0% found this document useful (0 votes)
13 views13 pages

Chapter 7

The document discusses security issues in system administration, emphasizing the importance of protecting organizational assets from various threats, including physical hazards, malicious programs, and intruders. It outlines strategies for backup and recovery, operating system security, and the use of antivirus and firewall software to safeguard against unauthorized access and data loss. Additionally, it highlights the significance of proactive measures and proper access control to mitigate risks and ensure data integrity.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
13 views13 pages

Chapter 7

The document discusses security issues in system administration, emphasizing the importance of protecting organizational assets from various threats, including physical hazards, malicious programs, and intruders. It outlines strategies for backup and recovery, operating system security, and the use of antivirus and firewall software to safeguard against unauthorized access and data loss. Additionally, it highlights the significance of proactive measures and proper access control to mitigate risks and ensure data integrity.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

Security issues in System Administration

Definition

Security is about protecting things of value to an organization, in relation to the possible risks. This
includes material and intellectual assets; it includes the very assumptions that are the foundation of an
organization or human–computer system.

Anything that can cause a failure of those assumptions can result in loss, and must therefore be
considered a threat.

To develop computer security by assuring predictability, we have to understand the interrelationships


between all of the hosts and services on our networks as well as the ways in which those hosts can be
accessed.

Computer hazards range from the destruction of the computer hardware and hence loss of data due
to natural disaster to the modification and theft of confidential information on the computer

Generally, hazards to the computers can be categorized into three major categories.

• Physical hazards

• Malicious programs

• Intruder

Protecting against these issues requires both pro-active (preventative) measures and damage control
after breaches. Our task is roughly as follows:

Identify what we are trying to protect.

Evaluate the main sources of risk and where trust is placed.

Work out possible or cost-effective counter-measures to attacks.

1
What resources are we trying to protect?
 Secrets: Some sites have secrets they wish to protect. They might be government or tradesecrets
or the solutions to a college exam.

 Personnel data: In your country there are probably rules about what you must do to safeguard
sensitive personal information. This goes for any information about employees, patients, customers
or anyone else we deal with.

 Who are we trying to protect them from?


 Competitors, who might gain an advantage by learning your secrets,.

Malicious intruders. Note that people with malicious intent might come from inside or outside our
organization. It is wrong to think that the enemy is simply everyone outside of our domain. Too many
organizations think ‘inside/outside’ instead of dealing with proper access control. If one always
ensures that systems and data are protected on a need-to-know basis, then there is noreason to
discriminate between inside or outside of an
organization.

Old employees with a grudge against the organization.

What will happen if the system is compromised?


Loss of money

Threat of legal action against you

Missed deadlines

Loss of reputation.
Who are the people trying to break in?

Sophisticated spies

2
Tourists, just poking around

Braggers, trying to impress.

3
Backup and Recovery

Backup is copying your files to another storage device. This can be through a tape backup, a
secondary computer, or a cloud hosted backup solution. Backup protects your data in case of theft (a
single laptop to office break-ins), employee accidents (deletion of an important file), or a technical
issues (crashed hard drive). With this protection, you can access a copy of your data and restore it
easily.

Backup and recovery refers to the various strategies and procedures involved in protecting your
database against data loss and reconstructing the database after any kind of data loss.

A backup is a copy of data from your database that can be used to reconstruct that data. This copy
includes important parts of your database such as the control file and data files. A backup is a safeguard
against unexpected data loss and application errors; should you lose your original data, you can use the
backup to make it available again.

Recovery

Recovery (i.e. data recovery) is another method of data protection used today. But instead of prevention
of data loss, recovery software deal with salvaging data that is already lost due to many reasons such as
physical damage in storage devices, errors in logical file structure of the operating systems and
accidental deletion of files.

The difference between Backup and Recovery

Backup and recovery systems are used for the protection and retention of data. Backup is used to keep
copies of data for data protection purposes, while recovery is used for salvaging data that is already
lost. In other words, backup can be considered a precautionary method (making and keeping copies of
data in case they get lost), while recovery is a cure for already lost data. Even though, precaution is
always better than cure.

4
Operating System Security
An operating system (OS) is system software that manages computer hardware and software
resources andprovides common services for computer programs. Application programs usually
require an operating system to function so OS provide suitable environment for different
application software to do well. OS is considered as boss of the whole computer system.

