Security

Africa Deploying UMTS Below 600MHz

Cameroun Le taux de couverture en TIC reste faible au Cameroun

Cameroun Réflexions sur l`accès du monde rural aux TIC à Yaoundé

Cameroon Des investisseurs américains chez le PM

Cameroun Les cartes de crédit ne sont pas sur le marché,à quand l'engagement des banques?

Malaria EU Grid Computing Effort Takes on Malaria

Cameroon Scheme to Extend Internet in Cameroon

NOS PARTENAIRES:

Computer Security

Computer security is a field of computer science concerned with the control of risks related to computer use and NEMBOT as a leader on this field is fully able to provide you with the best secure environment at work for all you datas.

The means traditionally taken to realize this objective is to attempt to create a secure computing platform, designed so that agents (users or programs) can only perform actions that have been allowed. This involves specifying and implementing a security policy . The actions in question can be reduced to operations of access, modification and deletion. Computer security can be seen as a subfield of security engineering , which looks at broader security issues in addition to computer security.

In a secure system the authorised users of that system are still able to do what they should be able to do. While one might be able to secure a computer beyond misuse using extreme measures (locked in a vault without any means of power or communication for example), this would not be regarded as a useful secure system because of the above requirement.

It is important to distinguish the techniques used to increase a system's security from the issue of that system's security status. In particular, systems which contain fundamental flaws in their security designs cannot be made secure without compromising their usability. Consequently, most computer systems cannot be made secure even after the application of extensive "computer security" measures. Furthermore, if they are made secure, often it is to the detriment of usability.

The most Incidents of Network Security are  :

  • Trojan horse programs
    Trojan horse programs are a common way for intruders to trick you (sometimes referred to as "social engineering") into installing "back door" programs. These can allow intruders easy access to your computer without your knowledge, change your system configurations, or infect your computer with a computer virus.
  • Back door and remote administration programs
    On Windows computers, three tools commonly used by intruders to gain remote access to your computer are BackOrifice, Netbus, and SubSeven. These back door or remote administration programs, once installed, allow other people to access and control your computer.
  • Denial of service
    Another form of attack is called a denial-of-service (DoS) attack. This type of attack causes your network to crash or to become so busy processing data that you are unable to use it. It is important to note that in addition to being the target of a DoS attack, it is possible for your computer to be used as a participant in a denial-of-service attack on another system. It often causes a more serious network security event
  • Being an intermediary for another attack
    Intruders will frequently use compromised computers as launching pads for attacking other systems. An example of this is how distributed denial-of-service (DDoS) tools are used. The intruders install an "agent" (frequently through a Trojan horse program) that runs on the compromised computer awaiting further instructions. Then, when a number of agents are running on different computers, a single "handler" can instruct all of them to launch a denial-of-service attack on another system. Thus, the end target of the attack is not your own computer, but someone else's -- your computer is just a convenient tool in a larger attack.
  • Unprotected Windows shares
    Unprotected Windows networking shares can be exploited by intruders in an automated way to place tools on large numbers of Windows-based computers attached to the Internet. Because site security on the Internet is interdependent, a compromised computer not only creates problems for the computer's owner, but it is also a threat to other sites on the Internet. The greater immediate risk to the Internet community is the potentially large number of computers attached to the Internet with unprotected Windows networking shares combined with distributed attack tools.
    Another threat includes malicious and destructive code, such as viruses or worms, which leverage unprotected Windows networking shares to propagate.
    There is great potential for the emergence of other intruder tools that leverage unprotected Windows networking shares on a widespread basis.
  • Mobile code (Java/JavaScript/ActiveX)
    There have been reports of problems with "mobile code" (e.g. Java, JavaScript, and ActiveX). These are programming languages that let web developers write code that is executed by your web browser. Although the code is generally useful, it can be used by intruders to gather information (such as which web sites you visit) or to run malicious code on your computer. It is possible to disable Java, JavaScript, and ActiveX in your web browser.
  • Cross-site scripting: A malicious web developer may attach a script to something sent to a web site, such as a URL, an element in a form, or a database inquiry. Later, when the web site responds to you, the malicious script is transferred to your browser.
    You can potentially expose your web browser to malicious scripts by
    following links in web pages, email messages, or newsgroup postings without knowing what they link to
    using interactive forms on an untrustworthy site
    viewing online discussion groups, forums, or other dynamically generated pages where users can post text containing HTML tags.
  • Packet Sniffing: A packet sniffer is a program that captures data from information packets as they travel over the network. That data may include user names, passwords, and proprietary information that travels over the network in clear text. With perhaps hundreds or thousands of passwords captured by the packet sniffer, intruders can launch widespread attacks on systems and hurt the network security. Installing a packet sniffer does not necessarily require administrator-level access.
    Relative to DSL and traditional dial-up users, cable modem users have a higher risk of exposure to packet sniffers since entire neighborhoods of cable modem users are effectively part of the same LAN. A packet sniffer installed on any cable modem user's computer in a neighborhood may be able to capture data transmitted by any other cable modem in the same neighborhood.
A propos de NEMBOT | Legal Info | Privacy Policy | Contact | ©2006 NEMBOT Consulting