Professional Documents
Culture Documents
A computer virus is a malicious program which is loaded into the user’s computer without
user’s knowledge. It replicates itself and infects the files and programs on the user’s PC. The ultimate goal of a virus
is to ensure that the victim’s computer will never be able to operate properly or even at all.
Computer Worm
A computer worm is a software program that can copy itself from one computer to another,
without human interaction. The potential risk here is that it will use up your computer hard disk space because a
worm can replicate in greate volume and with great speed.
Phishing
Disguising as a trustworthy person or business, phishers attempt to steal sensitive financial or personal information
through fraudulent email or instant messages. Phishing in unfortunately very easy to execute. You are deluded into
thinking it’s the legitimate mail and you may enter your personal information.
Botnet
A botnet is a group of computers connected to the internet, that have been compromised by a
hacker using a computer virus. An individual computer is called ‘zombie computer’. The result of this threat is the
victim’s computer, which is the bot will be used for malicious activities and for a larger scale attack like DDoS.
Rootkit
Application Security
Application security is the introduction of security features in applications during their development process. This
actively helps prevent potential cyber threats such as data breaches, denial-of-service attacks (DoS), SQL injection,
and many others. Some examples of application security tools are antivirus software, firewalls, web application
firewalls, encryption, etc.
Information Security
Information security is a set of practices that aim to protect the confidentiality, integrity, and availability (known as
the CIA triad) of data from unauthorized access and misuse.
Network Security
Network security is any activity that aims to protect the integrity and usability of a network and data. It consists of
both hardware and software technologies that are specifically designed to prevent unauthorized intrusion into
computer systems and networks.
Endpoint Security
End-users are increasingly becoming the biggest security risk unintentionally. With no-fault from their end,
exempting the lack of awareness, the virtual gates of an organization are open to hackers and attacks. Most of the
end-users are unaware of the ICT policy, and therefore, it is imperative that the users who handle sensitive
information on a regular basis understand and be knowledgeable about all comprehensive security policies,
protocols, and procedures.
Internet Security
Internet security is one of the most important types of computer security that come with a set of rules and protocols
that focus on specific threats and activities that happen online. It provides protection against hacking, DoS attacks,
computer viruses, and malware.
Vulnerability
Vulnerability in cyber security refers to any weakness in an information system, system processes, or internal
controls of an organization. These vulnerabilities are targets for lurking cybercrimes and are open to exploitation
through the points of vulnerability.
Threat
A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach
security and cause harm. That is, a threat is a possible danger that might exploit a vulnerability.
Attack
An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt
(especially in the sense of a method or technique) to evade security services and violate the security policy of a system.
A useful means of classifying security attacks, used both in X.800 and RFC 4949, is
in terms of passive attacks and active attacks.
A passive attack attempts to learn or make use of information from the system but does not affect system resources. An active
attack attempts to alter system resources or affect their operation.
Passive Attacks
Passive attacks (Figure 1.2a) are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is
to obtain information that is being transmitted. Two types of passive attacks are the release of message contents and traffic
analysis.
The release of message contents is easily understood. A telephone conversation, an electronic mail message, and a transferred
file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these
transmissions.
A second type of passive attack, , is subtler. Suppose that we had a way of masking the contents of messages or other information
traffic so that opponents, even if they captured the message, could not extract the information
from the message. The common technique for masking contents is encryption. If we had encryption protection in place, an
opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity
of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be
useful in guessing the nature of the communication that was taking place.
Passive attacks are very difficult to detect, because they do not involve any alteration of the data. Typically, the message traffic is
sent and received in an apparently normal fashion, and neither the sender nor receiver is aware that a third party has read the
messages or observed the traffic pattern. However, it is feasible to prevent the success of these attacks, usually by means of
encryption. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection.
Active Attacks
Active attacks (Figure 1.2b) involve some modification of the data stream or the creation of a false stream and can be subdivided
into four categories: masquerade, replay, modification of messages, and denial of service.
A masquerade takes place when one entity pretends to be a different entity (path 2 of Figure 1.2b is active). A masquerade
attack usually includes one of the other forms of active attack. For example, authentication sequences can be captured and
replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain
extra privileges by impersonating an entity that has those privileges.
Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect (paths 1,
2, and 3 active).
Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or
reordered, to produce an unauthorized effect (paths 1 and 2 active). For example, a message meaning “Allow John Smith to read
confidential file accounts” is modified to mean “Allow Fred Brown to read confidential file accounts.”
The denial of service prevents or inhibits the normal use or management of communications facilities (path 3 active). This attack
may have a specific target; for example, an entity may suppress all messages directed to a particular destination
(e.g., the security audit service). Another form of service denial is the disruption of an entire network, either by disabling the
network or by overloading it with messages so as to degrade performance.
