Friday, June 27, 2008

Types of Security Violations

Here are some basic component violation in security, in the perspective of the malicious code,

Virus :Typical piece of code copies itself into a program, and executes when the program runs

-modifys other programs
-loss or contamination of data, or program

Worm: Reproduces itself until slowd down or shuts down a comptuer system or network, does not notify other programs

Clogging or Flodding : Form of a worm
- sending large amounts of bogus traffic too a node until clogged and unable to serve a legitamate user. AKA DoS Attack (Denial of Service)

Trojan Horse : piece of code, hides itself in another piece of a program

"Think" a simple login screen
Login Code
Hidden Code <--------interlopes exits with no trace (steals info)
Login Code

BOMB: Same as a Trojan
signature" time or logic trigger

Trigger software routine, upon detecting the absence of the rogue program records, initiats actions to damage the system

Trap Door: Allows penetration into the system can be programmed in code by programmer. Usually used in case you must get back into the program to fix something. Usually guarded by authentication process.

Salami: Small alteration of numbers in files having of numbers and distorting the system.

Replay violation: Active attack on a resource.
entails: capturing data, perhaps modifying and resending it.

No comments: