Chapter Summary 59
Although keylogger programs are promoted for benign purposes like allowing parents to
monitor their children’s whereabouts on the Internet, most privacy advocates agree that the
potential for abuse is so great that legislation should be enacted to clearly make the unauthor-
ized use of keyloggers a criminal offense.
Threats to business and personal computer and information assets are an everyday menace.
It is essential that organizations and individual users identify the vulnerabilities and plan
for corrective action to thwart these threats. Threat categories include security and privacy
threats, integrity threats, delay, and denial threats. Virus threats are the most common and
frequent attack that a user will experience. Anti- virus software is the most effective method
of countering a virus attack.
Malicious attacks could emanate from active threats that include brute force, masquerad-
ing, address spoofing, session hijacking, replay, man- in- the- middle, and dictionary attacks.
Passive threats may include eavesdropping and monitoring. Additional types of programs that
are destructive to systems include logic bombs, Trojans, worms, and viruses (botnets).
Specific security breaches might include denial of service, distributed denial of ser-
vice, browsing, wiretapping, incorrect data encoding, accidental data modifications, and
Spam and scams are becoming an issue with Internet usage. Spam is clogging the net-
work with useless and intrusive advertisements. The cost to monitor and clean up spam on
computer systems is increasing on a daily basis. Individuals, organizations, and businesses
are incurring additional costs because of the increase of spam transmissions.
Threat targets are increasing as more users are added to the Internet. The targets include
computer systems, network components, software, electrical systems, and databases. Attacks
can be caused by black hats, script kiddies, crackers, and white hats.
Spyware is software that transmits personally identiable information from a computer
to some place on the Internet without the users knowledge. Adware is similar to spyware,
but it does not transmit personally identiable information. Adware is also often a side- effect
of spyware, because both monitor a computer for a sole purpose: delivering advertisements
that are especially tailored to user habits.
59940_Newman_02Print.indb 59 2/6/09 11:42:27 AM

Get Computer Security: Protecting Digital Resources now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.