INTRUDERS
One of
the most publicized attacks to security is the intruder, generally referred to
as hacker or cracker. Three classes of intruders are as follows:
·
Masquerader
– an individual who is not authorized to
use the computer and who penetrates
a system‟s access controls to exploit a legitimate user‟s account.
·
Misfeasor
– a legitimate user who accesses data,
programs, or resources for which such access
is not authorized, or who is authorized for such access but misuse his or her
privileges.
·
Clandestine
user – an individual who seizes
supervisory control of the system and uses this control to evade auditing and
access controls or to suppress audit collection.
The
masquerader is likely to be an outsider; the misfeasor generally is an insider;
and the clandestine user can be either an outsider or an insider.
Intruder
attacks range from the benign to the serious. At the benign end of the scale,
there are many people who simply wish to explore internets and see what is out
there. At the serious end are individuals who are attempting to read privileged
data, perform unauthorized modifications to data, or disrupt the system. Benign
intruders might be tolerable, although they do consume resources and may slow
performance for legitimate users. However there is no way in advance to know
whether an intruder will be benign or malign.
An analysis of previous attack revealed that there
were two levels of hackers:
· The high
levels were sophisticated users with a thorough knowledge of the technology.
·
The low levels were the „foot soldiers‟ who merely
use the supplied cracking programs with little understanding of how they work.
one of
the results of the growing awareness of the intruder problem has been the
establishment of a number of Computer Emergency Response Teams (CERT). these
co-operative ventures collect information about system vulnerabilities and
disseminate it to systems managers. Unfortunately, hackers can also gain access
to CERT reports.
In
addition to running password cracking programs, the intruders attempted to
modify login software to enable them to capture passwords of users logging onto
the systems.
Intrusion techniques
The
objective of the intruders is to gain access to a system or to increase the
range of privileges accessible on a system. Generally, this requires the
intruders to acquire information that should be protected. In most cases, the
information is in the form of a user password.
Typically,
a system must maintain a file that associates a password with each authorized
user. If such a file is stored with no protection, then it is an easy matter to
gain access to it. The password files can be protected in one of the two ways:
·
One way
encryption – the system stores only an encrypted form of
user‟s password. In practice, the system usually performs
a one way transformation (not reversible) in which the password is used to
generate a key for the encryption function and in which a fixed length output
is produced.
·
Access
control – access to the password file
is limited to one or a very few accounts.
The following techniques are used for learning
passwords.
·
Try default passwords used with standard accounts
that are shipped with the system. Many
administrators do not bother to change these defaults.
·
Exhaustively try all short passwords.
·
Try words in the system‟s online dictionary or a
list of likely passwords.
·
Collect information about users such as their full
names, the name of their spouse and children, pictures in their office and
books in their office that are related to hobbies.
·
Try user‟s phone number, social security numbers
and room numbers.
·
Try all legitimate license plate numbers.
·
Use a torjan horse to bypass restriction on access.
·
Tap the line between a remote user and the host
system.
Two
principle countermeasures:
Detection – concerned with
learning of an attack, either before or after its success.
Prevention – challenging security
goal and an uphill bottle at all times.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.