packet code. Effect is a clogged server where the victim may not be able to receive Internet messaged for days at a time. • Smurf It involves three parties: the perpetrator, the intermediary, and the victim. It is accomplished by exploiting an Internet maintenance tool called a ping , which is used to test the state of network congestion and determine whether a particular host comp is connected and available on the network. Ping echo floods overwhelm the victim’s computer and cause network congestion problems that make it unusable for legitimate traffic. • Distributed Denial of Service (DDos) DDos may take the form of a SYN flood or smurf attack. The distinguishing feature of the DDos is the sheer scope of the event. The perpetrator may employ a virtual army of so-call zombie or bot (robot) computers to launch the attack. Because of the vast numbers of unsuspecting intermediaries needed, the attack often involves on or more Internet Relay Chat (IRC) networks as a source of zombies. IRC is a popular interactive service on the Internet that lets thousands of people engages real-time communications via their comp. <Insert Table Here. Check niyo na lang ang flow ng IRC> The attack program runs in the background on the new zombie computers, which are now under the control of the perpetrator. Such collections of compromised computers are known as botnets . 3. Equipment Failure CONTROLLING NETWORKS Controlling Risks from Subversive Threats A firewall is a system that enforces access control between two networks. Firewalls can be used to authenticate an outside user of the network, verify his or her level access authority, and the direct the user to the program, data, or service requested. General types of Firewalls:
a. Network-level firewalls – provide efficient but low-security access control. This type of firewall consists of a screening router that examines the source and destination addresses that are attached to incoming message packets. A Network-level firewall accepts or denies access requests based on filtering rules. It is insecure because such is designed to facilitate free flow of info rather than restrict it. b. Application-level firewalls – provide a higher level of customizable network security, but they add overhead to connectivity. They run security apps called proxies that permit routine services such as e-mail to pass through firewall. A high level of firewall security is possible using a dual-homed system . Fighting DDos: As a countermeasure to DDos attacks, many orgs have invested in intrusion prevention systems (IPS) that employ deep packet inspection (DPI) to determine when an attack is in progress. ENCRYPTION Encryption is the conversion of data into secret code for storage in databases and transmission over networks. The sender uses an encryption algorithm to convert the original message (called cleartext ) into a coded equivalent (called ciphertext ). At the receiving end, the ciphertext is decoded ( decrypted ) back into cleartext.
- Spring '13
- Cryptography, IT Audit , Public-key cryptography, Pretty Good Privacy