A limited time offer! Get a custom sample essay written according to your requirements urgent 3h delivery guaranteedOrder Now
World is experiencing a technical revolution in which internets has become a part of everyone’s life. However because of this high end revolution, privacy concerns are also growing in. Now prevention of hacking and spreading of virus through Internet has become a major concern. Customers are now more concerned about the trust worthiness of the websites to which they submit their sensitive information.
Also companies a which have network of computer system are concerned about the concept, since most of their confidential and critical data’s are stored and transferred through this process. Though many software companies are trying to offer protective mechanism for sensitive information online, real solution is yet to be identified. “Existing privacy management tools are aimed at controlling the traffic privacy rather than aiming to control and prevent the hacking and virus.” (Eugene H.Sapfford, 1989)
The computer structure should offer us privacy, reliability and guarantee against the hacking of vital information. However, due to increased data transfer especially in regards to money transfers, the risk of hackers invading the system is growing high. This type of complexity leads to vulnerability and develop error in the operating system and in the application programs resulting in incidents such as “Internet Worm incident of 1988.”
The most important aspect of security is recognizing the attackers. To learn more about their tactics, ideas, motivations and techniques, researchers have deployed honey pots which will be discussed in this paper. The basic idea is to give hackers vulnerable system to attack. These systems are observed closely, by researchers to understand the behaviour of the attracters.
Honeypots are computers which are specially designed to attract hackers for gathering data and hence alert the observers and offer them an insight about what the intruder is attempting.
Honeypots decoy attackers to apparently exposed but well observed computer system to learn about the strategy and tools used by the hackers and to improve the system security accordingly. However, the system built-up with the good intentions may sometimes be used in foul applications. This paper discuss about the implications and complication of honey pots and the types of honey pots used in prevention of malicious attacks.
“Honeypots” was the first and recently developed network deception used in internet revolution. Researchers and security specialist have been using various types “Honey pots” since the inception of the internet. Like real Honeypots which attracts insects, this technical Honeypots acts as an attractive target to internet hackers.
Honeypots is a tricky system that tries to lure an invader away from critical systems. It acts a watching dog and manages to captures data from the hackers. The system is usually stored with superficially valuable information which is actually fallacious and would not be eschewed by an honest user. Thus any access to the Honeypots is considered as a hacker.
Honeypot is an information system resource and any kind of system can be placed within the honeypot. Standard production system can be placed under honeypot to provide hackers a feeling of real system.
SECURITY IMPLICATIONS OF HONEYPOTS:
Application of Honeypots in the system has numerous advantages. The most significant
implication of Honeypots is that it reposes confidence on the hackers offering a false impression on the existing security system and prevents the likelihood of the attack or probe to the real machine. Often attackers scrutinize a large block of computers looking for fatalities. Even attackers focusing a particular company will scrutinize the openly accessible information owned by the company searching for a mechanism as a starting point. Honeypots reduces this possibility of an attacker selecting crucial information as a target and detects and records the initial scan as well as any subsequent attack.
Like other invasion detection measures, there are no bogus positive with Honeypots. For example, IDS products such as Padded cells take a different approach. It waits for traditional IDS to detect an attacker. The attracters usually create a fake positive to a considerable amount before attacking any system. This is because there is likelihood that valid traffic will match the characteristics the IDS used to detect attacks.
In Honeypots, all communications are suspected simply because the device is used only for attacking hackers. Thus, Honeypots can detect more hackers than any other invasive device. Observers and event trackers on the honey pot detect these unauthorized accesses and collect information about the attracter’s activities. The purpose of the honey pot is to distract an attacker from accessing significant information and to collect information about the attracter’s activity, and hearten the attacker to reside on the system for a long time for administration to take action.
This helps in identifying the active and passive vulnaberitalies which attack the operating system by recording the attacker’s details. The details recorded are stored for a month’s time allowing the researcher enough time to probe on hackers details.
ADVANTAGES IN USING HONEY POTS:
Honey pots are successful in capturing invaders prying the system. Hackers can be easily distracted to system targets which they cannot damage. This provides researchers enough time to probe into hackers details and to respond them. Finally “this system allows the researchers to examine the hacker’s action and help them to improve the system protection.” (Wible, B, 2003).
