Documente Academic
Documente Profesional
Documente Cultură
1. Trapdoors
In computing terms a trapdoor specifies a hidden entry into a system.
This hidden door then can be used to gain access to the compromised system
without the knowledge of the concerned party.
A trapdoor in a login system might take the form of a hard coded user and
password combination which gives access to the system.
2. Logic bombs
A logic bomb is a piece of code that is inserted into a computer program
to do something that was originally not the purpose of that software.
Logic bombs may reside within standard computer programs or it maybe included
as part of a payload in an malicious software. Such as viruses, worms etc.
3. Trojan Horse
A trojan horse is a computer program or part of a computer program, which hides
it’s original activities and pretends to be doing something else. A trojan horse
does not spread by itself. Rather, the victim has to be tricked into executing it in
his/her computer. In some cases, a trojan horse can be manually installed in a
specific computer.
Methods of Infection
The program may have come to the user through an unsuspecting email claiming
to be an important document, a very attractive picture or screen saver or some
thing of interest to the user. Sometimes, the user can be infected by a trojan
simply by visiting a malicious website.
4. Virus
In the arena of computer security, a virus is a computer program that spreads by
inserting copies of itself into other programs.
Most viruses are written with the intent of causing harm. There are also some
viruses whose aim is to just cause irritation on the part of the user.
Resident Viruses
This type of viruses tries to keep themselves in computer memory from
the moment they are able too load themselves in main memory.
Non-resident Viruses
This viruses don’t stay resident in memory.
Boot sector viruses
This types of viruses infect the hard disk partition table.
5. Worm
Computer worm is a self-replicating computer program similar to a computer
virus.
A virus attaches itself to, and becomes part of, another executable program;
however, a worm is self-contained and does not need to be part of another
program to propagate itself.
They are often designed to exploit the file transmission capabilities found on
many computers. The main difference between a computer virus and a worm is
that a virus cannot propagate by itself whereas worms can.
A worm uses a network to send copies of it to other systems and it does so
without any intervention. In general, worms harm the network and consume
bandwidth, whereas viruses infect or corrupt files on a targeted computer.
Q 2. Prepare a checklist for the following level of network security skills –
a. User level, b. Network Administrator level, c. Software development level
1. Linux uses the ext3 (previously ext2, ext) filesystem to format its partitions.
2. There is only a single hierarchal directory structure. Everything starts from the root dir-
ectory, represented by '/'
3. Under Windows, the various partitions are detected at boot and assigned a
drive letter. Under Linux, unless you mount a partition or a device, the
system does not know of the existence of that partition or device.
4. Linux uses the forward slash “/” symbol to differentiate between directories.
6. the root directory of generic linux distributions contain the following directories
/sbin - This directory contains all the binaries that are essential to the
working of the system.
/dev – This directory lists the different components available to the system.
/etc - This directory contains all the configuration files for your system.
/lib - This contains all the shared libraries that are required by system
programs.
/lost+found – After a system crash, fsck or e2fsck runs and checks the whole system for
filesystem corruption. If any recoverable files are found, they are place in this directory.
/opt - This directory contains all the software and add-on packages that
are not part of the default installation.
Functions
Ethereal is still technically beta software, but it has a comprehensive feature set and is
suitable for production use. Here is the list of features, current as of version 0.9.14, in no
particular order:
• Data can be captured "off the wire" from a live network connection, or read from
a capture file.
• Ethereal can read capture files from tcpdump (libpcap), Sniffer™ Pro, Microsoft's
Network Monitor, Novell's LANalyzer, Cisco Secure IDS iplog, the pppd log
(pppdumpformat).
• Live data can be read from Ethernet, FDDI, PPP, TokenRing, IEEE 802.11, Clas
sical IP over ATM, and loopback interfaces (at least on some platforms; not all of
those types are supported on all platforms).
• Captured network data can be browsed via a GUI, or via the TTYmode "tethere
al" program.
• Capture files can be programmatically edited or converted via commandline
switches to the "editcap" program.
• 759 protocols can currently be dissected:
Q 5. Write a report on five common settings and activities taking place on internet
enabled computers that make them vulnerable.
The common settings & activities that make the Internet enabled computers vulnerable:
1. Internet Explorer: Microsoft Internet Explorer is the most popular browser used for web surf-
ing and is installed by default on each Windows system. Internet Explorer contains multiple
vulnerabilities that can lead to memory corruption, spoofing and execution of arbitrary scripts.
2. Microsoft Office and Outlook Express: The attacker sends the malicious Office document in
an email message. Viruses can exploit this attack factor if the user opens and saves this
message into his folder without verifying the sender.
3. Windows Libraries:
Windows applications leverage a large number of system libraries often packaged in DLL files.
The reasons of vulnerabilities in windows libraries: Windows System may not have all the latest
security patches installed.
