Famous Network Attacks

Whenever you are connected to internet or to a network, you are always at the risk to be attacked beacuse of your weak security policies. Every year companies spent lot to keep there network safe from crackers. Some of the main attacks that are noticed in the recent past are:

Unauthorized Access

The ultimate aim of any network security attack is to either deprive you of use of your system or more commonly to give at least partial control of your system to the cracker. Most systems rely on a very simple mechanism to keep intruders at bay. The good old username & password are used very widely. The main problem with passwords is that we’re only human. We like nice, easy to understand passwords we won’t forget. As the number of passwords we are expected to remember rises (I’ve never counted, but I bet I need to remember at least 30 passwords) the human desire to have memorable passwords becomes even more imperative. That’s all well and good except for the fact that what is easy to remember for us is also easy to crack.

There are loads of programs that have been produced to crack passwords using the ’brute force’ method. A bad password on a Microsoft Windows system can be cracked in less than a second. Worse still, some systems send passwords over the network as clear text. There are plenty of tools available to collect those too. Once a user name & password have been obtained the system treats the cracker just like an authorized user would be.

Denial-of-Service

DoS (Denial-of-Service) attacks are probably the nastiest, and most difficult to address. These are the nastiest, because they're very easy to launch, difficult (sometimes impossible) to track, and it isn't easy to refuse the requests of the attacker, without also refusing legitimate requests for service.

The premise of a DoS attack is simple: send more requests to the machine than it can handle. There are toolkits available in the underground community that make this a simple matter of running a program and telling it which host to blast with requests. The attacker's program simply makes a connection on some service port, perhaps forging the packet's header information that says where the packet came from, and then dropping the connection. If the host is able to answer 20 requests per second, and the attacker is sending 50 per second, obviously the host will be unable to service all of the attacker's requests, much less any legitimate requests (hits on the web site running there, for example).

The new version of DoS attacks is called distributed denial-of-service (DDoS). This attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users.

A hacker (or, if you prefer, cracker) begins a DDoS attack by exploiting a vulnerability in one computer system and making it the DDoS "master." It is from the master system that the intruder identifies and communicates with other systems that can be compromised. The intruder loads cracking tools available on the Internet on multiple -- sometimes thousands of -- compromised systems. With a single command, the intruder instructs the controlled machines to launch one of many flood attacks against a specified target. The inundation of packets to the target causes a denial of service.

Worms & Trojans

One of the main aims of an unauthorized access attack is to install a software program on the target system. The worm will then hide its presence from the administrator of the system for as long as possible. The worm will perform whatever instructions given to it by the cracker. Some worms can even be connected to after installation and given new instructions. Generally, a worm is used during DoS attacks targeting a system of the crackers choosing. Sometimes groups of crackers will cooperate to target a common enemy.

A person has found a worm on his machine at home. He had a firewall installed and anti-virus software and yet the worm somehow went undetected. For a less technical user the worm may well have gone undetected for some time. A common method of infection is visiting websites that are, how can I put this subtly, places you wouldn’t care to show your mother. Another common method is via an infected email. There are vast databases of email addresses shared by crackers, many are scraped from websites. Others are generated by sending semi-random emails to services like hotmail. When an email hits a real inbox the spammers or crackers can detect it and add it to their email list.

Email Based Network Security Attacks

Email has been broken pretty much from the beginning of the commercial Internet. That we have gone for more than a decade with such a broken system at the core of the Internet I find quite baffling. But, whatever the whys and wherefores, it is a fact. As a network manager you’ve got to deal with the world as it exists now, not how it should be. Of all the network security attacks I deal with, email is by far the biggest time waster. I suspect that I am far from alone.

The main network security attack that can be perpetrated via email is to use email as a vehicle by which worms can be carried into the very heart of your network. How else can a cracker have their software executed on, potentially, thousands of machines behind all of the perimeter defences erected by a company?

The fact that email is used as a means to access the very heart of a network explains why it is so popular as a means for network security attacks.

