1) "A profession is a vocation founded upon specialised educational training, the purpose of which is to supply disinterested counsel and service to others, for a direct and definite compensation, wholly apart from expectation of other business gain".
Source:
http://en.wikipedia.org/wiki/Profession
2) A profession is a specialized work function within society, generally performed by a professional.
In a more restrictive sense, profession often refers specifically to fields that require extensive study and mastery of specialized knowledge, such as law, medicine, nursing, the clergy or engineering. In this sense, profession is contrasted with occupation, which refers generally to the nature of a person's employment.
Source:
http://www.knowledgerush.com/kr/encyclopedia/Profession/
What is Professional?
A professional is a member of a vocation founded upon specialised educational training.
The word professional traditionally means a person who has obtained a degree in a professional field. The term professional is used more generally to denote a white collar working person, or a person who performs commercially in a field typically reserved for hobbyists or amateurs.
In western nations, such as the United States, the term commonly describes highly educated, mostly salaried workers, who enjoy considerable work autonomy, a comfortable salary, and are commonly engaged in creative and intellectually challenging work. Less technically, it may also refer to a person having impressive competence in a particular activity.
Because of the personal and confidential nature of many professional services and thus the necessity to place a great deal of trust in them, most professionals are held up to strict ethical and moral regulations.
Source:
http://en.wikipedia.org/wiki/Professional
Computer Security Under Attack
Hacking - Case Study
The Organization
A seller of quality model cars based in the UK.The company involved was small, employing fewer than six people. It originated as a mail order company, and saw upgrading to include Internet-based sales as a natural step. They went into this field early, and used their normal Internet Service Provider to develop their online payment system.
What Happened
The company was infiltrated online by hackers, who altered prices on the site's catalogue. They were able to set any price they wanted for any product - and they did, reducing prices to one tenth of the original.
Impact
The company suffered substantial losses as a direct result of the attack. Fortunately, they recovered from the event quickly and prevented a recurrence by employing a specialist e-commerce oriented consultancy. This involved additional expense, but less than the amount they lost in the hacking attack.Such infiltration can go beyond embarrassment and financial loss. A website can be taken over and used to host illegal sites (including pornographic and warez sites). A warez site is one that provides illegal stolen software. It also provides the means to use copy-protected and similar programmes illegally.
Lessons?
•If you use the Internet for trading, ensure your website is secure.
•If you do not have IT staff 'in house', seek information security advice from a specialist company.
Source:
http://www.berr.gov.uk/whatwedo/sectors/infosec/infosecadvice/unauthorisedaccess/hacking/page33340.html
Types of Attacks
There are too many types, methods and mechanisms of attack to provide a comprehensive description of all of them. New attack techniques and exploits are constantly being developed and discovered.
One of the main advantages of KFSensor is that it assumes all connections made to it are malevolent, as there is no legitimate reason to connect to its simulated servers. Because of this it is effective at detecting unknown attack techniques as it does not rely on signature databases of known attacks.
This section provides an introduction to some of the types and techniques used to attack and compromise a system.
The perpetrators
Ultimately all attacks are originated by people with a motivation to steal, cause vandalism, prove themselves to be elite hackers, or just for the thrill it gives them. Most attacks are actually performed by automated tools that such people release on the Internet.
Virus
Computer viruses have a long history. A virus attempts to install itself on a user's system and to spread directly to other files on that system with the aim that these infected files will be transferred to another machine. The payload of a virus can range from 'comical' pranks to destruction of the system itself.
A virus relies on users to spread by sharing infected files either directly or via email. Once launched, a virus is completely independent of its creator.
Although the most common threat to security, the traditional virus does not attack other systems directly and so is unlikely to be detected by KFSensor.
Worm
A worm is very similar to a virus. The key difference is that a worm attempts to propagate itself without any user involvement. It typically scans other computers for vulnerabilities which it is designed to exploit. When such a machine is identified, the worm will attack that machine, copying over its files and installing itself, so that the process can continue.
KFSensor excels at detecting worms as they scan and attempt to attack very large numbers of systems at random.
Trojan
Trojans take their name from the trojan horse of Greek mythology.
Computer trojans work in the same way. A game, screen saver or cracked piece of commercial software is given to a victim. The software may appear to work as normal, but its real purpose is to deliver a payload, such as a virus or a root kit.
Root Kit
A root kit is a piece of software that once installed on a victim's machine opens up a port to allow a hacker to communicate with it and take full control of the system. Root kits are also known as back doors. Some root kits give a hacker even more control of a machine than a victim may have themselves.
The SubSeven root kit allows an attacker to turn off a victim's monitor, move the mouse and even turn on an installed web cam and watch the victim without their knowledge.
Hybrids
Often malware is a dangerous hybrid that can combine the features of the different classifications described above. The SubSeven root kit is delivered and classified as a trojan.
Scanners
Scanners are tools designed to interrogate machines on the Internet to elicit information about the types and versions of the services that they are running. There are a variety of scanners, some just ping for the presence of a machine, others look for open ports, while others are more specialized in looking for vulnerabilities of a particular type of service, or the presence of a root kit. Scanners are often incorporated into other malware such as worms.
Scanners are a favorite tool of a hacker, but are just as useful to security professionals trying to detect and close down system vulnerabilities. KFSensor detects scanners and is effective at misleading them.
Hacker
Hacker, H4x0r5, crackers and black hats are all terms for those individuals that KFSensor is ultimately designed to detect and offer protection from. The term hacker is used in this manual to cover all such individuals.
Direct, or manual actions, by a hacker are much rarer than the attacks launched by the tools described above. Hackers usually only attack a system directly once a system has been identified as vulnerable or has already been exploited by an automated tool.
Source:
http://www.keyfocus.net/kfsensor/help/Concepts/con_TypesOfAttacks.php
No comments:
Post a Comment