Different Linux Abuse/Attacks and its Prevention - Internet - Web Hosting
Linux computers are put out like any other technical device to possible abuse. While the abuse is not to be avoided by an attacker with direct access to the hardware, abusive accesses to the software can be avoided as much as possible. Accesses to the hardware are able only by the prevention of a direct access as the encircling are avoided in cupboards and shown EDP rooms with admission restriction and lockable cases.
The correspondence of the physical restriction of the access by a wall (of a case or building) corresponds the firewall (fire prevention wall) on software page. A firewall guards a Linux computer against attacks from the network. Linux computers without network access need no firewall.
Protection for your computer
Linux computers are sure from themselves relatively, because the design principle of computers of the Unix family was and is to connect only the inalienable and to permit.
Vandalism
Vandalism is directed against everything what is accessible to the attacker. The motivation of the attacker is often a play desire, curiosity or malicious pleasure in the farthest sense, unfortunately, also increasingly extortion. Behind resource abuse stand mostly economic interests or an ideology. With the resource abuse one or some features of a computer are used straight
Vandalism is directed against the effectiveness of a Linux computer. This can follow through damaging the software or through impediment of the network access.
For the damage of the software on the Linux computer the attacker must infiltrate either workable code on the Linux computer (Malicous code) or themselves a direct access on the Linux computer get (Hack). The infiltration of code often follows under exploitation of frequent, typical program mistakes of server programmes like the web servers or the ftp servers. An attacker can also get an unjustified access, while he guesses passwords or steals or program mistake in one of the programmes for the remote access like telnetd or sshd uses. Stealing is made easy for him particularly by programmes like telnet or ftp, because here the passwords uncoded over the network are transmitted and simple listening in (Sniffing) on the network betrays everything.
The impediment of the network access can follow through Denial-of-Service-Attacken. Besides, are set down - by himself legitimate - requirements for the Linux computer with so high frequency that no more capacity is available for the real assignments.
Resource abuse
Also a Linux computer can be used for unlawful actions. For the protection from pursuit it is tried to abuse the resources of computers of other owners for the unlawful purposes. This can be releasing of Denial-of-Service-Attacken against third as well as the saving of unlawful contents like pornography or pirated software and films and the mailing of spam mail. Spam mail is the mailing of e-mails of advertising content which are undesirable from the consignee. Spam has turned out as one of the biggest dangers for the effectiveness of the Internet.
Preventive measures
The first, easiest and most sure measure exists in switching off all of the services on a Linux computer which are not needed presently. If they are never needed, uninstalling should be also considered.
If a service is not required in full performance extent, the amount of the performances can be adapted generally about his configuration file. Still another with the clearly low performance extent which is enough for the claims is often available beside the installed service. This is valid in particular for web and ftp server.
Compilers are to be checked for her indispensability. They can be used to the production by Malicous code and should be removed - if not needed from the Linux computer.
Program mistakes in the server services and in the Kernel are supervised by special institutions (CERT = computer Emergency responses team). Their bulletins contain the mistake description and the remedy. The operating authority of a Linux computer directly linked with the Internet must read these bulletins regularly and obey the payments.
If offering of services is inalienable by a Linux computer on the Internet, the services must be protected after a careful installation and administration of the services against abuse with a firewall.
iAutoblog the premier autoblogger software
1:57 AM
|
|
This entry was posted on 1:57 AM
You can follow any responses to this entry through
the RSS 2.0 feed.
You can leave a response,
or trackback from your own site.
0 comments:
Post a Comment