Tuesday, 25 March 2008
Tuesday, 11 March 2008
11 March 2008
Captains Log : we read up on a few subjects . a short explanation of the subjects is shown below XD
Social Engineering: Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information.While similar to a confidance trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most cases the attacker never comes face-to-face with the victim.
Passwords:A password is a form of secret authentication data that is used to control access to a resource. The password is kept secret from those not allowed access, and those wishing to gain access are tested on whether or not they know the password and are granted or denied access accordingly.
Email Encryption: E-mail encryption refers to encryption, and often authentication of e-mail messages. E-mail encryption usually relies on public key cryptography.
Security Suites:A security suite can do many things such as firewall spyware malware all of these can be controlled by the suite
Proxy Servers: A Proxy Server is one that acts on behalf of another server, usually for Web related purposes. The proxy server is set up by an organisation's system administrator as a gateway between trusted (local server) and non-trusted networks (Internet).
Back Up and Restore: The idea of backing up is to make a copy of your important data as a precaution against losing the original, if you lost the original you can just import from the data disk or external HDD
Content Filtering: Content filtering software works by checking the information, eg: URL, typed in by a user against an exclusion list. This list could also contain words that would be blocked if the user tries to enter them.
Content Rating: This is to let you know who the site you are viewing is suited for The labeling is done using a web-based questionnaire. The content creators check which of the elements in the questionnaire are present or absent from their Web sites, and a small file is automatically generated using the RDF format, which is then linked to the content on one or more domains. Formerly, the system was based on PICS.
Social Engineering: Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information.While similar to a confidance trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most cases the attacker never comes face-to-face with the victim.
Passwords:A password is a form of secret authentication data that is used to control access to a resource. The password is kept secret from those not allowed access, and those wishing to gain access are tested on whether or not they know the password and are granted or denied access accordingly.
Email Encryption: E-mail encryption refers to encryption, and often authentication of e-mail messages. E-mail encryption usually relies on public key cryptography.
Security Suites:A security suite can do many things such as firewall spyware malware all of these can be controlled by the suite
Proxy Servers: A Proxy Server is one that acts on behalf of another server, usually for Web related purposes. The proxy server is set up by an organisation's system administrator as a gateway between trusted (local server) and non-trusted networks (Internet).
Back Up and Restore: The idea of backing up is to make a copy of your important data as a precaution against losing the original, if you lost the original you can just import from the data disk or external HDD
Content Filtering: Content filtering software works by checking the information, eg: URL, typed in by a user against an exclusion list. This list could also contain words that would be blocked if the user tries to enter them.
Content Rating: This is to let you know who the site you are viewing is suited for The labeling is done using a web-based questionnaire. The content creators check which of the elements in the questionnaire are present or absent from their Web sites, and a small file is automatically generated using the RDF format, which is then linked to the content on one or more domains. Formerly, the system was based on PICS.
Tuesday, 4 March 2008
Hackers(Crackers)
In a security context, a hacker is someone involved in computer security/insecurity, specializing in the discovery of exploits in systems (for exploitation or prevention), or in obtaining or preventing unauthorized access to systems through skills, tactics and detailed knowledge. In the most common general form of this usage, "hacker" refers to a black-hat hacker (a malicious or criminal hacker). There are also ethical hackers (more commonly referred to as white hats), and those more ethically ambiguous (grey hats).
