The U.S. Government's National Information Assurance Glossary defines Information Security as: Protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats.

But in this article will be same information about one of the unauthorized access types - internet attacks! That's makes more easily understand how these attacks work and click why so important get there own information security strategy!

Denial of service In this attack an attacker tries to do target

computer unable to provide the normal gamut of services. That attacker can do sending more information to a target computer than a computer is capable of processing. In this incident a user or organization is deprived of the services of a resource what they would normally expect to have. In this case costs of this attack are a great deal of time and money. A denial of service attack is a type of security attack to a computer system that does not usually result in the theft of information or other security loss.

Trojan Horse

Trojan horses are programs that pretend to be legitimate software, but actually carry out hidden, harmful functions. An attacker place this software on the target computer using web site, e-mail, embedded within another software package, or force-installed through the compromise of another service running. Trojans are executable programs, which mean that when you open the file, it will perform some action(s). These actions can be with different nature. The most common are of two types:

* The first is a remote control program that would allow the attacker to act as if he were in front of the machine.

* The second is a program that would allow a remote attacker to execute specific commands from the target machine.

Both types take a control over target computer and often use that to make denial of service of other target computer.

Buffer Overflow

An attacker sends a specific series of characters (text) to a service that will cause the service to act outside it's normal operating parameters. These attacks can be considered two parts, the overflow itself, and the command to execute. The overflow part contains the specific series of characters that will cause the service to act abnormally, but other contains commands. These commands can be something simple like causing computer to crash, or something complex like installing a trojan.

Buffer overflows are usually the preferred method of compromising a web server.

Port Scan

A port scanner is a tool that allows an individual to list the ports on a computer that are listening (available / open). Using a port scanner is usually the first step in determining how to compromise a system, as an attacker needs to know what the potential vulnerabilities of a system are before trying to execute them.

Article source: InfoSecurityLab