Docstoc

Internet security

Document Sample
Internet security Powered By Docstoc
					                                 Prepared By:

                         Reem Lootah ---H00084574

                          Maryam G--- H00060110


                                   Prepared For:

                                   Haya Almutlaq



                                      Course:

                       EBMG N250 - E-Business Operations

                                     Due Date:

                                      Week 18

                        “This assignment is our own work:

   The sources of all quotations, both direct and indirect, have been fully cited;

All material used in the preparation of this assignment has been acknowledged and

    This assignment has not been submitted for assessment in any other paper.

                     Signed by: Reem Lootah ---H00084574

                                 Maryam G--- H00060110
Dubai Women’s College                                                                                                   HD2- EBMG



Table of Contents
Introduction: ................................................................................................................................................. 3
Executive summary ....................................................................................................................................... 3
General information about internet security: ............................................................................................... 4
Hackers:......................................................................................................................................................... 5
Hacking Software’s ....................................................................................................................................... 7
Methods of attacks ....................................................................................................................................... 7
Examples about real Hackers that hacked a system or network: ................................................................. 8
Helpful steps for antivirus software: ........................................................................................................... 11
Observations ............................................................................................................................................... 13
Recommendation ........................................................................................................................................ 18
Conclusion: .................................................................................................................................................. 19
References: .................................................................................................................................................. 20




                                                                                                                                                                 2
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                          HD2- EBMG




Introduction:
We are going a research for Omar who manages the IT department of his
company. This research includes many details that will help Omar to get an
acceptable level of security firewalls that protect his business from hackers
especially from his competitor side. In this document we will mention some
information about internet security, specific information about hackers and the
methods and software’s that they are using to hack. Also, we are going to show
up the ways of safe our PC’s from internet risks.




Executive summary


The internet is very beneficial thing for everyone who uses the internet for their
working or studying. But there are some people who uses illegal thing to attacks
others computer system such are entering personal PC’s without knowledge the
user to steal data. That called hacker, there are many software’s for hacking such
as Malware that includes different kinds of computer viruses, worms, trojan
horses, spyware and dishonest adware. Also there are different types of methods
that used to attacks computers system, for instance; viruses, worms and Key
loggers. . All that have one goal is to steal your data or damaged your system. In
addition, there are a lot of criminals that got caught because of hacking.
Moreover, there are a lot of software’s that protect our systems such as antivirus,
online scanning, Cloud antivirus and firewalls. All these information you will find it
in this documents that is created for Omar requirements about the ways of how
he can improve his internet security. Also we are going to give Omar
recommendations about what to do and not to do to keep his computer system
data safe from any risks.



                                                                                    3
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                      HD2- EBMG



General information about internet security:
Internet security is one of the big issue’s in the Web and computing World, this
topic is the most modern and up-to-date. The most common and newest problem
that is facing the web are identity theft, spy ware infections, virus attacks and
hackers hacking into a person and company’s computer and networks all over the
World Wide Web. These attack are increasing day by day and increasing , so
people should consider protecting themselves by learning about the Huge
computer internet security threats and why their defenseless PC’s . Virus that is
lunched by hacker can get into your personal confidential information that is
stored on your Computer without them feeling it. There are different ways to
protect your information, Network and even Emails by using programmers that
will protect your PC and prevent from these kinds of attacks. When a PC is
Vulnerable its open to attacks especially when a user is browsing the internet,
running your programmers your hard drive collects a large number of temporary
files for a very long time and lives onto your hard drive the file contains
passwords credit card numbers and confidential documents these programs
tracks every move you make on your everything you viewed from files to internet
pages, programs such as Spyware, Trojan horses, viruses, and worms can access
these type of file that’s why you need security programs to prevent these kind of
viruses such as Secure Clean it firmly removes each of these viruses from the
your computer, run computer internet security software as your PC’s first line
defense to protect your information . your computer should always be secure or
you’ll face a major problem with different types of viruses that could crash onto
your computer and can cause you a lot of problems and could cost you a lot if you
don’t protect yourself from it , some of these dangerous programs that could
crash               your               computer              Adware ,Hacker, Key
logger, Phishing ,Spam ,Spyware ,Trojan Horse ,Virus ,Worm if one of these
programs attack your PC it can crash your PC and you might lose your everything
including your computer.( Internet security)