Active attacks present the opposite characteristics of passive attacks. Whereas passive attacks are difficult to detect, measures are
available to prevent their success. On the other hand, it is quite difficult to prevent active attacks absolutely because of the wide
variety of potential physical, software, and network vulnerabilities. Instead, the goal is to detect active attacks and to recover
from any disruption or delays caused by them. If the detection has a deterrent effect, it may also contribute to prevention.
ERROR -404
You know the page you click on a link, but instead of getting the site you want, an error pops up Indicating that the
requested page is not available something along the lines of 1404 Not found". A 404 error is the standardized HTTP
status code. is sent from the webserver of The message offline presence, to the web browser (usually the client) that
sent the HTTP request. The browser. then displays this error code.
How does a '404 error' come about?
The typical trigger for when website. an error 404 message content has been removed or moved to another URL.
There are also other reasons why error message could appear. These include:
I) The URL of its content (such as files or images) either deleted or mould (without adjusting any internal
links accordingly)
II) The URL was written incorrectly (during the creation process or a redesign), linked incorrectly, or
typed into the browser correctly.
III) The server responsible for the website is not running or the connection is broken.
IV) The requested domain name of can't be converted to an IP by the DNS (Domain Name Space).
V) The entered domain name doesn’t exist (anymore).
How to fix the error 404 not found:
1) Reload the Page: It might be that the error 404 has appeared for the simple reason that the page I did not load
property. These can be checked quite easily by clicking your browser on the 'Refresh' button in or also by presing
the F5 buttons.
2) Check the URL: Regardless of you whether have entered the URL address manually or been directed. via a link,
could be that a mistake has been made. For this reason you should check the specified path of the website.
3) Delete the browser cache and cookies: If you can access the website from another device, and the HTTP 404
error only seems to appear on a certain computer, then the problem could lie with your browser. Therefore you
should delete the browser cache as well as all cookies for this site.
1. Buffer Overflow Attacks: A buffer is a temporary area for originally program data storage. When
more data (than was allocated to be stored) gets placed by ar system process, It cause some of the a extra
data overflow that data to leak out into other buffers, which can corrupt or overwrite whatever data they
were holding. In an overflow-buffer attack, the data / extra data sometimes holds specific instructions for
actions intended by hacker or malicious user; for a example: the data could trigger a response that
damages files, changes data or unveils private information
Defending against Buffer Overflow:
There are four basic mechanisms of defence against buffer overflow attacks.
1) Writing correct programs.
2) Enlisting the help of the operating system make storage areas for buffers non-executable.
3) Enhanced compilers that perform checking
4) Performing integrity checks on code pointers before bounds dereferencing them.
Buffer Overflow Preventions:
Developers can protect against buffer overflow Vulnerabilities via security measures in there code, or by
using languages that offer built in protection.
In addition, modern operating systems have runtime Protection:
1) Address space randomization (ASLR): randomly moves around the address space locations of data
regions. Typically, buffer Overflow attacks need to know the locality of executable code, and
randomizing address spaces makes this virtually impossible. .
2) Data Execution prevention: flags within areas of memory as non-executable or executable, which
stops an attack from running code in a non-executable region.
3) Structured exception handler overwrite protection (SEHOP): helps stop malicious code from
attacking structured Exception Handling (SEH), a built-in system for managing hardware and software
exceptions.
It thus prevents to make attacker from being able of the SEH overwrite exploitation technique. At a
functional level, an SEH overwrite is achieved using an a stack based buffer overflow to overwrite an
exceptions registration record, stored on a thread's stack.
Security measures in code and operating system protection are not enough. When an organization
discovers a buffer overflow vulnerability, it must react quickly to patch me affected software and make
sure that users of the software can access the patch.
So, if we give proper values in front of %n %hn , %n %hn would consider that value as address and store
the number of bytes printed at the corresponding address on the memory.
And unfortunately, most languages and most compilers raise no error at all and simply perform a modulo operation,
wrap around, or truncation, or they have other undefined behavior
For example:
One operation may treat an integer as an unsigned one and another operation may treat exactly the same integer as a
signed one, therefore interpreting the value incorrectly.
Integer Overflow Risks: Most integer overflow conditions simply lead to erroneous program behaviour but do not
cause any vulnerabilities. However, in some cases, integer overflows may have severe consequences.
If an integer overflow happens when you calculate the length of a buffer, you may end up with a buffer
overflow. A buffer overflow lets the attacker gain shell access and attempt further. Privilege escalation.
If an integer overflow, overflow happens during financial calculations, it may, for example, result in the
customer receiving credit instead of paying for a purchase or may cause a negative account balance to
become positive.