The three well-known examples of OS are:

Microsoft Windows,
Mac OS and
Linux

Computer Security refers to providing a protection system to computer system resources such as
CPU, memory, disk, software programs and most importantly data/information stored in the computer
system. If a computer program is run by unauthorized user then he/she may cause severe damage to

5
computer or data stored in it. So a computer system must be protected against unauthorized access,
malicious access to system memory, viruses, worms etc.

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and
availability.
OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms,
malware or remote hacker intrusions. OS security encompasses all preventive-control techniques,
which safeguard any computer assets capable of being stolen, edited or deleted if OS security is
compromised.

A computer system must be protected against unauthorized access, malicious access to


systemmemory, viruses, worms etc.

Antivirus

Virus and worms - can replicate and duplicate themselves on computer system. They are highly dangerous
and can modify/delete user files, crash systems.
A virus is generally a small code embedded in a program. As user accesses the program, the virusstarts
getting embedded in other files/ programs and can make system unusable for user.

A computer virus can range in size and purpose but typically they are small bits of code which are hidden in
or attached to other files. The word virus is often a broad term which is used to refer to things such as
worms, spyware, adware, malware, trojan horses and rogue software but all these things are actually
different and fall into a class of there own

What is Anti-Virus

Anti-virus software is a program or set of programs that are designed to prevent, search for, detect,
and remove software viruses, and other malicious software like worms, Trojans, adware, and more.

Antivirus software sometimes known as anti-malware software is computer software used to prevent,
detect and remove malicious software.

. The problems and damage that are caused by an infection can be extremely varied.

6
 The infection may be as simple as a prank that will cause strange noises, pop-ups and other
annoying instances to occur on your system.

 They may delete files and slow down your system or they could even damage your hardware or
possibly destroy your entire computer system. Once on your system an infection will spread by
attaching to other programs and files within your system.

 Viruses will often not just replicate within your system but also attempt to spread to other systems
outside of the locally infected one by methods such as taking control of your email andsending out
copies of itself to those in your contacts list.

There are several ways that your system may become infected. The most common way a virus is
spread is thru infected attachments to email. These attachments may come in the form of pictures,
videos, sound clips or just about any other type of file that can be attached to an email. Infections can
also be spread through internet downloads. These could be completely legitimate files or links which
have been altered unknowingly to include a virus or they can come from illegal software downloaded
via peer-to-peer programs or other services.

Here are some signs that may indicate that your system may have been infected.

The occurrence of random pop-ups, noises or music.

Random files and icons appearing on your desktop or other places when you did not installsuch
things.
Files and icons which were on your system before have disappeared without you having
uninstalled or moved them.
A high number of unusual error messages occurring.

On screen text, graphics, pop-ups and dialogs become distorted or unreadable.

Hard disks, CD/DVD-drives or other hardware components can no longer be accessed.

Applications are no longer accessible with passwords when you have not changed the
password.
Programs which worked properly before run slowly or do not run at all.
7
Your system becomes extremely slow or constantly freezes.

Your system crashes and reboots every few minutes or simply will no longer boot at all.
Security Tools
Is a general phrase used to describe any software that provides security for a computer or network?
There are many types of security software including

1. antivirus software,
2. Software patches and updates
3. Spam blockers
4. Pop-up blockers
5. encryption software,
6. firewall software and
7. Spyware removal software.

Additionally, many operating systems also come preloaded with security software and tools. The two
most common types of security software used for personal computer security are antivirus software
(virus protection software) and antispyware software (spyware removal software).

Antivirus Software /Virus Protection (Detecting a virus)


Any device that is connected to a network is susceptible to viruses, worms and Trojan horses. These
may be used to corrupt OS code, affect computer performance, alter applications, and destroy data.
Some of the signs that a virus, worm or Trojan horse may be present include:
• Computer starts acting abnormally
• Program does not respond to mouse and keystrokes
• Programs starting or shutting down on their own
• Email program begins sending out large quantities of email
• CPU usage is very high
• There are unidentifiable, or a large number of processes running
• Computer slows down significantly or crashes

8
Anti-virus software can be used as both a preventative tool and as a reactive tool. It prevents
infection and detects, and removes, viruses, worms and Trojan horses. Anti-virus software should be
installed on all computers connected to the network.

Software Patches and Updates


One of the most common methods that a hacker uses to gain access to hosts and/or networks is
through software vulnerabilities. It is important to keep software applications up-to-date with the
latest security patches and updates to help deter threats.
• A patch is a small piece of code that fixes a specific problem.
• An update, on the other hand, may include additional functionality to the software package aswell as
patches for specific issues.

