View Single Post
Old 13-09-2008, 21:04   #3
-Jon- -Jon- is offline
Новенький
 
-Jon-'s Avatar
 
Join Date: Sep 2008
Location: Scotland
Posts: 18

Computer security :: Common threats (general)

This is whats going to be covered in this post.

::: Malicious Software :::
- Virus
- Worm
- Trojan Horse
- Time / Logic Bomb

::: Spoofing :::
- E-mail Spoofing
- Spoofing (general)

::: Scanning :::
- Sequential Scanning (Brute-forcing)
- Dictionary Scanning

::: Misc :::
- Digital Snooping
- Spamming
- Tunneling
------------------------------------------------
::: Malicious Software :::

-Virus-
Definition Malicious software that attaches itself to other software. For example, a patched software application in which the patch’s algorithm is designed to implement the same patch on other applications, thereby replicating.
Comments Basically just like a biological virus like the common cold a computer virus if executed on your computer will contine to multiply and spread to other computers. However it must be spread by something, this could be by email or by copying itself to something that will be executed on another computer. This could be a word document you save onto a floppy drive or flash drive then open in another computer.

-Worm-
Definition Malicious software which is a stand alone application
Comments A worm is like a virus but can be used for many more things. Its different from a virus because it dosnt 'need to be spread' it spreads automatically through 'exploits' their is little you can do to stop worms from spreading thats is why you hear about them in the news.
The most common use for a worm program it to run a 'bot network' where all the computers it controlls become slaves and carry out any request the creator of the worm tells it to.

-Trojan Horse-
Definition A Worm which pretends to be a useful program or a Virus which is purposely attached to a useful program prior to distribution
Comments Just like when the Trojan army hid inside a big wooden horse to attack, worms do the same by hiding inside a program you would want then when you use that program the worm is activated.

-Time / Logic Bomb-
Definition
- A Virus or Worm designed to activate at a certain date/time
- A Virus or Worm designed to activate under certain conditions
Comments This is a tac-tic used by some attackers. They delay their worm or virus untill a certain time or untill the user dose a certain action before they attack. For example a wormmight be designed to attack the tatu.ru servers. BUT if tatu have really good servers a constant attack will not crash the server. So what you do then is delay your worm untill a certain date. Launch it it will spread through millions of computers then when the day comes they all attack at once.

::: Spoofing :::

-Spoof E-mail (Phishing)-
Definition Forging an e-mail header to make it appear as if it came from somewhere or someone other than the actual source.
Comments This is one of the most effective ways to steal paswords and other information. I will give an example that happened to me recently.
As you know if you use myspace, when someone requests to be added as a friend you will get an email asking you to approve them with a link.

I looked at my email but I didnt click the link. Instead I logged intomyspace and found their were no new friend requests. The email looked genuine and so did the link but after looking carefully it was a spoof email.

So if I did click the link I would have probaly gone to some site that 'looked like' myspace logged into tht site and when I did my password and username would be recorded, and to stop me from noticing anything they would then simply forward me to the real myspace site and log me in.

It is so easy to do, so simple to set-up, and so easy to fall for.
That is why I dont click any links in any emails I recieve I go to the actual site and login the only thing I do click are links to activate accounts but these links only perform an action they cannot be used to get any information.

I just want to say again be extra careful with email, it will probaly be the first point of attack against any translators or any other user.

-Spoofing (general)-
Definition Getting one computer on a network to pretend to have the identity of another computer, usually one with special access privileges, so as to obtain access to the other computers on the network
Comments This is when someone pretends to be you not by stealing password but usingother things like your IP or MAC address. Typically this is only something you see when an attacket is trying to break into a server on a trusted network. But the tac-tics used in thes attack can be used in others which is why authentication is important.

::: Scanning :::

-Sequential Scanning (Brute-forcing)-
Definition Sequentially testing passwords/authentication codes until one is successful
Comments This is the only full-proof form of attack that is guarenteed to work. However the time it take depends on your password that is why you need a strong password...! 6 or more characters including letters, numbers AND symbols will take a couple of months to be guessed but by then you would have changed your password.
If you have a longer more complex password it will take even longer.
And when I say crack I mean if you had a supercomputer trying all possable combinations. So if a dedicated supercomputer takes time to crack your password. Nobody will be able to do it via the login page because the administrator ofthe tatu servers would notice thousands of login attempts and the server itself can only handle so manyconnections at the same time.

-Dictionary Scanning-
Definition Scanning through a dictionary of commonly used passwords/authentication codes until one is successful
Comments This despite being a simpler form of attack actually works half the time, all that is involved is using a dictionary and commonly used words to guess your password. That is why one of the rules for choosing a password is not to use the dictionary. It dosnt take a computer long to try and login as you using all the words in the dictionary.

::: Misc :::

-Digital Snooping-
Definition Electronic monitoring of digital networks to uncover passwords or other data
Comments As the name suggests this is spying, when you type in your name and password it gets sent to tatu.ru but all that data is broken down into little packets of data that fly around the internet bouncing from router to router untill they eventually reach tatu.ru and get reassembled into what they originally were and the data is proccessed.

Any point between your computer and tatu.ru servers these packets of data can be intercepted and viewed. The only thing to prevent this is encryption. which is why any place that dealswith credit card transactions like shop.tatu.ru has to have a secure server and handle encrypted connections. Packet sniffing as its known is just one way to spy on someone but if your computer is infected by a worm it can be used for the same purpose.

-Spamming-
Definition Overloading a system with incoming message or other traffic to cause system crashes
Comments When I talked about Logic / Time bombs this is what happens. Its known as a DOS (Denial Of Service) attack you also get a distributed version DDOS attack. Your computer might even be attacking some server right now and you dont even know it. These days it tends to be servers that get attacked but somone mightjust hate another person enough to do this to them. Because we live in a world where you need to clean up after these stupid people a.k.a Scriptkiddies (google this term)

-Tunneling-
Definition Any digital attack that attempts to get "under" a security system by accessing very low level system functions (e.g., device drivers, OS kernels)
Comments I just wanted to touch on this bit last, this involves Rootkits which I will explain about in their own section. Normally this was only a problem for people who used Linux / Unix because thats the Operating Systems that run the internet and almost all servers in the world. But now Rootkits have become common on Windows.
So I will talk about them in another topic.

Thats it for now I hope this benifits some of you now you know whats out their waiting to or probaly already has go into your computer you will be able to protect yourself better.

If any one has any questions or needs something explained better then ask.
~~~~~~~~~~~
Read This -> www.tatu.ru/forum/viewtopic.php?t=1163

TA Chatroom - Come and say Hello
The best times to check the chatroom are:
- 8am GMT
- 4pm GMT
- 11pm GMT (I am normaly online at this time)
  Reply With Quote