A Paper On
Presented By
2
Contents
Introduction
• Introduction
A basic understanding of computer
• Threats affecting Information
networks is requisite in order to understand
Security
the principles of network security. An
1. E-mail Bombing
intruder with the right background and
2. Remote Keylogging software
malicious intent has many ways to infiltrate
3. Logic and Time bomb
internal company systems and network
Attacks
devices through the Internet connection.
4. Trojan Attacks
Once inside, the hacker has free reign to
5. Spyware Attacks
destroy, change, or steal data and these
6. Sniffing Attacks
actions because various sorts of network
• Network Securities
havoc. The most popular use of the Internet,
1. Internet Security Utilities
e-mail, is also insecure. The same hacker
2. E-mail spamming
with a protocol analyzer and access to
3. Enriched encryption format
routers and other network devices can
4. VPN Enhanced Security
intercept or change messages.
5. Virtual keyboard
The impressive development of
6. Hardware Firewall
computer networks has reached the point,
7. Digital Signature
where security becomes essential. Users
• Conclusion
want to exchange data in a secure way. The
• Bibliography
problem of network security is a complex
issue. Network security means a protection
of the network assets, which includes terms
like firewall, VPN enhanced security,
authentication, and cryptography. A firewall
is a barrier between two networks, an
internal network (trusted network) and an
external network (mistrusted network). A
VPN is a private data network that makes
3
use of the public network infrastructure. consisting of sending huge volumes of e-
Encryption is to encode data into human mail to an address in an attempt to overflow
unreadable format. Here the external the mailbox or overwhelm the server where
network is the Internet. Cryptography is the email address is hosted in a denial-of-
used to provide data integrity, entity service attack. There are two methods of
authentication and digital signatures. perpetrating an e-mail bomb, mass mailing
The benefits of connecting to the and list linking.
Internet are clear. This paper discusses the
risks you face when you connect to the Remote Keylogging softwares
Internet, describes the types of attacks that
Remote Keylogger offers users the
can occur, and offers an overview of firewall
ability to remotely monitor a computer via a
technology, which can protect your network
web browser, without even having physical
from hackers. Specifically, the paper
access to the PC. It will allow you to
discusses the implementation of a network
remotely install the monitoring system
securities and what you should consider in
through an email attachment without the PC
choosing the type of security you require.
user recognizing the installation at all. And
you can access the activity logs from
Threats in Information anywhere via you favorite web browser.
4
securely, of course. To aid the install Trojan Attacks
process, you can give any name to the install Trojans are intelligent programs
module you create such as CoolPictures.exe made by the hackers act as a computer virus.
or FunGame.exe (it must always end with Trojans are small programs that effectively
the .exe extension to run). give “hackers” remote control over your
entire Computer. Hackers send Trojan on
Logic and Time bomb Attacks
the target machine, target machine operating
system, considers Trojan file is system file
A logic bomb is a piece of code
and hence OS don’t allow deleting it by an
intentionally inserted into a software system
anti-virus tool. Thereafter Trojans starts
that will set off a malicious function when
working, the Trojan program sends all the
specified conditions are met. For example, a
system information to the hacker. And here
programmer may hide a piece of code that
is the hacker got an access of the target
starts deleting files (such as the salary
system. Trojan attacks are very common and
database), should they ever leave the
old attack; there are so many anti-virus
company. Software that is inherently
utilities that trap Trojans, hence it is not so
malicious, such as viruses and worms, often
harmful for your system.
contain logic bombs that execute a certain
payload at a pre-defined time or when some
other condition is met. This technique can be Spyware Attacks
used by a virus or worm to gain momentum Spyware is also an intelligent
and spread before being noticed. Many program, which investigates your system
viruses attack their host systems on specific secretly and sends all the information back
dates, such as Friday the 13th or April Fool's to the hacker. There are so many Spyware
Day. Trojans that activate on certain dates programs available on the Internet. Spyware
are often called "time bombs". To be doesn’t consist of any virus code and hence
considered a logic bomb, the payload should it is not so much easy to detect them. Now
be unwanted and unknown to the user of the days Spyware attacks are very famous in
software. As an example, trial programs computer and mobile hacking.
with code that disables certain functionality
after a set time are not normally regarded as
logic bombs
5
Sniffing Attacks threats. Some of the famous software’s are
that can read, monitor, and capture network management software, and Avira premium
data exchanges and packets. If the packets Internet security etc. These utilities are also
are not encrypted, a sniffer provides a full helpful to Spam Spyware and Trojans.
Trends in information
Securities
Why Securities are essential?
Today’s world is fast growing in Internet
area and criminal minds take its misuse to
explore their negative thinking ideas and
terrorism.
6
Data that can be read and understood
7
By using the new Extensible Authentication In some environments, data is so
Protocol (EAP) and Internet Protocol sensitive that it needs to be physically
security (IPsec) security options, a virtual separated, and hidden, from the majority of
private network provides enhanced security corporate users. Finance or human resources
for remote users. For example, if your data are examples of this type of data.
remote access server has been configured to Corporations can use VPN connections
require EAP for authorization, the highest through a VPN server to physically separate
level of authentication is enforced for the extremely sensitive data servers, yet allow
dial-up or virtual network connections of the secure access to the data by selected users.
remote access server. By taking advantage Users on the corporate intranet who have
of Point-to-Point Protocol (PPP) been granted the appropriate permissions
authentication and encryption options, can establish a remote client VPN
defining PPTP filtering on your remote connection with the VPN server and can
access server, and restricting remote access access the protected resources of the
servers on the Internet to only accept sensitive department network. Additionally,
authenticated PPTP clients who encrypt all communication across the VPN is
data, your system administrator can tighten encrypted for data confidentiality. Users
data security and manage remote users much who do not have proper permissions to
more efficiently. establish a VPN with the VPN server cannot
see the hidden server.
8
Virtual keyboard Digital signature
9
these methods has increased. So measures these preventive and protective measures are
have to be taken to fill the loopholes. implemented properly. Hence, the best way
Technologies such as Proxy Servers to thwart malicious is to stay one step ahead
and Firewalls will always be there, but of them.
security can never be asserted till the time
Digital Signature
References
www.guruji.com
www.packetstormsecurity.com
www.hackingmobilephones.com
www.howstuffworks.com
www.google.com
www.webopedia.com
www.networksecurityassults.com
www.securityadviser.com
www.opendns.com
10