170 likes | 386 Views
Security. Test. December 13 Binary Numbers Computer Networks Internet Protocols Security. Security Threats. Data Security Viruses Worms Trojans. Security Threats. Viruses Virus is a program written with malicious intent and sent out by attackers
E N D
Test • December 13 • Binary Numbers • Computer Networks • Internet Protocols • Security
Security Threats • Data Security • Viruses • Worms • Trojans
Security Threats • Viruses • Virus is a program written with malicious intent and sent out by attackers • The virus is transferred to another computer through e-mail, file transfers, and instant messaging • It hides by attaching itself to a file on the computer. • When the file is accessed, the virus executes and infects the computer
Security Threats • Viruses • Keystroke Recording • Used to record passwords and credit card numbers
Security Threats • Famous Virus • ILOVEYOU (2000) • Disguised itself as a text file in an email which, when opened, would automatically send itself to every contact in a users address book • Caused billions in lost business
Security Threats • Worms • Do not rely on humans • Are not attached to programs that need to be opened • Copies itself and sends its copies throughout a computer network (such as the internet)
Security Threats • Famous Worm • Code Red (July 2001) • Named after “Code Red” Mountain Dew • Spread to web servers and changed website to: • HELLO! Welcome to http://www.worm.com! Hacked By Chinese! • Became a meme… • Also launched DDoS attacks
Security Threats • Trojans • Appear to do one thing, really do another • Often disguised as useful hardware • Technically a type of worm
Security Threats • Spam • Junk e-mail • Often advertising • May contain links to viruses, infected sites, or popups
TCP/IP Attacks • TCP/IP • The protocol used to control all of the communications on the internet • Common Attacks • DoS • DDoS • Spoofing
TCP/IP Attacks • Denial of Service (DoS) Attacks • Prevent users from accessing servers • Server is too busy, overloads, ceases to operate • Types: • Ping of Death: Repeated, larger than normal pings • E-Mail Bomb: Large quantity of email that overloads e-mail server • Distributed Denial of Service (DDoS) • Uses infected computers, called zombies
TCP/IP Attacks • Spoofing • A person or program impersonates another with false data • Phishing Scams • Legitimate webpage is reproduced on another server under attacker’s control • Used to harvest usernames and passwords • E-mail Spoofing • False sender information
Data Protection • Password Protection • Two Levels • BIOS • Operating system will not boot • BIOS cannot be changed • Login • Prevent access to computer and network
Data Protection • Password Protection • Password Security • NOT 123456 • Rules • Passwords should expire • Mixture of letters and numbers • DO NOT WRITE THEM DOWN • Do not use the same password for everything • Longer is better… for passwords, pervert
Data Protection • Password Protection • Smartcards • Plastic card, needs to be swiped • Biometric Security • Fingerprint • Retinal scan, etc.
Data Protection • Wireless Security • What IS the difference between: • Wired equivalent privacy • Wi-fi protected access • Wi-fi protected access 2 • Lightweight extensible authentication protocol