DISADVANTAGES OF HONEY POTS:
Honey pots are not highly successful in its application. There are no proper legal standards devised for using Honey pots. The operating system using honey pots are prone to severe attacks when the attackers are triggered by denial of service. E.g. a disturbed denial of service attack against cnn.com that came from US. A high level of expertise is needed to the researchers and scrutinisers to use the system. Moreover “hackers can use honey pots itself to attack our own system.” (Sophos, 2004)
TYPES OF HONEY POTS:
Research Honey pots: These are run by research organizations or educational institutes or non-profit organizations to collect information about the tactics and motives of the hackers. These organization attempts to spread awareness of the threat and vulnerabilities created by the hackers in the real network.
b). Production honey pots are used in the organizations within the production network linked with the production servers to improve the security measures. These are basically “low-interaction honey pots which is easier to deploy and provide little information about the attackers unlike research honey pots.” (Andress, A.2003).
HONEY POT WITH FIRE WALL:
TYPES OF MALICIOUS ATTACKS PREVENTED BY HONEY POTS:
- Honey pots help in preventing the following malicious attacks:
- Spammers in e-mail address
- Spammers in proxy server
- Spammers in SMTP
Honey pots have tremendous potential for the computer security community. Like any new technology, they have some challenges to overcome. Most likely, none of these problems will ever be completely solved or eliminated. However, one can witness a lot of development on the subject within next 12 to 18 months as many new developments that help to address these and other issues are forthcoming. (Piazza, P. 2001)
Spam is a redundant message or email that has been made to flood the internet email inboxes and is also deployed to persistent advertising through internet. Thus spam is flooded through unwanted email or inflicted through newsgroups. Thus spam is of invasive nature and like an unwanted guest in one’s home. Whether one likes it or not, the spammer gets it posted to your mail box successfully. Most spam is necessarily a commercial advertising like helping one to pay off higher interest rate mortgages and famous Nigerian scams. It cost nothing to a spammer as the cost of tones of mail sent through mail is borne by the receiver or the carriers.
Eugene H. Sapfford, 1989, “existing privacy management tools are aimed at controlling the traffic privacy rather than aiming to control and prevent the hacking and virus”
Eugene H Sapfford, Jan 1989, “Internet Worm incident of 1988”
Sophos, 2004, “hackers can use honey pots itself to attack our own system.”
Andress, A.2003, “Low-interaction honey pots which are easier to deploy and provide little information about the attackers unlike research honey pots.”
Wible, B, 2003, “Honey pots allow the researchers to examine the hacker’s action and help them to improve the system protection.”
Piazza, P. 2001, “Honey pots have tremendous potential for the computer security community. Like any new technology, they have some challenges to overcome.”
Lance Spitzner, 2002, “Honeypots-Tracking Hackers.”
Andress, A. (2003). Surviving Security: How to Integrate People, Process, and Technology. Boca Raton, FL: Auerbach Publications.
Piazza, P. (2001, November). Honeynet Attracts Hacker Attention: The Honeynet Project Set Up a Typical Computer Network and Then Watched to See What Turned Up. Security Management, 45, 34.
Piazza, P. (2003, December). A System for Bettor Security. Security Management, 47, 24+.
Sophos Reveals Latest ‘Dirty Dozen’ Spam Producing Countries. (2004, September 4). Manila Bulletin, p. NA.
Sophos Reveals Latest ‘Dirty Dozen’ Spam Producing Countries. (2004, September 2). Manila Bulletin, p. NA.
Sophos Reveals Latest ‘Dirty Dozen’ Spam Producing Countries. (2004, August 31). Manila Bulletin, p. NA.
Sophos Reveals Latest ‘Dirty Dozen’ Spam Producing Countries. (2004, September 1). Manila Bulletin, p. NA.
Wible, B. (2003). A Site Where Hackers Are Welcome: Using Hack-In Contests to Shape Preferences and Deter Computer Crime. Yale Law Journal, 112(6), 1577+.
