Network Security Threats Intruders

One of the two most publicized threats to security is the intruder and other is viruses, often referred to as a hacker or cracker.

Three classes of intruders:

• Masquerader: An individual who is not authorized to use the computer and

who penetrates a system’s access controls to exploit a legitimate user’s account.

• Misfeasor: A legitimate user who accesses data, programs, or resources for

which such access is not authorized, or who is authorized for such access but

misuses his or her privileges.

• Clandestine user: An individual who seizes supervisory control of the system and uses this control to evade auditing and access controls or to suppress audit collection.

The masquerader is likely to be an outsider, the misfeasor generally is an insider,

and the clandestine user can be either an outsider or an insider.

Intruder attacks range from the benign to the serious. At the benign end of the

scale, there are many people who simply wish to explore internets and see what is

out there. At the serious end are individuals who are attempting to read privileged

data, perform unauthorized modifications to data, or disrupt the system.

Lists the following examples of intrusion:

• Performing a remote root compromise of an e-mail server.

• Defacing a Web server.

• Guessing and cracking passwords.

• Copying a database containing credit card numbers.

• Viewing sensitive data, including payroll records and medical information,

without authorization.

• Running a packet sniffer on a workstation to capture usernames and pass-

Words.

• Using a permission error on an anonymous FTP server to distribute pirated

software and music files.

• Dialing into an unsecured modem and gaining internal network access.

• Posing as an executive, calling the help desk, resetting the executive’s e-mail

password, and learning the new password.

• Using an unattended, logged-in workstation without permission.