                                                                                4
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                         HD2- EBMG



Hackers:
There are different types of hacker some are good some are bad and some do it
for fun, there are three types of hacker classified in the computing world the first
one is the “White hat hacker” and white is always a symbol of goodness the
“White hat hackers” are people who work in companies are their mostly called
the tiger or red teams these employees are experts on computer security who
make sure that the companies information remains confidential and no one
could reach it , these are professional people who are most commonly called
sneakers these security experts operate a variety of methods to carry out their
test by using social engineering which is basically is the act of manipulating which
is to control something to your advantage, often in unfairly way people into
performing actions or exposing confidential information instead of using hacking
techniques. Second type of hackers are the “Black hat hackers” which is the
complete opposite of the White hat hackers , black hat hackers are the ones that
hack into a system and breaks into the networks and computer to create
computer viruses to steal confidential information from a company, steal money
out of bank accounts and even to steal other peoples identities , this person can
hack into your computer takes what he want and crash your computer and kill it
there has been a lot of hacking incidents

 In the year 2000 “MafiaBoy”, whose identity has been kept under censorship
because he is a minor, he hacked into some of the largest sites in the world,
including eBay, Amazon and Yahoo between February 6 and Valentine's Day in
2000. He was able access to 75 computers in 52 networks, and ordered a Denial
of Service attack on them and was arrested in 2000.

 In 1999 “The Melissa “virus was the first of its kind to cause damage on a global
scale. Written by David Smith (then 30), Melissa had spread to more than 300
companies across the world completely destroying their computer networks and
Damages that this virus caused was nearly $400 million, Smith the creator was
arrested and sentenced to five years in prison.



                                                                                  5
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                         HD2- EBMG



 The last type of Hacker is the “Grey hat Hackers”, A Grey hat hacker may break
through a system or a PC without permission, it mostly an illegal act in most of
the countries, the kind of hackers are able to access the system without damaging
anything in the system, in this situation the grey hat hacker may or may not
release their activities. It’s possible to say that grey hat hackers don not hack for
their personal gain and it’s not necessarily for malicious purposes, they usually
hack for a reason but those reasons are still unknown.

A grey hat hacker prefers to stay anonymous no matter what they do anything
not to get caught and keeping their penetration undetected and keeping it
undetected when they leave most of the Grey hat hackers activities are spying on
information without attending to harm anything in the system, while a white will
generally work in the correct flow hacking and their purpose is to keep the
companies information ,system and network safe, while black hats hacker work
in an opposite flow to the white , they damage systems and networks and steal
money from bank accounts , confidential information and identities. They might
also release virus into your PC and completely destroy it so we should be careful
from these hacker and protect our PC from these kinds of attacks, Grey hat
hackers are between white and Black hackers they hack into systems for a
mysterious reasons without damaging the network, system or even computers.

An incident of a Grey Hat hacker in April 2000 they got and illegal access to
apache.org , these hacker tried to damage the apache.org servers and left an
offensive to apache’s Internet security crew and distributed malicious actions by
Trojans into the system they controlled the weak part of the system which the
apache crew had errors and tried fix it these hackers got there first and took
advantage of this error and attacked the system and were able to get into the
root access to the machines running in apache.org and changes the main page to
show a 'Powered by Microsoft BackOffice' logo instead of the default 'Powered by
Apache' logo no other changes was made except to prevent other malicious acts
to the systems(white hat, gray hat and black hat Hackers),(Top ten Hacking
incidents of all time).

                                                                                    6
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                      HD2- EBMG



Hacking Software’s
Malware:

It is malicious software that created to attacks computers without permission
from computer owner and crushes the computer system. This software includes
different types of hostile or annoying software’s or programs code. Malware
includes different kinds of computer viruses, worms, trojan horses, spyware,
dishonest adware and crimeware. Albert Gonzalez used this software to steal and
sell 170 million credit card numbers
Spyware

It is a system that collects the user’s information such as passwords, document
and files without their knowledge.
Rootkit:

It is software that designed to control computer system without getting detected.
There are six types of rootkit software which they are firmware, hypervisor, boot
loader, kernel, library, and application level kits. (Hacker. computer security)


Methods of attacks
Borne Viruses:

There are a lot of viruses or malicious code that can damaged your computer. This
kind of viruses comes as an attachment on email messages or even comes as
programs.