Spam is a redundant message or email that has been made to flood the internet email inboxes and is also deployed by persistent advertising through internet. Thus spam is flooded through unwanted email or inflicted through newsgroups. Spam is of invasive nature and it is like an unwanted guest in one’s home. Whether one likes it or not, the spammer gets it posted to your mail box successfully. “Most spam is necessarily a commercial advertising like helping one to replace higher interest rate mortgages” and loans with a lower rate mortgages and famous Nigerian scams. “It cost nothing to a spammer as the cost of tones of mail sent through mail is borne by the receiver or the carriers.” (Peter De Jager, 2003)
Spam is a time thief and much more than an inconvenience. It is an invasion of one’s privacy. “Spam occupies more than 50% of the e-mail traffic of an internet service provider.” An ISP has to add more bandwidth, servers, and engineering support to accommodate the increase in volume of spam mail that would cost them millions of dollar each year. (Elliot Markowitz, 2004)
“It is estimated that there are trillions of annoying, useless, offensive message trying to invade into your inbox and networks.”
E-mail messages are classified by the spam filter to give them a category to use as input to the filter part or score for deciding which contains spam. The header, structure and body are being analyzed by the classifying part. One class of spam tool deploys a pattern-discovery algorithm on a huge amount of spam e-mails so as to find patterns and then to find similar patterns in the incoming e-mails to detect spam.
Another tool is a prototype of a filter based on statistical learning algorithms. One another tool is employing Bayesian networks to find out spam. Another method to fight spam is white lists and black lists. White lists contain approved e-mail addresses that can send mail to one’s inbox. Black lists consist of e-mail addresses which are blocked to send e-mail to one’s inbox.
Software like spam bouncer can be deployed to eradicate the spam menace. Spam bouncer is a set of procmail filter or recipes. Thus these recipes can be either used by an individual user in his mail box only or by a whole system of an organisation. Spam bouncer is compatible with a UNIX server which has procmail installed in it. Users of Pegasus Mail, Eudora and other POP clients can deploy the spam bouncer on their UNIX shell account to sort their mail before accessing it from the server. POP client programs can be used as these would filter mail by headers.
An individual user can down load the free spam filter available from the internet like www.freedownloads.com , www.tucows.com etc. The spam filter scans mails inviting in the e-mail server and identifies spam mails using set of defined rules. These defined rules include known spam e-mail addresses, suspicious e-mail addresses, spam IP addresses and key word in the header or subject line of the e-mail. Thus the “filter identifies these spam emails, flags them, review them quickly and finally deletes the same.” (Elliot Markowitz, 2004)
HOW TO FIGHT AGAINST SPAM?
One has to learn from Ben Livingstone who is a pioneer in fighting against spam. Ben sues the spam marketers, junk fax sender and ill-legal call makers in small claims court and has won more than 12 cases out of total 22 filed and awarded more than $8000 by small claims court. His web site (www.smallclaim.info) provides all information such as information required to cause a claim, what is suable, serving a notice, filing a claim and other salient details. Ben Livingston is the best example to show how a single man army can fight against the spam odds.
“AOL has blocked more than 550 billion spam e-mails in 2005”. The Federal Trade Commission recently issued its “first assessment of the preventing and controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003”. (Michael J. Blotzer, 2003)
Phishing is another trick deployed by the fraudsters there by forwarding false mail to gullible neitizens tempting them to disclose their personal or financial information like social security number or bank account details. These “‘Phish’ mails contain links to unauthorised web pages, crafted by fraudsters which induce to divulge their personal information’s”. (Lauren Bielski, 2004)
Most of the ISP’s are providing counter measures against phishing. This tool warns the user before it enters a website which is on a list of well known phishing websites list. Another anti phishing tool will exhibit the real domain name of the displayed website so as to make it possible for the user to decide whether it is a real domain or fake one.
One another anti phishing tool offers a solution which prevents phishing emails by blocking e-mails with spoofed e-mail addresses and e-mail which originates from spoofed URLs. Some anti phishing tools also alert a user when personal information is to be sent to unreliable websites. Certain E-Commerce companies are also offering tools which inform their clients when they land on spoofed websites.