4. Windows Services:
The family of Windows Operating systems supports a wide variety of services, networking
methods and technologies. Vulnerabilities in these services that implement these Operating
System functionalities are one of the most common avenues for exploitation.
Messages sent through IM application are usually sent unencrypted. So, if we send our
credit card number through it, the number could easily be read by a third party.
Q 6. What is encryption? Describe how the encryption technology is being used to
maintain integrity and privacy of the contents.
Encryption:
Do yourself.
Q 8. What is firewall? Describe the functions of firewall.
Definition: A Firewall is a system which limits network access between two or more networks. Normally,
a Firewall is deployed between a trusted, protected private network and an untrusted public network.
Functions of firewall (NOTE – give short notes on the points)
1. Restrict / allow packets to and from the computer.
2. Restrict / allow specific programs to access the internet.
3. Keep logs of specific events.
4. Detect attacks. Such as port scans.
5. Close unnecessary ports and even make them stealth to the hacker.
6. Enable the user to create custom rules and maintain them.
Q 9. What is Virtual Hosting? What are the benefits if virtual hosting?
Virtual Hosting
• A virtual host is a domain associated with a server that hosts many domains.
• Which means that, in a virtual host, more than one web sites can be hosted in a
single machine.
Benefits of virtual hosting
1. Virtual hosts provide the ability for a single server to host many sites.
2. A single pc can possibly handle many (even 100’s) domains on a single network
connection.
3. Each virtual site appears as if it is running from it’s own machine.
4. This allows better utilization of servers.
5. This makes administration tasks much easier.
6. Costs are reduced.
Q 10. Why do we need Security? Describe details.
Computer security is the effort to create a secure computing platform, designed so that
agents (users or programs) can only perform actions that have been allowed.
This involves specifying and implementing a security policy. The actions in question can
be reduced to operations of access, modification and deletion.
Need for computer security:
• To protect our online privacy and the privacy of our data.
• To safeguard critical information already stored in the computer.
• To safeguard data while in transmission over the internet. Such as important
emails.
• Ability to safely and totally erase critical information.
• To protect our pc’s from hackers.
• To protect our pc’s from maliciously written softwares. Such as – virus, worms,
trojans, adwares etc.
11. What is PGP? Describe the logistic weakness of PGP.
[Please do it, and upload it. Like upload this file with an incremented version number.]
Q 12. What are the main differences between windows and Linux operation system?
Main differences between windows and linux are
1. License – Windows is a commercial product from Microsoft. Linux is a open source
and free product copyrighted by Linus Torvalds and is released under GNU GPL2.
2. Filesystem – Windows uses the FAT, FAT32 and NTFS filesystem. Linux uses ext2,
ext3, RAID filesystem.
3. Drive naming – Windows names each hard disk / cdrom as C:, D:, E: etc. Linux
names each drive as /dev/hda1, /dev/cdrom etc.
4. Security – Without using third party tools, linux is a more secure system than windows.
5. File hierarchy – Linux uses a simple file hierarchy, where every thing is mounted under
“/” or root. In windows folders are usually seen under c: , d: or e: drive etc.
6. Naming files – In windows naming of files are not case sensitive. But, naming of files
under linux is case sensitive.
7. Directory separation – Windows uses the back slash “\” character to separate
directories. Linux uses forward slash “/” character.
8. POSIX – Linux is POSIX complient. Windows is not POSIX complient.
9. Vendors – There are many vendors of linux available. Such as SuSE, RedHat etc. But,
there is only one vendor of windows, that is Microsoft.
10. Ease of use – Windows has tried always to be an easy operating system. And it is.
Linux has always tried to be an advanced operating system. And it is so too.
Q 13. What is web server? How do you secure a Web Server?
Definition:
A computer that delivers (serves up) Web pages. Every Web server has an IP address and possibly a domain
name. For example, if you enter the URL http://www.pcwebopedia.com/index.html in your browser, this
sends a request to the server whose domain name is pcwebopedia.com. The server then fetches the page
named index.html and sends it to your browser.
How do you secure a Web Server:
Passwords
Keep your Web server password secure, don't share it with other people (or write it
down), and follow good password security.
Security through Obscurity
We should never think that just because our website is small that we are not going to be
hacked. We should always be obscure about our website’s security, even be it is small.
Do not brag
It is never a good idea to brag about the security of the system, because it always presents
a challenge to the crackers. As we know that even the us FBI site has been hacked. SO,
we should not brag about.
Running the Server
Servers running on Unix and Linux should be run as an account with little or no access. If
you need a Web user, then make sure that that user account has no permissions on the
server. NEVER RUN YOUR SERVER AS ROOT.
CGIBIN Issue
Make sure that your interpreters (programs that run your CGIs) are not stored in your cgi
bin directory. Perl, sh, Tcl, and so on, should be in directories that are not accessible from
the Web.
Intrusion detection system
Make use of a Intrusion Detection System, such as SNORT or TripWire.