Formal Report - The Speech Evaluation.doc by lovemacromastia


									An Analytical Report On
   Network Security

This page Intentionally left blank.

      An Analytical Report On
         Network Security

            Prepared for
       Elke M. Leeds, PH.D.
          Professor of MIS
      Coles College of Business

            Prepared by:
            Elana Golder
            Damir Nalic
             Daniel Rice
          Jessica Rosenthal
The Shady Tree Network System Team
       Students of BISM 2100
      Coles College of Business

            June 6, 2008

                                  Letter of Authorization

The purpose of this assignment is to expose students to emerging technologies and to
create an opportunity for students to utilize their professional written business
communication skills. This formal report will submitted through an interactive web page
to provide a bundled resource on this semester‟s project. This may be completed in a
team of 4 students (formal report coordinator, research coordinator, editor, and attribution
(APA) style check for references and citations) or individually. The team project will add
an Operating Agreement (Team Charter) to appear after the Letter of Transmittal.

You are being asked to perform a detailed analysis on Internet Security with a specific
focus on hacker‟s and their new targets. This is an ANALYTICAL Report (See Chapter
10) and will conclude with a list of recommendations for protecting your personal
computer against attack.

At a minimum, your report should include information related to the following – these
any appear in an order:
     An introduction to Internet Security – Current Issues, Threats, Industry Response,
       Available Tools. Develop your Problem Statement.
     Intrusion Detection and Prevention Systems – What are they? What are they
       supposed to do? Who are they intended for? What specific technologies are
       generally considered to be part of these systems? This is a basic information
       section and provides information related to the journalistic questions.
     Introduction to Computer Hacking – The history of hackers? Who are they? What
       are their different objectives? What tools do they use? Who is the most at risk for
       an attack? How successful have they been – a particular case history?
     A conclusion summarizing the main points of the paper. A recommendation
       section outlining the actions required to protect your system in the environment
       you described. Suggestions for future research and investigation

Use both commercial and academic resources (Minimum of 15 references – 20 needed
for full credit). Where appropriate, you should incorporate charts, graphs, or other visual
aids to illustrate the facts you present both in your report. This report will be submitted to – anti plagiarism detection software – please ensure that you cite your
resources appropriately, use quotations and page number references for quotes and
internal citations (Author, Date) for paraphrased content.

Written Report:
Your managerial report must be posted to your website (Each student must upload a
copy). Employ all facets of effective business writing and refer back to your text
(Chapter 12, Completing Formal Business Reports) for the Formal Report Structure.
Chapter 11 contains information on the Headings required and the visuals needed.

TEAM:                                                                                            30

A comprehensive formal report employing the 7 C’s of business writing – these
are quality points in combine grammar, spelling, readability, structure, and
adherence to required format.
INDIVIDUAL:                                                                        10
Thorough research of sources – on average every paragraph has a source listed.
References works are paraphrased, balanced between academic and commercial
resources, and relevant.
TEAM:                                                                              10
Attributions and Citations done properly in APA style. The Reference list is
complete. Internal Citations are done properly. The paper was submitted to (10 pt automatic deduction)
TEAM:                                                                              10
Letters of Acceptance and Transmittal with roles, team information,
accountability and scope. – Operating Agreement
INDIVIDUAL:                                                                        30
Detailed analysis covering requirements stated above – these are content points.
INDIVIDUAL:                                                                        10
Well developed recommendations – this is the crux of the analytical report. It
should be detailed enough to know exactly what response you want from your
reader and how you want the reader to follow through on that objective.

                                            Elke M Leeds
                                            Professor, BISM 2100

             PHONE: 770-423-6584 • FAX: 770-423-6601
                                  Letter of Acceptance

May 20, 2008

Professor of MIS, Coles College of Business
C/o Dr. Elke M. Leeds
Kennesaw State University
1000 Chastain Road
Kennesaw, GA 30144

Dear Dr. Leeds:

As representatives of Shady Tree Network Security, we appreciate that you have
considered our company as a primary candidate to develop an analytical report about
network security. We are elated to receive this opportunity and are committed to produce
top quality information for you.

In our report, we desire to present information to help you understand the threats and
solutions relating to network security. The content of our information will consist of four
essential elements including:

   An overview of network threats, response to threats, and tools to combat these
 An in-depth look at the history of hackers, tools for use, and key targets for hackers.
 A comparison between intruder protection systems and intruder prevention systems.
 A recommendation on how to protect your network and systems.

Thank you for choosing us as your research team. We look forward to develop an
excellent report to satisfy all of the criteria you are looking for.


Elana Golder, Damir Nalic, Daniel Rice, Jessica Rosenthal
Shady Tree Network Security Team

                                  Letter of Transmittal

June 06, 2008

Professor of MIS, Coles College of Business
C/o Dr. Elke M. Leeds
Kennesaw State University
1000 Chastain Road
Kennesaw, GA 30144

Dear Dr. Leeds:

We write to inform you that the assignment given has been completed. In this report, you
inquired us to find information related to internet security. Through our research, we have
discovered data concerning to all of your criteria.