“One another tool is e-mail software with fixed phishing protection on top of the ordinary spam-filter.” This tool scans incoming e-mails for URLs and evaluates them to a list of categorized websites in a database. The database is updated constantly and includes categories like phishing websites. (Mencimer, S, 2004)
“Another anti phishing tool provides a warning to user whenever he opens a link in an e-mail and if the URL shown is dissimilar to the actual URL, if the link has a numerical IP-address or if the domain name includes a top-level domain.” (Borthick, S. L, 1998)
Some ISPs prevent users from visiting deceptive websites .Some also deploys web crawling technologies to watch the use of the brand’s name on the internet. Thus companies engaged in the anti spam products are earning high revenues as there is steep increase spam mails. “Bright mail “,the giant in the e-mail filtering company was reported to have earned revenue about $ 30 million during 2003 which was 100% more than its revenue during last year as per International Data Corp. Likewise , “surf control “, a London based e-mail filter company earned $ 18.5 million between April and June ,2003 , compared to $ 14.1 million a year ago.”
Despite of anti spam measures, more sophisticated spam that spread viruses and other malicious software and internationally based messages clogging U.S users’ in-boxes. Consumers are to be extraordinarily to be careful in the coming years as their personal identity is at stake.
Peter De Jager, 2003. “Most spam is necessarily a commercial advertising like helping one to replace higher interest rate mortgages”.
Peter De Jager, 2003, “It cost nothing to a spammer as the cost of tones of mail sent through mail is borne by the receiver or the carriers”.
Elliot Markowitz, 2004, “Spam occupies more than 50% of the e-mail traffic of an internet service provider.”
Elliot Markowitz, Dec, 2004, “It is estimated that there are trillions of annoying, useless, offensive message trying to invade into your inbox and networks”.
Elliot Markowitz, 2004, “filter identifies these spam emails, flags them, review them quickly and finally deletes the same.”
Trump, Dec 29, 2005, “AOL has blocked more than 550 billion spam e-mails in 2005.”
Michael J. Blotzer, 2003, “first assessment of the preventing and controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003.”
Lauren Bielski, 2004, “Phish’ mails contain links to unauthorised web pages, crafted by fraudsters which induce to divulge their personal information’s.”
The Washington Times, July 17, 2003, “Bright mail “, the giant in the e-mail filtering company was reported to have earned revenue about $ 30 million during 2003.”
Borthick, S. L, 1998, “anti phishing tool provides a warning to user whenever he opens a link in an e-mail...”
Borthick, S. L. (1998, September). Why We Can’t Compare ISP Performance – Yet. Business Communications Review, 28, 35+.
Eye on IT – Make Sure You Don’t Get Caught by Phishing Scam. (2005, January 11). The News Letter (Belfast, Northern Ireland), p. 2.
Fence Post. (2004, October 17). Daily Herald (Arlington Heights, IL), p. 21. Retrieved
Mann, R. J., & Belzley, S. R. (2005). The Promise of Internet Intermediary Liability. William and Mary Law Review, 47(1), 239+.
Mencimer, S. (2004, October). False Alarm: How the Media Helps the Insurance Industry and the GOP Promote the Myth of America’s “Lawsuit Crisis.” Washington Monthly, 36, 18+.
Piazza, P. (2006, February). I, Bot: New Computer Worms Are Carrying Software Agents Called Bots That Can Use Your Network to Send Spam, Launch Attacks, and Infect Other Computers. Find out How These Bots Work and How to Keep Them out of Your Network. Security Management, 50, 70+.
Scots Hacker Held in Fraud Probe by U.S. Secret Agents. (2005, January 15). The Daily Mail (London, England), p. 16.
Sevcik, P. (2005, January). Forces Shaping Next Generation Networks. Business Communications Review, 35, 8+.
Wallace, R. P., Lusthaus, A. M., & Kim, J. H. (2005). Computer Crimes. American Criminal Law Review, 42(2), 223+.
Wetzel, R. (2005, February). Tackling Phishing: It’s a Never-Ending Struggle, but the Anti-Fraud Arsenal Continues to Grow. Business Communications Review, 35, 46+.
Mann, R. J., & Belzley, S. R. (2005). The Promise of Internet Intermediary Liability. William and Mary Law Review, 47(1), 239+.
Any business is facing constantly the following risk in respect of organizational security as regards to its information security. They are loss of information, loss of data’s and loss of confidentiality. In case if there is any unexpected disaster, the business should be equipped to meet this unforeseen circumstances and should evolve a solid resistance techniques and recovery options.