Happy Diwali

HAPPY DIWALI to all the readers of this blog
May this year we keep on interchanging our knowledge
I try my best to help you to enhance your noesis and you help me in the same.
A person cannot do everything all alone...
But together we can conquer the world.

Dunes of vapors from crackers rise,

Engulf, as odorous airs resound

Effusing joys to all abound

Pearls of gleams in these autumn nights

Adorn our lives else trite

With sparklers that motley skies

As soaring spirits of powder wander

Let us thank the heavenly might,

In this festive season of lights.

In the coming of month, we will have complete month devoted to all kind of Security used for computations.

Power of Virtualization through VMWare

Author: Inderpreet

Imagine your dreams in which you have the freedom to think anything. Sometimes you become CEO of G00gle and many time busy in fulfilling all your wishes. In the same manner, using virtualization, you are having the freedom to use any OS on your laptop or desktop. It will make you more happy when you run the windows on the Linux or vice-versa.You don't even blink twice if you want to try a new operating system anymore or want to do the iPhone programming on Mac running on the windows operating system. Yes, all this is reality, if you enter the virtual world.

All of this freedom of choice is made possible through virtualization, specifically with VMWare Workstation.  VMWare (or Virtual Machine Software) is exactly that, a software program that emulates an entire PC system. VMware runs on a variety of operating systems including Windows, Linux and Mac.  Once my operating system is installed along with the needed vitalization tools I can literally go back to work by just starting up a virtual machine where all of my tools are stored.

For creating the virtual image, we need the VMWare Workstation. You need to purchase the licence for that. After installing the VMWare Workstation, setup the virtual machine before start installing any operating system. Steps for setting up the virtual machine. After doing the initial setup, install the OS. For steps to install, see the steps for installing the WindowsXP as the guest operating system.

For free users, you can download the VMWare player. After installing the player, download the virtual machine from the Virtual appliance. You need to register there for free and downlaod the open source Operating systems virtual machine. You will find the virtual machines for operating systems like Ubuntu, Debian, CentOS, Open Solaris etc. for free.

Some useful links:

• How to use VMware Player to create your own images
  
• Setting Up Windows Server 2008 VMWare Virtual Machines For .Net Development
  
• Creating Image through VMPlayer

Grid Computing- Challenges Confronted and Opportunities Offered

Authors: Gurleen Kaur and Inderpreet Singh

Abstract

Grid Computing is a successor the distributed computing and in many ways has successfully redefined the era of global computing. By this, we mean that Grids involve the actualnetworking services and connections of apotentially unlimited number of ubiquitous computing devices and several myriads of disparate resources. Grid Computing has a longand unending list of facilities, opportunities, and provisions to offer. But again it has its own set ofchallenges that restrict the comprehensive exploitation and utilization of its capabilities. A broad insight into the two sides of the coin- Grid Computing has been addressed in this paper.The section-1 gives a brief introduction to grids and grid computing. In the section-2, we have addressed the promising and bright side of this technology. Immediately follows the challenges that need to be resolved to harness the full power of grids.

1. Introduction

The term Grid Computing is no longer a mere buzzword whose genesis was considered only a trick by researchers to fool the political systemfor more research grants so that they could scribble down more lines of useless code. GridComputing has successfully nullified and negated all false arguments and critical anti-thesis discouraging the evolution of this new type of distributed computing. For all those who have heard little about it, we have included the introduction part to enlighten about core grid terminology. 

We begin with a simplest definition of GridComputing[1-2]- “It is a type of distributed computing that enables the creation of a computational infrastructure by coupling wide-area distributed resources, for instance, databases, storage servers, high-speed networks, supercomputers and clusters for solving large-scale, massive and computationally complex problems.” Grid Computing is generally confused with other contemporary distributed computing technologies such as Cluster Computing, P2P (Peer2Peer) Computing, etc. But it is distinguishable on certain technical, physical and logical characteristics. We will not compare and contrast them here as it is outsidethe scope of the paper. To sum it up, we can say that though these several distributed computing technologies have certain aspects in common, but still Grid Computing has an edge over them.

