ASPEK-ASPEK LAYANAN

SECURITY ATTACKS

Defenition of security

Keamanan adalah derajat ketahanan terhadap, atau perlindungan dari, bahaya. Ini berlaku untuk setiap aset yang rentan dan berharga, seperti orang, tempat tinggal, masyarakat, bangsa, atau organisasi.

Sebagaimana dicatat oleh Institut Keamanan dan Open Metodologi (ISECOM) di OSSTMM 3, keamanan menyediakan "bentuk perlindungan di mana pemisahan yang dibuat antara aset dan ancaman." Pemisahan ini umumnya disebut "kontrol," dan kadang-kadang termasuk perubahan aset atau ancaman.

Perception of security may be poorly mapped to measureable objective security. For example, the fear of earthquakes has been reported to be more common than the fear of slipping on the bathroom floor although the latter kills many more people than the former.[2] Similarly, the perceived effectiveness of security measures is sometimes different from the actual security provided by those measures. The presence of security protections may even be taken for security itself. For example, two computer security programs could be interfering with each other and even cancelling each other's effect, while the owner believes s/he is getting double the protection.

Security theater is a critical term for deployment of measures primarily aimed at raising subjective security without a genuine or commensurate concern for the effects of that measure on objective security. For example, some consider the screening of airline passengers based on static databases to have been Security Theater and Computer Assisted Passenger Prescreening System to have created a decrease in objective security.

Perception of security can increase objective security when it affects or deters malicious behavior, as with visual signs of security protections, such as video surveillance, alarm systems in a home, or an anti-theft system in a car such as a vehicle tracking system or warning sign. Since some intruders will decide not to attempt to break into such areas or vehicles, there can actually be less damage to windows in addition to protection of valuable objects inside. Without such advertisement, an intruder might, for example, approach a car, break the window, and then flee in response to an alarm being triggered. Either way, perhaps the car itself and the objects inside aren't stolen, but with perceived security even the windows of the car have a lower chance of being damaged.

Ada literatur yang sangat besar pada analisis dan kategorisasi keamanan. Bagian dari alasan untuk ini adalah bahwa, dalam banyak sistem keamanan, "link terlemah dalam rantai" adalah yang paling penting. Situasi ini asimetris karena 'bek' harus mencakup semua titik serangan sedangkan penyerang hanya perlu mengidentifikasi titik lemah tunggal atasnya untuk berkonsentrasi.

Security concepts

Certain concepts recur throughout different fields of security:

1. Assurance - assurance is the level of guarantee that a security system will behave as expected.
2. Countermeasure - a countermeasure is a way to stop a threat from triggering a risk event.
3. Defense in depth - never rely on one single security measure alone.
4. Risk - a risk is a possible event which could cause a loss.
5. Threat - a threat is a method of triggering a risk event that is dangerous.
6. Vulnerability - a weakness in a target that can potentially be exploited by a security threat.
7. Exploit - a vulnerability that has been triggered by a threat - a risk of 1.0 (100%).

Security management in organizations

In the corporate world, various aspects of security were historically addressed separately - notably by distinct and often noncommunicating departments for IT security, physical security, and fraud prevention. Today there is a greater recognition of the interconnected nature of security requirements, an approach variously known as holistic security, "all hazards" management, and other terms.

Inciting factors in the convergence of security disciplines include the development of digital video surveillance technologies (see Professional video over IP) and the digitization and networking of physical control systems (see SCADA). Greater interdisciplinary cooperation is further evidenced by the February 2005 creation of the Alliance for Enterprise Security Risk Management, a joint venture including leading associations in security (ASIS), information security (ISSA, the Information Systems Security Association), and IT audit (ISACA, the Information Systems Audit and Control Association).

In 2007 the International Organisation for Standardization (ISO) released ISO 28000 - Security Management Systems for the supply chain. Although the title supply chain is included, this Standard specifies the requirements for a security management system, including those aspects critical to security assurance for any organisation or enterprise wishing to manage the security of the organisation and its activities. ISO 28000 is the foremost risk based security system and is suitable for managing both public and private regulatory security, customs and industry based security schemes and requirements.

Defenition of attacks

In computer and computer networks an attack is any attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset.

• IETF Internet Engineering Task Force defines attack in RFC 2828 as:

an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.

• CNSS Instruction No. 4009 dated 26 April 2010 by Committee on National Security Systems of United States of America defines an attack as:

Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.

The increasing dependencies of modern society on information and computers networks (both in private and public sectors, including military) has led to new terms like cyber attack and Cyberwarfare.

• CNSS Instruction No. 4009 define a cyber attack as:

An attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information.

Defenition of security attacks

Security attack is any attempt to protect the computer from destroy, expose, modify, disable, steal or obtain unauthorized access to, or make unauthorized use of the asset, may be a virus.

Virus

Computer viruses can be interpreted as an ordinary computer program. But it has a fundamental difference with other programs, which made ​​the virus to infect other programs, convert, manipulate even damage it.

