c
 






  
   




There are many different perspectives that can be considered when determining what

hostile code is. Hostile code have many different purposes including, but not limited to any

software that gathers password or login in information, elude security measures, or attempts to

gain unauthorized access or advantage over files, computers, or networks. Any unauthorized

code on a network can be considered hostile code.

Hostile code can be introduced into a computer or network in many different ways, but

the common cause is usually by way of end users. These applications are generally installed via

web browser plug-ins, unauthorized software, opening unfamiliar or non-business related emails,

or by visiting unauthorized or certified web links from within a network. These types of threats

are commonly referred to as viruses, Trojans, worms, adware, or malware. Once these malicious

codes infiltrate networks, they usually self replicate throughout the network until addressed.

This can create security exploits such as opening ports for unauthorized network access, data

gathering, and distributed denial of service (DDoS) attacks. These applications can be

implemented in either a passive or aggressive mode.

Hostile codes do not only apply to malicious code, but also other applications that scan

computers or networks for searching for login, passwords or other information that can be used

to gain unauthorized access to files or other secure resources. There is a great set of tools that can
be considered both hostile, as well as helpful, know as BT ± Penetration Testing Distribution

(BackTrack). This set of tools has been around for a few years, and according to the article

BackTtack Used by the NSA (2010), BackTrack have all the tools you need in regards to testing

web-based applications and networks for vulnerabilities, penetration of wireless networks,

password crackers, network sniffers, along with other security related functions. This security

suite also has other intrusion detection systems (IDS) like SNORT, Etherape, and tracking tools

like Whois, NMAP, AMAP, Lanmap that can be used to track offenders back to their source.

Overall, the best way to combat hostile code is to have strong security and email policies

in conjunction with good antivirus and security patch management strategies that are

implemented, maintained, and strongly enforced. Along with this, user training in regards

security risks and threats can also help thwart these types of security breaches. The constant

testing of network and computer security is also necessary in fighting against hostile code.

References

Admin (2010). Backtrack Used by the NSA, 



 . Retrieved June 20, 2010 from

http://www.backtrack-linux.org/backtrack/backtrack-used-by-the-nsa