As the use of the computers and networks has extended widely, there is
a corresponding increase about the subjects one must be careful about
and one must work on. One of the fundamental topics that must be handled
is the issue of security.
Significance of Security
* One of the main reasons of why we should handle the issue of security
is our dependency on computerised data, that is, the data transferred
to digital environment. The vulnerable point about our computer-related
tasks is that while computers are facilitating many of our burdens, we
develop a dependency to computers at the same time. For example, keeping
the medical information kept on an electronic environment reliable and
faultless is a must to continue the vitally important medical services.
* The advancement of technology extends the use of technology. Accordingly,
the number of computers increases, and the network that the computers
are connected to becomes wider. This means that the area of potential
hazards extends as well. Emphasising the fact that security is a significant
issue requires one to terminate the potential risks and hazards before
they realise themselves.
* The technology of computers changes so rapidly that it is more difficult
to give support to any issue of concern. New technologies are, by nature,
more complicated than the older ones. This means that the solutions are
too far away when encountered with a problem.
* Another factor, why we should consider the security paradigm as a fundamental
issue, is that the computer users tend to trust and rely on networks and
computerised environments more than before. Although, this seems to be
the desired outcome on the whole, it tends to distance the user from finding
alternative solutions and renders all the tasks technology dependent.
* As the use of the Internet has extended widely, the means of communication
have developed and it is now more easy to gain access to tools for attack.
In consequence, the profile of the attacker has changed. People do not
need high level of information any more to obtain results.
* The system administrators are generally overloaded with work when they
are needed in times of emergency or during the times of attack and the
computerised units do not have sufficient resources to answer an attack.
Therefore, security issue should be regarded as a protective measure that
must be handled with more care, attention and emphasis.
Types of Attacks and Attackers
Types of Attackers
Attackers are disobedient and misbehaving children of the security concept.
There are various types of attackers. The differences between these attacker
types or the main characteristics that define them are not yet so clear
or evident; however, they differ from each other with the types of damage
they cause or the methods they use when attacking or their aims to attack.
Briefly, they are intruders (the general name of the attackers), hackers
(enters into the system by using his/her knowledge, disregards the rules),
crackers (enters into the system by using the applications that can be
found anywhere easily, disregards the rules); they may be called as joyrider,
vandal, score keeper or spy according to their aims.
Types of Attacks
Attackers have got various methods of attacks. For example; buffer
overflow, the attacker takes advantage of the errors made during the
development of the implementation that is attacked and this causes the
implementation to produce unexpected results; configuration errors,
the aim of the attacker is to attain incorrect configuration of the services,
which causes the people (computers) to access destinations they do not
wish to access; administration errors, attacks that occur due to
the errors that the system administrators make; password cracking,
by implementing various specific methods, attackers reveal the passwords
of the system users and intrude into systems by taking the place of the
In this article, only a few of the possible types of attacks are told
briefly. It should never be forgotten that there are various other ways
Results of an Attack
Let's examine the results of an attack assuming that the attackers have
been successful in attaining their goals; first of all, the continuity
of the service that is being attacked will generally be hindered. This
means that the institution will lose important values such as time, money
and image. Besides all the facts, spying on or the stealing of information
belonging to the institution may produce unwanted results.
We can never find absolute solutions to our concerns about security,
however we can get rid of many problems, especially those problems that
are widely known and cause much nuisance, without wasting much time. To
- We should never let any application to run on our servers without
our knowledge and we should never offer services on our servers that
- We can evade many problems by using the latest versions of the applications
that are necessary for the services we offer.
- The user passwords with priority that we use on our systems and the
passwords of our users should not be selected from words that are easily
guessed, should not be referring to information such as names, surnames,
dates of birth etc., should be complicated enough, but they should be
easy to remember as well.
- The system administrators should have considerable knowledge about
the systems they administer, they should follow up the latest developments
and they should implement any kind of changes that are necessary as
soon as possible. This will prevent possible delays and enable them
to offer services without failures.