Although you can never reach a point of complete security, you can achieve a level that prevents all but the most determined and skilled hackers from accessing your system. Security breaches can be instigated or inadvertently created.
Threat Definition and Scenario
A threat can be defined as anything that can identify the vulnerability and potentially exploit it. Threats can be of various types. Threats could be human acts, power outages, and even natural disasters like earthquakes or tornadoes. For instance, if the main door of a house is not equipped with a locking mechanism (or is unlocked). In this case, the threat is the thief, who identifies the vulnerability (which is the lack of a lock for the main door) and exploits it (the burglar will be able to steal all the components from the house). Let us explore the relationship between vulnerabilities and threats, with a possible scenario in everyday life. A woman, in Minneapolis finishes shopping and is walking back to her hotel.
She finds herself in an unknown part of the city where there is no law enforcement. There are criminals in the streets, dark alleyways and drug addicts in the alleys. She does not know anyone in this city and is carrying a substantial amount of money and some shopping bags.
Let us explore the vulnerability and threat.
What are the Vulnerabilities?
The vulnerabilities are as follows:
The woman is in an unknown city in a seemingly primitive part of town.
She does not know anyone in the city.
She is carrying money and shopping bags in an unsafe area.
The threats are as follows:
The woman will be mugged by a low-life who sees her shopping bags.
Someone in the street might attack or abduct her.
Security Threats
Security Threats consisting of 1) User created breach 2) Password Cracking 3) Trojan horse 4) Denial of Service 5) Packets Sniffers 6) IP spoofing 7) System snooping
Users may unknowingly create a security risk by using weak passwords or by downloading a file containing a virus. Very few users enable screensaver passwords.
Dictionary programs specifically written to break into a password-protected system are frequently used to gain access to network systems.
Users can inadvertently download destructive viruses and Trojan horses thereby compromising your network's ability to function.
To prevent legitimate users of a service from using that service, attackers may attempt to flood a network, or disrupt connections or services.
Sniffers, devices or programs that are used to monitor traffic on a network, can be installed anywhere in a networked system.
Many hackers can imitate any Internet Protocol (IP) device that has an IP address that allows them entrance into your system.
Using Transmission Control Protocol/Internet Protocol (TCP/IP), a hacker can enter your system through any device that does not have specific security mechanisms in place.
User
Users may unknowingly create a security risk by using weak passwords, or by downloading a file containing a virus.
Password Cracking
Dictionary programs specifically written to break into a password-protected system are frequently used to gain access to network systems.
Trojan horse
Users can inadvertently download destructive viruses and Trojan horses thereby compromising your network's ability to function.
Denial of Service
To prevent legitimate users of a service from using that service, attackers may attempt to flood a network, or disrupt connections or services.
Packet Sniffer
Sniffers, devices or programs that are used to monitor traffic on a network can be installed anywhere in a networked system.
IP Spoofing
Many hackers can imitate any Internet Protocol (IP) device that has an IP address that allows them entrance into your system.
System Snooping
Using Transmission Control Protocol/Internet Protocol (TCP/IP), a hacker can enter your system through device that does not have specific security mechanisms in place.
Brute-force Attacks
In brute-force attacks, a hacker attempts to defeat authentication by obtaining a legitimate user's password.
A brute-force attack may include a dictionary file[1], a sniffer[2], repeated logon attempts, or an attempt to break a code using combinations of computers and information.
Character and Numeric Passwords
Strong passwords defeat dictionary attacks, by combining lowercase, uppercase, numeric, and nonstandard characters.
Scanners and Crackers
Scanners are usually network tools employed by an attacker to monitor and read network data and communication ports. When
the attacker finds vulnerable ports or sensitive data, he or she would use these weak spots to initiate attacks on the network. Crackers are software programs that an attacker uses to launch dictionary attacks on passwords and other sensitive authentication information present on internal networks.
Coding Problems
Many times, an operating system or program running on the server contains coding problems or bugs that create an unintentional opening. Hackers often know about such problems and exploit them. Also, program designers sometimes intentionally
place a back door[3] in an operating system or program so they can support the product quickly.
Buffer Overflow
A popular bug-based attack is a buffer overflow that works by sending more data than the target system is intended to receive at one time. The extra data overflows the program's storage buffer in memory and then overwrites the actual program data, allowing modification of the target system's programs resulting in the creation of a back door into the system.
Social Engineering
Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most (but not all) cases the attacker never comes face-to-face with the victim.
Social Engineering
Be aware that a hacker may attempt to imitate a legitimate user by confusing a switchboard operator or a guard. This is an example of a social engineering attack.
While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most (but not all) cases the attacker never comes face-to-face with the victim.