Friday, April 24, 2009

Securing US Computer Networks


In a report issued before the House of Representatives, computer security experts determined that the United States currently does not have the resources or technology to counter an online attack by a terrorist group or foreign country. In the testimony, they stated that the United States Computer Emergency Readiness Team did not fully address 15 cyber warnings as of July 2008. The report also suggests 12 important strategy improvements that will enhance the security of United States Networks. It concludes that “Until GAO’s recommendations are fully addressed and the above improvements are considered, our nation’s federal and private-sector infrastructure systems remain at risk of not being adequately protected.”

This report is significant for the security of the United States. If these warnings are not addressed, terrorists may be able to attack United States networks. Foreign nations have even obtained significant data about electrical grids in the United States and could use this information combined with the security flaws to cripple electrical power, which would devastate the economy of the United States.

Monday, April 20, 2009

Peer to Peer Security


How do popular file sharing programs such as Limewire or Bittorrent work? Your computer does not communicate with a central server like it would if you were visiting a website or ftp server. Rather, you communicate with computers that are part of the network. This concept is called peer to peer or p2p. When a user searches for a certain file from the network, the request is sent out to computers that are close to the user geographically. These computers are called nodes. These nodes receive the request and check if the file is a part of their shared files. If it is not, then they send the request to other computers close to them, which are also nodes. Once a file is found, it is echoed back from computer to computer until it reaches the original requesting computer.

Unfortunately, certain security issues arise when searches are performed this way. The main issue is that the request is sent across multiple computers and these nodes are responsible for deciding where to send the request. A malicious programmer can easily create a piece of malicious code that allows their computer to become a part a node within the network. When a request comes to this infected computer, rather than sending the request to other nodes it echoes that the file has been found on the computer. Then when the user downloads the file it is actually a virus, trojan, worm or other malicious piece of software. Another variation of this is that the infected node directs the user to a server which contains malicious software and the software is downloaded from there.

Thursday, April 16, 2009

Dongles: Hardware Enforcement


Software vendors will take any measure necessary to ensure that their software is not pirated. Software encryption and copy protection are the most common forms of piracy prevention, however every single copyright protection has been broken within a matter of weeks after its debut. Because of this, some software packages use a device called a dongle to prevent unauthorized copying.

A dongle is a hardware device that attaches to a computer. The software checks for the presence of this dongle and if it is not present the software will not run. Copying software protected with a dongle is much more difficult because the physical dongle has to be replicated as well, and reverse engineering a dongle is not something the average person can do. Not only does it require knowledge of computer circuits, it also requires expensive robotic machinery that is able to build the computer chips necessary for the dongle.

Since the dongles are difficult to build at home, the effectiveness of the dongle depends on how the software checks for its presence. If a software pirate is able to develop a piece of code that tricks the software into thinking a dongle is present even if it is not then the copy protection falls apart. Some dongles solve this problem by placing important parts of the software's code on the dongle itself. Even if someone can trick the software into thinking a dongle is present, when the program goes to access the code on the emulated dongle it will fail and the program will not run properly.

Monday, April 13, 2009

Denial Of Service Attacks

A denial of service attack is when a malicious hacker prevents an authorized user from gaining access to a computer resource. Denial of service attacks are often carried out against large companies, such as banks or other financial websites. When one of these websites becomes a victim of a denial of service attack, customers are potentially unable to access the site and check the state of their finances or make purchases. This leads to a significant loss in revenue, especially for large sites such as ebay.

A denial of service attack can be carried out in many ways. One method is to flood the victim's machine with external communication requests so that it will be unable to respond to legitimate traffic. Attacks such as this can cause the internet speeds of an entire geographic region to be greatly reduced.

Thursday, April 9, 2009

Operating System Security

A computer's operating system controls all major functions of the computer. It uses algorithms to determine which process gets access to the processor and handles all memory transfers. A secure operating system must be capable of determining which requests are safe to process and which are not.

Since many computers are connected to a network of some kind, the operating system is also in charge of all network traffic. If the operating system is poorly designed, a malicious hacker or malicious script will be able to force the host computer into doing something that the user did not intend to happen. Operating system security is so important that the United States Department of Defense created the Trusted Computer System Evaluation Criteria, which sets basic requirements that every operating system must have in order to be considered secure.

Monday, April 6, 2009

Database Security

Every single online business keeps databases. These databases hold sensitive information about their customers, including contact information, social security numbers, driver license numbers and credit card data. Since these databases hold sensitive data, keeping them secure is a top priority. This security is ensured in several ways. The first crucial aspect of its security is by controlling access to the database. This can be done physically, such as keeping the medium holding the database in a locked room and limiting access to only those who need it. This can also be done with software, such as only allowing certain computers or users access. This is is accomplished with authentication. Essentially it is a way of ensuring that the person who is accessing the database is authentic, or in other words this person should have access to the database. Since many people can have access to the database, auditing the database becomes necessary. This means that records should be kept about who entered the database and what was changed so fallacies can be corrected. Of course, someone unauthorized may be able to gain access to the database, therefore all data stored should be encrypted to prevent its contents from being read by unauthorized parties. The final part of database security is to ensure the integrity of the data. This can be accomplished with a CRC algorithm. This algorithm is a mathematical calculation that generates a CRC value for a certain set of data. This CRC value is attached to the end of the data. When the data is read, the CRC value is recalculated. If the new CRC value doesn't match the recorded one then the data has been corrupted and hence the integrity of the database has been comprimised.

Thursday, April 2, 2009

Computer Security And Its Importance


Computer security is highly critical in keeping data safe. Unfortunately not all computers are secure. In 1994, anonymous hackers were able to gain unrestricted access to Rome Laboratory, the United States main command and research facility in aviation. With the help of trojan horses, these hackers were able to obtain classified documents. By posing as a trusted Rome Center user, these hackers were able to obtain classified information off of National Aeronautics and Space Administration's Goddard Space Flight Center and Wright-Patterson Air Force Base. Since they had full user privileges, they were able to completely remove any data that could be used to find out where the attack came from. Because of this incident, the idea of ethical hacking began. With ethical hacking, security experts hack computer systems in order to find security flaws.