Wednesday, December 15, 2010

Monday, December 13, 2010

IT104 1st ass.

#1. Why has been there a dramatic increase in the number of computer related security incidents in recent years?
ans.
 
 
 
 
#2. What are some characteristics of common computer criminals, including their objective?
        ans : Convicted computer criminals are people who are caught and convicted of computer crimes such as breaking into computers or computer networks.[1] Computer crime can be broadly defined as criminal activity involving information technology infrastructure, including illegal access (unauthorized access), illegal interception (by technical means of non-public transmissions of computer data to, from or within a computer system), data interference (unauthorized damaging, deletion, deterioration, alteration or suppression of computer data), systems interference (interfering with the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data), misuse of devices, forgery (or identity theft) and electronic fraud.[2]
In the infancy of the hacker subculture and the computer underground,[3] criminal convictions were rare because there was an informal code of ethics that was followed by white hat hackers.[4] Proponents of hacking claim to be motivated by artistic and political ends, but are often unconcerned about the use of criminal means to achieve them.[5] White hat hackers break past computer security for non-malicious reasons and do no damage, akin to breaking into a house and looking around.[6] They enjoy learning and working with computer systems, and by this experience gain a deeper understanding of electronic security.[6] As the computer industry matured, individuals with malicious intentions (black hats) would emerge to exploit computer systems for their own personal profit.[6]
Convictions of computer crimes, or hacking, began as early as 1983 with the case of The 414s from the 414 area code in Milwaukee. In that case, six teenagers broke into a number of high-profile computer systems, including Los Alamos National Laboratory, Sloan-Kettering Cancer Center and Security Pacific Bank. On May 1, 1983, one of the 414s, Gerald Wondra, was sentenced to two years of probation.[7] As of 2009, the longest prison term for computer crimes—nearly five years—was handed down to Jeanson James Ancheta, who created hundreds of zombie computers to do his bidding via giant bot networks or botnets.[8] He then sold the botnets to the highest bidder who in turn used them for Denial-of-service (DoS) attacks.

#3. What actions must be taken in response to a security incidents?
       ans : By having these " Reducing Vulnerabilities" ..

ass.2


FIREWALL
Long term readers of this blog will know that I am keen on personal security from the computer perspective and also that I am keen on windows users installing personal firewalls. My friends will tell you how often my eyes roll when they ask me to fix their unprotected machines.
First I guess, a definition of personal is required here.  By this I simply mean it is a software based firewall that sits on the same machine it is intending to protect. So I’m not talking standalone stuff like Smoothwall or Firestarter (both *nix based and free) and neither am I talking about the big boys of Corporate security such as Checkpoint, Cisco PIXes,  Cyberguards, well the list does go on.
I hear often and long about all you need is a router and an anti-virus application (maybe an anti-malware scanner) but you should never need more than Windows provides and certainly you shouldn’t need a firewall beyond stealthing your open internet ports. Well I disagree and I will continue to do so whilst Windows maintains its inherently buggy approach to security. Beyond this I hear the so called experts say that so long as we are careful never to install or click on anything untoward then we don’t need a personal firewall.
Bull.
So long as we all remain human, then we all remain susceptible to malware or buggy software. Take me for example – in >25 years in IT I have never so much as had a virus or any other form of malware attack my PC until recently and I am very careful about what I do and don’t do.
However, I can’t legislate for my children (or my wife) who will click on ill chosen adverts by web masters – and so recently I ended up with Vundo on my system. Whilst I can’t (well I can but won’t) control my children’s clicking behaviour to the nth degree, what I have drilled into them is  that if a popup appears they come and get me or stop what they are doing and wait for me or phone me [parenting 101 tip: I always have time for my children]. So whilst my system got this trojan I wasn’t susceptible to the spying activities of it because my personal firewall detected the outbound activity and threw up the alert. It then took me best part of a day on and off to remove the horrible thing, but at least it didn’t leak anything.