Grid Computing can be differentiated from all distributed[3-4] computing paradigms by adefining characteristic: “The essence of grid computing lies in the efficient and optimal utilization of a wide range of heterogeneous, loosely coupled resources in an organization tied to sophisticated work load management capabilities or information virtualization.” 

Two major needs have made Grid Computing an undisputed and crowned glory. An economy with limited IT budget that needs to more fully utilize their existing assets (first need) and alsointelligently allocate their resources toappropriate business applications (second need).It is owing to these reasons that grid computing has emerged as a significant new field, clearly distinguishable from conventional distributedcomputing specifically due to its focus on large-scale resource sharing, innovative applicationsand the most important high-performance orientation. Now that we have prepared groundwork for gridcomputing in specific and distributed computingin general, it’s time to look into what it offers?Further, we will explore what challenges confront the grid?

7.REFERENCES 

[1] I.Foster, C. Kesselman and S. Tuecke, The Anatomy of the Grid: Enabling Scalable Virtual Organizations, International Journal of SupercomputerApplications, 15(3), 2001.

[2] The Global Grid Forum, http://www.gridforum.org/ 

[3] Grid Benchmarking Research Group, http://nas.nasa.gov/GGF/Benchmarks/ 

[4] D.Thain, T. Tannenbaum and M. Linvy,Condor and the Grid,  F. Berman, G. Fox, and A. Hey (eds.), Grid Computing:Making the Global Infrastructure a reality,Wiley and Sons, March 2003. 

[5]The Globus Project, http://www.globus.org 

[6] I. Foster and C. Kesselman (editors), The Grid: Blueprint for a Future Computing In Infrastructure, Morgan Kaufmann Publishers, San Fransisco, USA, 1999.

To see the full paper:

http://www.rimtengg.com/coit2007/proceedings/pdfs/69.pdf

If u face any problem while accessing from this URL, Contact me.

Computing@Cloud: A new trend in market

Author: Inderpreet

Now a days "Cloud Computing" is the hot technology. All the big bosses of the IT market are busy in offering there services through cloud computing. Need for the cloud computing is felt when there is need to increase capacity or add capabilities on the fly without investing in new infrastructure, training new personnel, or licensing new software. Cloud computing changes the economics of IT by enabling you to pay only for the capacity that you actually use. Compute capacity can be scaled up or down on demand to accommodate changing workloads and business requirements.

More technicaly, we can say that Cloud computing is a term often applied to programs that are presented in a Web browser, but the actual computing is performed at a distant data center. It is Internet ('cloud') based development and use of computer technology ('computing'). The cloud is a metaphor for the Internet (based on how it is depicted in computer network diagrams) and is an abstraction for the complex infrastructure it conceals. It is a style of computing where IT-related capabilities are provided “as a service”, allowing users to access technology-enabled services from the Internet ("in the cloud") without knowledge of, expertise with, or control over the technology infrastructure that supports them. [source:wikipedia]

Companies such as Amazon, Google and Salesforce.com have embraced the concept of delivering software over the Internet, as it can mean lower costs and less maintenance for those who use the applications. Microsoft is also going to release an OS for developers to code the applications for cloud computing. , IBM announced its Blue Cloud initiative, offering a package of hardware and software to allow its customers to create their own internal clouds. The company had already partnered with Google to provide cloud solutions for six American universities a month earlier. IBM hopes to grow the program to allow more universities and corporate and government entities to join in. Many companies are offering hardware designed to operate on cloud networks, including Hewlett Packard, Dell and Clear Cube.