The core information of this report consists of:

   An explanation as to how viruses, worms, Trojan horses, and blended threats
    damage your systems as well as different types of protective solutions to guard
    your network from destruction.
   There exists two types of hackers; ethical and unethical. We found that ethical
    hackers use their knowledge to benefit the network community. Oppositely, there
    are unethical hackers who are more numerous and want to cause havoc in the
   The difference between intrusion detection and intrusion prevention systems.
   Ideas and recommendations on how to in act a system of security to protect your

We would like to present this report to you and go in depth about our findings. You
can reach us at (770) 123-STNS or at Our team is grateful
for this opportunity someone of your caliber and we wish to participate in your future


Elana Golder, Damir Nalic, Daniel Rice, Jessica Rosenthal
Shady Tree Network Security Team

                              Team Operating Agreement

Team Formation:

        As a team, Elana Golder, Damir Nalic, Daniel Rice, and Jessica Rosenthal, we
formed a Team Charter Agreement that would enable us individually and as a whole to
successfully produce this report. Our prime goal was to present credible information in a
professional fashion. This report was motivated by the desire of having an above average
grade on this assignment. Our group set certain time limitations to each part of the project.
Although it was a little difficult to be able to meet at the same time, our team kept the
communication strong through emailing and phone calls. This report subject was very
interesting and each member wanted to learn more through research.

Building Activities:

       Our group had an opportunity to get to know each other during class. We all sat
together while in our class and knew that each person was a dedicated student.

Team Goals:

       As a group, we read through the letter of authorization and analyzed each portion
and discussed who was going to write it and what content needed to be in their piece. We
were presented with an outline of what Dr. Leeds desired; however, we wanted to surpass
the expectations by delivering quality work.

Decision Making and Team Roles:

          There will be a mutual division of response abilities, giving each party the
           bandwidth to make decisions on assigned sections.
          Team Roles:
                      Primary; Secondary responsibilities~
          Jessica Rosenthal- Research and compose an introduction about threats and
           solutions related to network security; Assist team members in finding
           references and other information if needed.
          Elena Golder- Research and compose section on hackers and their relation
           to network security.
          Daniel Rice- Research and compose section covering information about
           Intrusion Detection and Prevention Systems; Properly format all citations in
           APA format and place in text citations for all references.
          Damir Nalic- Compose the conclusion and develop recommendations for
           network security; final editing of paper Compile and format report.

Project Timeline:

          All members will have primary responsibilities completed by Sunday night,
           June 1st.
          Meet Monday, June 2nd, or Tuesday, June 3rd (depending on best
           scheduling), to group format the Letter of Acceptance and the Letter of
           Transmittal. Also we will have a checkpoint during this meeting to make
           sure every one is on time with their duties.
          By Wednesday, June 4th, or Thursday, June 5th (depending on progress.),
           we will finalize the report and have one team member submit the report to
  to check for plagiarism issues.
          On Friday, June 6th, all last phase corrections will be completed and the
           remaining team members will post report on Then all
           members will post the report on their own respective webpage.

Team Code of Conduct:

          All parties will agree upon allotments of work and fulfill all duties assigned.
          If any party has troubles fulfilling duties, they will approach the team and
           ask for help.
          All parties will agree to the time goals that were set in the beginning.
          Each party shall perform responsibilities the fullest ability.
          Each party will create original work and cite all references.
          All interaction will be appropriate.
          Conflicts will be settled immediately
Establishing Work Ownership:

    Our group met and discussed what each member of the team would be responsible for.
The group decided on who would do what by assigning each part randomly to each
member. Anyone who had a preference on which part to do or was familiar with or had
an interest in doing a specific part was able to choose. Our group came to agreement
with the following responsibilities for each member:

          Introduction to Internet Security- Jessica Rosenthal
               o Researcher
          Intrusion Detection and Prevention Systems- Daniel Rice
               o APA style check
          Introduction to Computer Hacking- Elana Golder
               o Recheck formal report
          Conclusion summarizing the main points- Damir Nalic
               o Editor

Additional work such as the letters we agreed to meet and complete them as a group.

Communication options in the following order:

           Webct- uses the mail option to communicate with fellow members.
           Email- use email to share information, and exchange ideas with group
           Phone- provided phone numbers from each member of the group in case email
            isn‟t an option.
           Group meetings- meet with group to develop report and discuss progress and

Conflict Management:

       Non-performance clauses
        Positive reinforcement
          o Nominate a team leader
          o Explain to the fellow member what that individual can do to improve
             performance, instead of criticizing them.
          o Have regular meetings and follow-ups to assure everyone is on schedule.
          o Set goals for completing assignments.
        Negative reinforcement
          o Tell what the team member is doing wrong.
          o Not assigning member specific jobs.
          o Not nominating a team leader
          o Weak communication skills with team members


           Held regular meetings online and met as a team several times in the student
           If you were not able to attend the meeting you had to send an email explaining
            why you would miss it.
           Everyone was held accountable for their part of the project and everyone was
            able to discuss what problems they incurred and as a team we decided how to
            handle the situation.
           We made sure to start the meetings on time and never waste any unnecessary
            time, since we all have busy schedules.
           Looked at the continuous progress of the project to see if we were on track.
           Held final meeting to see if everything was set to be turned in and if we
            needed to make any corrections before the deadline.

