Texas State University
About Texas State | Library | Maps | Round Rock
 

Division of Information Technology

IT Security

About
Policies, Standards and Guides
Awareness
Training and Events
Services
Tools

Information Security Tips

Online Resources

Share This Page

adjust type sizemake font smallermake font largerreset font size

Intrusion Protection

Intrusions

Intrusions are unauthorized attempts to enter a network or computer. These attempts may take several different forms, but the goal is the same: to gain entry so the attacker can either destroy or steal data, gain control of equipment or gather information about the network for later use.

The old adage "A chain is only as strong as its weakest link" is certainly true of network security. Users may consider their machine to be a very unlikely target of attack, because they think they don't have any important information on it or they think their data is not worth stealing. The attacker, on the other hand, sees the user's machine as the portal through which the really important machines can be attacked. Your machine may be of no interest at all, but your machine may grant the attacker access that allows further attacks against other computers or networks.

In the early days of networking, intrusion attempts usually took the form of a direct attack against a single machine. The intruder attempted to break into a machine by either guessing or cracking passwords or using a known weakness in the operating system to introduce tools that could be used to compromise the system. Attackers often used "social engineering" to gain information that could help them break in to a network. (what is social networking?)

Modern intrusion attempts are much more varied. While the old-fashioned methods are still used, attackers now will frequently use trojans attached to innocuous looking files to introduce tools for later exploitation. Trojans can be introduced in a number of ways. They can be posted to newsgroups or IRC channels where users will download them, sent through email as attachments or simply placed on a website for the unwary to acquire. They can also piggyback on viruses or worms, fooling the victim into thinking that once the original infection is cleaned up they are safe again. They can even be installed on the victim's machine without their knowledge when they visit a web site. Using weaknesses in the security of the victim's web browser, the JAVA virtual machine, the powerful scripting languages so prevalent today, the OS itself or a combination of methods, the attacker can bypass the existing security controls and drop a trojan into a directory on the victim's hard drive.

 

Protect Yourself

To protect yourself against intrusions:

  • NEVER visit web sites you don't completely trust with any kind of active content capability. Turn off JAVA, Javascript and Active Scripting in your web browser. (With some browsers, you can configure security zones for "Untrusted Sites" [e.g. Internet Explorer.] With others, you have to use profiles to protect yourself [e.g. Netscape.] Create a profile called "Untrusted" with active content turned off, and create a second profile called "Trusted" with active content turned on. NEVER use the Trusted profile to visit new or unfamiliar web sites.)
  • NEVER open email attachments unless you know exactly what they are and you are certain they are safe.
  • ALWAYS protect your passwords and your account information. (See the Password Security page for proper procedures.)
  • NEVER give anyone your password for ANY reason. Texas State professionals should NEVER ask you for your password. If they do, you should report them to their supervisors immediately.
  • BE CAREFUL what you throw away. It may be the one piece of information an attacker needs to get in to the network. Use a shredder for anything that might reveal confidential information.
J.C. Kellam, Suite 720; Phone: 512.245.HACK (4225); E-mail: itsecurity@txstate.edu