Spread Knowledge

CS507 - Information Systems - Lecture Handout 33

User Rating:  / 1
PoorBest 

Related Content: CS507 - VU Lectures, Handouts, PPT Slides, Assignments, Quizzes, Papers & Books of Information Systems

Antivirus software

Use of antivirus software is another very important technical control against the spread of virus.

Scanners

They scan the operating system and application soft ware for any virus based on the viruses they contain. Every virus has a different bit pattern. These unique bit patterns act as an identity for the virus and are called signatures. These signatures are available in virus definitions. Every scanner contains in it certain virus definitions which in fact are signatures (bit patterns) for various kinds of virus. The scanner checks or scans the operating system and other application soft wares installed on the hard drives. While scanning, it checks the bit patterns in all software against the bit patterns contained in the virus definitions of the scanner. If they found similar, they are labeled as virus.

Active monitors

This software serves the concurrent monitoring as the system is being used. They act as a guard against viruses while the operating system is performing various functions e.g connected to internet, transferring data, etc. It blocks a virus to access the specific portions to which only the operating system has the authorized access. Active monitors can be problem some because they can not distinguish between a user request and a program or a virus request. As a result, users are asked to confirm actions, including formatting a disk or deleting a file or a set of files.

Behavior blockers

Focus on detecting potentially abnormal behavior in function of operating system or request made by application software. Focus on detecting potentially abnormal behavior in function of operating system or request made by application software, such as writing to the boot sector, or the master boot record, or making change to executable files. Blockers can potentially detect a virus at an early stage. Most hardware-based antivirus mechanisms are based on this concept.

Logical intrusion

The skills needed to exploit logical exposures are more technical and complex as compared to physical exposures. Generally a similar term used in relation to logical intrusion is hacking.

In the 1990’s dotcom boom encouraged many organizations to use internet for executing transactions. Initially internet used was more oriented to providing information to the general public. With the enhanced focus of the organizations to reduce operational costs, and increase sales, the use of internet started increasing.

Today many commercial transactions can be performed on internet. Whether we are looking at retail sales, booking airline tickets, banking, property management, staff management, shipping or host of other applications, the whole world is trading and managing goods and services via web based systems. This not only helped organizations to earn higher volumes of dollars, but also exposed to un desirable threats. Customers and criminals are finding it convenient to have an access to the information system of the organization.

Organizations presuppose that an online system is inherently safer than a high-street store. For instance, A couple of guys walk up to the counter of a pharmacy at 2 a.m. in the morning, show a knife and ask for money in the cash register and they walk away with the cash. Compare above situation with this one. Two guys walk into the online store of a retail seller through a BACK DOOR (A hole in the security of a system deliberately left in place by designers or maintainers. They Access the database and steal the credit information of all the customers. There is no video, no witness and no record. Neither of the above mentioned scenarios is rare. Intrusion into the information system is simply not restricted through the internet. Intrusion can be made through LAN or by actually sitting on the targeted terminal or computer. A person making an intrusion is generally termed as intruder. However, he can be classified according to the way he operates. Possible perpetrators include:

  • Hackers
  • Hacktivists
  • Crackers

Hackers

A hacker is a person who attempts to invade the privacy of the system. In fact he attempts to gain un authorized entry to a computer system by circumventing the system’s access controls. Hackers are normally skilled programmers, and have been known to crack system passwords, with quite an ease. Initially hackers used to aim at simply copying the desired information from the system. But now the trend has been to corrupt the desired information.

Hacktivsts

This refers to individuals using their skills to forward a political agenda, possibly breaking the law in the process, but justifying their actions for political reasons.

Crackers

There are hackers who are more malicious in nature whose primary purpose or intent is to commit a crime through their actions for some level of personal gain or satisfaction. The terms hack and crack are often used interchangeably.

Its very common for hackers to misuse passwords and Personal identification number, in order to gain unauthorized access.

Passwords

“Password is the secret character string that is required to log onto a computer system, thus preventing unauthorized persons from obtaining access to the computer. Computer users may password-protect their files in some systems.”

Misuse of passwords

A very simple form of hacking occurs when the password of the terminal under the use of a particular employee is exposed or become commonly known. In such a situation access to the entire information system can be made through that terminal by using the password. The extent of access available to an intruder in this case depends on the privilege rights available to the user.

Best Password practices

  • Keep the password secret – do not reveal it to anyone
  • Do not write it down – if it is complex, people prefer to save it in their cell phone memory, or write on a piece of paper, both of these are not preferred practices.
  • Changing password regularly – Passwords should be associated with users not machines.
    Password generation program can also be used for this purpose.
  • Be discreet – it is easy for the onlookers to see which keys are being used, care should be taken while entering the password.
  • Do not use obvious password – best approach is to use a combination of letters, numbers, upper case and lower case. Change passes word immediately if you suspect that anyone else knows it.

A personal identification number (PIN) is a secret shared between a user and a system that can be used to authenticate the user to the system. Typically, the user is required to provide a nonconfidential user identifier or token (such as an debit card) and a confidential PIN to gain access to the system. Upon receiving the User ID and PIN, the system looks up the PIN based upon the User ID and compares the looked-up PIN with the received PIN. If they match, then the user is granted access. If they do not match, then the user is not granted access. PIN’s are most often used for ATMs. They are also sometimes used for online systems instead of alphanumeric passwords, which may compromise security.

If the organization is linked to an external network, persons outside the company may be able to get into the company’s internal network either to steal data or to damage the system. System can have fire walls, which disable part of the telecoms technology to prevent unwelcome intrusions into the company but a determined hacker may be able to bypass even these.

Firewall

Firewall is the primary method for keeping a computer secure from intruders. A firewall allows or blocks traffic into and out of a private network or the user's computer. Firewalls are widely used to give users secure access to the Internet as well as to separate a company's public Web server from its internal network. Firewalls are also used to keep internal network segments secure; for example, the accounting network might be vulnerable to snooping from within the enterprise. In the home, a personal firewall typically comes with or is installed in the user's computer. Personal firewalls may also detect outbound traffic to guard against spy ware, which could be sending your surfing habits to a Web site. They alert you when software makes an outbound request for the first time. In the organization, a firewall can be a stand-alone machine or software in a server. It can be as simple as a single server or it may comprise a combination of servers each performing some type of firewall processing.