Changes

<hr>

Before moving on to chapters that outline the steps necessary to secure networks and computer systems it helps to first have an understanding of the kinds of attacks and threats that need to be defended against. Armed with this information it will be clearer in later chapters not just how to implement particular security measures, but also why such measures need to be implemented.

== IP and DNS Spoofing Attacks ==

The basis of spoofing involves masquerading as a trusted system in order to gain unauthorized access to a secure environment. IP spoofing involves modifying data to make it appear to originate from the IP address of a system that is trusted by a server or firewall. Using this approach, a host is able to pass through the IP filtering that would otherwise serve to prevent access.

Computer systems typically store the passwords which allow access to the system in a password file which is cryptographically protected from prying eyes. A number of password cracking programs are available for extracting the passwords from a password file. Some examples are the ''Crack'', ''John the Ripper'' and ''L0phtCrack'' programs, each of which attempts to decrypt password files. Obviously, the best approach to avoiding such programs being run is to prevent the password file from falling into the wrong hands and carefully monitoring systems to ensure unauthorized programs are not running.

<hr><table border="0" cellspacing="0" width="100%">