Computer Security
What is computer security?
Computer security is the security of computer systems and data from harm theft. It analyzes the device, so if you have a computer and you’ve got some info on it, the objective of that entire exercise is that you’re going to try to protect the data and the system from any harm from external hackers or internal hackers.
Types of attack
DOS: In information security or computers, the first one is a denial of service or a DOS attack. In a DOS attack, the attacker tries typically to consume the bandwidth, or the resources that are available for the server that is deploying the application means allowing those resources to be given out to the users. Once the hacker has control over those resources or has consumed those resources, there wouldn’t be sufficient resources for end-users or legitimate users to consume, thus denying them the genuine service and hence is called a denial of service attack.
Malware: Malware is nothing but malicious software that poses as legitimate software but will have a virus trojan or a worm embedded within it. It could be a keylogger. A keylogger is nothing but another software created to catch all the keystrokes that the user is making. It generates a copy of it and stores it and sends it back to the hacker. Whatever the user is typing, it will now be known to the hacker. Key loggers can get bank details, passwords, any personal information that the user might want to keep secret.
sequel injection SQL: SQL stands for a structured query language, which is the language that is used by an application to interact with the database. SQL injections get the information from the database to give that information back to the hacker. A sequel injection attack is when an attacker can inject malicious input in that sequel query created by the application, which, if executed by the database, will leak confidential data. Primarily they’re going to leak data that these users were not authorized to access in the first place.
Password attack : password attack as the name infers used to crack or get the password for users’ accounts. When we say crack passwords, this is basically where somebody’s trying to brute force, or they’re trying to guess the password, and they’re going to break the password, thus getting access to your accounts. There are five different ways passwords can be cracked.
The first one is a dictionary attack where we use every password that is possible through the dictionary. Now, this is the use of an actual dictionary, and that’s one of the reasons when we try to create passwords we are advised not to create passwords based on dictionary words. Dictionary words are easily guessable, and there are lists already out there that contain all of these words. There’s a tool that you can utilize, and that tool will then pass through every name that is in the dictionary file and then compare it to a possible password. If one of the terms matches the password has then been compromised.
Firewalls in computer security
A firewall is a system designed to stop unapproved access to go from one private network. Now what is authorized and unauthorized is a little bit different as far as firewalls are concerned. Firewalls will not be looking at users and passwords. Still, they will be looking at connections to configure a firewall based on IP addresses, port numbers, MAC addresses, and maybe even Web Application Firewall with specific scripts that are allowed or disallowed. A good firewall needs to be configured appropriately. This is where the technicality comes in, so you want to enable a particular channel to be utilized, and you want to disallow another particular channel from being used. You have to create the specific rules in the firewall, so at the network level, detect itself if any thread is created. The firewall will try to mitigate it once and for all.
When you get an email that looks suspicious, you have to know it’s the origin.
Prevention Against common attacks
You get a very genuine-looking email from Facebook saying there has been some unauthorized activity on your account. Saying to click here to verify your account. Always confirm the authenticity of that email does not click on those links. Check the header of the email, see where the emails come from, or the best thing is to right-click on that link click on copy link location and paste that hyperlink in a notepad. You will get the underlying path to where that link heads to verify that the path is correct and owned by the organization that the email represents. If yes, everything is fine: If not, something is wrong.
Do not give any personal information or details if asked. You will see many lottery winning emails coming in and asking you for personal information like date of birth, address, phone numbers, email, and passwords, etc. Our data is essential to keep ourselves secure on the internet. Ir could be leaked out, and somebody could then hijack our identity and create havoc for us. So only give out information to trusted people. If you do not believe the email try to verify the authenticity. Suppose you are unable to verify the authenticity reply back with the general questions asking for further information about why you should reveal that information. If it’s a genuine email, they would respond with a favorable answer if it is a scam, or it is not a valid email you would not hit a response. Do not open the attached file. Attachments from unknown recipients or unknown senders can contain a virus.
Encryption
Encryption is used for the protection of our data. Encryption is the process of converting ordinary plaintext into meaningless text and vice-versa. The reason to mask data into being unreadable is, if somebody hijacks that data, they would still not make sense for them. Banks keep our data safe by using encryption. Banks don’t store our data in plain text in their databases. Encryption is used to hash them and save a hash of the actual password in the database rather than storing clear text.