Back to the main page
Can't find the answer? Ask
Submit Articles
Publish your articles and reach thousands of readers worldwide.
Publish
■ Welcome Guest, LogIn
Create a new account
Ask a question  • Browse Q&A  • Publish an article  • Browse Articles  • Contact us
Categories
Animal, Vegetal Life
Beauty & Style
Business & Finance
Cars & Vehicles
Computers & Internet
Entertainment & Arts
Environment
Food & Cooking
Health
Hobbies & Collectibles
Home & Garden
Jobs & Education
Law & Legal Issues
Literature & Language
Miscellaneous
Places
Pregnancy & Parenting
Relationships
Religion & Spirituality
Science
Shopping
Sports
Society, History & Politics
Technology
Travel
Weaknesses of Firewalls
by TTech on 4/16/2009 in Computers & Internet » Security & Hacking
Firewalls do not guarantee security. They can induce a false sense of security in users. They give relatively poor protection against viruses, and users should ensure that up-to-date virus scanning software is in use on all computers. The majority of viruses are spread on floppy disks, and firewalls do not check these. Apart from these hackers use novel ways to attack sites and get what they wand and against these kind of attacks system administrator should be on alert. Some of the ways are described below:

Methods used to Attack Sites:

SMTP( Simple Mail Transfer Protocol ) and SendMail can be intercepted and information such as the sender’s IP(Internet Protocol ) address can be read, which may enable a hacker to bypass some firewalls. The DNS data-bases are an obvious place for hackers to look for IP addresses. Guarding against intrusion is in use if hackers know what IP addresses a firewall system is programmed to accept. Lines are some times left open after they have been used to link a network to the internet and a hacker who happen to scan the address will then be able to get into the system.

SNIFFERS:
A sniffer is a network interface card that receives all IP packets not just those intended for it. It captures forwards from talent, FTP are similar sessions. the data that is captured includes the hosts ID and IP addresses. The user ID and IP addresses and the passwords. A sniffer can be partially defeated by using one time passwords which are fairly easy to implement in UNIX for example, OPIE(One Time Passwords In Everything ) generates a challenge phrase when user tries to log in. the user has a cryptogram program that transform phrase , and the transformed version is cut and pasted back as a response. The secret cryptogram key is never revealed or transmitted, so the proper response can only be provided by the true owner of the ID (although human error can creep in here if the user allows some one else access to his machine).

PROTOCOL SPOOFING:
In many sites, demands such as passwords checks are relaxed if in IP addresses are from a trusted area, such as another computer within the site. This allows a protocol spoofing. Before TCP/IP communication between the two computers is established, there is considerable interchange of information between them, so it is not easy to use a false IP addresses. Successful spoofers anticipate the responses of a target computer and carry out in apparently protocol-compliant dialogue. Eventually they command events that make the server think the real address is trustworthy.
© Daxii.com
Add a Comment
You can comment anonymously or ( Login / Create an account )
Image Captcha
Retype the picture text
Add your comment

firewalls, date, guarantee, protection, induce, sense, false, ensure, they, security, weaknesses, users, scannin, give, poor, virus, relatively, viruses, against
Similar publicationsLatest publications
Other languages : Daxii in English English, Daxii en Français Français, Daxii en Español Español, Daxii in Deutsch Deutsche, Daxii in Italiano Italiano. Terms of use | Privacy Policy | Help © Daxii 2008-2010, All rights reserved.