Computer Science. The English Language Perspective - Беликова (1176925), страница 28
Текст из файла (страница 28)
An account compromise is the unauthorized use of acomputer account by someone other than the accountowner, without involving system-level or root-levelprivileges (privileges a system administrator or networkmanager has).1648. A packet sniffer is a program that captures data frominformation packets as they travel over the network.That data may include user names, passwords, andproprietary information that travels over the network inclear text.2. Answer the following questions:1. What is the principal difference between threats andattacks?2. What are the four classes that encompass commonthreats?3.
What is the difference between passive and activewiretapping?4. How do various types of denial-of-service attacks work?5. Can the breaches of the system security beunintentional?6. What are the consequences of a malicious codeexecution?3. Translate into English:Дляподготовкиипроведенияатакмогутиспользоваться либо специально разработанные для этихцелей программные средства, либо легальные программы«мирного» назначения.
Так, последний пример показывает,как легальная программа ping, которая создавалась вкачестве инструмента диагностики сети, может бытьприменена для подготовки атаки. При проведении атакзлоумышленнику важно не только добиться своей цели,заключающейся в причинении ущерба атакуемомуобъекту, но и уничтожить все следы своего участия в этом.Однимизосновныхприемов,используемыхзлоумышленниками для «заметания следов», являетсяподмена содержимого пакетов (spoofing). В частности, длясокрытия места нахождения источника вредительских165пакетов (например, при атаке отказа в обслуживании)злоумышленникизменяетзначениеполяадресаотправителя в заголовках пакетов. Поскольку адресотправителя генерируется автоматически системнымпрограммным обеспечением, злоумышленник вноситизменения в соответствующие программные модули так,чтобы они давали ему возможность отправлять со своегокомпьютера пакеты с любыми IP-адресами.4.
Give the summary of the text using the key terms.IMPROVING SECURITYRead the following words and word combinations and usethem for understanding and translation of the text:vulnerability - уязвимостьvigilance - бдительностьdissemination - распределениеto retrieve information – извлекать информациюencryption - шифрованиеdecryption - дешифровкаpatch — исправление уязвимостиalert - тревогаlog — журнал регистрации событийto install - устанавливатьgateway - шлюзpaging — страничная организация памятиplaintext — незашифрованный текстciphertext — зашифрованный текстconfidentiality - секретностьchecksum — контрольная суммаIn the face of the vulnerabilities and incident trends discussedabove, a robust defense requires a flexible strategy that allows166adaptation to the changing environment, well-defined policiesand procedures, the use of robust tools, and constant vigilance.Security policyFactors that contribute to the success of a security policyinclude management commitment, technological support forenforcing the policy, effective dissemination of the policy, andthe security awareness of all users.
Management assignsresponsibility for security, provides training for securitypersonnel, and allocates funds to security. Technologicalsupport for the security policy moves some responsibility forenforcement from individuals to technology. The result is anautomatic and consistent enforcement of policies, such as thosefor access and authentication.Security-related proceduresProcedures are specific steps to follow that are based on thecomputer security policy. Procedures address such topics asretrieving programs from the network, connecting to the site’ssystem from home or while traveling, using encryption,authentication for issuing accounts, configuration, andmonitoring.Security practicesSystem administration practices play a key role in networksecurity. Checklists and general advice on good securitypractices are readily available.
Below are examples ofcommonly recommended practices: Ensure all accounts have a password and that thepasswords are difficult to guess. A one-time passwordsystem is preferable. Use tools such as MD5 checksums, a strongcryptographic technique, to ensure the integrity ofsystem software on a regular basis. Use secure programming techniques when writingsoftware. Be vigilant in network use and configuration, makingchanges as vulnerabilities become known.167Regularly check with vendors for the latest availablefixes, and keep systems current with upgrades andpatches. Regularly check online security archives, such as thosemaintained by incident response teams, for securityalerts and technical advice. Audit systems and networks, and regularly check logs.Many sites that suffer computer security incidentsreport that insufficient audit data is collected, sodetecting and tracing an intrusion is difficult.Security technologyA variety of technologies have been developed to helporganizations secure their systems and information againstintruders.
