SlideShare a Scribd company logo

Network security and viruses

Download as PPTX, PDF
Aamlan Saswat Mishra
Aamlan Saswat Mishra

A Presentation On Basic Network Security And Viruses For College Level. Basics on Networking, Network Security, Virus, Spyware, Vulnerability, Hacking And Indian Laws To Prevent Hacking

Education
1 of 18
Network Security And Viruses Aamlan Saswat Mishra Class-XI-E
Network security  Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources.  Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done.  Network security starts with authenticating, commonly with a username and a password  Once authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users  Communication between two hosts using a network may be encrypted to maintain privacy  Security management for networks is different for all kinds of situations.
Vulnerability  The probability that an asset will be unable to resist the actions of a threat agent  In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.  Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. This practice generally refers to software vulnerabilities in computing systems.  A security risk may be classified as a vulnerability but there are vulnerabilities without risk  Many software tools exist that can aid in the discovery (and sometimes removal) of vulnerabilities in a computer system. Though these tools can provide an auditor with a good overview of possible vulnerabilities present, they can not replace human judgment.
A Cookie?
HTTP cookie  An HTTP cookie is a small piece of data sent from a website and stored in the user's web browser while the user is browsing it  Every time the user loads the website, the browser sends the cookie back to the server to notify the user's previous activity. (Cookies were designed to be a reliable mechanism for websites to remember stateful information)  Cookies can also store passwords and form content a user has previously entered, such as a credit card number or an address.  The tracking cookies, and especially third-party tracking cookies, are commonly used as ways to compile long-term records of individuals' browsing histories – a potential privacy concern  The security of an authentication cookie generally depends on the security of the issuing website and the user's web browser, and on whether the cookie data is encrypted. Security vulnerabilities may allow a cookie's data to be read by a hacker, used to gain access to user data, or used to gain access.
Computer virus  A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive; when this replication succeeds, the affected areas are then said to be "infected“  Viruses often perform some type of harmful activity on infected hosts, such as stealing hard disk space or CPU time, accessing private information, corrupting data, displaying political or humorous messages on the user's screen, spamming their contacts, logging their keystrokes, or even rendering the computer useless. However, not all viruses carry a destructive payload or attempt to hide themselves—the defining characteristic of viruses is that they are self-replicating computer programs which install themselves without user consent.  Virus writers use social engineering and exploit detailed knowledge of security vulnerabilities to gain access to their hosts' computing resources.
And there is more…  Motives for creating viruses can include seeking profit, desire to send a political message, personal amusement, to demonstrate that a vulnerability exists in software, for sabotage and denial of service, or simply because they wish to explore artificial life and evolutionary algorithms  Computer viruses currently cause billions of dollars' worth of economic damage each year, due to causing systems failure, wasting computer resources, corrupting data, increasing maintenance costs, etc.  In response an industry of antivirus software has cropped up, selling or freely distributing virus protection to users of various operating systems.
A horse?
Trojan horse  A Trojan horse, or Trojan, in computing is any malicious computer program which misrepresents itself as useful, routine, or interesting in order to persuade a victim to install it  While Trojans and backdoors are not easily detectable by themselves, computers may appear to run slower due to heavy processor or network usage  If installed or run with elevated privileges a Trojan will generally have unlimited access. What it does with this power depends on the motives of the attacker.  Its target functionalities involve crashing computers, modification or deletion of files, data corruption, use of resources and identity, money theft, data theft, spying, survelience and even tracking.  It is possible for those involved with Trojans to scan computers on a network to locate any with a Trojan horse installed, which the hacker can then control.
Computer worm  A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers  It uses a computer network to spread itself, relying on security failures on the target computer to access it. Unlike a computer virus, it does not need to attach itself to an existing program  Users can minimize the threat posed by worms by keeping their computers' operating system and other software up-to-date, avoiding opening unrecognized or unexpected emails, and running firewall and antivirus software  Regardless of their payload or their writers' intentions, most security experts regard all worms as malware.  Several worms, like XSS worms, have been written to research how worms spread
Spamware  Spamware is software designed by or for spammers  Spamware varies widely, but may include the ability to import thousands of addresses, to generate random addresses, to insert fraudulent headers into messages and to use dozens or hundreds of mail servers simultaneously  Being an automated software it can create e-mail broadcasting hub by establishing superiority in numbers and sending capability as well as brings a position of great disturbance to its target  Another type of spamware is software used to search for e-mail addresses to build lists of e-mail addresses to be used either for spamming directly or to be sold to spammers
And Who Is HE?
The hackers  In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network.  Hackers may be motivated by a multitude of reasons, such as profit, protest, challenge, enjoyment, or to evaluate those weaknesses to assist in removing them.  The subculture that has evolved around hackers is often referred to as the computer underground and is now a known community  The term hacker is reclaimed by computer programmers who argue that someone who breaks into computers, whether computer criminal (black hats) or computer security expert (white hats)  A typical approach in an attack on Internet-connected system is:  1.Network enumeration: Discovering information about the intended target.  2.Vulnerability analysis: Identifying potential ways of attack.  3.Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis
Information Technology Amendment Act 2008  The Information Technology Amendment Act, 2008 (IT Act 2008) is a substantial addition to India's Information Technology Act (ITA-2000).  The original Act was developed to promote the IT industry, regulate e- commerce, facilitate e-governance and prevent cybercrime  The Amendment was created to address issues that the original bill failed to cover and to accommodate further development of IT and related security concerns since the original law was passed  Changes in the Amendment include: redefining terms such as "communication device" to reflect current use; validating electronic signatures and contracts; making the owner of a given IP address responsible for content accessed or distributed through it; and making corporations responsible for implementing effective data security practices and liable for breaches
Network security and viruses

