Chapter Summary

This chapter discussed the wide range of threats that face modern computer networks, countermeasures to reduce the risk these vulnerabilities pose, and proper procedures to follow when countermeasures fail and a computer-security incident takes place.

• Malicious code objects are deliberately programmed threats, such as viruses, worms, and Trojan horses that attack computer systems and networks.

• Buffer overflows result when hackers exploit holes in poorly written software causing unpredictable results.

• Denial-of-service attacks use resource exhaustion or highly targeted techniques to deny legitimate use of computing resources.

• Network reconnaissance techniques allow malicious users to map out portions of a network and detect possible vulnerabilities for future exploitation.

• Hackers use a variety of tools, including common system administration tools, to probe for weaknesses.

• Proper incident-handling procedures are essential to minimizing the impact of a security breach and preserving evidence for possible legal action.