17 February 2010
With the growth of the internet, network security has become a major concern. Private confidential information has become available to the public. Confidential information can reside in two states on the network

3. Security Related Crimes:
With the growth of the internet, network security has become a major concern. Private confidential information has become available to the public. Confidential information can reside in two states on the network. It can reside on the physical stored media, such as hard drive or memory or it can reside in the transit across the physical network wire in the form of packets. These two information states provide opportunities for attacks from users on the internal network, as well as users on the Internet.
Network Packet Sniffers
Network computers communicate serially where large information pieces are broken into smaller ones. The information stream would be broken into smaller pieces even if networks communicated in parallel. These smaller pieces are called network packets. Since these network packets are not encrypted they can be processed and understood by any application that can pick them off the network and process them. A network protocol specifies how packets are identified and labeled which enables a computer to determine whether a packet is intended for it. The specifications for network protocols such as TCP/IP are widely published. A third party can easily interpret the network packets and develop a packet sniffer. A packet sniffer is a software application that uses a network adapter card in a promiscuous mode (a mode in which the network adapter card sends all packets received by the physical network wire to an application for processing) to capture all network packets that are sent !across a local network. A packet sniffer can provide its users with meaningful and often sensitive information such as user account names and passwords.
IP Spoofing
An IP attack occurs when an attacker outside the network pretends to be a trusted computer either by using an IP address that is within its range or by using an external IP address that you trust and to which you wish to provide access to specified resources on your network. Normally, an IP spoofing attack is limited to the injection of data or commands into an existing stream of data passed between client and server application or a peer to peer network connection.
Password attacks
Password attacks can be implemented using several different methods like the brute force attacks, Trojan horse programmes. IP spoofing can yield user accounts and passwords. Password attacks usually refer to repeated attempts to identify a user password or account. These repeated attempts are called brute force attacks.
Distribution of sensitive internal information to external sources:
At the core of these security breaches is the distribution of sensitive information to competitors or others who use it to the owners’ disadvantage. While an outside intruder can use password and IP spoofing attacks to copy information, an internal user could place sensitive information on an external computer or share a drive on the network with other users
Man-in-the-middle-attacks
This attack requires that the attacker have access to network packets that come across the networks. The possible use of such attack are theft of information, hijacking an ongoing session to gain access to your internal network resources, traffic analysis to drive information about one’s own network and its users, denial of service, corruption of transmitted data, and introduction of new information into network sessions.
Published in Legal service india
Authors : B.Jyoti Kiran & Shiladitya Goswami