See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/285581408

Computer hacking-Threats to system security

Conference Paper · April 2011

CITATIONS READS

0 2,403

2 authors:

Mrs. Bareen Kayyum Shaikh Sangeeta Borde

MIT Arts, Commerce and Science College, Alandi MIT Arts, Commerce and Science College, Alandi
11 PUBLICATIONS   6 CITATIONS    12 PUBLICATIONS   6 CITATIONS   

SEE PROFILE SEE PROFILE

Some of the authors of this publication are also working on these related projects:

ICT based learning, Active learning, education domain View project

SECURITY ANALYSIS OF CRYPTOGRAPHIC TECHNIQUES FOR AUTHENTICATING VM TEMPLATE IN THE CLOUD View project

All content following this page was uploaded by Sangeeta Borde on 20 April 2017.

The user has requested enhancement of the downloaded file.

 Computer Hacking – Threats to Security System
Mrs. Bareen .K. Shaikh * Mrs. Sangeeta .Borde .M **

*Lecturer (Comp.Science), MIT Arts, Commerce and Science College, Alandi (D), Pune
shaikh.bareen24banno@gmail.com

**Lecturer (Comp.Science), MIT Arts, Commerce and ScienceCollege, Alandi (D), Pune
ssangeeta08@gmail.com
_____________________________________________________________________
ABSTRACT
Today businesses are Introduction:
facing the biggest threats from hackers.
Any successful computer hacking Hacking is an extremely high tech
attack can create a disaster to networks attack which requires you to take
and important secret information certain precautions to protect your
stored in the various computers within computer and all of the data which is
the network. IT sector demands stored in it. The term computer system
professionals having ethical hacking security means the collective processes
skills to work for them and provide and mechanisms by which sensitive
security to their computers and and valuable information and services
networks. White hat hackers or ethical are protected from publication,
hackers, these professionals are expert tampering or collapse by unauthorized
in the area of anti-hacking techniques. activities or untrustworthy individuals
They work for preventing the motives and unplanned events respectively.
of malevolent hackers from stealing or
damaging important data and ensure
the safety and protection of computer
systems and networks.
Situations where top-
secret information, plans of companies
The strategies and methodologies of
are suddenly found in public domain,
computer security often differ from
information concerning national
most other computer technologies
security falls in wrong hands or
because of its somewhat indefinable
someone unauthorized accesses and
objective of preventing unwanted
takes control of a bank's customer data,
computer behavior instead of enabling
a greedy BPO worker decides to draw
wanted computer behavior.
off customer data for financial
Information security is by nature not
satisfaction. These are real-life cases,
perfect or entirely secure. It is not
which happen regularly and feature as
possible to completely eliminate risk of
newspaper headlines. One of the
misuse of information.
greatest threats to corporate
information systems lies within the
Problem Statement:
network. People are often the weakest
To study how the
links in a security chain.
information in organization are not
Hacking is the serious secure means how they are hacked and
issue to be taken care of by the to study different solutions for
government, private sector with Computer security.
legislations.
The objective of computer
security includes protection of
Objective: information and property from theft,
corruption, or natural disaster, while
allowing the information and property
to remain accessible and productive to
its intended users. Any obstruction
in achieving this goal is a threat to the
organization. Information flowing
across the organization is like blood in
the human body, which ensures that all
parts of the organization respond at the
correct times and in the proper
direction and with proper intensity.
Information hence needs to be
protected by the organization to ensure
its own working.
Keywords: Hacking, domain, access,
corporate, legislation, security,
malevolent.
Then and Now: The Changing Face of
Security:
The first wave was before the mid-90s.
Enterprises were not yet connected to
the Internet. In fact, inter-office or
inter-branch connectivity was rare
and/or intermittent. The prime
objective was confidentiality and
integrity of information. Organizations
put in place access controls to lock up
information, making information
selectively available to specific
individuals or groups.
The second wave was during the mid
to late 90s. Organization began
connecting to the Internet. This was
also when the major security threats
How hackers discover your PC's
address?
Your computer leaves its address all
over the Internet whenever it visits a
web site. The addresses can be found
were Internet worms and viruses (they
still are today). So antivirus products
were prime security solutions. People
then resorted to more sophisticated
means of attack. Hacking tools were
available on websites, and anyone
could download and use these to
launch attacks on Internet servers. So
enterprises started using firewalls to
filter out malicious code and safeguard
themselves from script kiddies.
During the third wave (present day,)
worms spread within minutes and
disrupt corporate networks. Hackers no
longer attack just to brag about it. They
now seek financial gain and steal credit
card numbers or competitor
