sample-9 - SEC 9.4 617 9.5 ATTACKS FROM OUTSIDE THE SYSTEM...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
SEC. 9.4 617 9.5 ATTACKS FROM OUTSIDE THE SYSTEM The threats discussed in the previous sections were largely caused from the inside, that is, perpetrated by users already logged in. However, for machines connected to the Internet or another network, there is a growing external threat. A networked computer can be attacked from a distant computer over the network. In nearly all cases, such an attack consists of some code being transmitted over the network to the target machine and executed there doing damage. As more and more computers join the Internet, the potential for damage keeps growing. In the following sections we will look at some of the operating systems aspects of these external threats, primarily focusing on viruses, worms, mobile code, and Java applets. It is hard to open a newspaper these days without reading about another com- puter virus or worm attacking the world’s computers. They are clearly a major security problem for individuals and companies alike. In the following sections we will examine how they work and what can be done about them. I was somewhat hesitant to write this section in so much detail, lest it give some people bad ideas, but existing books give far more detail and even include real code (e.g., Ludwig, 1998). Also the Internet is full of information about viruses so the genie is already out of the bottle. In addition, it is hard for people to defend themselves against viruses if they do not know how they work. Finally, there are a lot of misconceptions about viruses floating around that need correc- tion. Unlike, say, game programmers, successful virus writers tend not to seek pub- licity after their products have made their debut. Based on the scanty evidence there is, it appears that most are high school or college students or recent gradu- ates who wrote the virus as a technical challenge, not realizing (or caring) that a virus attack can cost the collective victims as much as a hurricane or earthquake. Let us call our antihero Virgil the virus writer. If Virgil is typical, his goals are to produce a virus that spreads quickly, is difficult to detect, and is hard to get rid of once detected. What is a virus, anyway? To make a long story short, a virus is a program that can reproduce itself by attaching its code to another program, analogous to how biological viruses reproduce. In addition, the virus can also do other things in addition to reproducing itself. Worms are like viruses but are self replicating. That difference will not concern us here, so we will use the term ‘‘virus’’ to cover both for the moment. We will look at worms in Sec. 9.5.5. 9.5.1 Virus Damage Scenarios Since a virus is just a program, it can do anything a program can do. For example, it can type a message, display an image on the screen, play music, or something else harmless. Unfortunately, it can also erase, modify, destroy, or
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
618 SECURITY CHAP. 9 steal files (by emailing them somewhere). Blackmail is also a possibility. Ima- gine a virus that encrypted all the files on the victim’s hard disk, then displayed
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page1 / 28

sample-9 - SEC 9.4 617 9.5 ATTACKS FROM OUTSIDE THE SYSTEM...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online