What Is a System Compromise?

We have discussed why you are attacked. You can be a target because of monetary gain by the attacker, the usefulness of your system to hide tracks and be used in further attacks, or for fun or malicious purposes. The end result of a successful attack is that the attacker has compromised your system security and has control of your computer, network, or applications. If an attacker is just going after data in an application, such as all your financial information in Quicken files, he doesn't need complete control of the system as long as he obtains the data.

Hackers, crackers, script kiddies or just about anyone on the Internet can launch an attack against your system in an attempt to compromise your computer. Anyone can be a threat. It doesn't matter who takes control of your computer because of a security weakness. The result is that you can be compromised, all your data can be stolen, and all your files can be destroyed at will by an attacker.

A compromised system can be used for launching more attacks, for testing, or as a playground for the attacker. It could be used to store pirated software and share such software with other hackers, or used to capture traffic on the local network. If you are using a cable modem, the attacker can use captured software such as Ethereal to monitor traffic of your neighbors.

A system compromise means that the attacker got past any firewalls or operating system security measures you have in place. Your system might be comprised for any number of reasons. After you are successfully attacked, the only things you can do are to identify that you have been compromised, find out what the attacker did to your system, find out how the attacker got control of your computer, fix the problems, and attempt to clean up any mess he made on your system or home network. Recovering from a system compromise is difficult, as we will discuss in another section.