If a business fails to recognise and counter these risks, it could encounter financial loss, damage to its brand and loosing their competitive edge in the market. For instance, “in a health care industry, if there is an alteration or loss of data of patients, this could even result in death or injury and will cause irreparable damage to that institution.” In this network world, if a hacker pilfers proprietary information and damage data, imagine how much damage it would cause to asthat organisation and these absurdities can be kept at bay by technological means only. (Patrick Hinojosa, 2000)
Hackers are able to successfully intrude even though the organisation have a well protected firewalls and hijack information of the targeted organisation through e-mail worms , spy ware , remote access Trojans , ad ware , network worms , mustilage as well as blended threats , incremental infections by deploying all of the above.
Hackers and disgruntled erstwhile employees of an organisation by deploying worms, viruses attack on corporation systems. This has made a drain on the corporate revenues.
TOP 10 VIRUSES OF 2004:
For instance, during the year 2003 alone, there were about 53,000 break-ins which was about 150% increase over the 2000 year figure. Though information security is being considered as a technological problem, today’s network security can not be designed as tamper proof as the new security technology have a short life span as hackers often update their techniques.
For instance , one on-line retailer , Egghead.com lost about one-fourth of its stock value in December 2000 as it web site was under attack by hackers who have unauthorised access to 3.7 million credit card information’s. “Business giants like Merrill Lynch, AOL Time Warner, and Microsoft have started to pay more attention to information security by appointing a chief security officer who will co-ordinate with business leaders and IT managers to evaluate the business risk of losing key systems and to target security spending as business precedence.” (Jim Mccrory, 2003)
A well planned security measure includes the following:
- Offers least disruption to business activities and no suspension of service to its clients and business partners.
- Offers continued level of services to its customers.
- Diagnose the route cause and to provide total business recovery.
NETWORK MANAGEMENT CORE RESPONSIBILITIES
The responsibilities of a network manager are:
- Environmental and Physical Security
- Operations Management and Communication
- Access control to operating system.
- Teleworking and Mobile computing
- System Development and maintenance
- Provide support to network users
- Keep abreast of the latest technological developments in Telephone technologies and WAN and LAN services
- Keep abreast of the latest technological developments in Computers, data communications devices, network software, and the internet.
- Ensure the network is operating well
- Evaluate and acquire network hardware, software, and services.
- Develop a strategic plan to meet the organizations policies and goals.
- Assist senior management in understanding the business implications of network decisions and the role of the network in business operations.
SUCCESS FACTORS FOR AN EFFICIENT INFORMATION SECURITY SYSTEM:
- Consistency of Security policy with the organisation’s ethics and culture.
- Active support and commitment from top and line management of the organisation.
- Through knowledge of the requirements of information security.
- Proper education and training.
- Constant up gradation of IT security.
Data base of the organisation will have to analysed as regards to weakness or exposure that might survive and probable impairment that could be caused to the organisation through improper modification or revelation. This will also applicable to all corporate data base including organisation data base as well as warehousing projects and data mining and knowledge data base that are in force.
In case of disaster, the efficacy of the data recovery has to be analysed. The organisation’s offshore databases shall have to be evaluated as regards to their knowledge discovery potential and their security. Further in case of data –in-transit, organisation policy towards its security as regards to certificates, public key infrastructure and digital signature have to be evaluated.
A work sheet which contains apparent vulnerability that is not consistent with the ISO 17799 requirements has to be prepared. This work sheet would disclose impact of definite intimidations in adjectival values and will recommend necessary countermeasures to obviate the extent of impact.
MANAGEMENT OF THE NET WORK:
An information security system (IS) should monitor and administer network services and to offer a responsive and stable atmosphere and to ensure the drafting and implementation of network security policies for both LAN and WAN , to manage IP address allocation , DNS, routers , core hubs , switches and all other net work devices; IS has to disseminate internet , LAN ,WAN and email related information to network users and to establish policies and standards for network servers and also responsible for installation and management of servers in an organisation.
