Class Notes (1,100,000)
CA (620,000)
Ryerson (30,000)
ITM (1,000)
ITM 102 (300)
Lecture

ITM 102 Lecture Notes - Wired Equivalent Privacy, Rogue Security Software, Trojan War


Department
Information Technology Management
Course Code
ITM 102
Professor
Franklyn Prescod

This preview shows page 1. to view the full 5 pages of the document.
Chapter 8
Why systems are vulnerable
Accessibility of networks
Hardware problems (breakdowns, configuration errors, damage
from improper use or crime)
Software problems (programming errors, installation errors,
unauthorized changes)
Disasters
Use of networks/computers outside of firm’s control
Loss and theft of portable devices
Internet vulnerabilities
Network open to anyone
Size of Internet means abuses can have wide impact
Use of fixed Internet addresses with cable or DSL modems
creates fixed targets hackers
Unencrypted VOIP
E-mail, P2P, IM
Interception
Attachments with malicious software
Transmitting trade secrets
Wireless security challenges
Radio frequency bands easy to scan
SSIDs (service set identifiers)
Identify access points
Broadcast multiple times
War driving
Eavesdroppers drive by buildings and try to detect
SSID and gain access to network and resources
WEP (Wired Equivalent Privacy)
Security standard for 802.11; use is optional
Uses shared password for both users and access point
Users often fail to implement WEP or stronger systems
Malicious Software: Viruses, worms, Trojan Horses, and Spyware
Computer viruses:
Rogue software programs that attach to other programs in
order to be executed, usually without user knowledge or
permission
Deliver a “payload”
Can spread by email attachments
Malicious Software (Malware) (continued)
Trojan Horse:
You're Reading a Preview

Unlock to view full version

Only page 1 are available for preview. Some parts have been intentionally blurred.

A software program that appears to be benign, but then
does something unexpected
Often “transports” a virus into a computer system
Name is based on Greek ruse during Trojan war
Malicious Software (Malware) (continued)
Worms:
Programs that copy themselves from one computer to
another over networks
Can destroy data, programs, and halt operation of
computer networks
Hackers and Computer Crime
Hackers: individuals who attempt to gain unauthorized access to
a computer system
Cracker: a hacker with criminal intent
Cybervandalism: intentional disruption, defacement, or
destruction of a Web site or system
Spoofing
masquerading as someone else, or redirecting a Web link to an
unintended address
Sniffing
an eavesdropping program that monitors information travelling
over a network
Denial of Service (DoS) Attacks
Hackers flood a server with false communications in order to
crash the system
Distributed DoS: uses numerous computers to crash the network
botnets
Computer Crime: violation of criminal law that involves a knowledge of
technology for perpetration, investigation, or prosecution
Identity theft
A crime in which the imposter obtains key pieces of
personal information
Phishing
Setting up fake Web sites or sending email messages that
look legitimate, and using them to ask for confidential data
Computer Crime (continued)
Pharming
Redirects users to a bogus web site
Click Fraud
Bogus clicks to drive up pay-per-clicks
You're Reading a Preview

Unlock to view full version