The U.S. Government’s National Information Assurance Glossary defines Information Security as: Protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats.
But in this article will be same information about one of the unauthorized access types - internet attacks! That’s makes more easily understand how these attacks work and click why so important get there own information security strategy!
Denial of service In this attack an attacker tries to do target
computer unable to provide the normal gamut of services. That attacker can do sending more information to a target computer than a computer is capable of processing. In this incident a user or organization is deprived of the services of a resource what they would normally expect to have. In this case costs of this attack are a great deal of time and money. A denial of service attack is a type of security attack to a computer system that does not usually result in the theft of information or other security loss.
Trojan Horse
Trojan horses are programs that pretend to be legitimate software, but actually carry out hidden, harmful functions. An attacker place this software on the target computer using web site, e-mail, embedded within another software package, or force-installed through the compromise of another service running. Trojans are executable programs, which mean that when you open the file, it will perform some action(s). These actions can be with different nature. The most common are of two types:
* The first is a remote control program that would allow the attacker to act as if he were in front of the machine.
* The second is a program that would allow a remote attacker to execute specific commands from the target machine.
Both types take a control over target computer and often use that to make denial of service of other target computer.
Buffer Overflow
An attacker sends a specific series of characters (text) to a service that will cause the service to act outside it’s normal operating parameters. These attacks can be considered two parts, the overflow itself, and the command to execute. The overflow part contains the specific series of characters that will cause the service to act abnormally, but other contains commands. These commands can be something simple like causing computer to crash, or something complex like installing a trojan.
Buffer overflows are usually the preferred method of compromising a web server.
Port Scan
A port scanner is a tool that allows an individual to list the ports on a computer that are listening (available / open). Using a port scanner is usually the first step in determining how to compromise a system, as an attacker needs to know what the potential vulnerabilities of a system are before trying to execute them.
Article source: InfoSecurityLab
- Related Videos
- Related Articles
- Ask / Related Q&A
- Information Security Policy
- Information Security Management Risks
- Career in Information Security/Ethical Hacking
- Laptops and Security
- Security Using Public Internet Access
- The Precarious State of Security in Asia
- Computer and Internet Security Issues That you Should Know
- WordPress Blogs Attack and Hack
How to Prevent Your PC From Malicious Softwares
By: Jose Vasquez | 04/01/2010Does your PC run more and more slowly? Does your system always crash or freeze up? Are you in trouble with the blue screen? Do you feel hard to delete some files unwanted? Is your PC being attacked? Are your computer's device drivers out-dated? There is a unique package that helps you get rid of those annoying problems.
High Encryption 256 Bit AES Personal VPN Servers now offered by SurfBouncer
By: Alberto Stellpflug | 04/01/2010SurfBouncer Personal VPN service is now offering High Encryption servers for mission critical applications. These servers are offered at no additional charge to Personal VPN customers. This is the same state of the art, maximum encryption as used by governments and major corporations for top secret work. These are offered in addition to their standard servers located worldwide.
Lost or forgot Windows 7 password? Recover your password with the All-in-One Password Recovery Solutions Bundle!
By: happykaka | 04/01/2010Password Unlocker Bundle is a professinaol password recovery kit, which contains series of password recovery tools: Windows password recovery, PDF password recovery,MS Excel password recovery, WinZIP/ZIP password recovery, WinRAR/RAR password recovery, MS SQL password recovery, Internet password recovery, Windows Live/MSN password recovery, MS Access password recovery, Outlook password recovery, and Outlook Express password recovery, etc., No matter you are at home or in office ,the bundle helps
Some Latest Information about mini sd 8 gb
By: Beerbohm Max | 04/01/2010Whenever consumers visit the shop for buying handset always take care of buying memory card suitable according to the handset. In the same way mini sd 8 gb provides the user more space for their daily purposes in the market. Also the mini sd 8 gb helps in storing large amount of data, music and software applications on their phone.
Download LEGO Indiana Jones 2 The Adventure Continues PSP and PSP GO Game
By: Jack Corner | 03/01/2010Are you seeking to download LEGO Indiana Jones 2 The Adventure Continues PSP game? Do you want to know how and where you can download the game for less than $0.01? Do you want to get access to more than 150,000 PSP game titles for unlimited downloads? This article will show where and how you can download the newest and your favorite PSP games. Visit PSP GO Download Center
DVR vs VCR: A Battle in the Security and Spy Equipment Industry
By: Vellard | 01/01/2010The DVR seems to be the technology that wins the match. There is no room for melancholy in the ever-evolving world of security and spy equipment. You can keep up with the surveillance technology at Vellard. Visit now their website at www.vellard.com.au.
How to Delete Antispyware Shield Pro, Quickly and Easily. Uninstall this Spyware Before Certain Destruction!
By: Bob Walker | 31/12/2009One of the top concerns I have while browsing the internet is what files are secretly being transferred via websites of questionable content. Antispyware Shield Pro is an example of a virus that can be installed in this stealth manner through a Trojan. Once installed, this malware will attempt to trick you into purchasing a "full version", which will do nothing but sap you of your money.
Uninstall Malware Defense Easily - How To Remove Malware Defense Quickly
By: Bob Walker | 31/12/2009What's the deal with Malware Defense? Is it legitimate or is it a scam? If you're familiar with viruses, then you know that this software is malicious. It's the kind that will try to corrupt your entire system, block your programs, and scare you into purchasing what it claims as "full protection". It provides nothing of the sort. Its cousins are FakeAlert and AntiMalware spyware. You will want to get rid of this spyware immediately, because if you do not, you will be harrassed with fake warnings
Internet Attack Methods
By: InfoSecurityLab | 23/01/2007 | SecurityThe U.S. Government’s National Information Assurance Glossary defines Information Security as: Protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats.
Security Using Public Internet Access
By: InfoSecurityLab | 23/01/2007 | SecurityInternet comes to peoples lives and then suddenly comes truth, that WE CAN'T LIVE WITHOUT INTERNET. We can't even simple daily activities do without Internet, but not always we can use Internet at work or home. It is a fact and no one can deny that. Because more and more cities going wireless - get wireless network which spread all city so that everyone with laptop an wireless card can get access to the Internet, and also there are Internet café and other Internet access points.
Information Security Endangered
By: InfoSecurityLab | 23/01/2007 | Securityour time is coming. Spy programs are stealing information more easily. The reason is weak algorithms, which provide systems safety, for example data encryption and hashing.
Tips of Security
By: InfoSecurityLab | 23/01/2007 | SecurityInformation is the lifeblood of most, if not all, modern organisations, so protecting (this) information against unauthorised disclosure, modification or erasure is a basic requirement of management.
Anti-virus Software Comparison Test
By: InfoSecurityLab | 23/01/2007 | SecurityVirus.gr tested quite a few different software companies to see how they would stack up against each other. How did the 147,000+ virus test pan out?
Security Awareness
By: InfoSecurityLab | 23/01/2007 | SecuritySecurity awareness is knowledge and attitude members of an organization possess regarding protection of the physical and information assets of that organization. Many organizations require formal security awareness training for all employees when they take up sensitive assignments and, in some cases, periodically thereafter.
Quick Tips of E-mail Security
By: InfoSecurityLab | 23/01/2007 | SecurityFeature-rich email is not only a powerful way of communication, but also a major security threat. The more features an email service provides the security holes are made for hackers. In addition to the usual email security headache - executable attachments - HTML messages introduce new problems. HTML is not a plain text, it is rendered and it may contain executable code. You get dozens emails daily. Every time you read an HTML email message - something could be executed. It is just like you woul