                                        Table of Contents
Executive Summary: _____________________________________________________________________ 1
  Network Menaces: _______________________________________________________________________________ 3
  Present Day Concerns:___________________________________________________________________________ 3
  Industry Response: ______________________________________________________________________________ 4
  Beneficial Products:______________________________________________________________________________ 4
Introduction to Hacking: ________________________________________________________________ 4
  The History of Hackers: _________________________________________________________________________ 4
  What are hackers and their different objectives? _____________________________________________ 9
  Tools Used: _______________________________________________________________________________________ 9
  Who is most at Risk? _____________________________________________________________________________ 9
  How successful have Hackers been? ___________________________________________________________ 9
Intrusion Detection and Prevention Systems: ______________________________________ 10
  What Are Intrusion Detection and Prevention Systems, What Is Their Purpose, and Who
  Are They For: ___________________________________________________________________________________ 10
  Technologies That Are Relevant to IDS and IPS: ____________________________________________ 10
  Intrusion Detection Systems: _________________________________________________________________ 11
  Intrusion Prevention Systems: ________________________________________________________________ 11
  IDS vs. IPS: ______________________________________________________________________________________ 11
Conclusion and Team Recommendations: __________________________________________ 12
  Conclusions and Future Research: ___________________________________________________________ 12
  Recommendations for Personal Computer Security: _______________________________________ 12
References _______________________________________________________________________________ 14

                                    Chart Table of Contents

Internet Usage --------------------------------------------------------------------------------------2
Configuring Firewalls --------------------------------------------------------------------------- 10
Timeline: Major Hacking Events (Cable News Network LP, 2003): -----------------5

                                   Executive Summary:

        Computer users typically view all viruses identically; however, while the different
types of computer viruses have similar aspects, each one is uniquely designed in order to
perform one or more main functions (Beal, 2006). Through the web, hackers are able to
obtain, distort, and erase personal data which can lead to identity theft. It is crucial that
companies as well as individual users to equip them with the necessary software to
protect their system from intrusion. Although the industry may have specialists and
advanced software, their systems still may be vulnerable to attacks if there are any flaws
or holes present. Currently, there is internet security software designed to protect a
computer in a variety of ways such as firewalls, anti-spam, and spy ware. As technology
becomes more available for consumers and companies, so does protection software.

         There are two types of secondary protection that a network can use to reinforce
their network security. Intrusion Detection and Prevention Systems are used as
secondary layers of defense after firewalls and anti-virus protection (Pabrai, 2004). The
first type of layer, Intrusion Detection Systems, works as a type of examination network
that vigilantly searches for problems such as worms, viruses, Trojans, and hackers.
When these issues are found, the system alerts the user so that the trouble can be tended
to. Intrusion Prevention Systems are another type of layer that can oppose multitudes of
threats immediately. Prevention Systems are favored more in computer security because
of their abilities and strength, while Detection Systems are not needed, but can be used as
an extra step of safety.

       Hacking is defined as a “highly proficient computer programmer who seeks to
gain unauthorized access to systems without malicious intent.” (Smooth Wall Limited,
2008). Hacking has been around for centuries and continues to be a problem with the
growing technology advances. There are three different types of hackers that people need
to become aware of and familiar with that includes white, grey and black hat hackers.
White hackers can be seen as an advantage to companies in which they can provide
knowledge in ways to attack and prevent a hacker‟s intentions. On the other hand, black
hat hackers are the most severe type who potentially can cause significant harm to
network systems. The report is an advantage to all computer users, who are at risk in
experiencing a hacker‟s work.

        Looking at the overall picture of internet security and the effectiveness of hackers,
it is most certainly beneficial for anybody who uses a computer or network to have an
IPS or IDS installed in their system. Reading about the latest software and security
systems that are available is another great way of preventing yourself from any huge
damages or financial burdens. The internet offers unlimited resources but since hackers
are always coming up with new ideas and evolving their methods it should be a clear
message to computer users and network owners that they need to follow pad and stay on
top of their game as well.

                          Introduction to Internet Security:

        The creation of networking and the internet originally was intended to make
tangible actions more convenient. By substituting simple daily tasks from the real world
with more expedient alternatives, the internet became the preferred method worldwide. In
2006, Stanford University conducted a study based on all users of the internet. In this
study, they found the average percentage of normal activities performed by average users.
These common activities are very vulnerable and susceptible mediums for intrusion.

Internet Usage

         The introduction of computer networking created a vast virtual world full of
knowledge, and opportunities for communication. However, a new violation into
individual‟s lives was launched. This networking capability created a vulnerability to
people‟s privacy that was unforeseen at the time. There are numerous anti-virus security
software systems that can be obtained and downloaded. Nevertheless, currently there are
over one million computer viruses worldwide (Richards, 2008). Security systems are not
proficient enough to protect computers from all viruses. Consequently, hackers,
individuals who secretly penetrate other computer systems, have the opportunity to
infiltrate personal as well as business data by phishing, implementing viruses, worms,
Trojan horses to computers, as well as many other methods

Network Menaces:
        According to Glenn Baker, Symantec has labeled identity theft as the “number
one pain point” (Baker, 2007). The Cyber Black Market has been formed from the selling
of personal credit cards online. Hackers are now forming groups and are becoming more
brilliant in their methods. They are utilizing more time in efforts of hacking into data
bases. Also, top user preferred operating systems, such as Microsoft Windows, are key
targets for hackers. Through these systems, they are able to obtain desired information
about countless users.
        Although there is a greater advantage to hacking into a larger data base, smaller
companies and personal computers are at a higher risk. Owners usually do not have in
depth knowledge about internet security and hacking. An article on
titled Small Business Security Network Security 101, listed the main threats for small
business as security holes or vulnerabilities, direct attack, viruses, worms, Trojan horses,
DoS (denial of service) attacks, spam, spy ware, and inappropriate or illegal content
(Nijnik, 2005). Maintaining and updating security systems is not of high importance to
small business owners. The cost of computer security software can also be an issue for
these smaller companies. Moreover, personal computer users do not place as much
emphasis on internet security but are targets as well. Hackers are able to identify ways of
exploiting a person‟s information and can obtain personal and financial information.
Larger companies have an advantage of protecting their data because they are usually
more knowledgeable about security issues and are able to afford proper software and can
frequently update it. Nevertheless, security issues continue to rise within large

