Summary

A computer or network may be subject to several types of threats and attacks.

Threats include DoS attacks, which crowd desirable traffic off of the network; identity theft attacks, session hijacking which allow an attacker to assume root privileges; and various malicious code and viruses.

Defenses against identity attacks include better passwords, and special security devices, such as tokens. Defense against DoS attacks include updating software patches to eliminate vulnerabilities. The same defense is important against malicious code.

In every case, security administrators must adopt a watchful attitude, assume a hostile environment, and be diligent in defense of the computers and networks under their care.