A program can be referred to as a virus if it meets the following minimum criteria 5:

1.      The ability to obtain information

2.      The ability to check a file

3.      The ability to replicate and infect themselves

4.      The ability to manipulate

5.      The ability to hide itself.

Indeed one might attack you most fear is a virus, but you should know there are several attacks in addition to viruses / threats also need to watch, especially from the internet. To open up your knowledge about the threats / attacks that can happen to a computer is as follows :

1.      Sniffing

The reading of data that is not its purpose is known as Sniff. The program used is a Network Sniffer Monitor of Distinct Corporation. This program is a trial version 10 days old. In the TCP / IP communication or the use of 7 layers of the OSI communication model, a computer will send data to the address of the destination computer. In a LAN with a bus or star topology using hubs that can not do the switch (the hub is broadcasting), any computer in the network receives the data. By default only the computer with the address corresponding to the address tujuanlah that will take the data. But when snif, computers with fixed destination address instead of the address data taking. With the sniffer, then attempt to perform cryptography in the database (in this case the user login and password) will be in vain.

2.      Spoofing

Spoofing is a technique forgery attacker's IP address so that the target considers the attacker's IP address is the IP address of the host in the network instead of from the outside network. Suppose the attacker has the IP address 66.25.xx.xx when the attacker to attack this type of network that attacked it will assume the attacker's IP network is part of the example 192.xx.xx.x.

3.      Finger Exploit

Early use of finger exploit is for sharing information between users in a network. But with a growing level of crime in the computer world, a lot goes wrong use of these tools, because these tools through the security system was minimal even none at all.

4.      Brute Force

Brute force is one of the methods in use password security inroad. Brute force is one part of password guessing, only difference is the time spent in a brute force password guessing shorter than the brute force method for using multiple tools to get the password cracking sought.

5.      Password Cracking

Password cracking is a method for protection against the encrypted passwords that are in the system. Assuming that atacker been entered into the system, he could have changed the power in the system in a way to crack the password file using brute-force dictionary attack (match the words that are in the dictionary with the words in the encrypted password file). Success using this method depends on the speed of the processor and program owned by the attacker. The best way to avoid this type of attack is to monitor the access authority to the file.

6.      Denial of Service (DoS)

Denial of Service (DoS) an attack that aims to thwart network system services to its legitimate users, for example on an e-commerce site ordering products always fail, or the user can not log in at all, the list of items not appearing or already encrypted , etc.. More severe forms of attack called DDoS (Distributed Denial of Service) attacks in which various forms simultaneously working to thwart network functions.

7.      Back Door

Back Door: an attack (usually sourced from a newly installed software) which is deliberately open a "back door" for certain visitors, unnoticed by the people who install software, so they easily fit into the network system.

8.      Man in the Middle

Man in the Middle: an attacker who puts himself between two people who are communicating over a network, so that all the information on the sua direction passes, intercepted, and if necessary, modified by the attacker without being noticed by people who are communicating.

9.      Replay

Replay: the information that is being distributed in the network is intercepted by an attacker, intercepted or altered after the information is channeled back into the network, as if they came from the original source.

10.  Session Hijacking

Session Hijacking : TCP session ongoing between the two machines in the network was taken over by hackers, for damaged or altered.

11.  DNS Poisoning

DNS Poisoning : hackers alter or destroy the contents of the DNS so that all who use the access control will be channeled to the wrong address or the address can not be accessed.

12.  Social Engineering

Social Engineering : hacker attack against users who take advantage of the weakness of human beings such as ways to manipulate the feelings of the user so that the end user is willing to send further information to hackers to break the system used in the network.

13.  Password Guessing

Password Guessing : an attempt to guess passwords that hackers can eventually use that password.

14.  Brute Force

Brute Force : an attempt to crack the password code by software that uses a combination of various techniques.

15.  Software Exploitation

Software Exploitation : an attempt attacks that exploit flaws or " bugs " of the software, usually after conceding then the software makers provide a "hot fix" or " service pack " to overcome the bug.

16.  Trojan Horse

Trojan Horse is a program that seems to work as well as programs. Though he hides a secret function that endanger the system. Trojan is also sometimes used as a substitute for the designation of other malware such as bots, backdor trojans and trojan downloader.

17.  War Dialing

War Dialing : tracking phone numbers that can connect to a modem that allows an attacker to log into the network.

18.  SYN flood

SYN flood : attacks that take advantage of the "hand - shaking " in communication via TCP / IP protocol, so it is possible that two machines will communicate breakup.

19.  Smurfing

Smurfing : an attack that can cause an engine received a lot of " echo " by sending echo requests to the address " broadcast " of the network .

20.  Ping of Death

Ping of Death : an attempt to shut down a host / computer by sending large packets via ping, for example, from the command - line of Window type : ping - l 65550 192.168.1.x

21.  Port Scanning

Port Scanning : tracking business open ports on a network system that can be used by hackers to attack.

22.  Unicode

Unicode : attacks against web site via the command that is included in the http url, for example : http://www.xxxx.com/scripts/ .. % c1 % 9c../cmd1.exe ? / C + echo..

23.  SQL Injection

SQL Injection : attacks that take advantage of special characters such as ' and ' or ' that have special meaning in SQL server so the login and password can be bypassed .

24.  XSS

XSS : cross- site scripting attack via port 80 ( http url ) that exploits vulnerable application on the website so that its contents can be changed (deface).