Basically, the threat comes from someone who has the desire to obtain illegal access to a computer network. Therefore, it must be determined who is allowed to have legal access to the system, and the threats it can they generate. There are several objectives to be achieved by infiltrating and very useful if it can distinguish between these objectives when planning a computer network security system.
Some of the goals of the intruders are:
- Basically just want to know the system and the data available on a targeted computer network. The intruder is purposeful as it is often called by the Curius.
- Create a network system to be down, or change the look of the website. The intruder who has a goal like this is often referred to as The Malicious.
- Trying to resources within a computer network system to gain popularity. The intruder is often referred to as The Profile Intruder.
- Want to know what data is in computer networks to further exploited to make money. The intruder is often referred to as The Competition.
Users connect to the Internet via an Internet Service Provider (isp), either by using a modem, dsl, cable modem, wireless, or by using a leased line. These isp then connect to the Internet through a network provider (or upstream). On the Web Server, there was something similar. Internet server connected to the Internet via an isp or other provider's network. The figure also shows some potential security holes (security holes).
On the user side, the user's computer can be infiltrated by viruses and Trojan horses so that data residing on the user's computer (such as PIN numbers, credit card numbers, and other secret key) can be intercepted, modified, deleted, and falsified. Paths between users and Isp can also be tapping. For example, a user who uses a computer in the general environment (public facilities) such as the Public Internet (cafe) can be intercepted information by fellow users of the Internet cafe (or a cafe owner who is not responsible for) when he typed confidential data over the web.
On the ISP side, information can also be intercepted and forged. For example, if the security system of the ISP was vulnerable, and he conceded, then it might be a cracker to install software bugs (sniffer) that tap or retrieve information about the ISP customer.
On the provider side, in the case of Web servers that provide services Internet.Also potential security holes. Various cases of security and financial institutions have been reported. For example, there are cases in the United States where a cracker made it into a financial institution and retrieve customer data from various banks which are in the shade of these financial institutions. In Indonesia alone there are "cases" domain "a play on" klikbca.com that could make a scene.
No comments:
Post a Comment