Present Day Concerns:
        There are many techniques individuals can take in order to acquire private
information from a data base. Phishing has become a popular method of hacking. It is a
“form of deception in which an attacker attempts to fraudulently acquire sensitive
information from a victim by impersonating a trustworthy entity” (Jagatic, 2007). These
can be presented through email as well as advertisements on general web pages. Another
mode is by creating a worm, a program that reproduces the same message and sends it to
other computer systems. This is a very rapid approach to spreading a virus through out
numerous systems. Trojan horses are disguised as constructive software to protect your
computer but will actually become destructive and harmful. A computer virus is similar
to an actual human virus. While it travels to different computers, a virus will leave a
damaging aspect in each data base. Combining worms, Trojan horses, and virus is called
a blended threat. This attack will perform multiple tasks without the user‟s assistance
(Beal, 2006).
        In the beginning, hackers would provide a warning to the company by stating the
date the hacking would take place. This would give the company time to ensure their data
bases were securely protected and place patches on holes in their systems. However,
these warning periods have reduced over time. Zero day attacks are becoming a huge
threat to companies such as Microsoft Windows. Another current issue is hacker ethics.
There are different types of hackers categorized in different colors. There are the white,
grey, and black hackers. When a computer is hacked into, the individual does not know
what type of hacker it is and what information they are looking for (Parker, 2005).

Industry Response:
         Major companies have taken an initiative in protecting the company and user‟s
data. IT (Information Technology) Specialists are hired by companies in order to
maintain the latest computer and security systems. These IT departments protect the
companies‟ files and information by applying advanced anti-virus and firewalls to each
modem. Although companies may have an IT department, this does not ensure complete
protection. Many departments may miss a certain area in the programming that can
become a whole or a backdoor for hackers (Saran, 2005).
         Over the decades, computer developers have updated the security in their systems,
however, since there is a continuous problem, internet security companies have also
created software to protect against intrusion. There is much different software that targets
specific computers as well as certain programs. Also, hosting websites have been
designed in order to sell these software packages and offer free trials for the customers to
test the software (Front, 2008).

Beneficial Products:
        The ongoing of security breeches will not cease; in order to protect ones
information, advanced security software must be installed. As hackers become smarter,
there is not a one hundred percent guarantee for full protection. Even when an individual
has protection software, they must also be cautious about their own actions on the
        While there are numerous amounts of products available, Norton and Zone Alarm
are two software packages that provide the essential aspects to protect a computer.
Norton, anti-virus software created by Symantec, has different types of security software
for PC as well as Macintosh computers. Zone Alarm is also compatible with PC
computers and Macintosh. Both offers anti-virus, anti-spam, anti-spy ware, and firewalls
(Top, 2008). Other products that are offered include McAfee, Spy Sweeper, and Panda
        Companies, businesses, and home users rely on the internet whether it is for
communication, transferring money, or containing personal data. Sustaining a strong
protective system is vital in order to prevent intrusion. The internet was created in order
to be beneficial; however, because of the increase in hacking, the internet is not a safe
place if not secured with the correct software.

                                Introduction to Hacking:

The History of Hackers:
       Hacking has dated back to the early 1800s when emergence of telephones was
being discovered. Earlier back in the day you might see hacking as being a harmless act
with no real intent to cause harm. One of the very first hacking incidents involved young
workers of the Bell telephone company who would misdirect calls, eavesdrop on
conversations, and play other harmless pranks, which led to the rise of female workers
who believed to be more “reliable” according to “Hacker History”(Heaton,
2000). William Crookes was believed to be the first to reveal hardware hacking,
according to “A brief history of hardware hacking” (Grand, 2006). Moving ahead to the

1960s was the first real case of computer hacking. The computer hacking incident
involved a few MIT students who hacked into several amounts of computers. Unlike the
usual hackers who cause harm, the students discovered program shortcuts called „hacks‟,
which could “push programs beyond their original design limits.” Surprisingly, Benjamin
Franklin and Thomas Edison were just a few well-known men who were involved in
hardware hacking during the 19th century (Grand, 2006).

Timeline: Major Hacking Events (Staff, 2001):

1960s: The Dawn of Hacking

        The first computer hackers emerge at MIT. They borrow their name from a term
to describe members of a model train group at the school who "hack" the electric trains,
tracks, and switches to make them perform faster and differently. A few of the members
transfer their curiosity and rigging skills to the new mainframe computing systems being
studied and developed on campus.

1970s: Phone Phreaks and Cap'n Crunch

        Hackers (phreaks) break into regional and international phone networks to make
free calls. One phreak, John Draper (aka "Cap'n Crunch"), learns that a toy whistle given
away inside Cap'n Crunch cereal generates a 2600-hertz signal, the same high-pitched
tone that accesses AT&T's long-distance switching system. Draper builds a "blue box"
that, when used in conjunction with the whistle and sounded into a phone receiver, allows
phreaks to make free calls. Shortly thereafter, Esquire magazine publishes "Secrets of the
Little Blue Box" with instructions for making a blue box, and wire fraud in the United
States escalates. Among the perpetrators: college kids Steve Wozniak and Steve Jobs,
future founders of Apple Computer, who launch a home industry making and selling blue

1980: Hacker Message Boards and Groups

        Phone phreaks begin to move into the realm of computer hacking, and the first
electronic bulletin board systems (BBSs) spring up.
The precursor to Usenet newsgroups and e-mail, the boards -- with names such as
"Sherwood Forest" and "Catch-22" -- become the venue of choice for phreaks and
hackers to gossip, trade tips, and share stolen computer passwords and credit card
Hacking groups begin to form. Among the first are Legion of Doom in the United States,
and Chaos Computer Club in Germany.

