Virus
Attaches itself to a file or another program. Doesn’t stand on its own and needs host to replicate.
eg. Gumblar, Zlob
Worm
A program that replicates and propagates itself without having to attach itself to a host.
eg. Storm, Slammer
Trojan Programs
Is an insidious attack against networks and computers. They disguise themselves as useful programs and can install a backdoor or rootkit on a computer. They can use ports 80 (HTTP) and 53 (DNS).
eg. Back Orifice
Spyware
- Send information from infected computer to attacker eg.
- Confidential financial data
- Passwords
- PINs
- Any other stored data
- Can register each keystroke entered
How to protect against Malware attacks
- Educate users
- Anti virus programs
- Avoid fear tactics
Denial of Serivce Attacks
This attack prevents legitimate users from accessing network resources.
Distributed Denial of Service Attacks
An attack Launched against a host from multiple servers or workstations. The network could be flooded with billionsof packets
Buffer Overflow Attacks
An exploit written by a programmer that finds a vulnerability in poorly written code
Ping of Death Attacks
A type of DoS attack.
-Attacker creates an ICMP packet that’s larger than the maximum allowed 65,535 bytes.
- The large packet is fragmented into smaller packets and then reassembled at its destination.
- The user’s systems at the destination is unable to handle the reassembled packet, it causes the system to crash or freeze.
Session hijacking
This attack enables an attacker to join a TCP session and make both parties think he or she is the other party.
Address physical Security
- Protecting a network - Requires physical security not just softwares
- Inside attacks are more likely than outside attacks.
Keyloggers
Hardware devices or software that can be used to capture keystrokes on a computer.
Locks?
- Lock up servers
- Rotary locks are harder to pick
- Keep a record of who enters and leaves the room
