• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

Types of IT Security Threats

Extracts from this document...

Introduction

In this report, I will examine various security threats, as well as methods through which these threats can be protected against. I will cover four threats in detail, these being;

  • Denial of Service
  • Password Crackers
  • Trojans / Worms / Viruses
  • Internal / External Threats

Denial of Service

Essentially, a denial of service attack, or DoS, is when a hacker attempts to make a system unusable by flooding the target with packets and communication requests. By doing this, the victim becomes saturated, is unable to handle the unusually high volume of traffic, and becomes unstable. There are a variety of ways in which an attacker may which to deploy a DoS against a target, each with varying outcomes. Some DoS will reduce the performance of its target, others may result in the victim coming to a complete standstill. Most modern DoS attacks are targeted at web servers. As already mentioned, there are a variety of differing types of DoS. I will examine a number of these, namely; Buffer overflow attacks, SYN attacks and DDoS.

An attack using buffer overflow is a very simple concept. Attackers simply try to flood a system with more traffic than that system’s buffer allows for. They do this by using traffic that the system does not flag as unusual. When a buffer attempts to store more data than it was intended to hold, the surplus will look to other buffers for space. This causes the data in the new buffer to become corrupted and lost, before the data looks for further adjacent buffers, spilling out across the system, eventually causing widespread data corruption.

A well-known example of this type of attack occurred in 2000 when it was discovered that Microsoft’s Outlook software contained a programming error within the message header mechanisms[1].

...read more.

Middle

More complex intrusion detection systems can also be put in place on a network. Network-based intrusion detection is responsible for the monitoring of traffic between different network segments and devices. It is often one of the most crucial forms of intrusion detection and can be of huge benefit when protecting a system against DoS attacks. Network-based intrusion detection functions through the use of sensor deployment. Sensors can be deployed in two ways. They can be deployed as an inline sensor, or alternatively, as a passive sensor.  Inline deployment means that all traffic on a network has to pass through the actual sensor, whereas with passive, the sensor just monitors a copy of the actual traffic that is travelling on the medium.

The best location for inline deployment is usually at network segregation points, where other security devices, like a firewall, would be placed. This is because their primary concern is monitoring traffic passing between differing networks and network segments. A very common way in which inline sensors are deployed is by integrating them into one’s firewall. By doing this, no further hardware is required, and the intrusion detections software can function from the hardware device that is already in place on the network. If being placed on the network as a separate device, it would be best advised if the firewall was in front on the inline IDS. Doing this would ensure that the IDS has only to be concerned with detecting any intrusions that manage to get beyond the firewall. In turn, they will have less traffic to process, reducing their workload. Passive deployment monitors a copy if the network traffic, rather than the actual traffic itself.

The aforementioned IP spoofing can be minimised by filtering incoming traffic, and minimising open ports.

...read more.

Conclusion

Data modification and configuration changes also pose an internal security threat. It is critical for any system to monitor for the modification of sensitive data. In the event of any malicious alterations, the guilty party can be identified and the modification rectified. Issues with data modification also pertain to record theft, which could lead to company and personal privacy issues. Any unauthorised configuration changes to a system could prove critical to its functioning.

Protecting against internal threats involves the implementation of proper policy and technology, including the aforementioned intrusion detection sensor deployment, that ensures an administrator can monitor for such activity, and in the event of any occurring, identify the culprit, and more important, the change they have made or the threat they enacted.

        External threats differ to internal threats in the sense that they do not have the same level of access, and thus are forced to attack, in most cases, through the system’s network. These threats can come in the form of many of the aforementioned attacks. Hackers, external threats, will try to access the system, issue denial of service attacks etc. Some of the other threats from external entities include unauthorised access, packet flooding and bandwidth theft.

References

[1]        http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci549024,00.html

[2]        http://www.smh.com.au/articles/2002/10/23/1034561535264.html

[3]        http://en.wikipedia.org/wiki/MyDoom

[4]        http://en.wikipedia.org/wiki/Timeline_of_notable_computer_viruses_and_worms

[5]        Kerberos 5 unauthorised root access to KDC host vulnerability from LWN.net. Viewed Online at http://lwn.net/Articles/7612/

Page |

...read more.

This student written piece of work is one of many that can be found in our University Degree Information Systems section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related University Degree Information Systems essays

  1. This research is about Management of network operating system at Natural Forest Resources management ...

    CLIENT COMPUTER. SERVER (NOS). CLIENT COMPUTER. PRINTER ROUTER. INTERNET/OTHER NETWORK. Fig 1.Local area network Jump Node (2006); recommend that network management is essential for any organization that relies on computer network to keep operating running smoothly with high performance. It is only for the large organization but also to small and mid-sized business, government agencies, education institutions, and other entities.

  2. Computer Networks Architectures & Protocols

    they are run from client PCs' a location, which makes upgrading software a simple task network, administrators can simply upgrade the applications stored on the file server, rather than having to physically upgrade each client PC. In the client-server diagram below, the client PCs are shown to be separate and subordinate to the file server.

  1. Systems Life Cycle. The main disadvantage of the traditional waterfall method is with the ...

    Me: How are orders to suppliers usually made? RM: By phone. Me: Is there is any documentary evidence for the orders? RM: No. Me: Where is the resulting delivery stored? RM: There is no specific storage or waiting area. One of the waiters places the order direct to the Fridge and Larder.

  2. The purpose of this paper is to provide an analysis of Cisco Systems primary ...

    One of Cisco's biggest threats is a privately-held start-up in Milipitas called Procket Networks. Interestingly, the current President and CEO of Procket Networks is Roland Acra who worked at Cisco as well as founder Tony Li and VP Brad Kashani.

  1. Research into standards and standardisation in modern communication networks and their implications and applications

    Problems associated with this are that in this case there may well be a need to create a better but incompatible system or update the existing leading system, which may take years and may be the root of new associate problems.

  2. Network Proposal. Androsia Superior Fabrics has solicited the services of ML-DD IT Consultants ...

    Manageability: Your new network will have full monitoring capabilities. Network management software will be installed to allow real time tracking and resolution of issues on your network. If something unusual occurs on the network, you will be able to quickly isolate the cause, which in turn will allow quick resolution with minimal revenue loss.

  1. Happy Holidays Hotel. Information Systems Analysis and Design. When we design the new ...

    The customers, too, are expected to accept this new reservation system as it benefits them. Resource Feasibility The hotel needs physical space for the new reservation system and also need to create a network for the hotel. It shouldn't be a problem.

  2. Organisational Information Systems. In this assignment I have chosen the accounting department, I ...

    This would be a great network for accountants as they need to gain access to data instantly and if one of the nodes is not working they will still be able to access crucial information needed. Many of the employees can be linked to the network and they will have their own log in.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work