Trojan horse programs:

This is the most common way for the hackers to hack your computers by installing
programs that called “Back doors”. These programs let the hackers to access your
PC’s without your permission or even without your knowledge. So, they can
change your system configuration or they can download some viruses to damage
your computers software’s.


                                                                                7
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                          HD2- EBMG



Denial of service:

The shortcut of this kind of attack is “DoS”. This kind of attacks makes your
computer to break down or to turn into so busy processing data so you not able
to use your computer.

Hidden file extensions:

When you download attachments like text (.txt), MPEG (.mpg), AVI (.avi) or even
other file types from emails messages that you don’t know the sender of the
email those attachments comes with it hidden viruses that damaged your PC’s.

Packet sniffer:

This method is an application that steals the passwords or data over the network

Spoofing attack:

This kind of attacks it attacked one program or website to crush their software.

Worm:

This type is similar to the virus. This attacks it spread into the network from itself
no need for the user of the network to downloads anything.

Key loggers:

This is a tool to record any data that stored on the computers such as the
passwords, documents and images. These data record as a log that the hackers
can see all the movements that happen on the computer.

(Home Network security)

Examples about real Hackers that hacked a system or network:

Computers criminals are people who got caught for breaking into others
computers or even computers network. This is illegal access to others Pc’s
because a user doesn’t know that there is somebody else attacks their computer.
I will mention some of the famous criminals list that hacked computers:
                                                                                     8
Reem Lootah ---H00084574
Maryam G--- H00060110
        Dubai Women’s College                                               HD2- EBMG



Picture               Name         Nick     Nationality     Conviction         Punishment
                                   name
                      Mark         Phiber   United States He is a computer 35 hours of       working on
                      Abene        Optik    ( New York security hacker.    community service
                                            city)                          One-year on jail




He is a member of the hacker groups Legion of Doom and Masters of Deception.


Picture       Name              Nick name   Nationality   Conviction         Punishment
Not           Simon Vallor      Gobo        United        He    distribute Two-years in jail
available                                   Kingdom       three    Viruses
                                                          throw        the
                                                          computers

He is twenty two years old, he’s a web designer


        3-

Picture      Name        Nick          Nationality    Conviction           Punishment
                         name
Not          Jan de Wit OnTheFly       Netherlands    Creating        and He will be working 150 hours
available                                             spreading viruses community service
                                                      throw the internet


He created a virus called Anna Kournikova virus. It is designed to trick users of the emails. This
virus is send throw emails that have attachments of a tennis player. In fact, there is also hiding
malicious program that will stole the data from your PC’s.




                                                                                               9
        Reem Lootah ---H00084574
        Maryam G--- H00060110
      Dubai Women’s College                                              HD2- EBMG



Picture             Name         Nick    Nationality   Conviction            Punishment
                                 name
                    Kevin        Dark    United States He           steeled 4 years on the jail
                    Poulsen      Dante   (California)  money           from He need to pay US$56,000
                                                       banks.




He loved hacking at night
      (List of convicted computer criminals)

      Antivirus software, online scanning and Cloud antivirus that keeps our PC’s safe:

      Anti-virus:

      Is a software safe, detect and remove malware such as computer viruses, worms,
      and trojan horses. There are different method that anti-virus software can use to
      detected malware such as signature based detection, heuristics and rootkit
      detection. Each method has different mission to secure our computers system.
      Signature based detection mission is to identify viruses and some or malware that
      hides in files. Heuristics based detection mission is to recognize unknown viruses.
      Rootkit detection mission is to scan on specific malware which it is rootkit.

      Online scanning:

      Some of the website offers online free scanning for our local disks, folders and
      files.