Recommended

Types of attacks
Types of attacksTypes of attacks
Types of attacks
Vivek Gandhi
 
Internet anonymity and privacy
Internet anonymity and privacyInternet anonymity and privacy
Internet anonymity and privacy
Dooremoore
 
TCP/IP 3-way Handshake
TCP/IP 3-way Handshake TCP/IP 3-way Handshake
TCP/IP 3-way Handshake
Alok Tripathi
 
Malware ppt
Malware pptMalware ppt
Malware ppt
Faiz Khan
 
Network attacks
Network attacksNetwork attacks
Network attacks
Manjushree Mashal
 
Cia security model
Cia security modelCia security model
Cia security model
Imran Ahmed
 
Network security
Network securityNetwork security
Network security
fatimasaham
 
Web Security
Web SecurityWeb Security
Web Security
Bharath Manoharan
 

Recommended

Types of attacks
Types of attacksTypes of attacks
Types of attacks
Vivek Gandhi
 
Internet anonymity and privacy
Internet anonymity and privacyInternet anonymity and privacy
Internet anonymity and privacy
Dooremoore
 
TCP/IP 3-way Handshake
TCP/IP 3-way Handshake TCP/IP 3-way Handshake
TCP/IP 3-way Handshake
Alok Tripathi
 
Malware ppt
Malware pptMalware ppt
Malware ppt
Faiz Khan
 
Network attacks
Network attacksNetwork attacks
Network attacks
Manjushree Mashal
 
Cia security model
Cia security modelCia security model
Cia security model
Imran Ahmed
 
Network security
Network securityNetwork security
Network security
fatimasaham
 
Web Security
Web SecurityWeb Security
Web Security
Bharath Manoharan
 
Network security
Network securityNetwork security
Network security
Gichelle Amon
 
Network security
Network securityNetwork security
Network security
Estiak Khan
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
Amandeep Kaur
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and Spywares
Ankit Mistry
 
Firewalls in network security
Firewalls in network securityFirewalls in network security
Firewalls in network security
Vikram Khanna
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
SAIKAT BISWAS
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
afaque jaya
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
Shrey Vyas
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptx
LakshayNRReddy
 
Transport layer protocol
Transport layer protocolTransport layer protocol
Transport layer protocol
N.Jagadish Kumar
 
Computer Worms
Computer WormsComputer Worms
Computer Worms
sadique_ghitm
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
GulnurAzat
 
Computer Security 101
Computer Security 101Computer Security 101
Computer Security 101
Progressive Integrations
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
Colin058
 
Network security
Network security Network security
Network security
Madhumithah Ilango
 
Viruses, worms, and trojan horses
Viruses, worms, and trojan horsesViruses, worms, and trojan horses
Viruses, worms, and trojan horses
EILLEN IVY PORTUGUEZ
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
Allan Pratt MBA
 
Computer security risks
Computer security risksComputer security risks
Computer security risks
Aasim Mushtaq
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptography
chauhankapil
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9
koolkampus
 
Computer security
Computer securityComputer security
Computer security
sruthiKrishnaG
 
Type of Security Threats and its Prevention
Type of Security Threats and its PreventionType of Security Threats and its Prevention
Type of Security Threats and its Prevention
ijsrd.com
 

