To understand something about techniques for securing a computer system, it is important to first understand the various types of “attacks” that can be made against it. These threats can typically be classified into a number of categories:
Software flaws, especially buffer overflows, are often exploited to gain control of a computer, or to cause it to operate in an unexpected manner. Many development methodologies rely on testing to ensure the quality of any code released; this process often fails to discover extremely unusual potential exploits. The code exploits often come in the form of Trojan horses, for example non-executable media files which are disguised to function in the application.
Any data that is transmitted over a network is at some risk of being intercepted, or even modified by a malicious person. Even machines that operate as a closed system (ie, with no contact to the outside world) can be eavesdropped upon via monitoring the faint electro-magnetic transmissions generated by the hardware, such as TEMPEST. The FBI’s proposed Carnivore program, was intended to act as a system of eavesdropping protocols built into the systems of internet service providers.
Social engineering and human error
A computer system is no more secure than the human systems responsible for its operation. Malicious individuals have regularly penetrated well-designed, secure computer systems by taking advantage of the carelessness of trusted individuals, or by deliberately deceiving them, for example sending messages that they are the system admin and asking for passwords.
Denial of service attacks
Denial of service attacks differ slightly from those listed above, in that they are not primarily a means to gain unauthorized access or control of a system. They are instead designed to overload the capabilities of a machine or network, and thereby render it unusable. This type of attack is, in practice, very hard to prevent, because the behavior of whole networks needs to be analyzed, not only of small pieces of code.
Attacks in which one or more of the attack types above are launched from a third party computer which has been taken over remotely. The term usually used is “zombie computer”. By using someone else’s computer to launch an attack, it becomes far more difficult to track down the actual attacker.
Methods of bypassing normal authentication or giving remote access to a computer to somebody who knows about the backdoor, while intended to remain hidden to casual inspection. The backdoor may take the form of an installed program (e.g., Back Orifice) or could be in the form of an existing “legitimate” program, or executable file.
Direct access attacks
Someone gaining physical access to a computer can install all manner of devices to compromise security, including operating system modifications, software worms, keyboard loggers, and covert listening devices. The attacker can also easily download large quantities of data onto backup devices, e.g CD-ROM or DVD-ROM, or onto portable media such as keydrives, digital cameras or digital audio players.
Licensed under the GNU Free Documentation License. It uses materials from the Wikipedia.