Figure [Source:ivanov.wordpress.com/2008/05/01/cloud-computing/]

Cloud computing is often confused with grid computing (a form of distributed computing whereby a "super and virtual computer" is composed of a cluster of networked, loosely-coupled computers, acting in concert to perform very large tasks), utility computing (the packaging of computing resources, such as computation and storage, as a metered service similar to a traditional public utility such as electricity) and autonomic computing (computer systems capable of self-management). Indeed many cloud computing deployments are today powered by grids, have autonomic characteristics and are billed like utilities, but cloud computing can be seen as a natural next step from the grid-utility model. [Source:wikipedia]

Advantages
Inexpensive: Using cloud computing, we avoid the purchase of costly hardware, space to place the hardware and all other support for running that hardware properly.
Easy to maintain: You are just purchasing the service from service providers like Google, Amazon, IBM etc. So they provide you service for that.
Easy to update: You wouldn't have to worry about updating your software that would all be taken care of for you. You could just program and use your application on the purchased services.

For more information visit:

• How Cloud Computing Works
  
• A Definition Of Cloud Computing
• 20 Cloud Computing Startups You Should Know

Intrusion Detection Systems: A way to secure computing

Author: Inderpreet

Introduction

An intrusion detection system (IDS) monitors network traffic and monitors for suspicious activity and alerts the system or network administrator. In some cases the IDS may also respond to anomalous or malicious traffic by taking action such as blocking the user or source IP address from accessing the network.
IDS come in a variety of “flavors” and approach the goal of detecting suspicious traffic in different ways. There are basically two types of IDS systems: Host based (HIDS) and Network based (NIDS) intrusion detection systems.

• Host-Based IDS (HIDS)
  Host-based systems were the first type of IDS to be developed and implemented. These systems collect and analyze data that originate on a computer that hosts a service, such as a Web server. Once this data is aggregated for a given computer, it can either be analyzed locally or sent to a separate/central analysis machine. One example of a host-based system is programs that operate on a system and receive application or operating system audit logs. These programs are highly effective for detecting insider abuses. Residing on the trusted network systems themselves, they are close to the network’s authenticated users. If one of these users attempts unauthorized activity, host-based systems usually detect and collect the most pertinent information in the quickest possible manner. In addition to detecting unauthorized insider activity, host-based systems are also effective at detecting unauthorized file modification. Possible host-based IDS implementations include Windows NT/2000 Security Event Logs, RDMS audit sources, Enterprise Management systems audit data (such as Tivoli), and UNIX Syslog in their raw forms or in their secure forms such as Solaris' BSM; host-based commercial products include RealSecure, ITA, Squire, and Entercept, to name a few.


• Network-Based IDS (NIDS)
  As opposed to monitoring the activities that take place on a particular network, Network-based intrusion detection analyzes data packets that travel over the actual network. These packets are examined and sometimes compared with empirical data to verify their nature: malicious or benign. Because they are responsible for monitoring a network, rather than a single host, Network-based intrusion detection systems (NIDS) tend to be more distributed than host-based IDS. Software, or appliance hardware in some cases, resides in one or more systems connected to a network, and is used to analyze data such as network packets. Instead of analyzing information that originates and resides on a computer, network-based IDS uses techniques like “packet-sniffing” to pull data from TCP/IP or other protocol packets traveling along the network. This surveillance of the connections between computers makes network-based IDS great at detecting access attempts from outside the trusted network. In general, network-based systems are best at detecting the following activities:
  - Unauthorized outsider access: When an unauthorized user logs in successfully, or attempts to log in, they are best tracked with host-based IDS. However, detecting the unauthorized user before their log on attempt is best accomplished with network-based IDS.
  - Bandwidth theft/denial of service: These attacks from outside the network single out network resources for abuse or overload. The packets that initiate/carry these attacks can best be noticed with use of network-based IDS. Some possible downsides to network-based IDS include encrypted packet payloads and high-speed networks, both of which inhibit the effectiveness of packet interception and deter packet interpretation. Examples of network-based IDS include Shadow, Snort!, Dragon, NFR, RealSecure, and NetProwler.

How IDS works?

There are IDS that detect based on looking for specific signatures of known threats- similar to the way antivirus software typically detects and protects against malware- and there are IDS that detect based on comparing traffic patterns against a baseline and looking for anomalies. There are IDS that simply monitor and alert some specific targets. We’ll cover each of these briefly.

