Professional Documents
Culture Documents
There are many different perspectives that can be considered when determining what
hostile code is. Hostile code have many different purposes including, but not limited to any
software that gathers password or login in information, elude security measures, or attempts to
gain unauthorized access or advantage over files, computers, or networks. Any unauthorized
Hostile code can be introduced into a computer or network in many different ways, but
the common cause is usually by way of end users. These applications are generally installed via
web browser plug-ins, unauthorized software, opening unfamiliar or non-business related emails,
or by visiting unauthorized or certified web links from within a network. These types of threats
are commonly referred to as viruses, Trojans, worms, adware, or malware. Once these malicious
codes infiltrate networks, they usually self replicate throughout the network until addressed.
This can create security exploits such as opening ports for unauthorized network access, data
gathering, and distributed denial of service (DDoS) attacks. These applications can be
Hostile codes do not only apply to malicious code, but also other applications that scan
computers or networks for searching for login, passwords or other information that can be used
to gain unauthorized access to files or other secure resources. There is a great set of tools that can
be considered both hostile, as well as helpful, know as BT ± Penetration Testing Distribution
(BackTrack). This set of tools has been around for a few years, and according to the article
BackTtack Used by the NSA (2010), BackTrack have all the tools you need in regards to testing
password crackers, network sniffers, along with other security related functions. This security
suite also has other intrusion detection systems (IDS) like SNORT, Etherape, and tracking tools
like Whois, NMAP, AMAP, Lanmap that can be used to track offenders back to their source.
Overall, the best way to combat hostile code is to have strong security and email policies
in conjunction with good antivirus and security patch management strategies that are
implemented, maintained, and strongly enforced. Along with this, user training in regards
security risks and threats can also help thwart these types of security breaches. The constant
testing of network and computer security is also necessary in fighting against hostile code.
References
http://www.backtrack-linux.org/backtrack/backtrack-used-by-the-nsa