      Cloud antivirus:

      This kind of software’s scans each file or program before downloading it. So, that
      will secure our computers systems from internet risks. (Software’s)




                                                                                               10
      Reem Lootah ---H00084574
      Maryam G--- H00060110
      Dubai Women’s College                                                       HD2- EBMG



      Helpful steps for antivirus software:
      I will give you (Omar) steps to scan your computer. First you need to download a
      program called Norton Antivirus 2010. Then open it and press “scan now” is an
      active link.




                                                                       Then, on the option list click
                                                                       "Run Full System Scan", the
                                                                       program will start to scan your
                                                                       computer.




The result will show you if your
computer have any kind of
viruses. If you have you can
erase it “remove it” easily for
your computer.


      (Guides on scanning computer fully with Norton Antivirus 2010)
                                                                                                         11
      Reem Lootah ---H00084574
      Maryam G--- H00060110
Dubai Women’s College                                        HD2- EBMG



Fire walls:

Fire wall is a program that secures you computer and network from unauthorized
access and Keeps it safe a secure, your computer need the protection of fire wall
secure programs , it can prevent computer hacking and the damages it leaves
behind it , you can save thousands by just having fire wall on to your computer.
Fire walls keep huge companies network and system safe from out greedy
hackers. There are 2 types of fire walls first is network fire walls such as
Microsoft’s internet security and acceleration server, the second hot-based that is
the internet connection firewalls including windows XP protects each individuals
computer wither its connected or not .

How does a Firewall work TCP/IP packages of information and it shows the
acceptance and the rejection of the program it is dived into packets and Firewalls
must examine each packet as its examining the files photos on your computer,
the packet is simplified broke down and follows three key sections the IP header
the TCP or UDP header and contents of the packet, the IP header contains the IP
address of the packet source which is the sender and the location of the sender
while the TPC or UDP header contain the source port of the sender and the
location of the of the port of the receiver and identify the information.TCP
header contain an extra feature of containing number and figures to response to
numbers and their location in the packets that are sent or received




                                                                                 12
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                         HD2- EBMG




After firewall scans your whole computer it summarizes and gives a full report in
details and represents the objects.

The color to every individual object is a powerful administrative feature, the color
can show an explain a certain status of the object, such as the objects, where
does it belong and where is it located on your computer: Red = Firewalls

Green = Internal protected objects

Yellow = External possibly harmful objects

Black = Services.

Never think that no one will ever attack you computer , don’t put your computer
and network into the risk of hacking or even virus attacks that you may not get rid
of or even fix , you must always protect you information and your computer so
never take that risk .

Security is the most important feature in any website you can control it and keep
it safe by adding firewalls into your network and prevent any kind of damage or
attack

(Northrup Tony, Firewalls)


Observations
In this part I have observed how can any person can simply hack into a face book
game to add free game coins instead of paying for over and over again , this
person show s step by step first thing you’ll have to have Firefox to be able to
use the Cheat Engine 5.4 its easier and faster , then you must have flash player 9
for better performance last you’ll need HEX editor it’s a program that allows
people to manipulate and double computer files by using this program it allows
you to change exact content of a different file that understands the same content
of the other, some high higher leveled programs may connect with the file
format, for example a raw image data in most HEX editor applications the data of
                                                                                  13
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                         HD2- EBMG



the duplicated file values are in a group of 4 groups of 4 bytes and a group with 16
ASCII characters, the unprinted character are usually represented by a dot (“.”) in
the ASII.

A picture of an active HEX editor




                                    (Hex editor)

After installing all these programs on to your PC you can simply follow the simple
steps of hacking into a game system on face book with paying anything for it.




                                                                                 14
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                    HD2- EBMG



The steps you need to make




Then you open up your face book account get the game and in step 5 you open in
up the cheat engine 5.4 and search for Fire fox select it




                                                                            15
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                      HD2- EBMG




As shown in the photo you choose your hacking program which is HEX you tick
into the “scan read-only memory” choose 8 bytes and then you go back to the
Game.