• Signature Based
  A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats. This is similar to the way most antivirus software detects malware. The issue is that there will be a lag between a new threat being discovered in the wild and the signature for detecting that threat being applied to your IDS. During that lag time your IDS would be unable to detect the new threat.
  
• Anomaly Based
  An IDS which is anomaly based will monitor network traffic and compare it against an established baseline. The baseline will identify what is “normal” for that network- what sort of bandwidth is generally used, what protocols are used, what ports and devices generally connect to each other- and alert the administrator or user when traffic is detected which is anomalous, or significantly different, than the baseline.

• Target Monitoring
  These systems do not actively search for anomalies or misuse, but instead look for the modification of specified files. This is more of a corrective control, designed to uncover an unauthorized action after it occurs in order to reverse it. One way to check for the covert editing of files is by computing a cryptographic hash beforehand and comparing this to new hashes of the file at regular intervals. This type of system is the easiest to implement, because it does not require constant monitoring by the administrator. Integrity checksum hashes can be computed at whatever intervals you wish, and on either all files or just the mission/system critical files.

Next generation SCM through Grid Computing

Author:Inderpreet

Supply chain management (SCM) is now a main trait of today’s world. Increasingly managers, researchers, and educators recognize the importance of SCM as both a strategic and tactical weapon. SCM practices keep on changing with time. Earlier
it was just a way of monitoring the goods sold or purchased by the organization.
But as the time goes on, the SCM increases its roots to the entire supply chain. With the extension of SCM over different areas of business, the data generated and analyzed is massive. Therefore the challenge for SCM system revolves around data - managing, its access, distribution processing and storage.
Let’s take an example; Say an ABC company is the leading retail industry company, who spent a lot on his technology to handle its processes in the smooth manner.
The software that they use to play with such huge data, was complicated and needed to run thousands of what-if scenarios to determine end-of-day reports and to do forecasting for their business. Locked into large, multiprocessor Unix boxes, the detail report to generate the order placed in the day calculation, could take a
long time say nine hours. So they plan to upgrade their hardware, to further reduce the data processing time. But the analysis they done shows it would have cut the maximum time from nine hours to four and a half hours. Also they will have to burn lot of resources like power, space, air-conditioning etc to maintain those hardware units. Still after doing so much, the requirement to finish the report generation in an hour is not fulfilled. Thank God, an intelligent consultant Andrew, who usually visits their office, suggested them to go for Grid Computing. After hearing this term, most of the people have the question what Grid computing is and how it will be able to solve their problem.
According to IBM, Grid computing allows to unite pools of servers, storage systems, and networks into a single large system so as to deliver the power of multiple-systems resources to a single user point for a specific purpose. To a user, data file, or an application, the system appears to be a single enormous virtual computing system.
So Andrew has taken the charge, calls his team and they setup the grid by using the already-deployed desktop computers, taking advantage of every machine with available processing time. Then the dummy system to do the processing for Orders placed in a day is run on the setup Grid. The results were stunning. A job that used to take all day or overnight could now be completed in under an hour. And not only this, ABC saves his nearly 70% of cost and resources to use the new hardware. So this is the power of Grid.
The Grid offers a unique opportunity for SCM systems, by providing a reliable, scalable and robust infrastructure able to support efficient inventory management and fast order processing and scheduling. By the use of Grid Computing, we are utilizing the free resources to provide the higher computational and data power. Over the last decade, significant resources and research efforts have been devoted towards making this vision a reality and have lead to the development and deployment of a number of Grid infrastructures targeting a variety of applications where the large processing power is needed or where we have to deal with large data. Big software companies such as Oracle and SAP already either have products (Oracle 10g) or pilot programs (as SAP does) for grid-enabled applications in place. Grid Computing can provides the ability to process and fulfill orders faster; to analyze real-time business data to accelerate decision making; to maintain better synchronization between the demand and supply and much more.
So when are you going to invite grid to your SCM world!

