Computer Hacking-Threats To System Security: April 2011
Computer Hacking-Threats To System Security: April 2011
Computer Hacking-Threats To System Security: April 2011
net/publication/285581408
CITATIONS READS
0 2,403
2 authors:
Some of the authors of this publication are also working on these related projects:
SECURITY ANALYSIS OF CRYPTOGRAPHIC TECHNIQUES FOR AUTHENTICATING VM TEMPLATE IN THE CLOUD View project
All content following this page was uploaded by Sangeeta Borde on 20 April 2017.
*Lecturer (Comp.Science), MIT Arts, Commerce and Science College, Alandi (D), Pune
shaikh.bareen24banno@gmail.com
**Lecturer (Comp.Science), MIT Arts, Commerce and ScienceCollege, Alandi (D), Pune
ssangeeta08@gmail.com
_____________________________________________________________________
ABSTRACT
Today businesses are Introduction:
facing the biggest threats from hackers.
Any successful computer hacking Hacking is an extremely high tech
attack can create a disaster to networks attack which requires you to take
and important secret information certain precautions to protect your
stored in the various computers within computer and all of the data which is
the network. IT sector demands stored in it. The term computer system
professionals having ethical hacking security means the collective processes
skills to work for them and provide and mechanisms by which sensitive
security to their computers and and valuable information and services
networks. White hat hackers or ethical are protected from publication,
hackers, these professionals are expert tampering or collapse by unauthorized
in the area of anti-hacking techniques. activities or untrustworthy individuals
They work for preventing the motives and unplanned events respectively.
of malevolent hackers from stealing or
damaging important data and ensure
the safety and protection of computer
systems and networks.
Situations where top-
secret information, plans of companies
The strategies and methodologies of
are suddenly found in public domain,
computer security often differ from
information concerning national
most other computer technologies
security falls in wrong hands or
because of its somewhat indefinable
someone unauthorized accesses and
objective of preventing unwanted
takes control of a bank's customer data,
computer behavior instead of enabling
a greedy BPO worker decides to draw
wanted computer behavior.
off customer data for financial
Information security is by nature not
satisfaction. These are real-life cases,
perfect or entirely secure. It is not
which happen regularly and feature as
possible to completely eliminate risk of
newspaper headlines. One of the
misuse of information.
greatest threats to corporate
information systems lies within the
Problem Statement:
network. People are often the weakest
To study how the
links in a security chain.
information in organization are not
Hacking is the serious secure means how they are hacked and
issue to be taken care of by the to study different solutions for
government, private sector with Computer security.
legislations.
The objective of computer
security includes protection of
Objective: information and property from theft,
corruption, or natural disaster, while
allowing the information and property were Internet worms and viruses (they
to remain accessible and productive to still are today). So antivirus products
its intended users. Any obstruction were prime security solutions. People
in achieving this goal is a threat to the then resorted to more sophisticated
organization. Information flowing means of attack. Hacking tools were
across the organization is like blood in available on websites, and anyone
the human body, which ensures that all could download and use these to
parts of the organization respond at the launch attacks on Internet servers. So
correct times and in the proper enterprises started using firewalls to
direction and with proper intensity. filter out malicious code and safeguard
Information hence needs to be themselves from script kiddies.
protected by the organization to ensure During the third wave (present day,)
its own working. worms spread within minutes and
disrupt corporate networks. Hackers no
Keywords: Hacking, domain, access, longer attack just to brag about it. They
corporate, legislation, security, now seek financial gain and steal credit
malevolent. card numbers or competitor
Then and Now: The Changing Face of information from corporate servers.
Security: More enterprises have opened up their
The first wave was before the mid-90s. networks to global customers, mobile
Enterprises were not yet connected to workers, and suppliers. More
the Internet. In fact, inter-office or sophisticated defenses are necessary to
inter-branch connectivity was rare keep out the 'bad guys' and let in
and/or intermittent. The prime business associates. Sensitive
objective was confidentiality and information in transit needs to be
integrity of information. Organizations secured. New tools like PKI
put in place access controls to lock up (encryption and digital signatures),
information, making information intrusion detection systems, virtual
selectively available to specific private networks, and access control
individuals or groups. mechanisms are being used.
The fourth wave (upcoming) is that of
security audit and certification. This
covers not just technology but also
people and processes. Enterprises are
now approaching security from the
attacker's end and safeguarding.
What do you mean by Hacker?
The Internet is simply a
network of computers that are all tied
together; every one of them has the
capability to "talk" to any other one.
Once criminal knows your computer's
The second wave was during the mid "address", that means a determined
to late 90s. Organization began criminal can gain unauthorized entry to
connecting to the Internet. This was your PC. These criminals are called
also when the major security threats "hackers".
How hackers discover your PC's in the log files which are automatically
address? generated by every web server among
Your computer leaves its address all other places.
over the Internet whenever it visits a Some hackers use what is known as
web site. The addresses can be found "port scanning" software which simply
goes out on the Internet and If PC is at risk from hacking?
electronically "knocks" on the door of The best way is to use a "friendly" port
every connected computer and find to scanner and let it act as if it is attacking
get entry. your machine. You can find one that
Once a hacker gains access to your will let you know if your PC is at risk,
computer he can read anything that's without doing you any harm. You can
stored on your hard drive. He can also use web site to scan for viruses,
install programs which will monitor Trojan horses, and other threats, for
your key strokes and send sensitive free, at the same time.
passwords and user names back to his If the resulting computer security
lair, and he can even get copies of your report indicates that you have a
credit card and bank account numbers. problem then you need a firewall. If
Once a hacker gets this information he you are not technically inclined then
will proceed to steal you blind. contact a PC security consultant for
How to protect yourself against help. Otherwise you can do a search on
hackers? Google for "XP Firewall", if you are
running the latest version of Windows
XP, or "home PC firewall", or "small
business PC firewall", as appropriate.
Three widely accepted principles of
information security are:
The best method is to use what is Confidentiality
known as a "firewall". This is a piece Integrity
of hardware, or software, or both
which is designed to make your Availability
computer "invisible" on the Internet. Accountability
How does a firewall work? A simple way to express this is "the
A firewall works by blocking the right information to the right people at
"ports", or doors, which hackers the right time.
commonly use to gain entrance. Once Internal & External Threats
those ports are blocked the hacker can The threats to knowledge assets can
no longer "see" your computer and, either be external and internal.
thus, is unable to attack it. Traditionally, organizations have been
The new version of Windows XP proactive in securing their corporate
comes with a built-in firewall program networks from outside by deploying
which may be all that you need to keep programs like firewalls, antivirus
your computer safe. In addition there software, intruder detection systems,
are commercial firewalls available and so on.
which run from simple to very
sophisticated.
Machines
Data
A Typical Networked Environment From the above diagram, it is clear that
A networked business environment two constituents who are active are the
consists of: people and the agents - they process
and drive data and communication.
People
Agents: spy ware, Trojans, and
such
Electronic media used in Internet or Web-based applications
network communication typically Removable media like floppies,
include: CDs, and pen drives Printers
E-Mail In general, the following security
File transfers measures are adopted by organizations
Instant messengers to safeguard/mitigate risks associated
with communications:
Security Tool Benefits Drawbacks