More Related Content

What's hot

Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
Amandeep Kaur
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
Colin058
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9
koolkampus
 

What's hot (20)

Network security
Network securityNetwork security
Network security
 
Network security
Network securityNetwork security
Network security
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and Spywares
 
Firewalls in network security
Firewalls in network securityFirewalls in network security
Firewalls in network security
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptx
 
Transport layer protocol
Transport layer protocolTransport layer protocol
Transport layer protocol
 
Computer Worms
Computer WormsComputer Worms
Computer Worms
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
 
Computer Security 101
Computer Security 101Computer Security 101
Computer Security 101
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
Network security
Network security Network security
Network security
 
Viruses, worms, and trojan horses
Viruses, worms, and trojan horsesViruses, worms, and trojan horses
Viruses, worms, and trojan horses
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
Computer security risks
Computer security risksComputer security risks
Computer security risks
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptography
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9
 

Similar to Network security and viruses

Type of Security Threats and its Prevention
Type of Security Threats and its PreventionType of Security Threats and its Prevention
Type of Security Threats and its Prevention
ijsrd.com
 
Computer Secutity.
Computer Secutity.Computer Secutity.
Computer Secutity.
angelaag98
 
Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...
Jennifer Letterman
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacy
Ardit Meti
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
dpd
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture Notes
FellowBuddy.com
 

Similar to Network security and viruses (20)

Computer security
Computer securityComputer security
Computer security
 
Type of Security Threats and its Prevention
Type of Security Threats and its PreventionType of Security Threats and its Prevention
Type of Security Threats and its Prevention
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
Implications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfImplications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdf
 
INTERNET SECURITY.pptx
INTERNET SECURITY.pptxINTERNET SECURITY.pptx
INTERNET SECURITY.pptx
 
Mim Attack Essay
Mim Attack EssayMim Attack Essay
Mim Attack Essay
 
Computer Secutity.
Computer Secutity.Computer Secutity.
Computer Secutity.
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guards
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
cybersecurity
cybersecuritycybersecurity
cybersecurity
 
Network security
Network securityNetwork security
Network security
 
Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacy
 
Cyber Security Company.docx
Cyber Security Company.docxCyber Security Company.docx
Cyber Security Company.docx
 
Insecurity vssut
Insecurity vssutInsecurity vssut
Insecurity vssut
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture Notes
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
 
Cyber security
Cyber securityCyber security
Cyber security
 
Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0
 

More from Aamlan Saswat Mishra

More from Aamlan Saswat Mishra (6)

Radburn city planning
Radburn city planningRadburn city planning
Radburn city planning
 
Lanjia saora tribe(sabara)
Lanjia saora tribe(sabara)Lanjia saora tribe(sabara)
Lanjia saora tribe(sabara)
 
Lanjia saora tribe(sabara)
Lanjia saora tribe(sabara)Lanjia saora tribe(sabara)
Lanjia saora tribe(sabara)
 
Elements of design through a subject
Elements of design through a subjectElements of design through a subject
Elements of design through a subject
 
Marine ecosystem
Marine ecosystemMarine ecosystem
Marine ecosystem
 
Consistency of linear equations in two and three variables
Consistency of linear equations in two and three variablesConsistency of linear equations in two and three variables
Consistency of linear equations in two and three variables
 

Recently uploaded

1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
fonyou31
 

Recently uploaded (20)

INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 

Network security and viruses

  • 1. Network Security And Viruses Aamlan Saswat Mishra Class-XI-E
  • 2. Network security  Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources.  Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done.  Network security starts with authenticating, commonly with a username and a password  Once authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users  Communication between two hosts using a network may be encrypted to maintain privacy  Security management for networks is different for all kinds of situations.
  • 3.
  • 4. Vulnerability  The probability that an asset will be unable to resist the actions of a threat agent  In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.  Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. This practice generally refers to software vulnerabilities in computing systems.  A security risk may be classified as a vulnerability but there are vulnerabilities without risk  Many software tools exist that can aid in the discovery (and sometimes removal) of vulnerabilities in a computer system. Though these tools can provide an auditor with a good overview of possible vulnerabilities present, they can not replace human judgment.
  • 5.
  • 7. HTTP cookie  An HTTP cookie is a small piece of data sent from a website and stored in the user's web browser while the user is browsing it  Every time the user loads the website, the browser sends the cookie back to the server to notify the user's previous activity. (Cookies were designed to be a reliable mechanism for websites to remember stateful information)  Cookies can also store passwords and form content a user has previously entered, such as a credit card number or an address.  The tracking cookies, and especially third-party tracking cookies, are commonly used as ways to compile long-term records of individuals' browsing histories – a potential privacy concern  The security of an authentication cookie generally depends on the security of the issuing website and the user's web browser, and on whether the cookie data is encrypted. Security vulnerabilities may allow a cookie's data to be read by a hacker, used to gain access to user data, or used to gain access.
  • 8. Computer virus  A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive; when this replication succeeds, the affected areas are then said to be "infected“  Viruses often perform some type of harmful activity on infected hosts, such as stealing hard disk space or CPU time, accessing private information, corrupting data, displaying political or humorous messages on the user's screen, spamming their contacts, logging their keystrokes, or even rendering the computer useless. However, not all viruses carry a destructive payload or attempt to hide themselves—the defining characteristic of viruses is that they are self-replicating computer programs which install themselves without user consent.  Virus writers use social engineering and exploit detailed knowledge of security vulnerabilities to gain access to their hosts' computing resources.
  • 9. And there is more…  Motives for creating viruses can include seeking profit, desire to send a political message, personal amusement, to demonstrate that a vulnerability exists in software, for sabotage and denial of service, or simply because they wish to explore artificial life and evolutionary algorithms  Computer viruses currently cause billions of dollars' worth of economic damage each year, due to causing systems failure, wasting computer resources, corrupting data, increasing maintenance costs, etc.  In response an industry of antivirus software has cropped up, selling or freely distributing virus protection to users of various operating systems.
  • 10.
  • 12. Trojan horse  A Trojan horse, or Trojan, in computing is any malicious computer program which misrepresents itself as useful, routine, or interesting in order to persuade a victim to install it  While Trojans and backdoors are not easily detectable by themselves, computers may appear to run slower due to heavy processor or network usage  If installed or run with elevated privileges a Trojan will generally have unlimited access. What it does with this power depends on the motives of the attacker.  Its target functionalities involve crashing computers, modification or deletion of files, data corruption, use of resources and identity, money theft, data theft, spying, survelience and even tracking.  It is possible for those involved with Trojans to scan computers on a network to locate any with a Trojan horse installed, which the hacker can then control.
  • 13. Computer worm  A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers  It uses a computer network to spread itself, relying on security failures on the target computer to access it. Unlike a computer virus, it does not need to attach itself to an existing program  Users can minimize the threat posed by worms by keeping their computers' operating system and other software up-to-date, avoiding opening unrecognized or unexpected emails, and running firewall and antivirus software  Regardless of their payload or their writers' intentions, most security experts regard all worms as malware.  Several worms, like XSS worms, have been written to research how worms spread
  • 14. Spamware  Spamware is software designed by or for spammers  Spamware varies widely, but may include the ability to import thousands of addresses, to generate random addresses, to insert fraudulent headers into messages and to use dozens or hundreds of mail servers simultaneously  Being an automated software it can create e-mail broadcasting hub by establishing superiority in numbers and sending capability as well as brings a position of great disturbance to its target  Another type of spamware is software used to search for e-mail addresses to build lists of e-mail addresses to be used either for spamming directly or to be sold to spammers
  • 15. And Who Is HE?
  • 16. The hackers  In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network.  Hackers may be motivated by a multitude of reasons, such as profit, protest, challenge, enjoyment, or to evaluate those weaknesses to assist in removing them.  The subculture that has evolved around hackers is often referred to as the computer underground and is now a known community  The term hacker is reclaimed by computer programmers who argue that someone who breaks into computers, whether computer criminal (black hats) or computer security expert (white hats)  A typical approach in an attack on Internet-connected system is:  1.Network enumeration: Discovering information about the intended target.  2.Vulnerability analysis: Identifying potential ways of attack.  3.Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis
  • 17. Information Technology Amendment Act 2008  The Information Technology Amendment Act, 2008 (IT Act 2008) is a substantial addition to India's Information Technology Act (ITA-2000).  The original Act was developed to promote the IT industry, regulate e- commerce, facilitate e-governance and prevent cybercrime  The Amendment was created to address issues that the original bill failed to cover and to accommodate further development of IT and related security concerns since the original law was passed  Changes in the Amendment include: redefining terms such as "communication device" to reflect current use; validating electronic signatures and contracts; making the owner of a given IP address responsible for content accessed or distributed through it; and making corporations responsible for implementing effective data security practices and liable for breaches