What is Intruders

One of the two most publicized threats to security is the intruder and other is viruses, often referred to as a hacker or cracker.

Three classes of intruders:

• Masquerader: An individual who is not authorized to use the computer andwho penetrates a system’s access controls to exploit a legitimate user’s account.

• Misfeasor: A legitimate user who accesses data, programs, or resources forwhich such access is not authorized, or who is authorized for such access butmisuses his or her privileges.

• Clandestine user: An individual who seizes supervisory control of the system and uses this control to evade auditing and access controls or to suppress audit collection.

The masquerader is likely to be an outsider, the misfeasor generally is an insider,and the clandestine user can be either an outsider or an insider.

Intruder attacks range from the benign to the serious. At the benign end of thescale, there are many people who simply wish to explore internets and see what isout there. At the serious end are individuals who are attempting to read privilegeddata, perform unauthorized modifications to data, or disrupt the system.

Lists the following examples of intrusion:

• Performing a remote root compromise of an e-mail server.

• Defacing a Web server.

• Guessing and cracking passwords.

• Copying a database containing credit card numbers.

• Viewing sensitive data, including payroll records and medical information,without authorization.

• Running a packet sniffer on a workstation to capture usernames and passwords.

• Using a permission error on an anonymous FTP server to distribute pirated software and music files.

• Dialing into an unsecured modem and gaining internal network access.

• Posing as an executive, calling the help desk, resetting the executive’s e-mail password, and learning the new password.

• Using an unattended, logged-in workstation without permission.