Computer Attacks and Their Counter Measures - Essay Example

Computer Attacks and Their Counter Measures al Affiliation Computer Attacks and Their Counter Measures Introduction It is almost impossible to achieve complete security, and it is getting much harder by the year. The initially outdated systems that centralized on building a strong room around the computer servers are certainly not efficient to handle the kind of threats that have emerged recently. Undeniably, dependence on forms of systems that mitigate only one kind of threat can also lead to complacency. The types of attacks being used currently will work around the defenses of the target, while centralizing on areas of vulnerability including software’s, systems and most of all the people. This article will analyze some of these modern computer attacks, how they happen and ways of mitigating them. DDOS attack A DDoS attack is an ill attempt to make a network or server resource unavailable to users, often through disrupting or suspending the services of a connected host from the internet. The DDoS attack can be achieved by two main ways. First, the attacker, using malware or Trojan can take over several computers on the internet, creating a botnet in the process. Secondly, the attacker then controls the affected computers and makes them attack simultaneously the target thus achieving their initial goal (Gu & Liu, 2007). The DDoS attacks can be resolved, mainly through the incorporation of blocking and detection mechanisms, that apply even during the spoofed attacks, when attacker profiles and identities are constantly changing. Others include, giving more complete capabilities of verification than either IDS signatures or static routers filters can provide. Prevent dependence on configuration changes or network device resources. In-built intelligence processes being infused with only contaminated traffic packets that would guarantee minimum scaling costs and maximum reliance. Implement procedures for communication standards to help guarantee maximum reliability and interoperability. Blocking and identifying individual spoofed packages to guard genuine business transactions (Patel & Patel, 2014). Session hijacking TCP session, or session hijacking, is generally a means of taking over a session of a web user by obtaining surreptitiously the session Id and pretending to be the official session user. Once accessed, the invader can pretend to be the official user and freely access and manipulate data as they please. Hackers popularly use routed IP packets from the original source to hijack a session. Through re-routing the communication to go through his computer, he can communicate with the different machines simultaneously. An effective example of such an attack is the intermediary attack. In this attack, the hacker is in-line between the two communicating machines and implements a sniffing program to reach out to them and connect. A regular aspect of such attacks is to implement a DDoS attack against one side to cut off the communication. This attack can either be against the network connection to force heavy packet loss or machine to force it to crash (Cashion & Bassiouni, 2011). Mitigation procedures for the TCP session include constant use of secure connections since encrypted connections between server and client is created by the SSL, and thus any stolen information during this period would be useless to the hacker. In addition, regular regeneration of user sessions is also an effective counter measure. In that, even though a session identifier could be stolen, it would become useless once the regeneration has occurred. Usage of HTTP only cookies would make it hard for session hijacking attacks (Dacosta, Chakradeo, Ahamad & Traynor, 2011). SQL Injection SQL injection is a type of attack technique that is known for its exploitation of security weaknesses happening in the application database layer. The injections are implemented by the hackers to attain illegal access to the underlying structure, data and the computers DBMS. These SQL injection attacks are said to happen when a web application does not authenticate the received values from a cookie, web form, or an input parameter, before transitioning them to be executed at the SQL queries on a database server. This lapse enables an attacker to control he input so that the data is understood as a code as compared to data. Mitigation strategies include; using parameterized queries so that dynamic SQL can be generated as counter measures for attacks. Avoid use of obvious names in sensitive data, database structure mainly because the attacker has to guess the name to get an effective database structure, thus putting a complex one is probably safer. Using validate user inputs to protect against other attacks apart from, SQL Injection that include, Cross Site Scripting. Controlling the Dynamic SQL, to ascertain that it is not generated into the source code particularly based on user-controlled inputs. Creating a shield protection-using web based application firewalls, without particularly changing the applications that already existed (Halfond, Viegas & Orso, 2006). Hacking a Web server A hacked or exploited server is one that is no longer completely or fully being controlled by the authorized person. This implies that a second person is now partly using and controlling the server for their own interests. Some of these reasons often include, for launching out controlled attacks to other servers, therefore consuming your, memory, CPU and bandwidth resources in the process, sending out spam mail and for installing