126.96.36.199 Define computer security.
Computer security means protecting our computer systems and the information they contain against unwanted access, damage, destruction or modification. Three types of computer security are: hardware security software security/data security network security
We need to protect our computer from any intruders such as hackers, crackers and script kiddie.
1.3.2 Security Threats
188.8.131.52 Explain briefly the different threats to computer security:
Malicious code is also known as a rogue program. It will cause undesired effects in the programmer’s part. The effect is caused by an agent, with the intention to cause damage. The agent for malicious code is the writer of the code who causes its distribution. There are various kinds of malicious code. They include virus, Trojan horse, logic door, trapdoor and backdoor, worm and many others.
Hacking is defined as unauthorised access to the computer system by a hacker. Hackers are persons who learn about the computer system in detail. They write program referred to as hacks. Hackers may use a modem or cable to hack the targeted computers.
Computers are also threatened by natural or environmental disaster. Examples of natural and environmental disasters:
- Earthquakes, storms and tornados
- Excessive Heat
- Inadequate Power Supply
Two types of computer theft:
1) Computer is used to steal money, goods, information and resources.
2) Stealing of computer, especially notebook and PDAs.
Apply the correct security procedures.
We need to protect the data in the computer as it may somehow get lost or corrupted due to some viruses or mishap like fire, flood, lightning, machine failures and even human errors. There are a few ways to protect the information namely:
• make backup files
• detect the virus and clean the computer
• warn others on virus attacks
Detecting Illegal Access To Systems
The computer system is able to detect any illegal access to the system by a user who does not have any authorisation. Tcpwrappers and tripwire are often used to detect any illegal access (unauthorize) to the system. User's access will be reviewed periodically by computer operations. On going internal audits will be made to ensure detection of violations of security and unauthorised modifications to software and data .
Tcpwrappers will control access at the application level, rather than at the socket level like iptables and ipchains. The system will run tcpwrappers to log access to ftp, tftp, rch, rlogin, rexec and telnet.
Tripwire will detect and report on any changes in the thousands of strategic system files. The system will run tripwire to determine if system files have changed.
Preventing Illegal Access To Systems
Computer systems would not allow any unauthorised users to simply access the system. Ways to prevent illegal access to systems: • Run anlpassword to make password cracking difficult. Run tcpwrappers to check if the name for an ip address can be provided by DNC Use a callback system to prevent unauthorised use of stolen passwords.
Preventing Illegal Root Access
To prevent any illegal root access, we should have Sudo (stands for Superuser do) so that people can perform on some machine without getting access to the entire root if that is not required. In addition, with Sudo we did not have to give out the root password.
Sudo is a program in Unix, Linux and similar operating systems such as Mac OS X that allows users to run programs in the form of another user (normally in the form of the system's superuser). Sudo allows a permitted user to execute a command as the superuser or another user, as specified in the sudoers file.
Patch supplies small updates to software, provided that the source code is available. Patch is a name of an UNIX utility. It applies a script generated by the different program to a set of files that allows changes from one file to be directly applied to another file. Resources are not enough to patch all security holes that we hear about through the bugtraq list.