1983: Kids' Games

       The movie "War Games" introduces the public to hacking, and the legend of
hackers as cyberheroes (and anti-heroes) is born. The film's main character, played by

Matthew Broderick, attempts to crack into a video game manufacturer's computer to play
a game, but instead breaks into the military's nuclear combat simulator computer.
The computer (codenamed WOPR, a pun on the military's real system called BURGR)
misinterprets the hacker's request to play Global Thermonuclear War as an enemy missile
launch. The break-in throws the military into high alert, or Def Con 1 (Defense Condition
1). The same year, authorities arrest six teenagers known as the 414 gang (after the area
code to which they are traced). During a nine-day spree, the gang breaks into some 60
computers, among them computers at the Los Alamos National Laboratory, which helps
develop nuclear weapons.

1984: Hacker 'Zines

        The hacker magazine 2600 begins regular publication, followed a year later by the
online 'zine Phrack. The editor of 2600, "Emmanuel Goldstein" (whose real name is Eric
Corley), takes his handle from the main character in George Orwell's "1984." Both
publications provide tips for would-be hackers and phone phreaks, as well as
commentary on the hacker issues of the day. Today, copies of 2600 are sold at most large
retail bookstores.

1986: Use a Computer, Go to Jail

        In the wake of an increasing number of break-ins to government and corporate
computers, Congress passes the Computer Fraud and Abuse Act, which makes it a crime
to break into computer systems. The law, however, does not cover juveniles.

1988: The Morris Worm

        Robert T. Morris, Jr., a graduate student at Cornell University and son of a chief
scientist at a division of the National Security Agency, launches a self-replicating worm
on the government's ARPAnet (precursor to the Internet) to test its effect on UNIX
systems. The worm gets out of hand and spreads to some 6,000 networked computers,
clogging government and university systems. Morris is dismissed from Cornell,
sentenced to three years' probation and fined $10,000.

1989: The Germans and the KGB

       In the first cyber espionage case to make international headlines, hackers in West
Germany (loosely affiliated with the Chaos Computer Club) are arrested for breaking into
U.S. government and corporate computers and selling operating-system source code to
the Soviet KGB. Three of them are turned in by two fellow hacker spies, and a fourth
suspected hacker commits suicide when his possible role in the plan is publicized.
Because the information stolen is not classified, the hackers are fined and sentenced to
       In a separate incident, a hacker is arrested who calls himself "The Mentor." He
publishes a now-famous treatise that comes to be known as the Hacker's Manifesto. The

piece, a defense of hacker antics, begins, "My crime is that of curiosity ... I am a hacker,
and this is my manifesto. You may stop this individual, but you can't stop us all."

1990: Operation Sun devil

        After a prolonged sting investigation, Secret Service agents swoop down on
hackers in 14 U.S. cities, conducting early-morning raids and arrests. The arrests involve
organizers and prominent members of BBSs and are aimed at cracking down on credit-
card theft and telephone and wire fraud. The result is a breakdown in the hacking
community, with members informing on each other in exchange for immunity.

1993: Why Buy a Car When You Can Hack One?

        During radio station call-in contests, hacker-fugitive Kevin Poulsen and two
friends rig the stations' phone systems to let only their calls through, and "win" two
Porsches, vacation trips and $20,000. Poulsen, already wanted for breaking into phone-
company systems, serves five years in prison for computer and wire fraud. Since being
released in 1996, he has become a freelance journalist covering computer crime.
The first Def Con hacking conference takes place in Las Vegas. The conference is meant
to be a one-time party to say good-bye to BBSs (now replaced by the Web), but the
gathering is so popular it becomes an annual event.

1994: Hacking Tools R Us

         The Internet begins to take off as a new browser, Netscape Navigator, makes
information on the Web more accessible. Hackers take to the new venue quickly, moving
all their how-to information and hacking programs from the old BBSs to new hacker Web
As information and easy-to-use tools become available to anyone with Net access, the
face of hacking begins to change.

1995: The Mitnick Takedown

        Serial cyber trespasser Kevin Mitnick is captured by federal agents and charged
with stealing 20,000 credit card numbers. He's kept in prison for four years without a trial
and becomes a celebrity in the hacking underground. After pleading guilty to seven
charges at his trial in March 1999, he's eventually sentenced to little more than time he
had already served while he wait for a trial.
        Russian crackers siphon $10 million from Citibank and transfer the money to
bank accounts around the world. Vladimir Levin, the 30-year-old ringleader, uses his
work laptop after hours to transfer the funds to accounts in Finland and Israel.
Levin stands trial in the United States and is sentenced to three years in prison.
Authorities recover all but $400,000 of the stolen money.

1997: Hacking AOL

        AOHell is released, a freeware application that allows a burgeoning community of
unskilled hackers -- or script kiddies -- to wreak havoc on America Online (AOL). For
days, hundreds of thousands of AOL users find their mailboxes flooded with multi-
megabyte mail bombs and their chat rooms disrupted with spam messages. (AOL Time
Warner is the parent company of

1998: The Cult of Hacking and the Israeli Connection

        The hacking group Cult of the Dead Cow releases its Trojan horse program, Back
Orifice -- a powerful hacking tool -- at Def Con. Once a hacker installs the Trojan horse
on a machine running Windows 95 or Windows 98, the program allows unauthorized
remote access of the machine.
        During heightened tensions in the Persian Gulf, hackers touch off a string of
break-ins to unclassified Pentagon computers and steal software programs. Then-U.S.
Deputy Defense Secretary John Hamre calls it "the most organized and systematic attack"
on U.S. military systems to date. An investigation points to two American teens. A 19-
year-old Israeli hacker who calls himself "The Analyzer" (aka Ehud Tenebaum) is
eventually identified as their ringleader and arrested. Today Tenebaum is chief
technology officer of a computer consulting firm.

