Class+Notes+5

Computer and Network Security 1. A computer virus is a piece of self-replicating code embedded within another program called the host. 2. A worm is a self-contained program that spreads through a computer network by exploiting security holes in the computers connected to the network. 3. A worm has the ability to spread on its own. A virus spreads when a computer user executes the host program. 4. Andy Sudduth’s email was of no help for two reasons. First, it didn’t have a subject line. Second, and more importantly, the email was not delivered in a timely manner, because the mail server handling it was infected with the worm. 5. A fast-moving worm is more dangerous because it can infect more computers before a way to plug the security hole is discovered. In addition, a fast-moving worm consumes more of the Internet’s bandwidth. 6. A slow-moving worm could be more dangerous than a fast-moving worm if it propagated so slowly that it was not detected until it had spread to a large number of systems. 7. Filipino computer science student launched The Love Bug virus in 2000. The Internet worm was launched by Robert Tappan Morris, Jr., a computer science graduate student at Cornell University, in 1988. 8. A Trojan horse is a program with a benign capability that conceals another, sinister purpose. 9. It is dangerous for an email program to open attachments automatically, because the attachment may be an executable program containing a virus. 10. The word “hacker” is derived from the word “hack.” A “hack” is a newly constructed piece of equipment that serves a useful purpose and demonstrates its creator’s technical virtuosity. MIT’s Tech Model Railroad Club was a hacker hotbed in the 1950s. A “phreak” is someone who manipulates the telephone system in order to communicate with others without paying for the call. The “f” sound is spelled with a “ph” because the “f” sound in “telephone” is spelled with a “ph.” 11. The first major network to get hacked was the telephone network.

12. Hackers and phreaks do not think taking information from computers is a serious crime, certainly not as serious as the authorities would make it seem. In general, those who download MP3 files illegally seem to have the same attitude. 13. A denial-of-service attack is an intentional action designed to prevent legitimate users from making use of a computer service. The service is provided by a computer called a server. The denial-of-service attack tries to disable the server, preventing it from responding to legitimate users. Disabling the server can be done many ways, including: crashing the server, consuming its disk storage, filling its primary memory, or saturating its connections to the Internet. 14. Email bombing is like spamming in the sense that a lot of email messages are sent. Email bombing is unlike spamming because all of the messages are sent to the same address. In both email bombing and spamming, the sender modifies the message header to disguise the true source of the email message. 15. One way to use a worm in a DoS attack is to penetrate the target’s computer with a worm that intentionally generates a long string of errors. Since the target computer logs errors in a data file, eventually the disk fills up, preventing the target from handling legitimate requests for service. Another way to use a worm in a DoS attack is to penetrate the target’s computer with a worm that replicates very rapidly. The presence of many active worm processes either crashes the target computer or significantly degrades its performance. 16. The administrator of a Web server can stop a DoS attack temporarily by configuring the server so that it refuses to accept any packets from the attacker’s computer, but all the attacker has to do is launch a new attack from another computer. 17. Filtering of outgoing Internet traffic is an important tool in the fight against DoS and DDoS attacks, because even if an outsider should gain access to one or more computers, the filtering can keep these computers from being used as launching pads for DoS or DDoS attacks. 18. A vote thief could cast multiple votes in an on-line election by purchasing pass codes from people willing to sell their right to vote. A thief could fool other voters into revealing their pass codes and then using this information to cast multiple votes. 19. The author concludes it is a bad idea for a government to allow on-line voting from home computers, because then the security of the voting system would depend on the security of home computers, which is poor. 20. The quickest and safest way to make a computer secure is to disconnect it from any network.