OS (operating system, such as Linux, Windows, etc.) and application vendors continuously provide
updates and security patches that can correct known vulnerabilities in the software. In addition,
vendors often release collections of patches and updates called service packs.

Fortunately, many operating systems offer an automatic update feature that allows OS and
applications updates to be automatically downloaded and installed on a host.
Anti-Spam/spam-blocker
Spam is not only annoying; it can overload email servers and potentially carry viruses and other
security threats. Anti-spam software protects hosts by identifying spam and performing an action,
such as placing it into a junk folder or deleting it. It can be loaded on a machine locally, but can also
be loaded on email servers.

In addition to using spam blockers, other preventative actions to prevent the spread of spam include:

• Apply OS and application updates when available.


• Run an Antivirus program regularly and keep it up to date.
• Do not forward suspect emails.
• Do not open email attachments, especially from people you do not know.
• Set up rules in your email to delete spam that by-pass the anti-spam software.

9
• Identify sources of spam and report it to a network administrator so it can be blocked.
• Report incidents to the governmental agency that deals with abuse by spam.

One of the most common types of spam forwarded is a virus warning. While some virus warnings sent
via email are true, a large amount of them are hoaxes (trick) and do not really exist. This type ofspam
can create problems because people warn others of the impending disaster and so flood the email
system.

In addition, network administrators may overreact and waste time investigating a problem that does
not exist. Finally, many of these emails can actually contribute to the spread of viruses, worms and
Trojan horses. Before forwarding virus warning emails, check to see if the virus is a hoax at a trusted
source such as:
Pop-up Blockers
Pop-up stopper software can be installed to prevent pop-ups and pop-under. Many web browsers
include a pop-up blocker feature by default.

• Note that some programs and web pages create necessary and desirable pop-ups.

Encryption software

Is the application of algorithms to readable text turning it into unreadable text.

Is software that can encrypt and decrypt data, often in the form of files on a hard drive or packets sent
over a network. Encryption software uses an encryption scheme that encodes computer data so that it
cannot be recovered without the correct key. Software encryption is a fundamental part of modern
computer communications and file protection.

The purpose of encryption is to prevent third parties from recovering any of the original data, or even
any information about the data, from the encrypted data. This is particularly important for sensitive
data like social security numbers.

10
Anti-Spyware /Spyware removal software

Spyware can also cause virus-like symptoms. In addition to collecting unauthorized information, they
can use important computer resources and affect performance. Anti-spyware software detects and
deletes spyware applications, as well as prevents future installations from occurring. Some Anti-virus
packages include Anti-Spyware functionality.

Firewall

Firewall is a barrier between Local Area Network LAN and the Internet. It allows keeping
privateresources confidential and minimizes the security risks. It controls network traffic,
in both directions.

Firewalls are software programs or hardware devices that filter the traffic that flows into your PC or
your network through an internet connection. They sift through the data flow & block that which they
deem (based on how & for what you have tuned the firewall) harmful to your network or computer
system.
When connected to the internet, even a standalone PC or a network of interconnected computers make
easy targets for malicious software & unscrupulous hackers. A firewall can offer the security that
makes you less vulnerable and also protect your data from being compromised or your computersbeing
taken hostage.
How it works?
Firewalls are setup at every connection to the Internet, therefore subjecting all data flow to careful
monitoring. Firewalls can also be tuned to follow "rules".
Rules will decide who can connect to the internet, what kind of connections can be made, which orwhat kind of files
can be transmitted in out.
Firewall Rules
Firewalls rules can be customized as per your needs, requirements & security threat levels. You can
create or disable firewall filter rules based on such conditions as:

11
 IP Addresses
Blocking off a certain IP address or a range of IP addresses, which you think are predatory.
 Domain names
you can only allow certain specific domain names to access your systems/servers or allow access to
only some specified types of domain names or domain name extension like .edu or
.mil.
 Protocols
A firewall can decide which of the systems can allow or have access to common protocolslike IP,
SMTP, FTP, UDP,ICMP, Telnet or SNMP.
 Ports
Blocking or disabling ports of servers that are connected to the internet will help maintain thekind of
data flow you want to see it used for & also close down possible entry points for hackers or malignant
software.

Types of Firewall
Firewalls can be classified as: -
Software firewalls
New generation Operating systems come with built in firewalls or you can buy firewall softwarefor
the computer that accesses the internet or acts as the gateway to your home network.
Hardware firewalls
Hardware firewalls are usually routers with a built in Ethernet card and hub. Your computer or
computers on your network connect to this router & access the web.

12
13

You might also like