1999: Software Security Goes Mainstream

        In the wake of Microsoft's Windows 98 release, 1999 becomes a banner year for
security (and hacking). Hundreds of advisories and patches are released in response to
newfound (and widely publicized) bugs in Windows and other commercial software
products. A host of security software vendors release anti-hacking products for use on
home computers.

2000: Service Denied

         In one of the biggest denial-of-service attacks to date, hackers launch attacks
against eBay, Yahoo!,, Amazon and others.
Activists in Pakistan and the Middle East deface Web sites belonging to the Indian and
Israeli governments to protest oppression in Kashmir and Palestine.
Hackers break into Microsoft's corporate network and access source code for the latest
versions of Windows and Office.

2001: DNS Attack

       Microsoft becomes the prominent victim of a new type of hack that attacks the
domain name server. In these denial-of-service attacks, the DNS paths that take users to
Microsoft's Web sites are corrupted. The hack is detected within a few hours, but
prevents millions of users from reaching Microsoft Web pages for two days.

What are hackers and their different objectives?
        Smooth Wall Glossary defines hackers as “highly proficient computer
programmer who seeks to gain unauthorized access to systems without malicious intent”
(Hacker, 2008). Hackers are highly intelligent individuals who like to be in control of a
situation. People recognize hackers as three kinds: black hat, grey hat, and white hat
hackers. A black hat hacker is the most severe of all three and involves someone that
breaks into a program for their own benefit and steals the information and then turns
around and sells it into the black market. Black hate hackers are very intelligent and
knowledgably to where they can break into accounts without leaving anyone evidence
behind. Next, the grey hat hacker is a person who is very in between white and black hat
hackers. Grey hat hackers can be both legal, doing something positive or illegal, like
stealing information. The last main type of hacker is a white hacker, the least severe
type. White hat hackers are usually an asset to a company. White hackers are individual
who are knowledgeable and can actually prevent the “bad hackers” from hacking into
their business software and can develop prevention software. All hackers have a main
goal when putting their skills and knowledge to use. When hackers gain access to
computer systems their objective can be good or bad ones (legal or illegal). Hackers‟
main objective is to usually steal information from computer software to gain information
without consent.

Tools Used:
       All hackers need good tools, without good tools hackers aren‟t able to work and
do things they are capable of. With the security systems business computers have, it is
never easy for hackers to hack into computer software. Because computers are designed
by man, they can be hacked into by man. There are several things that computers can
have to make it easier for hackers. Hackers‟ tools consist of password-cracking tools,
manufacturer‟s defaults; data mining, infiltration and espionage, con games and Trojan
games all contribute to hacking in computer software (What, 2008).

Who is most at Risk?
        Hacking is a growing problem that is occurring in all types of settings. Anyone
with a computer is a potential victim of this crime, and can have their information stolen
without consent and no evidence. Over the years, hacking is seen more often in business
networks throughout, to gain information on the company‟s activities. According to
“Hacking of corporate information systems” several “unauthorized activities include
cyber terrorism, hactivism, hacking-for ransom, hacking-for theft, and hacking-for
monetary purposes” (Elms, 2003). All companies have the risks of hackers to intrude
into their business and find crucial information. Businesses that run on password
protected software are especially at risk for hackers breaking into their computers.

How successful have Hackers been?
       Hackers continue to expand their knowledge on hacking into business systems
with the growing of technology. New devices, like blackberries, GPS systems, and
laptops all have made it capable and convenient for hackers to tap into personal devices
and businesses and get important information. Recently, the company Apple released the
iPhone to their consumers, which brought some hacking problems to them. Hackers have

found a way to get into the iPhones and “gain access to text messages and contact
information” (Richards, 2007). Fortunately for apple and their customers, security
experts have found a way to overpower hackers and gain back the control. Unlike the
iPhone, many hacker incidents are left without and trace and are never found.

                     Intrusion Detection and Prevention Systems:

What Are Intrusion Detection and Prevention Systems, What Is Their Purpose, and Who
Are They For:
        Intrusion Detection and Prevention Systems are layers in the protective wall in
computer security. The name in it‟s self is self explanatory as to the basic, over all
function of these security features. The Intrusion Detection Systems, or IDS, are
programmed to “[monitor] and [identify] attempts made for unauthorized access into an
organization‟s infrastructure”(Pabrai, 2004). The Normally referred to as IPS, Intrusion
Prevention Systems is the second related security measure that is used to fortify a
computer. IPS are usually “added [as] protection from either computer viruses or hackers
trying to break into [a] network” when firewalls and basic security precautions are not
strong enough to protect the system (Garry, 2008). Although IPS and IDS can be used
independently of each other, they are usually used together in sync to provide the utmost
in protection for anyone who wishes to use them.

Technologies That Are Relevant to IDS and IPS:
        There are common types of security that are used to protect a network prior to
need of using IDS and IPS. Anti-virus programs are used in order take out any viruses,
Trojans, or worms after they have been in effect. The problems with these programs is
that they only take action after a problem has caused damage and they can not combat the
infections affectively because the problems are ever changing when they move from host
to host (Sequeira, 2002). Another security measure in networks is firewalls; the name
gives you a tangible idea of what they do. A firewall is like a permanent fixture in the
security structure. They are a type of umbrella that is “the first layer of defense and are
typically deployed at the perimeter of the organization” (Pabrai, 2004). These two
technologies are the preventative measures that are implemented in the hopes that they
protect the network, but when they fail, IDS and IPS can be as a second wall of defense.