Rootkits and Mail Bombs
An Explanation of Root Kits and Mail Bombs is show below
Mail Bombs- these generally send hundreds of emails to one address in an attemp to crash the server,easy to design but are easily to filter thro spam filters.A form of mail-bombing popular in Russia is called a ZIP bomb. This is a slightly different form of denial of service attack against a computer system's (mail server). After most commercial mail servers began checking mail with anti-virus software and filtering certain malicious file types, trojan horse viruses tried to send themselves compressed into archives, such as ZIP, RAR or 7-Zip. Mail server software was then configured to unpack archives and check their contents as well. That gave black hats the idea to compose a "bomb" consisting of an enormous text file, containing, for example, only the letter z repeated millions of times. Such a file compresses into a relatively small archive, but its unpacking (especially by early versions of mail servers) would use a high amount of processing power, RAM and swap space, which could result in denial of service. Modern mail server computers usually have sufficient intelligence to recognize such attacks as well as sufficient processing power and memory space to process such attachments without interruption of service, though some are still susceptible to this technique if the ZIP bomb is mass-mailed.
Rootkits(Backdoor)-The term rootkit or root kit originally referred to a maliciously modified set of administrative tools for a Unix-like operating system. If an intruder could replace the standard administrative tools on a system with a rootkit, the modified tools would give the intruder administrative control over the system while concealing his activities from the legitimate system administrator. The earliest known rootkit was written ca. 1990 by Lane Davis and Riley Dake for SunOS 4.1.1. There was an earlier, quite famous, exploit equivalent to a rootkit which was perpetrated by Ken Thompson of Bell Labs against a Naval Laboratory in California to win a bet. Thompson subverted the C compiler in a distribution of Unix to the Lab.
Rootkits were so named because they allowed an intruder to become a root user (ie, the system administrator) of a Unix system. Since then, similar software has been developed for other operating systems, and the term rootkit has been broadened to include any software that surreptitiously alters an operating system so that an unauthorized user can take arbitrary control of the system. .
Rootkits became much better known in 2005, when Sony BMG caused a scandal by including rootkit software on music CDs which altered the Windows OS to allow access to anyone aware of the rootkit's installation. Supposedly, this was done to enforce copy protection of the music on the CDs.
Mail Bombs- these generally send hundreds of emails to one address in an attemp to crash the server,easy to design but are easily to filter thro spam filters.A form of mail-bombing popular in Russia is called a ZIP bomb. This is a slightly different form of denial of service attack against a computer system's (mail server). After most commercial mail servers began checking mail with anti-virus software and filtering certain malicious file types, trojan horse viruses tried to send themselves compressed into archives, such as ZIP, RAR or 7-Zip. Mail server software was then configured to unpack archives and check their contents as well. That gave black hats the idea to compose a "bomb" consisting of an enormous text file, containing, for example, only the letter z repeated millions of times. Such a file compresses into a relatively small archive, but its unpacking (especially by early versions of mail servers) would use a high amount of processing power, RAM and swap space, which could result in denial of service. Modern mail server computers usually have sufficient intelligence to recognize such attacks as well as sufficient processing power and memory space to process such attachments without interruption of service, though some are still susceptible to this technique if the ZIP bomb is mass-mailed.
Rootkits(Backdoor)-The term rootkit or root kit originally referred to a maliciously modified set of administrative tools for a Unix-like operating system. If an intruder could replace the standard administrative tools on a system with a rootkit, the modified tools would give the intruder administrative control over the system while concealing his activities from the legitimate system administrator. The earliest known rootkit was written ca. 1990 by Lane Davis and Riley Dake for SunOS 4.1.1. There was an earlier, quite famous, exploit equivalent to a rootkit which was perpetrated by Ken Thompson of Bell Labs against a Naval Laboratory in California to win a bet. Thompson subverted the C compiler in a distribution of Unix to the Lab.
Rootkits were so named because they allowed an intruder to become a root user (ie, the system administrator) of a Unix system. Since then, similar software has been developed for other operating systems, and the term rootkit has been broadened to include any software that surreptitiously alters an operating system so that an unauthorized user can take arbitrary control of the system. .
Rootkits became much better known in 2005, when Sony BMG caused a scandal by including rootkit software on music CDs which altered the Windows OS to allow access to anyone aware of the rootkit's installation. Supposedly, this was done to enforce copy protection of the music on the CDs.
Subscribe to:
Posts (Atom)