Understanding Internet Security Threats (1)

Understanding Internet Security Threats, That Are Commoly Introduced Into The Wild Internet.

When we are surfing the internet at home or at the office, the computer is exposed to the wild internet where many types of threats might cause the computer to function incorrectly. Unlike a large scale network infrastructure of a corporate that has proper information security management, your computers at home might be vulnerable to the threats.

Definitions of Programmed Threats

Computers are designed to execute instructions one after another. These instructions usually do something useful - calculate values, maintain databases, and communicate with users and with other systems. Sometimes, however, the instructions executed can be damaging or malicious in nature. When the damage happens by accident, we call the code involved a software bug. Bugs are perhaps the most common cause of unexpected program behavior.

But if the source of the damaging instructions is an individual who intendet that the abnormal behavior occur, we call the instructions malicious code, or a programmed threat. Some people use the term malware to describe malicious software.

There are many different kinds of programmed threats. Experts classify threats by the way they behave, how they are triggered, and how they spread. In recent years, occurrences of these programmed threats have been described almost uniformly by the media as computer viruses and (in the more technical media) worms. However, viruses and worms make up only a small fraction of the malicious code that has been devised. Saying that all programmed data loss is caused by viruses.

Experts who work in this area have formal definitions of all of these types of software. However, not all the experts agree on common definitions. Thus, we'll consider the following practical definitions of malicious software:

Security tools and toolkits

Usually designed to be used by security professionals to protect their sites, these can also be used by unauthorized individuals to probe for weaknesses, rootkits are a special case: these are prepackaged attack toolkits that also install back doors into your systeem once they have penetrated superuser account security.

Back doors

Sometimes called trap doors, these allow unauthorized access to your system. Back doors, also called trap doors, are pieces of code written into applications or operating system to grant programmers access to program without requiring them to go through the normal methods of access authentication. Back doors and trap doors have been around for many years. They're typically written by application programmers who need a means of debugging or monitoring code that they are developing.

Most back doors are inserted into applications that require lengthy authentication procedures or long setups requiring a user to enter many different values to run the application. When debugging the program, the developer may wish to gain special privileges or avoid all the necessary setup and authentication steps. The programmer also may want to ensure that there is a method of activating the program should something go wrong with the authentication procedure that is being built into the application. The back door is code that either recognizes some special sequence of input, or is triggered by being run from a certain user ID. It then grants special access.

Back doors become threats when they're used by unscrupulous programmers to gain unauthorized access. They are also a problem when the initial application developer forgets to remove a back door after the system has been debugged and some other individual discovers the door's existence