qwertyuiopasdfghjklzxcvbnmq

wertyuiopasdfghjklzxcvbnmqw
ertyuiopasdfghjklzxcvbnmqwer
tyuiopasdfghjklzxcvbnmqwerty
uiopasdfghjklzxcvbnmqwertyui
opasdfghjklzxcvbnmqwertyuiop
asdfghjklzxcvbnmqwertyuiopas
dfghjklzxcvbnmqwertyuiopasdf
ghjklzxcvbnmqwertyuiopasdfgh
jklzxcvbnmqwertyuiopasdfghjkl
zxcvbnmqwertyuiopasdfghjklzx
cvbnmqwertyuiopasdfghjklzxcv
bnmqwertyuiopasdfghjklzxcvbn
mqwertyuiopasdfghjklzxcvbnm
qwertyuiopasdfghjklzxcvbnmq
wertyuiopasdfghjklzxcvbnmqw
ertyuiopasdfghjklzxcvbnmrtyui
opasdfghjklzxcvbnmqwertyuiop



BTEC National Extended Diploma

Unit 32 Network Systems Security P1

4/19/2013

Tahir Hussain ID: 205435



Contents
Task P1 Network Security Threats .......................................................................................................... 2
Denial of service & Distributed DoS attack ......................................................................................... 2
Backdoor ............................................................................................................................................. 2
Spoofing .............................................................................................................................................. 2
Mathematical ...................................................................................................................................... 2
Brute force .......................................................................................................................................... 2
Software exploitation ......................................................................................................................... 2
Virus .................................................................................................................................................... 3
Rootkit ................................................................................................................................................. 3
Worm .................................................................................................................................................. 3
Trojan .................................................................................................................................................. 4
Spyware ............................................................................................................................................... 4
Adware ................................................................................................................................................ 4















Task P1 Network Security Threats
Denial of service & Distributed DoS attack
A DoS attack is a way of making a computer, server or network unable to work or function properly.
This can be an easy as unplugging a computer from the power socket. A distributed DoS attack is
when many rogue systems attack a single system like a server this can be done with thousands of
systems eventually bringing down a system like a server. This is DoS attack is used quite frequently
by the well-known hacker collective Anonymous.
A Smurf attack is another form of DoS which involves sending many packets to a single IP address by
pinging them constantly with many devices. This overloads the targeted system as it has to reply to
all of the requests eventually bringing down the victims computer. However this is an old and
ineffective form of DoS now, since 1999 most standards recognise this form of attack and
block/deny them also most Anti-virus softwares and servers are configured to ignore this attack.
An infected computer which will contributes in attacking other computers without the owners
knowledge is known as a Zombie, along with other zombies they are a part of a group called a
botnet.
Backdoor
A backdoor is a tricky to find type of malware which attempts to get through authentication, obtain
remote control of a victims computer and gaining access to text files etc. while remaining
undetected by the user. Backdoors are usually in a form of an installed program that a computer
user installed thinking it was a legitimate program such as Anti-virus software.
Spoofing
Spoofing is a way of gaining access to confidential information and resources by pretending to be
someone else. This is done by an attacker and it can be done in many ways. IP address spoofing is
when packets are sent with a fake IP address so the attacker can try and steal the victims accounts.
Email spoofing is when an attacker will sent fraudulent emails in order to get peoples passwords,
logins etc. Another spoofing method is by setting up sham wireless access points and so tricks
victims to connect to them via the wireless connection.
Mathematical
A mathematical attack is when an attacker will use specialised software with the mathematical
elements of algorithms in order to decrypt encrypted data. This is done by intercepting encrypted
data for example you can crack a WEP network using a widely available public program called
aircrack; this program will eventually recover keys once enough packets of data have been captured.
Brute force
A brute-force attack is used to decrypt almost any type of encrypted data by analysing and trying
every single possible keys and combinations until the right key has been found. This attack is quite
popular when trying to get a users password so it is very important to have an especially difficult and
long passwords for vital accounts such as a online banking service. This will delay the process of
finding the password so attackers might be put off by the wasted time.Software exploitation
Software manufactures what to create something that works 100% and is very secure, however that
is impossible. Sooner or later someone will find, exploit and misuse a glitch or error within the
product in order to do things the product was originally made not to do. This can be as simple
crashing the application by sending distorted input, to getting unauthorised access by changing
information with the cookies or URL.
A way to counter this is by constantly staying up-to-date by installing the most recent patches,
updates and services.
Virus
A computer virus is a program which duplicates itself and so multiplies causing a lot of damage to
files and it also causes disruption with the system itself. If the same program is launched or copied to
another system then the other system will also be affected with the virus.
A virus can be launched on to a system by downloading files online and even email attachments via
FTP file transfer protocol. The virus when in the system can attach itself another program and even
replace an active program. This will happen typically without the user knowing it.
A virus event is its unique instruction which affects a computer in a certain way. Every virus has its
own unique event which can be undisruptive to shattering. Typical effects of viruses include
damaged files, erased files, modified data, reduced space being available and random annoying
messages appearing on the screen.
The risk of viruses can be reduced and avoided by using anti-virus software this will help protect
your system from viruses by scanning your hard drive and through other features e.g. an email
scanner.
Rootkit
Rootkit is malicious software which is very stealthy; it manages to hide certain programs or
processes from detection and restricted access to a system.
The installation of Rootkit can be automatic or the attacker can install it to a system if they have
obtained administrative access. Once it is installed it can hide and have constant access to the
system. The full control allows an attacker to modify software that could be used to detect the
Rootkit.
So it is very difficult to remove a Rootkit once it has been established on a system the only real
solution would be to reinstall the operating the system.
Worm
A worm is a separate type of malware that duplicates itself to reach other computer. It usually uses a
poorly secure network to gain access to the victims computer. A worm does not have to attach itself
to an exiting program in a computer like a virus has to. Worms will at the slightest cause some
difficulty to a computer network even something as small as consuming bandwidth.
A person can protect themselves from worms by securing their network more properly by using a
firewall and anti-virus software.
Trojan
Trojan horse is a type of malware which doesnt not self replicate; it seems to execute an
advantageous function although it has a huge malicious disturbance. They usually come with
backdoor that allows for complete unauthorised access to the victims computer. The backdoors also
appear to be unseen to the normal user. Trojans do not introduce themselves onto other files like a
viruses do. However a Trojan can take information and harm the computer system. Trojans can be
introduced to a system via downloads of games and online applications.
So they can be avoided by not downloading stuff off the internet which is not verified or from a
legitimate source.
Spyware
Spyware is a type of malicious program which silently records everything you do on your computer.
Spyware is sometimes used for legitimately but most of the time spyware is malicious. The goal of
the program is to take victims passwords, bank details, email addresses etc. it then transfer the
information to fraudsters and criminals over the internet.
This can be avoided by not downloading software from unknown sources, always make sure what
you are about to download is legitimate program/software.
Adware
Adware is any sort of software which shows users advertisements to services and products. Adware
is a source of revenue to the author. Adware is generally considered to be safe; however adware can
appear with spyware and other software which is insidious such as keyloggers. So adware is more of
a pest rather than something malicious.
This can be avoiding by blocking ads by using an ad blocker which can be downloaded as an ad-on on
a web browser such like Mozilla Firefox. This will stop you from being bombarded with
advertisements which could come with spyware downloads if clicked on.