0
Computer Security
Computer security is the prevention/detection of, and response to, any unauthorized actions by users of a computer system. Questions about security practices and principles belong here.
1,022 Questions
WinNuke refers to a remote denial-of-service attack (DoS) that affected the Microsoft Windows 95, Microsoft Windows NT and Microsoft Windows 3.1x computer operating systems.The exploit sent a string of OOB (out of band) data to the target computer on TCP port 139 (NetBIOS). The OOB data was a malicious TCP packet containing an Urgent Pointer (URG). The Urgent Pointer is a rarely used field in the TCP header, used to indicate that some of the data in the TCP stream should be processed quickly by the recipient. Affected operating systems didn't handle the Urgent Pointer field correctly. When the system failed to process the field, the computer locked up and displayed a Blue Screen of Death. This did not damage or change the data on the computer's hard disk, but any unsaved data would be lost.
The term WinNuke was not a particular piece of malware, rather it is used to describe malware that exploited the aforementioned vulnerability to cause a Denial of Service. Most of the WinNuke malware was busy doing its damage around 1997, although a newer family of malware got released into the wild around 2010 that exploits a similar vulnerability in Windows NT, 2000, XP, and even .NET to the same ends, i.e. DOS.
"Stacheldraht (German for barbed wire) is a piece of software written by Random for Linux and Solaris systems which acts as a distributed denial of service (DDoS) agent. The tool detects and automatically enables source address forgery." - exert from wikipedia
See related links
trinoo - or more properly trin00 - is a bunch of related computer programs that are used in a Distributed Denial of Service (DDoS) attack. Computers infected with the trin00 software can be used to flood a site or a network with traffic by having hundreds or even possibly thousands of infected machines constantly sending connection requests. Depending on how the site or network is set up, it either slows to a crawl as the bogus traffic is far heavier than the normal requests, or can flat out crash the site or network as it cant' keep up with the flood of requests. Structurally, the criminal (and make no mistake, this IS criminal activity) will compromise a few very powerful computers and use them as the "Masters" for their attack. Many additional computers (Slaves) are also compromised and the trin00 software is installed on them. The criminal will then send a few commands to the Master computers that cause them to send out triggers to the slaves to start the attack. Typically the criminal will seek out computers with very high bandwidth connections to use as the Master computers; universities, large companies, and government computers are frequent targets of the criminals. The use of Masters to trigger the Slaves helps obfuscate the origins of the attack and help prevent investigators from tracing it back to the perpetrator(s).
Which is a physical security measure?
Physical security measures are things that are done to reduce data theft through physical means. This does not mean, for example, installing a physical firewall (this is logical security, the prevention of data theft over the wire). Physical security means to physically secure the hardware. This may include cages, locked doors and security badges, and even padlocks on workstations to limit the ability to open the cases or remove the case from its physical location.
What are some examples of physical security measures?
Some examples of physical security are locks, guards and alarm systems. Anything that is tangible rather than digital that increases security is considered a physical security measure. To clarify the distinction antivirus programs are not physical security measures.
You think someone you dont know has guessed your password what should you do?
Change it immediately. If you are still worried, contact the site's administrators or customer service or whoever and have the account closed. Then open a new one with a more secure password.
What is the difference between penetration testing and vulnerability scanning?
Vulnerability scanning just looks to see how the computer or network is set up. It checks for registry settings, patch versions, installed services and so forth. From this, the system can be grades according to what the expected configuration would be for a properly secured machine.
Penetration testing takes this one step further and seeks to exploit the vulnerabilities to gain greater access to the system, exfiltrate data, plant malware, and in general "penetrate" the system. Penetration testers usually establish their "rules of engagement" with the system owner before starting a penetration test. The rules may range from seeing if they can get in all the way up to completely compromising and "owning" the system and all the devices on it.
How do search airsoft guns at schools website?
it depends on the school blocking system
at my school typing https:// before www. will let you onto normally blocked sites, even if there is no encrypted version of the website (this works if the school blocks specific web addresses, such as http://www.facebook.com, so if you add an s after to http, the new address isn't blocked.
What can a hacker do with your full name and address?
By itself, possession of your full name and address provides nothing more than a "foot in the door." Most hackers would not use this information beyond attempting to use these details in a dictionary or rainbow password cracking session. Also keep in mind that hackers are not malicious by nature. It is the "identity theft" people that you must worry about. And those are certainly not hackers. With just your full name and address, your identity and your secrets are still safe, unless you see someone digging through your trash cans or calling you from blocked numbers trying to get information from you.
no not at all. It will say re enter your username/password.
How To Prevent The Effect Of Lack Of Security?
i would suggest put it in your computer. i would suggest getting norton 360. it is not only fast but also it is reliable.
Social Engineering. The art of convincing a user that they need to divulge their secret codes to you.
Which access control model are you implementing?
