14
Chapter 1. Security Overview
Kevin Poulsen and an unknown accomplice rigs radio station phone systems to win cars and cash
prizes. He is convicted for computer and wire fraud and is sentenced to 5 years in prison.
The stories of hacking and phreaking become legend, and several prospective hackers convene at
the annual DefCon convention to celebrate hacking and exchange ideas between peers.
A 19 year old Israeli student is arrested and convicted for coordinating numerous break ins to US
government systems during the Persian Gulf conflict. Military officials call it "the most organized
and systematic attack" on government systems in US history.
US Attorney General Janet Reno, in response to escalated security breaches in government systems,
establishes the National Infrastructure Protection Center.
British communications satellites are taken over and ransomed by unknown offenders. The British
government eventually seizes control of the satellites.
1.1.3. Security Today
In February of 2000, a Distributed Denial of Service (DDoS) attack was unleashed on several of the
most heavily trafficked sites on the Internet. The attack rendered yahoo.com, cnn.com, amazon.com,
fbi.gov, and several other sites completely unreachable to normal users, as it tied up routers for several
hours with large byte ICMP packet transfers, also called a ping flood. The attack was brought on
by unknown assailants using specially created, widely available programs that scanned vulnerable
network servers, installed client applications called trojans on the servers, and timed an attack with
every infected server flooding the victim sites and rendering them unavailable. Many blame the attack
on fundamental flaws in the way routers and the protocols used are structured to accept all incoming
data, no matter where or for what purpose the packets are sent.
This brings us to the new millennium, a time where an estimated 400 Million people use or have used
the Internet worldwide. At the same time:
On any given day, there are an estimated 142 major incidences of vulnerability exploits reported to
the CERT Coordination Center at Carnegie Mellon University [source: http://www.cert.org]
In 2001 alone, the number of CERT reported incidences doubled to 52,658 from 21,756 in 2000
[source: http://www.cert.org]
The search engine Google finds 2,040,000 Web pages containing the term hackers [source:
http://www.google.com]
The worldwide economic impact of the three most dangerous Internet Viruses of the last two years
was a combined US$13.2 Billion and rising (due to the insidious nature of the still active Nimda
worm) [source: http://www.computereconomics.com]
Computer security has become a quantifiable and justifiable expense for all IT budgets. Organizations
that require data integrity and high availability elicit the skills of system administrators, developers,
and engineers to ensure 24x7 reliability of their systems, services, and information. To fall victim to
malicious users, processes, or coordinated attacks is a direct threat to the success of the organization.
Unfortunately, system and network security can be a difficult proposition, requiring an intricate knowl
edge of how an organization regards, uses, manipulates, and transmits its information. Understanding
the way an organization (and the people that make up the organization) conducts business is paramount
to implementing a proper security plan.
1.1.4. Standardizing Security
Enterprises in every industry rely on regulations and rules that are set by standards making bodies such
as the American Medical Association (AMA) or the Institute of Electrical and Electronics Engineers
footer
Our partners:
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting
Jsp Web Hosting
Cheapest Web Hosting
Jsp Hosting
Cheap Hosting
Visionwebhosting.net Business web hosting division of Web
Design Plus. All rights reserved