the primary purpose of teaching and demonstrating computer skills.
Any distribution or copying without the express or written consent is strictly prohibited.
Any questions, comments, or suggestions concerning this page or this web site should be forwarded to
Laura Parcell, Computer Science/Business Education Teacher
Copyright © September, 2008. All rights reserved.