Introduction with Grids

What is the Grid?

The short answer is that, whereas the Web is a service for sharing information over the Internet, the Grid is a service for sharing computer power and data storage capacity over the Internet. The Grid goes well beyond simple communication between computers, and aims ultimately to turn the global network of computers into one vast computational resource.
That is the dream. But the reality is that today, the Grid is a "work in progress", with the underlying technology still in a prototype phase, and being developed by hundreds of researchers and software engineers around the world.
The Grid is attracting a lot of interest because its future, even if still uncertain, is potentially revolutionary. So the interest comes not only from experts in computer science, but from scientists, businessmen, journalists and, presumably, you, the browser of this website!

The Five big ideas behind Grids

Of course, there are many big ideas behind the Grid. And of course, some of them have been around long before the name Grid appeared. Nevertheless, if you look at where the software engineers and developers who are building the Grid are spending their time and effort, then there are five big areas.
The most important is the sharing of resources on a global scale. This is the very essence of the Grid. Then, although it is hardly a novelty, security is a critical aspect of the Grid, since there must be a very high level of trust between resource providers and users, who will often never know who each other are. Sharing resources is, fundamentally, in conflict with the ever more conservative security policies being applied at individual computer centers and on individual PCs. So getting Grid security right is crucial.
If the resources can be shared securely, then the Grid really starts to pay off when it can balance the load on the resources, so that computers everywhere are used more efficiently, and queues for access to advanced computing resources can be shortened. For this to work, however, communications networks have to ensure that distance no longer matters - doing a calculation on the other side of the globe, instead of just next door, should not result in any significant reduction in speed.
Finally, underlying much of the worldwide activity on Grids these days is the issue of open standards, which are needed in order to make sure that R&D worldwide can contribute in a constructive way to the development of the Grid, and that industry will be prepared to invest in developing commercial Grid services and infrastructure.

Building Blocks

Even though the Grid is in its early days, there is considerable consensus amongst the many developers of Grid technology about how it should be structured.
Just like civil engineers building a bridge, software engineers must specify an overall design for the structure they want to build, before they start work on it. This design is called the "Grid architecture". The Grid architecture identifies the fundamental components of the Grid, describes their purpose and function, and indicates how these components should interact with one another.
The Grid depends on underling hardware, from the computers and communications networks that underlie the Grid to the software for doing all sorts of complex calculations that will run on the Grid. Of all these components, though, the essence of the Grid - what really makes the whole thing possible - is the software that enables the user to access computers distributed over the network. This software is called "middleware", because it is distinct from the operating systems software that makes the computers run (programmes like Linux) and also different from the applications software that solves a particular problem for a user (a weather forecasting programme, for example). The middleware is conceptually in between these two types of software - hence its name.
The objective of the middleware is to get the applications to run on the right computers, wherever they may be on the Grid, in an efficient and reliable way. More generally speaking, the middleware's task is to organize and integrate the disparate computational resources of the Grid into a coherent whole.
The development of middleware is the main purpose of many of the Grid research and development projects currently underway around the globe. Grid middleware is already enabling working prototype Grids, which are often referred to as testbeds, because they are mainly being used for demonstration purposes rather than as a reliable resource

What type of applications will the Grid be used for?

A simple answer is that just about anything you do on a computer you could also do on the Grid. After all, the Grid is, in some sense just a very big computer.
A more sophisticated answer is that the first big-time users of the Grid will probably be scientists with challenging applications that are simply too difficult to do on just one set of computers. After all, the Grid was originally conceived for these types of users, and is being built by them, too.
Difficult computational problems can be categorized in different ways. From a computer scientist's point of view, you divide them by looking at their general computational nature. Another way to categorize problems is by whether they are computation-centric, data centric or community-centric.
But you can also look at the problems from the point of view of different application areas in science. Or you can look at the broader areas of application in industry, finance, government and civil society.