“An IS has to draft and implement the IT security policy for network server so as to avert unauthorized access to the network and IT resources and to implement and maintain security measures, to manage the firewall, the installation and maintenance and operation of virus protection systems, to supervise the firewall to detect the unscrupulous attempts to break –ins and to initiate appropriate action.” (Hunt, S. D. 2003)
MANAGING THE INFRASTRUCTURE:
“An IS has to guarantee that the WAN is functioning within well recognized standards to ensure competent data exchange capabilities between all remote sites of the organisation. It has to supervise the performance of the network infrastructure, maintains a log of reported problems, to supervise and control internet access and download via internet proxy servers and to offer technical support to IT staff with respect to configuration of network components. It has to guarantee that networking infrastructure equipment is properly maintained and to assure that adequate inventory of spare parts is maintained and to see that the entire annual maintenance contracts are kept current and assessed.” (Axner, D. H, 1991)
“An information security system should stress on training activities in all aspect of technology usage and should train the staff and users in a variety of IT systems and communications used in an organisation.” (Piazza, P, 2002)
New Technologies that can defend latest, mysterious threats without human intervention must be developed and deployed to guarantee the integrity of IT systems.Moreever; it should be cost effective and must be within the security budgets of an organisation. Further, it should also ensure that is should not increment the workload of the already overburdened IT departments of the organisation.
Information security does not created by chance .Information in a network should be adequately protected to prevent major catastrophic events. Vendors has the moral duty to develop more sophisticated measures that are difficult to compromise , while end users should enhance their awareness of the technical and administrative procedures that can augment information security .It is worth while to note that in case of information security , a dollar spent on prevention methodology is worth of a thousand dollars of IT man-hours.
Patrick Hinojosa, 2000, “in a health care industry, alteration or loss of data of patients; could result in death or injury and will cause irreparable damage to that institution.”
Patrick Hinojosa, 2000, “Hackers successfully intrude even the organisation which have well protected firewalls and hijack information…”
Jim Mccrory, 2003, “Merrill Lynch, AOL Time Warner, and Microsoft have started to pay more attention to information security…”
Daniel F. Lohmeyer , Jim Mccrory , Sofya Pogreb, 2002, “during the year 2003 alone, there were about 53,000 break-ins which was about 150% increase over the 2000 year figure”
Hunt, S. D. 2003, “IS has to draft and implement the IT security policy for network server so as to avert unauthorized access to the network and IT resources…”
Piazza, P, 2002, “An information security system should stress on training activities in all aspect of technology…”
Axner, D. H, 1991, “IS has to guarantee that the WAN is functioning within well recognized standards to ensure competent data exchange capabilities between all remote sites of the organisation…”
Axner, D. H. (1991, March). Access and Authentication: Key Issues in Network Security. Business Communications Review, 21, 61+.
Hinojosa, P. (2005). Information Security: Where We’ve Been and Where We Need to Go. T H E Journal (Technological Horizons In Education), 32(7), 36.
Hunt, S. D. (2003, December). Do Companies Need a Security Pooh-Bah? There’s a Lot of Talk about Combining IT and Physical Security in One Department. But There’s a Better Way to Reach the Same Goal. Security Management, 47, 142+.
Landoll, D. (2005, January). Does IT Security Myth the Point? Information Security Programs Often Fail Because They Are Based on Myths and Misconceptions. Security Management, 49, 110+.
Lohmeyer, D. F., Mccrory, J., & Pogreb, S. (2002). Managing Information Security. 12+.
Piazza, P. (2002, March). One Brick in the Security Wall: One of the Most Important Elements of Information Security-The Regular Patching of Software Vulnerabilities-Is Often a Loose Brick in the Security Wall. Security Management, 46, 32+.
Piazza, P. (2004, June). Crime Fighters Cast Wide Net: The Cybercop Web Portal Allows Authorized Crimefighters around the World to Access a Database of Sensitive Information. Security Management, 48, 119+.
Tippett, P. S., & O’Neill, D. T. (2001). Managing Information Security Risk 2001. ABA Banking Journal, 93(12), 74+.
Van Heuven, M., Botterman, M., & De Spiegeleire, S. (2003). Managing New Issues: Cyber Security in an Era of Technological Change /. Santa Monica, CA: Rand.
Accounting for Security. (2004, June 27). Manila Bulletin, p. NA