These technologies help protect systems andinformation against attacks, detect unusual or suspiciousactivities, and respond to events that affect security.One-time passwords. Intruders often install packet sniffers tocapture passwords as they traverse networks during remotelogin processes. Therefore, all passwords should at least beencrypted as they traverse networks. A better solution is to useone-time passwords.
These passwords are never repeated andare valid only for a specific user during the period that each isdisplayed. In addition, users are often limited to one successfuluse of any given password. One-time password technologiessignificantly reduce unauthorized entry at gateways requiringan initial password.Firewalls. Intruders often attempt to gain access to networkedsystems by pretending to initiate connections from trustedhosts. They squash the emissions of the genuine host using adenial-of-service attack and then attempt to connect to a targetsystem using the address of the genuine host.
To counter theseaddress-spoofing attacks and enforce limitations on authorizedconnections into the organization’s network, it is necessary tofilter all incoming and outgoing network traffic. Becausefirewalls are typically the first line of defense against intruders,168their configuration must be carefully implemented and testedbefore connections are established between internal networksand the Internet.Monitoring Tools.
Continuous monitoring of network activityis required if a site is to maintain confidence in the security ofits network and data resources. Network monitors may beinstalled at strategic locations to collect and examineinformation continuously that may indicate suspicious activity.It is possible to have automatic notifications alert systemadministrators when the monitor detects anomalous readings,such as a burst of activity that may indicate a denial-of-serviceattempt. Such notifications may use a variety of channels,including electronic mail and mobile paging. Sophisticatedsystems capable of reacting to questionable network activitymay be implemented to disconnect and block suspectconnections, limit or disable affected services, isolate affectedsystems, and collect evidence for subsequent analysis.CryptographyOne of the primary reasons that intruders can be successful isthat most of the information they acquire from a system is in aform that they can read and comprehend.
One solution to thisproblem is, through the use of cryptography, to preventintruders from being able to use the information that theycapture.Encryption is the process of translating information from itsoriginal form (called plaintext) into an encoded,incomprehensible form (called ciphertext). Decryption refers tothe process of taking ciphertext and translating it back intoplaintext. Any type of data may be encrypted, includingdigitized images and sounds.Cryptography secures information by protecting itsconfidentiality.
Cryptography can also be used to protectinformation about the integrity and authenticity of data. Forexample, checksums are often used to verify the integrity of ablock of information. Cryptographic checksums (also calledmessage digests) help prevent undetected modification of169information by encrypting the checksum in a way that makesthe checksum unique.The authenticity of data can be protected in a similar way. Forexample, to transmit information to a colleague by email, thesender first encrypts the information to protect itsconfidentiality and then attaches an encrypted digital signatureto the message. When the colleague receives the message, he orshe checks the origin of the message by using a key to verify thesender’s digital signature and decrypts the information usingthe corresponding decryption key.Notes:MD5sum – программа, позволяющая вычислять значенияхеш-сумм (контрольных сумм) файлов по алгоритму MD5.Assignments1.
Translate the sentences from the texts into Russian inwriting paying attention to the underlined words andphrases:1. In the face of the vulnerabilities and incident trends, arobust defense requires a flexible strategy that allowsadaptation to the changing environment, well-definedpolicies and procedures, the use of robust tools, andconstant vigilance.2. Factors that contribute to the success of a security policyinclude management commitment, technologicalsupport for enforcing the policy, effective disseminationof the policy, and the security awareness of all users.3. Procedures address such topics as retrieving programsfrom the network, connecting to the site’s system fromhome or while traveling, using encryption,1704.5.6.7.authentication for issuing accounts, configuration, andmonitoring.Intruders often install packet sniffers to capturepasswords as they traverse networks during remotelogin processes.They squash the emissions of the genuine host using adenial-of-service attack and then attempt to connect to atarget system using the address of the genuine host.
Tocounter these address-spoofing attacks and enforcelimitations on authorized connections into theorganization’s network, it is necessary to filter allincoming and outgoing network traffic.Sophisticated systems capable of reacting toquestionable network activity may be implemented todisconnect and block suspect connections, limit ordisable affected services, isolate affected systems, andcollect evidence for subsequent analysis.When the colleague receives the message, he or shechecks the origin of the message by using a key to verifythe sender’s digital signature and decrypts theinformation using the corresponding decryption key.2.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
