Computer Security

The prevention of or protection against access to information by unauthorized recipients, and the unauthorized destruction of or alteration of information. Another way to state it is to say that computer security is the ability of a computer system to protect information with respect to confidentiality and integrity. Computer security is often associated with three core areas, summarized with the CIA acronym: Confidentiality (ensuring that information is not accessed by unauthorized individuals; Integrity (ensuring that information is not altered by unauthorized individuals in a way not detectable by authorized users); and Authentication (ensuring that users are the individuals they say they are).

To prevent crackers from accessing a computer system, computer security individuals need to block noncritical incoming ports on the firewalls. Moreover, the ports remaining open need to be protected by patching the services utilizing those ports—email, Web services, and FTP.

The CERT Website lists updated vulnerability data about services that may be running, so this listing should be consulted regularly. Also, to assess whether a cracker is utilizing tools to access the system, computer security individuals should use logging tools that record port scans, failed login attempts, and fingerprinting. Snort, a freeware Intrusion Detection System (IDS), can detect intrusions that it is aware of and properly understands, but is unable to prevent them. Furthermore, the logfiles need to be reviewed to determine which machines appear to be probing the system.

See Also: Authentication; Confidentiality; Integrity; Intrusion Detection System (IDS); Security; FTP (File Transfer Protocol).