Monday, October 30, 2006

Module 7 Computer Abuses

Ethics deals with placing a value on acts according to whether they are good or bad. Ethics involves standards; values, morals, principles, and the like which are used as basis for one's decisions or actions. Often there no clear good or bad action.

When computers first began to be used, there were no ethical standards relevant it. However, as the use of computers became widespread, computer ethics became a concern. Today, most of the rules on the ethical use of computers have already been formulated as laws such as E-commerce law to curb down computer crimes and fraud.

Major Classification of Computer Abuses

Denial of Service
A denial of-service attack is characterized by an explicit attempt by at­tackers to prevent or bar legitimate users of computers from availing them­selves of computer services. Examples of denial-of-service attacks are:
attempts to "flood" a network, thereby preventing legitimate network traffic attempts to disrupt connections between two machines, thereby pre­venting access to a service attempts to prevent a particular individual from accessing a service attempts to disrupt service to a specific system or person
Denial-of-service attacks come in a variety of forms and aim at a variety of services. There are three basic types of attack:
1. consumption of scarce, limited, or non-renewable resources;
2. destruction or alteration of configuration information
3. physical destruction or alteration of network component


Consumption of scarce, limited, or non-renewable resources:

Consumption of scarce resources targets network connectivity. The goal is to prevent hosts (or network servers) from communicating on the net­work. In this type of attack, the attacker begins the process of establishing a connection to the victim machine, but does it in such a way as to pre­vent the ultimate completion of the connection. In the meantime, the vic­tim machine has reserved one of a limited number of data structures required to complete the impending connection. The result is that legiti­mate connections are denied while the victim machine is waiting to com­plete bogus "half-open" connections.
In bandwidth consumption, an intruder may also be able to consume all of the available bandwidth on your network by generating a large num­ber of packets directed to your network. Typically, these packets are ICMP ECHO packets, but in principle they may be anything. Further, the in­truder need not be operating from a single machine; he may be able to coordinate or co-opt several machines on different networks to achieve the same effect. An intruder may consume other resources that your systems need in order to operate, For example, in many systems; a limited number of data structures are available to hold process information. An intruder may be able to consume these data structures by writing a simple program or script that does nothing but repeatedly create copies of itself, Many modern operating systems have quote facilities to protect against this problem, but not all operating systems do. Moreover, even if the process table is not filled, the CPU may be consumed by a large number of pro­cesses and the associated time spent switching between processes. An intruder may attempt to consume disk space in other ways, including generating excessive numbers of mail messages, intentionally generating errors that must be logged, and placing files in anonymous ftp areas or network shares.

Alteration of configuration information

An improperly configured computer may not perform well or may not operate at all. An intruder may be able to alter or destroy configuration information that prevents you from using your computer or network. For example, if an intruder can change the muting information in your routers, your network may be disabled. If an intruder is able to modify the registry on a Windows NT machine, certain functions may be unavail­able.

Physical destruction or alteration of network components

The primary concern in this type of attack is physical security. You should guard against unauthorized access of com­puters, routers, network wiring closets, network backbone segments, power and cooling stations, and any other critical components of your network. Physical security is a prime component in guarding against many types of attacks

Hacking

Hacking involves unauthorized access to a computer, its files, and pro­grams, There are many reasons why hackers hack computers.

1. Theft of service, meaning, if a system offers some type of service and a hacker has a use far it, he/she will hack the system. For example, a hacker can hack into a system to use The CPU for free or to use it for sending emails for free.

2. Hacking is to take valuable files, such as credit card numbers and list of customers, The hacker may sell the informa­tion gathered to rival companies.

3. Vengeance and hatred. For example, a hacker may get into the homepage of the university that kicked him out and deface the homepage.

4. Some hackers break into systems for the thrill and excitement because somewhere they are not authorized to be.

5. For the sake of knowledge and ex­perimentation. Hackers learn a great deal every time they break into a new type of system.

Flaming

Flaming is the sending of abusive email or messages to other people or newsgroups. You flame people when you disrespect their opinion and attack them personally, calling them names or questioning their parent­age. Flaming is considered poor online conduct and is not tolerated well in chat rooms or newsgroups. Other people in the chat room or newsgroup can quickly turn on individuals who flame. It is best to practice good online conduct and avoid getting into personal confrontations with other people.

Spamming

Spam, sometimes called unsolicited commercial email, is the internet version of junk mail. It is an attempt to deliver a message over the Internet to someone who would not otherwise choose to receive it. Almost all spam is commercial advertising. Scanning Usenet creates potential target lists postings, stealing Internet mailing lists, or searching the web for addresses. Automated searches are used to retrieve e-mail addresses for spamming. The low cost of e-mail spamming engines offered for sale with millions of email addresses, coupled with the fact that the sender does not pay extra to send email, has resulted in the explosive growth of junk email. Cur­rently, unless the spammer offers to sell illegal items, there is no legal way of putting a stop to e-mail spammers. Many Internet Service Providers now have policies on spamming, includ­ing disabling the offender's account. In some countries, spamming is con­sidered illegal.

Worm and Virus


A virus is a program that reproduces its own code by attaching itself to other executable files in such a way that the viruses code is executed when the infected executable file is executed. A virus reproduces usually with­out your permission or knowledge. In general terms a virus has an infec­tion phase during which it reproduces widely, and an attack phase dur­ing which it does whatever damage it is programmed to do (if any).

A worm is a self-replicating program designed to spread across a net­work without requiring any outside actions to take place. The main dif­ference between a worm and a virus is that a virus relies on human actions, such as sending e-mail or sharing files, to copy itself from one computer to another, whereas a worm is able to do so independently, allowing it to spread much faster.

Internet Hoax

Among the junk mail and spam that fill our e-mail boxes are dire warn­ings about devastating new viruses, Trojans that eat the heart out of your system, and malicious software that will destroy everything you have in your hard disk. There are also messages about free money, children in trouble, and other items designed to grab you and get you to forward the message to everyone you know. These messages are hoaxes or chain let­ters. While hoaxes do not automatically infect systems like a virus or Tro­jan, they are time consuming and costly to remove from all the systems where they exist.

0 Comments:

Post a Comment

<< Home