Documente Academic
Documente Profesional
Documente Cultură
1. Trapdoors:
In computing terms a trapdoor specifies a hidden entry into a system. This hidden
door then can be used to gain access to the compromised system without the
knowledge of the concerned party.
A trapdoor in a login system might take the form of a hard coded user and
password combination which gives access to the system.
2. Logic bombs:
A logic bomb is a piece of code that is inserted into a computer program to do
something that was originally not the purpose of that software.
Logic bombs may reside within standard computer programs or it maybe included as
part of a payload in malicious software. Such as viruses, worms etc.
1
3. Trojan Horse:
A Trojan horse is a computer program or part of a computer program, which hides its
original activities and pretends to be doing something else. A Trojan horse does not
spread by itself. Rather, the victim has to be tricked into executing it in his/her
computer. In some cases, a Trojan horse can be manually installed in a specific
computer.
Methods of Infection:
The program may have come to the user through an unsuspecting email claiming to
be an important document, a very attractive picture or screen saver or some thing
of interest to the user. Sometimes, the user can be infected by a trojan simply by
visiting a malicious website.
Some well-known Trojan horses are -
Back Orifice, Back Orifice 2000, Beast Trojan, Net Bus, and Sub Seven.
4. Virus:
In the arena of computer security, a virus is a computer program that spreads by
inserting copies of itself into other programs.
Most viruses are written with the intent of causing harm. There are also some viruses
whose aim is to just cause irritation on the part of the user.
• Resident Viruses:
These types of viruses tries to keep themselves in computer memory from the
moment they are able too load themselves in main memory.
• Non-resident Viruses:
5. Worm:
Computer worm is a self-replicating computer program similar to a computer virus.
A virus attaches itself to, and becomes part of, another executable program;
however, a worm is self-contained and does not need to be part of another program
to propagate itself.
They are often designed to exploit the file transmission capabilities found on many
2
computers. The main difference between a computer virus and a worm is that a virus
cannot propagate by itself whereas worms can.
A worm uses a network to send copies of it to other systems and it does so without
any intervention. In general, worms harm the network and consume bandwidth,
whereas viruses infect or corrupt files on a targeted computer.
3
Software development level skills:
1. Uses updated/required network communication protocols to write (network
related) software’s.
2. If necessary uses encryption for communication in the required software’s.
3. Makes the management of the programs as documented as possible.
4. Always looks out for bugs and tries to fix them.
5. Makes solutions necessary to meet the network security needs/demands.
The Linux file system is quite different from the windows file system.
1. Linux uses the ext3 (previously ext2, ext) file system to format its parti-
tions.
3. under Windows, the various partitions are detected at boot and assigned
a drive letter. Under Linux, unless you mount a partition or a device, the
system does not know of the existence of that partition or device.
4. Linux uses the forward slash “/” symbol to differentiate between direct-
ories.
6. The root directory of generic Linux distributions contain the following dir-
ectories
4
bin/ dev/ home/ lost+found/ proc/ sbin/ usr/
boot/ etc / lib/ mnt / root/ tmp/ var/
/sbin - This directory contains all the binaries that are essential to the
working of the system.
/boot - This directory contains the system. Map file as well as the Linux
kernel.
/dev – This directory lists the different components available to the system.
/etc - This directory contains all the configuration files for your system.
/lib - This contains all the shared libraries that are required by system
programs.
/lost+found – After a system crash, fsck or e2fsck runs and checks the
whole system for file system corruption. If any recoverable files are found,
they are place in this directory.
/opt - This directory contains all the software and add-on packages that
are not part of the default installation.
5
Q 4. Describe the functions of a packet analyzer like Ethereal:
Functions
Ethereal is still technically beta software, but it has a comprehensive feature set and
is suitable for production use. Here is the list of features, current as of version
0.9.14, in no particular order:
• Data can be captured "off the wire" from a live network connection, or read from
a capture file.
• Ethereal can read capture files from tcpdump (libpcap), Sniffer™ Pro, Microsoft's
Network Monitor, Novell's LAN analyzer, Cisco Secure IDS iplog, the pppd log
(pppdump-format).
• Live data can be read from Ethernet, FDDI, PPP, Token-Ring, IEEE 802.11, and
Classical IP over ATM, and loop back interfaces (at least on some platforms; not
all of those types are supported on all platforms).
• Captured network data can be browsed via a GUI, or via the TTY-mode "ethereal"
program.
• Capture files can be programmatically edited or converted via command-line
switches to the "edit cap" program.
• 759 protocols can currently be dissected:
The common settings & activities that make the Internet enabled computers
vulnerable:
1. Internet Explorer: Microsoft Internet Explorer is the most popular browser used
for web surfing and is installed by default on each Windows system. Internet Ex-
plorer contains multiple vulnerabilities that can lead to memory corruption, spoof-
ing and execution of arbitrary scripts.
6
3. Windows Libraries:
Windows applications leverage a large number of system libraries often packaged in
DLL files. The reasons of vulnerabilities in windows libraries: Windows System may
not have all the latest security patches installed.
4. Windows Services:
The family of Windows Operating systems supports a wide variety of services,
networking methods and technologies. Vulnerabilities in these services that
implement these Operating System functionalities are one of the most common
avenues for exploitation.
