Network Security And Viruses

Aamlan Saswat Mishra

Class-XI-E

Network security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources.

Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done.

Network security starts with authenticating, commonly with a username and a password

Once authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users

Communication between two hosts using a network may be encrypted to maintain privacy

Security management for networks is different for all kinds of situations.

Vulnerability

The probability that an asset will be unable to resist the actions of a threat agent

In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.

Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. This practice generally refers to software vulnerabilities in computing systems.

A security risk may be classified as a vulnerability but there are vulnerabilities without risk

Many software tools exist that can aid in the discovery (and sometimes removal) of vulnerabilities in a computer system. Though these tools can provide an auditor with a good overview of possible vulnerabilities present, they can not replace human judgment.

A Cookie?

HTTP cookie

An HTTP cookie is a small piece of data sent from a website and stored in the user's web browser while the user is browsing it

Every time the user loads the website, the browser sends the cookie back to the server to notify the user's previous activity. (Cookies were designed to be a reliable mechanism for websites to remember stateful information)

Cookies can also store passwords and form content a user has previously entered, such as a credit card number or an address.

The tracking cookies, and especially third-party tracking cookies, are commonly used as ways to compile long-term records of individuals' browsing histories – a potential privacy concern

The security of an authentication cookie generally depends on the security of the issuing website and the user's web browser, and on whether the cookie data is encrypted. Security vulnerabilities may allow a cookie's data to be read by a hacker, used to gain access to user data, or used to gain access.

Computer virus

A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive; when this replication succeeds, the affected areas are then said to be "infected“

Viruses often perform some type of harmful activity on infected hosts, such as stealing hard disk space or CPU time, accessing private information, corrupting data, displaying political or humorous messages on the user's screen, spamming their contacts, logging their keystrokes, or even rendering the computer useless. However, not all viruses carry a destructive payload or attempt to hide themselves—the defining characteristic of viruses is that they are self-replicating computer programs which install themselves without user consent.

Virus writers use social engineering and exploit detailed knowledge of security vulnerabilities to gain access to their hosts' computing resources.

And there is more…

Motives for creating viruses can include seeking profit, desire to send a

political message, personal amusement, to demonstrate that a vulnerability

exists in software, for sabotage and denial of service, or simply because they

wish to explore artificial life and evolutionary algorithms

Computer viruses currently cause billions of dollars' worth of economic

damage each year, due to causing systems failure, wasting computer

resources, corrupting data, increasing maintenance costs, etc.

In response an industry of antivirus software has cropped up, selling or freely

distributing virus protection to users of various operating systems.

A horse?

Trojan horse

A Trojan horse, or Trojan, in computing is any malicious computer program which

misrepresents itself as useful, routine, or interesting in order to persuade a victim

to install it

While Trojans and backdoors are not easily detectable by themselves, computers

may appear to run slower due to heavy processor or network usage

If installed or run with elevated privileges a Trojan will generally have unlimited

access. What it does with this power depends on the motives of the attacker.

Its target functionalities involve crashing computers, modification or deletion of

files, data corruption, use of resources and identity, money theft, data theft,

spying, survelience and even tracking.

It is possible for those involved with Trojans to scan computers on a network to

locate any with a Trojan horse installed, which the hacker can then control.

Computer worm

A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers

It uses a computer network to spread itself, relying on security failures on the target computer to access it. Unlike a computer virus, it does not need to attach itself to an existing program

Users can minimize the threat posed by worms by keeping their computers' operating system and other software up-to-date, avoiding opening unrecognized or unexpected emails, and running firewall and antivirus software

Regardless of their payload or their writers' intentions, most security experts regard all worms as malware.

Several worms, like XSS worms, have been written to research how worms spread

Spamware

Spamware is software designed by or for spammers

Spamware varies widely, but may include the ability to import thousands of

addresses, to generate random addresses, to insert fraudulent headers into

messages and to use dozens or hundreds of mail servers simultaneously

Being an automated software it can create e-mail broadcasting hub by

establishing superiority in numbers and sending capability as well as brings a

position of great disturbance to its target

Another type of spamware is software used to search for e-mail addresses to

build lists of e-mail addresses to be used either for spamming directly or to be

sold to spammers

And Who Is HE?

The hackers

In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network.

Hackers may be motivated by a multitude of reasons, such as profit, protest, challenge, enjoyment, or to evaluate those weaknesses to assist in removing them.

The subculture that has evolved around hackers is often referred to as the computer underground and is now a known community

The term hacker is reclaimed by computer programmers who argue that someone who breaks into computers, whether computer criminal (black hats) or computer security expert (white hats)

A typical approach in an attack on Internet-connected system is:

1.Network enumeration: Discovering information about the intended target.

2.Vulnerability analysis: Identifying potential ways of attack.

3.Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis

Information Technology Amendment

Act 2008

The Information Technology Amendment Act, 2008 (IT Act 2008) is a

substantial addition to India's Information Technology Act (ITA-2000).

The original Act was developed to promote the IT industry, regulate e-

commerce, facilitate e-governance and prevent cybercrime

The Amendment was created to address issues that the original bill failed to

cover and to accommodate further development of IT and related security

concerns since the original law was passed

Changes in the Amendment include: redefining terms such as "communication

device" to reflect current use; validating electronic signatures and contracts;

making the owner of a given IP address responsible for content accessed or

distributed through it; and making corporations responsible for implementing

effective data security practices and liable for breaches