In this Guide we will discusses the classification of threats, methods and means of information protection, identification of key concepts in the field of cryptography, the classic methods of encryption and standard cryptographic systems, and software data protection (built into the OS and external).
Judging by the growing number of publications and companies professionally engaged in the protection of information in computer systems, this task is given great importance. One of the most obvious causes of the violation of the protection is intentional unauthorized access (unauthorized access) to confidential information by illegal users and subsequent unwanted manipulation with this information. Information security - a set of activities undertaken to prevent the diversion, theft, loss, unauthorized destruction, mutilation, modification (forgery), the unauthorized copying, blocking information, etc. As the loss of information can happen on a purely technical, objective, and unintended reasons, under this definition, and also activities related to improving the reliability of the server because of refusals or failures in the disk, defects in the software used, etc.
It should be noted that along with the term "information security" (as applied to computer networks) is widely used, usually in the near meaning of the term "computer security".
The transition from work on personal computers to work in a network complicates the protection of information for the following reasons:
- large number of users on the network and their variable composition. Protection at the level of the user name and password is not sufficient to prevent the entrance of the network by unauthorized persons;
- considerable length of the network and the presence of many potential channels of penetration into the network;
- already identified weaknesses in hardware and software that are often found not to pre-stage, called beta testing, and in the process of exploitation. In nonideal including built-in data protection, even in such well-known and "powerful" network operating system, like Windows NT or NetWare.
The severity of the problems associated with long chains to one of its segments to the coaxial cable. The network has many natural sites and channels of unauthorized access to information in the network. Each device in the network is a potential source of electromagnetic radiation from the fact that the relevant fields, especially at high frequencies, escape non ideally. The system ground along with the cable system and a network of power can serve as channels of access to information online, including in areas outside the zone of controlled access, and therefore especially vulnerable. In addition to electromagnetic radiation, the potential threat contactless electromagnetic effects on the cable system. Of course, if you are using a wired connection type coaxial cables or twisted pairs, often called copper cables, and possibly a direct physical connection to a cable system. If the passwords to log into a network of known or chosen, it becomes possible to unauthorized entry into a network with a file server or a workstation. Finally possible leakage of information through channels outside the network:
- storage media
- elements of building structures and windows that form the channels of leaks of confidential information by the so-called effect of the microphone,
- telephone, radio, and other wired and wireless channels (including channels of mobile communication).
Any additional connections to other segments or connect to the Internet pose new challenges. Attacks on the local network via an Internet connection in order to gain access to confidential information that has recently gained wide distribution because of the flawed system to protect the information embedded in the protocols TCP / IP. Network attacks via the Internet can be classified as follows:
- Packets Sniffer (sniffer - in this case in terms of filtering) - an application that uses a network card that works in promiscuous (do not distinguish) mode (in this mode, all packets received on physical channels, the network adapter sends the application for processing) .
- IP-spoofing (spoof - deception, hoax) - occurs when a hacker inside or outside the corporation, is impersonating the authorized user.
- Denial of service (Denial of Service - DoS). DoS attack makes the network inaccessible for normal use by the excess of allowable limits of operation of the network, operating system or application.
- Password attack - an attempt to legitimate the user selecting a password to log into the network.
- Attacks Man-in-the-Middle - direct access to the packets transmitted over the network.
- Attacks at the application level.
- Network intelligence - gathering information about the network by using publicly available data and applications.
- Abuse of trust within the network.
- Unauthorized access (unauthorized access), which can not be considered as a separate type of attack, as the majority of network attacks are carried out to gain unauthorized access.
- Viruses and applications such as "Trojan horse".
Bookmarks