Page 134 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 134
Information Security and Privacy
Notes 5. Denial of Service: You have probably heard this phrase used in news reports on the attacks
on major Websites. This type of attack is nearly impossible to counter. What happens is
that the hacker sends a request to the server to connect to it. When the server responds
with an acknowledgement and tries to establish a session, it cannot find the system that
made the request. By inundating a server with these unanswerable session requests, a
hacker causes the server to slow to a crawl or eventually crash.
6. E-mail Bombs: An e-mail bomb is usually a personal attack. Someone sends you the same
e-mail hundreds or thousands of times until your e-mail system cannot accept any more
messages.
7. Macros: To simplify complicated procedures, many applications allow you to create a
script of commands that the application can run. This script is known as a macro. Hackers
have taken advantage of this to create their own macros that, depending on the application,
can destroy your data or crash your computer.
8. Viruses: Probably the most well-known threat is computer viruses. A virus is a small
program that can copy itself to other computers. This way it can spread quickly from one
system to the next. Viruses range from harmless messages to erasing all of your data.
9. Spam: Typically harmless but always annoying, spam is the electronic equivalent of junk
mail. Spam can be dangerous though. Quite often it contains links to Websites. Be careful
of clicking on these because you may accidentally accept a cookie that provides a backdoor
to your computer.
10. Redirect Bombs: Hackers can use ICMP to change (redirect) the path information takes by
sending it to a different router. This is one of the ways that a denial of service attack is set
up.
11. Source Routing: In most cases, the path a packet travels over the Internet (or any other
network) is determined by the routers along that path. But the source providing the packet
can arbitrarily specify the route that the packet should travel. Hackers sometimes take
advantage of this to make information appear to come from a trusted source or even from
inside the network! Most firewall products disable source routing by default.
Some of the items in the list above are hard, if not impossible, to filter using a firewall. While
some firewalls offer virus protection, it is worth the investment to install anti-virus software on
each computer. And, even though it is annoying, some spam is going to get through your
firewall as long as you accept e-mail.
The level of security you establish will determine how many of these threats can be stopped by
your firewall. The highest level of security would be to simply block everything. Obviously
that defeats the purpose of having an Internet connection. But a common rule of thumb is to
block everything, then begins to select what types of traffic you will allow.
You can also restrict traffic that travels through the firewall so that only certain types of
information, such as e-mail, can get through. This is a good rule for businesses that have an
experienced network administrator that understands what the needs are and knows exactly
what traffic to allow through.
For most of us, it is probably better to work with the defaults provided by the firewall developer
unless there is a specific reason to change it. One of the best things about a firewall from a
security standpoint is that it stops anyone on the outside from logging onto a computer in your
private network.
While this is a big deal for businesses, most home networks will probably not be threatened in
this manner. Still, putting a firewall in place provides some peace of mind.
128 LOVELY PROFESSIONAL UNIVERSITY
