More Simple Software/Security Threats
There are more type of Software/security threats-
This is a technique attacker’s use to surreptitiously gain system access through another user’s account. This is possible because users often select weak passwords. The two major problems with the passwords are when they are easy to guess based on knowledge of the user and when they are susceptible to dictionary attacks (that is, using a dictionary as the source of guesses).
This attack exploits the need to have a service available. It is a growing trend on the internet because websites in general are open doors ready for abuse. People can easily flood the web server with communication in order to keep it busy.
Therefore, companies connected to the internet should prepare for (DoS) attacks. They also are difficult to trace and allow other types of attacks to be subdued.
The sender address on internet e-mail cannot be trusted because the sender can create a false return address. Someone could have modified the header in transit, or the sender could have connected directly to the Simple Mail Transfer (SMTP) Port on the target computer to enter the e-mail.
This refers to the recording and retransmission of message packets in the network. Packet replay is a significant threat for programs that require authentication sequences because an intruder could replay legitimate authentication sequence messages to gain access to a system. Packet replay is frequently undetectable, but can be prevented by using packet time stamping and packet sequence counting.
This involves one system intercepting and modifying a packet destined for another system. Packet information may not only be modified, it could also be destroyed.
This is a common form of cracking. It can be used by outsiders and by people within an organization. Social engineering is a hacker term for tricking people into revealing their password or some form of security information.
In these attacks, a hacker uses various hacking tools to gain access to the systems. These can range password-cracking tools to protocol hacking and manipulation tools. Intrusion detection tools often can help to detect changes and varies that take place within systems and networks.
The reason for doing this is that system tend to operate within a group of other trusted systems. Trust is imparted in a one-to-one fashion; computer A trusts computer B (this doesn’t imply that system B trusts system A). Implied with this trust is that the system administrator of the trusted system is performing the job properly and maintaining an appropriate level of security for the system.
Network spoofing occurs in the following manner:
If computer A trusts computer B and computer C spoofs computer B, then computer C can gain otherwise-denied access to computer A.
Information system threats are classified mainly into 4 categories,
These are the types of threats which include the physical damage to the computer system. This damage could be to either hardware or software. These damages could be due to natural calamity like earthquakes, hurricanes, floods, etc.
These are the type of threats that occur accidently like occurrence of any unexpected error or system falling short of the storage space. Accidental error can cause corruption of data when an unexpected error occurs.
It consists of any kind of tampering done with the system or the communication channel or the network with the intention of causing harm to the system or interruption in the communication. It consists of viruses, malware, Trojan horse, spyware etc.
System must have an antivirus or anti-spyware software to counter the act of spying from any attacker.
This kind of threat describes the case when a person who is not authorized gets an access to the restricted areas of the system. If this happens, the data that are stored in the system becomes highly vulnerable to any kind of tampering.
To overcome these kinds of threats we use authentication and authorization.
You May Also Like-
What do you mean by Information Security?
What are imperfection or defects of Solids
What Do you know about Solid State?
What do you know about Solid Waste??
Processing of solid waste and On-site Handling by engineering System
What do you know about Hazardous Waste??
Landfill Disposal of Solid Waste
The term ‘soil’ in soil engineering is defined as an unconsolidated material, composed of solid particles, produced by the disintegration of rocks. The void space between the particles may contain air, water or both. The soil particles may contain organic matter.
What are Bricks? Bricks are one of the oldest building materials and it’s extensively used at present as a loading material in construction methods because of its durability, strength, reliability, low cost, easy availability, etc. Bricks are manufactured by molding burnt clay or a mixture of sand and lime or of Portland cement concrete, in…
Water Proofing Materials Dampness in a building is the main cause of the deterioration of the building as well as for the ill-health of the occupants. The damp brickwork in the buildings is prone to fresh attack. Also, the soluble salts in bricks are liable to attack the cement mortar when the brickwork remains wet…
Sound Insulation A well-designed building should incorporate sound insulation to restrain the noise level. High noise conditions result in uncomfortable living conditions, mental strains, fatigue, and may even lead to a nervous breakdown or temporary deafness. Adequate insulation can be achieved by using sound-absorbing or sound repellent materials. Sound Insulating Materials Sound Insulating Materials fall…
Heat Insulating Materials The purpose of thermal insulation is to restrict the heat transfer from warmer to cooler areas. Transfer of heat takes place by three processes- the convection, the radiation and, the conduction. Convection In convection, heat is transferred from one place to another by the movement and mixing of liquids or gases. Radiation…