Page 219 - DCAP406_DCAP_207_Computer Networks
P. 219

Computer Networks/Networks




                    Notes              viruses are spread through attachments on emails. However, a cautious user action may
                                       prevent the spread of virus because virus requires a user action to insert itself into a
                                       computer. It is therefore suggested that never open an email attachment, which is not
                                       expected, even though the sender appears to be known. However, this preventive measure
                                       will do little to stop worms from infecting the network because worms do not need a host
                                       file and they propagate themselves. When they infect a computer, they often make quick
                                       copies of it and infect an entire network within a few hours. To avoid attacks from viruses
                                       and worms, a latest version of anti virus software should be used.
                                   2.  Trojan Horses: This malware attack disguises itself as something innocent like a computer
                                       game or a search results page. Once installed on a computer, the Trojan horse may download
                                       and install a keylogger onto the infected computer to record every keystroke by a
                                       computer’s user, thus stealing vital details of the users. They usually hide themselves in a
                                       downloadable free software on a website. The users should detest themselves from
                                       downloading freeware. It is often observed that organizations block free download software
                                       to prevent themselves from the attack of Trojan horses. Sometimes, a computer infected
                                       with Trojan horse are required to be reformatted, therefore, it is suggested that preventive
                                       steps need to enforced effectively than curing the infected computer system.

                                   3.  Spam: Spam constitutes 70 to 84 percent of daily emails sent throughout the world that
                                       demands an ever increasing need for IT resources to filter out this irritating and potentially
                                       malicious menace. Spam email comprises of unsolicited emails promoting products and
                                       coordinated spam attacks to consume so much bandwidth on a network so as to cause it to
                                       crash. Spam may use techniques “news service” spam, which uses legitimate news headlines
                                       to trick recipients into opening spam emails. Good email filters are used to filter the
                                       spams. And much of what slips through can be avoided by staying away not to trick with
                                       the emails. There should be check for signing of any online service or freebie. The naming
                                       system for creating email accounts should not be easily guessable because spammers are
                                       increasingly going through common name lists in order to harvest emails to spam.
                                   4.  Phishing: Emails with titles such as, “URGENT: Update Account Status” are all attempts by
                                       a spammer to “phish” the account details. The Phishing refers to spam emails to trick
                                       recipients into clicking on a link to an insecure website and provide details considering
                                       the website as genuine one. Typically, phishing attempts are carried out to steal account
                                       information for e-commerce sites such as banks, eBay or regular financial institutions’
                                       websites. A phishing email tricks the user to click a link, which will take the user to a page
                                       where the user is asked to re-enter all his or her account details including credit card
                                       number(s) and/or passwords. These websites are not actual site, even though they look
                                       like it. To protect the network, users should be cautious and detest themselves to opening
                                       and providing vital details requested by any financial institutions. They should confirm
                                       the integrity before supplying such details. Financial institution should also educate their
                                       employees about the most common ways in which hackers try to phish the account
                                       information.

                                   5.  Packet Sniffers: Packet sniffers are the technique used to capture data streams over a
                                       network to obtain sensitive data like usernames, passwords, credit card numbers, etc.
                                       Thus, packet sniffers are more malicious forms of threats to the network security. Packet
                                       sniffers monitor and record details that are coming from and going to a computer over a
                                       compromised network. To get access to a network, packet sniffer use honeypots. They are
                                       simply unsecured wifi access points that hackers create to trap users who are using them.
                                       Making users aware about the threat of packet sniffers is best prevention policy. A user
                                       should be aware not to access the Internet through an unsecured connection. Falling to
                                       packet sniffers technique will lead to compromise with sensitive network data. In addition,
                                       the user should use a variety of different sign on names and passwords to access various




          212                               LOVELY PROFESSIONAL UNIVERSITY
   214   215   216   217   218   219   220   221   222   223   224