7
algorithm that creates a unique summary of a message known as a message digest
and transmits it along with the message. When the recipient decrypts the message,
he uses the same hash function (the details of hash functions are generally not
secret) to create his own version of the message digest and then compares it to the
digest transmitted with the message. If the two digests match, the recipient knows
that the integrity of the message is preserved. If the digests differ, something altered
the message along the way. (This alteration could be the result of intentional
mischief or happenstance, such as electrical interference, faulty networking
equipment or similar failures.)
To ensure that no one can forge our electronic signature, in encryption technology
digital signatures make use of public key techniques, using algorithms such as DSA
and RSA (the latter being the most common implementation).
Suppose Alice now wishes to send a signed message to Bob using RSA. She uses a
“hash function” to create a uniquely concise version of the original text - known as a
“message digest” - which serves as a very much smaller "digital fingerprint" of the
message. As with general encryption, there are several secure hash functions
available such as Message Digest 5 (MD-5) or Secure Hash Algorithm (SHA-1). After
a couple of potential weaknesses were discovered with MD5, SHA-1 has become the
preferred method.
8
what outside resources its own users have access to.
• In addition to protecting trusted networks from the internet, firewalls are in-
creasingly being deployed to protect sensitive portions of local area networks
and individual PC’s.
2. A single pc can possibly handle many (even 100’s) domains on a single network
connection.
9
10
Q 10. Why do we need Security? Describe details:
Computer security is the effort to create a secure computing platform, designed so
that agents (users or programs) can only perform actions that have been allowed.
This involves specifying and implementing a security policy. The actions in question
can be reduced to operations of access, modification and deletion.
• To protect our pc’s from maliciously written software’s. Such as – virus, worms,
Trojans, adwares etc.
A PGP key may have more than one user ID and thus be used for more than
one E-mail address (or other identifier). It is possible for an "attacker" to add
a false user ID to a legitimate public key. If that user ID is not signed by the
key's owner, the key itself will appear valid if the owner signed at least one
user ID and another PGP user then adds the key to his public keying and
11
signs it (or updates it after signing the key before the attack). As a
consequence, the unsuspecting user might encrypt a message and send it to
the attacker (to the spurious user ID) when the intended recipient is the key's
owner. however, the message does not reach the intended recipient. Thus, the
attacker uses this vulnerability to disrupt secure communication between two
PGP users.
The attempt to decrypt an encrypted file with a very large file name can cause
a buffer overflow in PGP itself. An intentional use of this error can result in the
execution of hostile code.
The PGP Corporation makes its source code available for public inspection to
prove that no backdoor exists. Anyone can take that source code, compile it,
and compare the resulting version of PGP with the latest downloaded version
of PGP. The PGP Corporation (and NAI before it) would have no market for its
product if a backdoor existed.
Q 12. What are the main differences between windows and Linux operation
system?
Main differences between windows and Linux are:
1. License – Windows is a commercial product from Microsoft. Linux is a open
source and free product copyrighted by Linus Torvalds and is released under GNU
GPL2.
2. File system – Windows uses the FAT, FAT32 and NTFS file system. Linux uses
ext2, ext3, RAID file system.
3. Drive naming – Windows names each hard disk / cd-rom as C:, D:, E: etc. Linux
names each drive as /dev/hda1, /dev/cdrom etc.
4. Security – Without using third party tools, Linux is a more secure system than
windows.
12
5. File hierarchy – Linux uses a simple file hierarchy, where every thing is mounted
under “/” or root. In windows folders are usually seen under c:, d: or e: drive etc.
6. Naming files – In windows naming of files are not case sensitive. But, naming of
files under Linux is case sensitive.
7. Directory separation – Windows uses the back slash “\” character to separate
directories. Linux uses forward slash “/” character.
9. Vendors – There are many vendors of Linux available. Such as SuSE, Red Hat
etc. But, there is only one vendor of windows that is Microsoft.
10. Ease of use – Windows has tried always to be an easy operating system. And it
is. Linux has always tried to be an advanced operating system. And it is so too.
Definition:
A web server serves web pages to clients across the Internet or an Intranet. The web
server hosts the pages, scripts, programs, and multimedia files and serves them
using HTTP, a protocol designed to send files to web browsers and other protocols.
After an HTTP server receives a request, it attempts to process the request. If a
document is requested, the web server will attempt to find the document and return
it. If the resource requested can not be located or if there is something wrong with
the request itself, the server generates an error.
The most common web server is Apache (available for all major operating systems)
though IIS (Internet Information Server - available on the Windows Platform) is a
fast growing web server.
1. Passwords:
Keep your Web server password secure, don't share it with other people (or
write it down), and follow good password security.
13
We should never think that just because our website is small that we are not
going to be hacked. We should always be obscure about our website’s
security, even be it is small.
3. Do not brag:
It is never a good idea to brag about the security of the system, because it
always presents a challenge to the crackers. As we know that even the us FBI
site has been hacked. SO, we should not brag about.
5. CGI-BIN Issue:
Make sure that your interpreters (programs that run your CGIs) are not
stored in your cgi-bin directory. Perl, sh, Tcl, and so on, should be in
directories that are not accessible from the Web.
-------------------END------------------
14
15