To make sure that cheating engine is working when you go close to the tree in the
game and click on it the whole thing freezes and now here where the other step
come HEX is activated a window will appear
                                                                               16
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                      HD2- EBMG



A HEX window will appear and Scan the game information …




 You add this password to access these files on the network, it keeps scanning
until the window automatically closes and once you click on the tree in the game
300 coins comes out of it instead of one coin, each tree gives you 300 coins and
simply your rich without adding money to your game account, and that how you
hack into a game, this hack method is the easiest any one can do it. (Vovando,
Hack pet society money)


                                                                              17
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                         HD2- EBMG



Recommendation
Always use virus protection software

Make sure to use anti-virus programs regularly to scan your computers from
viruses while you are connected to the internet.

Firewalls programs

Use Firewalls products, for example; network appliance or a personal firewall
software package. These products scan secure your computers from hackers.

Emails

Don’t open any unknown attachments emails. If you really wants to open the
attachment make sure that virus protection are up-to-date. Then save the
attachments to your hard disk. After that, scan your files using anti-virus software.
At the end you can open the file if it is safe.

Unknown programs

Don’t run any programs unless you know if the company or the authored person
is trusted.

Disconnect your computer

Turn off your connection of the internet if you are not using the internet.

Backups your files

Always save a copy of your important files in to external hardware to safe your
files from any risks.



(Home Network security)




                                                                                  18
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                       HD2- EBMG



Conclusion:
Always think of ways to protect your Computer from sudden attacks, keep a
strong shield for your personal information in only 5 steps you will protect your
computer from any types of attacks

First thing you should do is install a permanent internet security program to
completely remove all of your personal information that you store on to your PC.

Secondly install antivirus software that updates everyday and that will
completely remove threats to your computer.

Thirdly always scan all of your emails and attachments for any virus’s and always
be careful for the emails that ask for your personal information and bank account
information.

Fourthly Install an anti spyware software that would protect your files and
personal information

The last step always installs a Fire wall to prevent illegal access to your PC and
to be on the safe side.




                                                                                19
Reem Lootah ---H00084574
Maryam G--- H00060110
Dubai Women’s College                                                    HD2- EBMG



References:


      "Home Network security." cert. carnegie mellon university , n.d. Web. 9 May
          2010. <http://www.cert.org/tech_tips/home_networks.html#III-B-9>.
      "top ten hacking incidents of all time." Programmer Word. N.p., n.d. Web. 9 May
          2010. <http://faq.programmerworld.net/programming/
          top-10-hacking-incidents-of-all-time.html>.
      Vovando. "Hack pet society for money." Youtube. N.p., n.d. Web. 9 May 2010.
         <http://www.youtube.com/watch?v=kd6qhEUVDis>.
      "List of convicted computer criminals." wikipedia. N.p., n.d. Web. 9 May 2010.
           <http://en.wikipedia.org/wiki/List_of_convicted_computer_criminals>.
      "How Firewalls Work." how stuff works . N.p., n.d. Web. 9 May 2010.
          <http://www.howstuffworks.com/firewall.htm>.
      "White hat." wikipedia. N.p., n.d. Web. 9 May 2010. <http://en.wikipedia.org/
         wiki/White_hat>.
      “Black hat." wikipedia. N.p., n.d. Web. 9 May 2010. <http://en.wikipedia.org/
          wiki/Black_hat>.
      “Grey hat." wikipedia. N.p., n.d. Web. 9 May 2010. <http://en.wikipedia.org/
          wiki/Grey_hat>.
      "Firewalls." technet. N.p., n.d. Web. 9 May 2010.
           <http://technet.microsoft.com/en-us/library/cc700820.aspx>.
      "HEX editor." wikipedia. N.p., n.d. Web. 9 May 2010. <http://en.wikipedia.org/
         wiki/Hex_editor>.
      "Hacker (computer security)." wikipedia. N.p., n.d. Web. 9 May 2010.
          <http://en.wikipedia.org/wiki/Hacker_(computer_security)>.
      "Norton computer scanning." downloadato. N.p., n.d. Web. 9 May 2010.
          <http://www.downloadatoz.com/essentialware/norton-internet-security-2010/
          how-do-a-full-scan-of-computer-with-norton-antivirus-2010_g.html>.


Safe assign:




                                                                                         20
Reem Lootah ---H00084574
Maryam G--- H00060110

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:1
posted:12/10/2011
language:
pages:20