information from corporate servers.
More enterprises have opened up their
networks to global customers, mobile
workers, and suppliers. More
sophisticated defenses are necessary to
keep out the 'bad guys' and let in
business associates. Sensitive
information in transit needs to be
secured. New tools like PKI
(encryption and digital signatures),
intrusion detection systems, virtual
private networks, and access control
mechanisms are being used.
The fourth wave (upcoming) is that of
security audit and certification. This
covers not just technology but also
people and processes. Enterprises are
now approaching security from the
attacker's end and safeguarding.
What do you mean by Hacker?
The Internet is simply a
network of computers that are all tied
together; every one of them has the
capability to "talk" to any other one.
Once criminal knows your computer's
"address", that means a determined
criminal can gain unauthorized entry to
your PC. These criminals are called
"hackers".
in the log files which are automatically
generated by every web server among
other places.
Some hackers use what is known as
"port scanning" software which simply
goes out on the Internet and
electronically "knocks" on the door of
every connected computer and find to
get entry.
Once a hacker gains access to your
computer he can read anything that's
stored on your hard drive. He can
install programs which will monitor
your key strokes and send sensitive
passwords and user names back to his
lair, and he can even get copies of your
credit card and bank account numbers.
Once a hacker gets this information he
will proceed to steal you blind.
How to protect yourself against
hackers?
The best method is to use what is
known as a "firewall". This is a piece
of hardware, or software, or both
which is designed to make your
computer "invisible" on the Internet.
How does a firewall work?
A firewall works by blocking the
"ports", or doors, which hackers
commonly use to gain entrance. Once
those ports are blocked the hacker can
no longer "see" your computer and,
thus, is unable to attack it.
The new version of Windows XP
comes with a built-in firewall program
which may be all that you need to keep
your computer safe. In addition there
are commercial firewalls available
which run from simple to very
sophisticated.
A Typical Networked Environment
A networked business environment
consists of:
 People
 Agents: spy ware, Trojans, and
such
If PC is at risk from hacking?
The best way is to use a "friendly" port
scanner and let it act as if it is attacking
your machine. You can find one that
will let you know if your PC is at risk,
without doing you any harm. You can
also use web site to scan for viruses,
Trojan horses, and other threats, for
free, at the same time.
If the resulting computer security
report indicates that you have a
problem then you need a firewall. If
you are not technically inclined then
contact a PC security consultant for
help. Otherwise you can do a search on
Google for "XP Firewall", if you are
running the latest version of Windows
XP, or "home PC firewall", or "small
business PC firewall", as appropriate.
Three widely accepted principles of
information security are:
 Confidentiality
 Integrity
 Availability
 Accountability
A simple way to express this is "the
right information to the right people at
the right time.
Internal & External Threats
The threats to knowledge assets can
either be external and internal.
Traditionally, organizations have been
proactive in securing their corporate
networks from outside by deploying
programs like firewalls, antivirus
software, intruder detection systems,
and so on.
 Machines
 Data
From the above diagram, it is clear that
two constituents who are active are the
people and the agents - they process
and drive data and communication.
Electronic media used in Internet or
network communication typically
include:
 E-Mail
 File transfers
 Instant messengers
 Web-based applications
 Removable media like floppies,
CDs, and pen drives Printers
In general, the following security
measures are adopted by organizations
to safeguard/mitigate risks associated
with communications:
 Security Tool Benefits Drawbacks

Firewalls User security education is

 Protects against important. Physical security is
external security also often neglected -
threats implementing the most
 Provides perimeter powerful firewalls and having
security the most carefully designed
security policy is useless if
 Keeps insiders on
someone can simply walk off
trusted side
with the server.
Intrusion Detection Protects against external Assumes insiders pose no threat
Systems(IDS) security threats like hackers
trying to access the
corporate network
User set-up personal Shield against prying eyes Potential misuse of information
firewalls by users themselves may go
unnoticed
Security agents on Monitor usage at the Do not detect theft, misuse
desktops terminal level
Conclusion: research in the field of computer
Computer security is a serious and security can make success. It is
ongoing issue which requires your difficult to meet the security of the
constant observation. Don't let your information technology without
guard down or you could end up being legislations or the government
a victim. Continuous innovation and interference.
References:
1. Cryptography & Network Security - Atul Kahate
2. Network Security Essentials: applications & standards by Willam Stallings
3. Nasscom.com
4. Google.com
5. Daily newspaper-Indian Express, Times of India

View publication stats