                                                         Configuring Firewalls

                                                         A visual of how firewalls are
                                                         implemented for protection
                                                         (Configuring, 2003)

        Two types of problem identification methods IDS and IPS use are pattern and
anomaly detection. Pattern detection methods work a lot like fingerprint scanners where
codes are stored for recognizing perpetrators (Grimes, 2004). The second type of
detection has prewritten sets of allowable characteristics, and when the coding of
incoming information does not match a general set, warning flags are cued.

Intrusion Detection Systems:
        As security systems have developed over time, intruders have adapted to breech
these protections. As soon as updates reach users, there are viruses, worms, and hackers
immediately trying to crack the new patches and continue to cause problems. For this
ever-present problem, Intrusion Detection Systems were developed to “[detect] the
presence of attacks within traffic that flows in through the holes punched into the
firewall” (Sequeira, 2002). The increased surveillance IDS provides assists the user in
protecting the network by increasing one‟s capability to target specific threats. IDS are
extremely helpful because firewalls and software alone may not be able to identify these
problems by themselves, but “if a particular event is considered to constitute a security
incident, an alert will be issued if that event is detected” (Inella, 2001). By using this
technology, the user and better supervise the system and see what is going on.
        The tool in its self is quite excellent, but has some shortcomings. The greatest
disappointment of IDS is that they “lack full-featured management functionality to help
IT administrators gauge whether legitimate traffic was blocked, undertake quick attack
investigation for validity and success, or complete log analysis for attack trend
identification for timely policy modification” (Zuk, 2003). Because of its inability to be
proactive in security, IDS has more of the functionality of a burglar alarm, than as an
impenetrable wall of defense.

Intrusion Prevention Systems:
         Intrusion Prevention Systems is the self-sufficient solution to basic network
security. This is different from the IDS because it actually takes care of the problems via
regulation. In general, the majority of IPS “[provides] the ability to set up thresholds that
determine the amount of a certain type of traffic deemed acceptable…” (Lukaszuk, 2005).
By setting up rules and guidelines initially for what types of information is passed, the
chances of viruses, worms, or hackers intruding are minimized.
         IPS has two unique qualities that that make them the most valuable. The first is,
since it is self controlled no human needs to use resources to take command of the
problem. The second advantage is that they have inline capabilities, allowing them to
work in real-time, instead of after the problem has caused issues (Pabrai, 2004).

IDS vs. IPS:
        Out of the different options of security, which type of security system is the most
useful? The consensus among consumers is that “After all, if an IPS can prevent an
attack, why would you ever choose an IDS instead”(Grimes, 2004)? The results that IPS
creates defend why they are the best choice in extra protection for any network. It

actually attacks the attackers as opposed to just spotting them. The ability to spot and
destroy threats makes IPS the most effective solution for reinforcing firewalls and
provides overall sound security. The success of IPS renders IDS unnecessary, but makes
IDS a comfort to have in any network security structure.

                      Conclusion and Team Recommendations:

Conclusions and Future Research:
        While it may seem like a scenario that could never happen to you, in reality it is
something that could affect anybody at any time. I am talking about vital and private
information being stolen from your computer as well as dangerous viruses infiltrating
your computer or a network system if you‟re a company. There are ways to protect
yourself and everything that is important to you on the computer or network. This
includes programming Intrusion Prevention Systems (IPS) or Intrusion Detection
Systems (IDS). As the paper talked about the IPS protects your network from computer
viruses and hackers trying to steal information. This is not just a matter for large
corporations but it is very crucial for small businesses, as they seem to be the more
popular targets for viruses. That has to do with the fact that they usually don‟t have the
same type of resources as large companies do, therefore it is widely assumed that it is
easier to steal files from their networks. So it is definitely important for anybody who
uses or owns a network to protect themselves with an IPS. As far as the IDS goes that is
geared more towards any unknown service trying to force them into a company‟s
infrastructure. Therefore, it‟s very essential to set up the company network properly and
set up passwords and key codes.
        Another huge threat is hackers, which are those people who try to attack personal
information on your computer or network. Hacking is used for different reasons, some
do it just to show how weak a protection system may be while others do it to cause harm
and damage to a computer or network. It is also known that hackers try to steal personal
information from the people they hack, and those could be anything such as credit card
information, private files or even worse social security numbers. Therefore, it is
beneficial to understand how hackers operate and what their motive is, that way you can
protect yourself and prevent yourself from any big problems. We have to continue to
follow the latest trends such as who the hackers are going after and we have to make sure
that we keep our computer and network protected with the newest and most innovative
software available. Knowing the cyber world you live in will help you understand what
can go wrong and what is out there that can help you and serve you much better then
most people realize.

Recommendations for Personal Computer Security:
        When looking at the solutions for computer security it is widely assumed that
once you purchase protection software that every possible problem will go away. In
contrary though, buying and installing that software does help but there are other ways to
protect your computer. One way is to not download or install any unsupported
applications (Sarrel, 2008). Those applications tend to have dangerous content that could
severely damage your computer. It is important for you to know that the site or

download your opening is actually legitimate. Now, we can talk about which kind of
software you should get to protect your computer and network system. Microsoft offers
several products designed to meet the specific needs of their customers. For instance, if
you are looking for software for your home PC or laptop, the Windows Defender is a
very useful product. It protects you against pop-ups, slow performance, and security
threats from spy ware and unwanted software (2008, Microsoft). This software won‟t
allow anybody to break through your system and slow down your computer. It also is
pretty unique in that it offers life recommendations and gives you tips on how to avoid
spy ware problems as well tell you when you can upgrade your system. Another security
system one can use is McAfee. They are widely known and recognized as very
successful in their field of work. When you log onto their website you can find many
different types of security software designed with different features for different
customers. There are over twenty different types of software to choose from on their
website, each dedicated to provide a useful solution. You can buy or purchase anti-spam,
anti-spy ware, anti-virus, data protection, and command line encryption software
depending on what you need. All of the software comes with life help support as well as
new recommendations and upgrades that are available for each solution you purchased.
In today‟s world it is very important, make that necessary, to protect your computer and
all of the personal files that are saved to it; so make sure that you update any relevant
protection software regularly.

