Chapter 3 Flashcards
The File System
Modern computers keep files in a hierarchy of directories
each file has a path name, list of directory entries to follow to find the file, th efile name selects the right file in the final directory
Files are owned by a user, usually the creator, access rights are tied to user identities
CRUD
Create, Read Update, Delete
basic rights on files and directories
Strategies for protecting a newly created file
Use ‘Defaults’ - apply the same access rights to all new files
use ‘inheritance’ - apply the access rights based on the enclosing directories
Permissions flags
Sets of flags to specify access rights
ex:
RWX = read write, execute
Executable Files
Files that contain applications or programs
- Binary executables are stored in a control section and executed by the CPU
- Scripts contain text interpreted by a programming language interpreter
Must have execute right to execute a file containing a program
Malware
Malicious Software
Virus
Carried by another program, when the program executes the virus spreads to other programs on the computer
Types of virus infection
- Application virus infects when it’s run
- Boot sector virus infects when it’s bootstrapped
- USB virus infects when plugged in
- Email virus infects if attachment is run
Computer Worms
Programs that replicate and travel alone from system to system without the use of a host file.
If a document is infected with a worm, the entire document will travel from computer to computer
NonVirus Virus - Hoax
Rather than writing an actual virus, criminals send mass emails claiming to be from well known antivirus center and warns of new virus outbreak. The email will instruct users to delete some legitimate files, causing system damage.
Logic Bombs
Malware that executes its malicious purpose when a specific criteria is met (e.g. date/time/…)
Trojans
Imposter or program files that claim to be something desirable but are in fact malicious. Trojans do not replicate and you must invite them to your computers.
Rootkit
Collection of tools that black hats use to mask intrusion and obtain stealthy and privileged access to a computer. Typically subvert antivirus solutions. May consist of utilities that monitor traffic and keystrokes, attack other machines, alter existing system tools, create a backdoor.
Macro Viruses
Scripts inside other programs (like Excel) that can create, modify, execute other programs.
Defense Against Malware
- System Hardening
- Network Hardening
- Apply security patches
- implement least privileges
- reduce attack surfaceby shutting down ports, processes, applications
- Install antivirus and firewall software
- continuously monitor all defense controls
