You are on page 1of 5

LAB 5 SECURITY APPROACH IN NETWORK THEORY NETWORK SECURITY START FROM AUTHENTICATING THE USER, COMMONLY WITH A USERNAME

E AND A PASSWORD. (e.g SECURITY TOKEN, ATM CARD, MOBILE PHONE ETC). A FIREWELLENFORCE ACCESS POLICUES SUCH AS SERVICE WHICH ALLOWING BEING ACCESS BY THE NETWORK USER. ANTI VIRUS SOFTWARE THROUGH AWAY ALL OF VIRUS SUCH WORM, TROJAN AND ETC.SYSTEM (IPS) HELP DETECT SYSTEM MAY ALSO MONITOR THE NETWORK.

KESIMPULAN LAB 5 Dalam pengkomputeran serangan penafian-of-perkhidmatan (DoS serangan) atau diedarkan serangan penafian of- perkhidmatan (DDoS serangan) adalah satu cubaan untuk membuat mesin atau rangkaian sumber tersedia untuk pengguna yang dimaksudkan. Walaupun cara-cara untuk menjalankan, motif, dan sasaran serangan DoS mungkin berbeza-beza, ia secara amnya terdiri daripada usaha untuk sementara atau selamalamanya mengganggu atau menggantung perkhidmatan tuan rumah yang disambungkan kepada internet. Pelaku serangan DoS biasanya laman sasaran atau perkhidmatan dihoskan kepada pelayar web berprofil tinggi seperti bank, gerbang pembayaran kad kredit dan juga akar mengacu pada pelayan nama. Teknik ini kini telah melihat penggunaan yang luas dalam permainan tertentu, yang digunakan oleh pemilik pelayan, atau pesaing tidak puas hati atas permainan. Semakin serangan DoS juga telah digunakan sebagai satu bentuk rintangan, DoS yang mereka katakan adalah alat untuk mecatatkan perbezaan pendapat. Richard Stallman telah menyatakan bahawa DoS adalah satu bentuk Internet Straight Protes [1] istilah ini selalunya digunakan berkaitan dengan rangkaian computer, tetapi tidak terhad kepada bidang ini sebagai contoh, ia juga digunakan untuk merujuk kepada pengurusan sumber CPU [2]. Salah satu serangan yang melibatkan tepu mesin sasaran dengan permintaan komunikasi luar, sehinggakan ia tidak boleh bertindakbalas kepada lalu lintas yang sah atau bertindakbalas supaya perlahan-lahan seperti yang diberikan pada dasarnya tidak ada. Serangan tersebut biasanya membawa kepada beban pelayan, dari segi umum serangan DoS dilaksanakan oleh samada memaksa computer yang disasarkan (s) untuk menetapkan semula atau mengahalang media komunikasi antara penggunaan yang dimaksudkan dan mangsa supaya mereka boleh tidak lagi berkomunikasi secukupnya.

DISCUSSION 1) Different spyware, tracking, cookies, adware and pop-up SPYWARE, POP-UPS AND ADWARE Spyware is as the name implies design to spy on you and collect information. Some spyware can even be employed to change system setting, install applications and redirect your browser. The most malicious types can be used to collect personal information like credit card number and password. Other spyware is a bit less harmful; this type of malware (malicious software) is designed to collect information such as that website you visit. All in all, no type of spyware is desirable. Pop-ups are annoying and can be malicious at well. Usually they are ads that many show up on your screen or behind your open webpage. Most web browser include some form of popup blocker technology; Microsoft was the first to provide a popup blocker with their browser Internet Explorer in 2004. Some form of downloader content, much as images, music or video, Example you may click the X to close the window and the new one will show up. Popup have also been known to deliver spyware. SPYWARE, ADWARE, COOKIES? The internet, or the World Wide Web, is an ever changing place. Its almost like a living thing as it continues to grow and evolve and its potential is nearly limitless. During the early day when web sites were being developed people found it sometime difficult typing in the same information over and over again just to get into a regular basis. So, to make your life a litter easier, items likes cookies where inverted. Storing a cookie on your computer would allow the sites that you regularly visited to recognize you as a return visitor. In some cases automatically filing in certain information on their login forms, determine what part of the country (or world) you are located in, and other basic information. As in the case with most things made to make your life easier there are those who will take it to the next level.

2) Describe Spam Spam is most considered to be electronic junk mail or junk new group posting. Some people define spam even more generally as any unsolicited email. However if a long lost brother find your email address and send youre a message, this cloud hardly be called spam, even though it is unsolicited. Real spam is generally email advertising for some product send to a mailing list or newsgroup. In addition to wasting peoples time with unwanted, spam also eats up a lot of network bandwidth. Consequently, there are many organizations, as well as individuals, who have taken it upon themselves to fight spam with a variety of techniques. But because the internet is public, there is really little that can be done to prevent spam, just as it is impossible to prevent junk mail. However, some online services have instituted policies to prevent spammer from spamming their subscriber. 3) Identify the importance of update software and patches A patch is a record of changes made to a set of resources. Typically a patch will add a new feature, fix a bug, or add documentation to the project. A popular means of creating a patch is by using diff, tool that is commonly available on Linux and Unix systems. Patches are the preferred way to submit contributions to open development project such as open source software. The contributor creates a patch and submits in to the project. The project maintainer can then inspect the changes and apply them to main code base if theyre so choose. Various tools are available to help with patches. These tools make is very easy to create and manage patches for project outputs such as source code and documentation. Patches and patch management tools are the key to build an active community of contributors to on open development project. This document provides a simple overview of a software patch. It does not deal with the machines of creating and processing patches, which are batter handled by the documentation of the patch management tools chosen. In the further reading section, we list a few tools to help you get start with creating patches.

4) Explain denial of service and brute force attack? The concept is extended to security I an obvious manner. For example, if you want to break into someones account on a system that requires 8 -characterpasswords, you could just start trying passwordsaaaaaaaa, aaaaaaab,-- and eventually itll work. That brute force, you could try a list of common password (less brute forceish). Or you could notice the site store youre logged in as in a cookies, and edit the cookie (not brute force). Similar with breaking encryption. You could try all possible keys (brute force, not going to finish this life time on a reasonable cipher). Or you could and analyse the cipher for weaknesses every hours if its a good cipher, definitely not brute force) And, to tie it all up, if you want to take down a site, you could just send a bunch of traffic/ request/ whatever in its general direction. Thats brute force. Thats a DoS attacks.