Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Open Source Security Tools : Practical Guide to Security Applications part 4. Few frontline system administrators can afford to spend all day worrying about security. But in this age of widespread virus infections, worms, and digital attacks, no one can afford to neglect network defenses. Written with the harried IT manager in mind, Open Source Security Tools is a practical, hands-on introduction to open source security tools. | Howlett_CH01.fm Page 9 Wednesday June 23 2004 2 58 PM Info-Security Business Risks 9 Worms Auto-rooters and Other Malware Finally a major reason that the fundamental computer security scene has changed is that much hacking nowadays is automated and random. Script kiddies can use tools that scan IP addresses at random to look for weak or exploitable machines. They will often let these programs run all night harvesting potential victims for them. There are packages called auto-rooters that gain root or admin privileges on a machine. These tools not only do the reconnaissance for them but also actually carry out the act of breaking into the machine and placing their Trojan horse or other malicious software malware in place. The result is that with a single click of a mouse someone with no more computer experience than a six-year old can own dozens of machines in a single evening. With the advent of Internet worms like Nimda in 2001 even the human element has been taken out of the picture. These autonomous cousins to the computer virus roam the Internet looking for computers with a certain set of security holes. When they find one they insert themselves into that computer perform whatever function they were programmed to do and then set that machine up to search for more victims. These automated hacking machines have infected far more networks than have human troublemakers. They also spread incredibly fast. It is estimated that the Code Red worm spread to over 300 000 servers within a few days of its release. Info-Security Business Risks So it s clear that the playing field has changed. Before few small companies really had to worry about their data security now firms of all sizes are forced to spend time and money to worry about it or risk the consequences. What are these risks Few companies stop to think about all the possible risks that they are exposed to from an information security standpoint. You should understand all these risks recognize which ones apply to .