on your server a phishing website, to gain sensitive data (Palmer, 2001). Hacking or compromising of a server can mainly happen in two ways namely; through the hacker gaining access by capitalizing on a security hole found in a web based application, plug-in or add-on’s. Another way that this happens is by the hacker gaining or guessing a password of a user in the same server, it can either be an ftp, email or ssh user in the server. Mitigation strategies include; use of very complicated or strong passwords, this includes those used in the Plesk, Account Center and the root passwords. Analysis has proved that the stronger the password the more secure a server is. While accessing or connecting to the services, it is recommended to use secure connections if possible. This includes, email SSL connections, and prioritizing use of SFTP over the more common FTP procedures. Regular backing up of data is also a good mitigation strategy. In that it often takes a while to notice that the domain or a server has been infiltrated, therefore in such cases restoring from the last clean backup would be more appropriate to mitigate any further damage and un-necessary harm to the system. Lastly, another recommended strategy would be through, making a few variations to the initial php.ini files in the system to further increase the security level of the provided services (Hollander, 2009). Hacking a Wireless Network To go wireless generally needs an internet access point like DSL modem or cable to be connected to a wireless router, that sends a signal through the air, for an approximate several hundred feet. Any computer device that is within that range and has a wireless card can pull the signal and access the internet. Unless certain procedures are implemented, anyone nearby with a wires-ready mobile or computer device can freely use your network. That plainly means that any hacker nearby or neighbor could access information on your computer or use your network. If an approved person commits any cyber-crime or sends span, by using your network, the action can be undoubtedly be traced back to your account. Hackers, often find it easy to access other people’s Wi-Fi since, it works in a very simple way. The components that make up a Wi-Fi include a communication device such as a cell phone or computer, internet and a router. The communication device converts the data in the form of radio waves through its wireless capability and transmits it to the router, mainly through an antenna. The signal is then received and decoded by the router. It then sends the data to the internet by using a wired, physical Ethernet connection. The same procedure is still used for the reverse communication that is the internet gives the router information, translating it into radio signals and gives it back to the wireless adopter on the computer. Hackers know this process and intercept the signal in mid-air thus, living your computer vulnerable to their attacks (Helleseth, 2006). To be able to mitigate the issues presented by the hacking of a wireless network, it would be necessary to use all the accessible tools in the router. For example, an individual can consider using a SSID that is hidden. This will definitely prevent people hacking and using the network without proper SSID. Intruders can also be blocked by implementing MAC Address Filtering, or black listing. This will definitely regulate the people valid to access the network. Inventing a very long and complicated password full of gibberish is also another good preventive method, since it will be extremely hard to decode. Turning off WPS and UPNP, even though they are both often praised as technologies that help make life easier, they also encourage large gaping holes in the computer network security, making it highly susceptible to possible attack, therefore turning them off would be a good measure. Conclusion From the above analysis, it is clear that without proper security measures and control, your data might be prone to an outside attack. Some of these attacks are passive, in that there is monitoring of the information, while others can be termed as active implying that the data within the system is manipulated with intent to destroy or corrupt the network or data itself. Your data and network are vulnerable to any of the above type of attacks if there is no efficient security plan implemented early to mitigate the issues. References Cashion, J., & Bassiouni, M. (2011).Protocol for mitigating the risk of hijacking social networking sites. In Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), 2011 7th International Conference on (pp. 324-331). IEEE. Dacosta, I., Chakradeo, S., Ahamad, M., & Traynor, P. (2011). One-time cookies: preventing session hijacking attacks with disposable credentials. Gu, Q., & Liu, P. (2007). Denial of service attacks. Handbook of Computer Networks: Distributed Networks, Network Planning, Control, Management, and New Trends and Applications, Volume 3, 454-468. Halfond, W. G., Viegas, J., & Orso, A. (2006).A classification of SQL-injection attacks and countermeasures. In Proceedings of the IEEE International Symposium on Secure Software Engineering, Arlington, VA, USA (pp. 13-15). Helleseth, H. (2006). Wi-Fi Security How to Break and Exploit (Doctoral dissertation, Master Thesis, University of Bergen, Norway). Hollander, Y. (2009).The future of web server security. Entercept Security Technologies. Palmer, C. C. (2001). Ethical hacking.IBM Systems Journal, 40(3), 769-780. Patel, D. A., & Patel, H. (2014). Detection and Mitigation of DDOS Attack against Web Server. Read More