RBAC
Features Of Access Control : - # Eliminates administrative costs pertaining to conventional swipe cards and ID cards
# Fingerprint matching with quick, accurate
# Available for users up to 500/1000/1500
# Can record up to 30,000 transactions
Creating multiple subnets for different departments allows for many benefits, such as:
-Breaking up large broadcast domains, this reduces the chances of a broadcast storm and also will also reduce the impact when broadcast are sent out.
-Separation of services, this helps keep people from HR from accessing files in the engineering department who dont need to.
-Enhanced security, if a worm break out occurs in one subnet it will be a little harder for that worm to propagate along side making it harder for "hackers" to gain full control of network resources or do a fullsystem mapping of a corporate network.
What is a flat data structure?
A flat data structure is essentially one that has no relationships among its various records. Each record is just part of a list of records. One example would be a worksheet in Excel of names and addresses with one record per row of the table.
What is the impact of computer security to an organization?
Computers are a security risk when they get security breaches or openings within the computer and sending to the unknown or foreign organization. These openings are programs that report by key logging or worse by large programs that collect pictures words and video, and send them to the foreign or enemy computers who can use these to threaten and extort money or a government can be used by "ethics" criminals trained by the governments and fake corporations designed to destroy say: All intellectuals, or destroy all charismatic and sexual persons and many others such as anti wealth fanatics. There are countless criminal ideas and manufactured crimes that can be aimed at your corporations bank vaults. So in conclusion; if your company can be classified as a sexually immoral and degrading organization, even if it is actually extremely bland and meek, then there are people who will attack and destroy your business with a vengeance and with the blessing of some "ethically superior" attack leader, who can actually be some raging crack head thug or alcoholic or mental defective. In modern times, all video, all interviews, all controversy can be put in graphic files and be accidentally sent to crime central or some gang leader; who will invade and extort all your wealth from your main office; or shut you down, or anything to collapse the community to elevate the mob or police or religion, you name it! Anti virus is worthless if one user synchronizes file sharing with a mentally deranged corporation, person or thing and clicks send or click here.
Answer
Computer security is vital to any organization and must be maintained at all times. If a company has clients with confidential information such as a law firm or accounting firm, it is the company's responsibility to maintain that confidential material and the company can be sued if the material gets in the wrong hands. Hackers can destroy an entire network in an organization thereby causing thousands of dollars in damage (if not more), steal financial records including bank account numbers, obtain information about a person that could be very damaging if in the wrong hands. In addition, a company can do everything in its power to have a secure network but if they have employees who do not adhere to company guidelines regarding computer use, it can be somewhat of a waste of money for the organization. I've worked at companies where "trusted, valued" employees breach the company's network security by downloading garbage, not updating the computer, and yep - sometimes turning off the anti-virus, firewalls, etc. because it "slows their computer down." I've seen it time after time. So, until corporations, organizations, etc. make computer security a priority (in every single aspect) in their firm they are leaving themselves wide open for harm to be done. Many companies make their employees aware of random monitoring of computer use and that really cuts back on personal use on the internet. I do Nothing of a personal nature on office computers thereby reducing unwanted exposure on the employer's network and zero exposure to anything of a personal nature. In addition, it's vital to keep your personal computer and even your cell phone secure with antivirus software, passwords, and theft prevention in order to maintain the integrity of any private information.
What is wpa security wireless computers?
Wi-Fi Protected Access (WPA and WPA2) is a certification program developed by the Wi-Fi Alliance to indicate compliance with the security protocol created by the Wi-Fi Alliance to secure wireless computer networks. It was designed around the IEEE 802.11i standard for wireless security. WPA implemented most of 802.11i and WPA2 supposedly implemented all of it. WPA was developed while the 802.11i standard was under development and was intended as sort of a stopgap measure to replace WEP while the 802.11i standard was being finalized. Properly implemented and enabled, WPA (particularly WPA2) improves the security of wireless computer communications by encrypting network traffic. Some exploitable vulnerabilities have been identified - especially if passwords for the encryption are not strong enough or if the user relies on TKIP.
Your password must contain ten spaces filled with letters; one space though must be a number and one space must have (a character normally used for) punctuation. Some passwords must use MiXed CaSe too.
Examples of 10 character passwords with numbers and punctuation:
ZyXw1$TsRo
97F9bdh!gy
YyBb22YyB4
Do not use birth dates or numbers someone else might guess.
Which is better Iobit security 360 or Spyware Terminator?
Better try both, I have tried iobit360 and its very good in catching other spyware including trojans but in the end it should try catching itself (memory down to 1% as reported by Advance System Care) and since it cannot i installed threatfire by pctools which warned me that iobit360 is injecting something at other running modules which it considered high risk and quarantined the process, after then my computer run smoothly without memory lost, so I decided to uninstall 10BIT360 temporarily until the need arise where it will be useful.
Is your security software up to date? What program are you using maybe a crap one!
My PC help site http://www.pchelphq.com/