      All about hackers [Article]. (2007). Retrieved June 1, 2008, from Google,
DailyBits Web site:

       Baker, G. (2007, November). Latest online threats more targeted. NZ Business,
21(10), 56-57. Retrieved May 28, 2008, from EBSCO Host Web site: http://proxygsu-

        Beal, V. (2006, June 30). The difference between a Virus, Worm, and Trojan
Horse. Retrieved May 28, 2008, from Google, Webopedia Web site:

        Clark, M. H. (2003, December). Hacker culture. Journal of History of Science in
Society, 94(4), 776-777. Retrieved May 28, 2008, from Galileo, ISIS Web site:

        Configuring a distributed installation of ArcGIS server (Version 9.2) [Data file].
(2003). Retrieved May 28, 2008, from Google Web site:

        Elms, E. R., LaPrade, J. D., & Maurer, M. L. (2008, February). Hacking of
corporate information systems: Increasing threats and potential risk management
techniques. CPCU eJournal, 61(2), 1-9. Retrieved May 28, 2008, from Galileo, EBSCO,
CPCU Society Web site:

        Front page sponsored sites. (1997-2008). Internet security- Online software.
Retrieved June 1, 2008, from Google, Web site:

       Garry, C. (2003-2008). What are the different types of Intrusion Prevention?
Retrieved May 28, 2008, from Google, WiseGeek Web site:

        Grand, J. (2006, June). A brief history of hardware hacking. MAKE Magazine,
49(6), 49. Retrieved May 29, 2008, from Galileo, EBSCO, Communications of the ACM
Web site: url=

       Grimes, R. (2004, August 30). Many threats, many solutions. InfoWorld, 26(35),
43-47. Retrieved May 28, 2008, from EBSCO Host Web site: http://proxygsu-


      Hacker. (2001-2008). Glossary [Definitions]. Retrieved May 30, 2008, from
Google, SmoothWall Web site:

       Heaton, J. (2000, December 8). Prehistory 1879-1969. In Hacker history [Article].
Retrieved May 29, 2008, from Google Web site:

        Inella, P., & McMillan, O. (2001, December 6). An introduction to Intrusion
Detection Systems. Retrieved May 28, 2008, from Google, Security Focus Web site:

        Jagatic, T. N., Johnson, N. A., Jakobsson, M., & Menczer, F. (2007, October).
Social phishing. Retrieved May 28, 2008, from EBSCO Host, Communications of the
ACM Web site:

         Lukaszuk, A. (2005, January). Intrusion prevention and detection: Changing the
battle lines. Certification Magazine, 7(1), 40-44. Retrieved May 28, 2008, from EBSCO
Host Web site:

      Nijnik, I. (2005). Small business security 101. Retrieved May 28, 2008, from
Google, Web site:

        Pabrai, A., & O., U. (2004, June). Intrusion detection and prevention: The second
line of defense. Certification Magazine, 6(6), 36-37. Retrieved May 28, 2008, from
EBSCO Host, Web site:

        Parker, D. (2005, December 29). The different shades of hacker. Retrieved June 1,
2008, from Google, Web site:

        Percent of internet users. (n.d.). The internet study: More detail. Retrieved May
31, 2008, from Google, Stanford University Web site:

      Products and solution for enterprise. (2003-2008). Retrieved May 31, 2008, from
Google, Mcafee Web site:

         Richards, J. (2008, April 10). Number of computer viruses tops one million.
Retrieved May 28, 2008, from Google, TimesOnline Web site:

         Richards, J. (2007, July 23). Security experts claim first IPhone hack [Article].
Retrieved June 1, 2008, from Google, TimesOnline Web site:

       Saran, C. (2005, November 8). Secure measures. Computer Weekly, 36.
Retrieved May 28, 2008, from EBSCO Host Web site: http://proxygsu-

       Sarrel, M. D. (2008, May). Master end-user security. PC Magazine, 27(6), 101.
Retrieved May 31, 2008, from Galileo, EBSCO, PC Magazine Web site: http://proxygsu-

       Sequeira, D. (2002). Intrusion Prevention Systems- Security's silver bullet?
Retrieved May 28, 2008, from EBSCO Host, SANS Web site:

        Staff, P. W. (2001, November 19). Timeline: A 40-year history if hacking
[Article]. Retrieved May 31, 2008, from Google, CNN Web site:

      Top rated, Search by type. (1996-2008). Suites. Retrieved May 28, 2008, from
Google, PC Magazine Web site:,2806,1639159,00.

       Windows defender. (2008). Retrieved May 31, 2008, from Google, Microsoft
Web site:

      What are the tools hackers use? [Article]. (2008). Retrieved June 1, 2008, from
Google, TechFaq Web site:

        Zuk, N. (2003, September). IPS, with IDS, is the best choice. Communications
News, 40(9), 17-18. Retrieved May 28, 2008, from EBSCO Host Web site:


To top