What is Computer Security?

29 Şub 2020

Computer security is all efforts to create a secure information processing platform in order to protect the integrity of information from unauthorized access during the storage and transportation of data or information in electronic environments. In order to achieve this, it is necessary to determine and implement the security policy appropriate to the situation.



• Attacks are increasing at a geometric speed. (1-2-4-8-16-32- ..)

• Attacks are getting more complex and more capable.

• The number of attackers is increasing. The fact that some attack programs can be found on the internet enables many people who do not have programming knowledge to attack.

• The rapid increase in computer use has caused the number of programs to increase rapidly.

• As the programs get more complex, security vulnerabilities increase.

• Some of the programs we use - other than their normal functions - may do some malicious processes hidden in the background. (Such as sending some information about your computer)

• Most companies and people do not attach the necessary importance to security.

• The widespread use of the Internet causes viruses and Trojans to become widespread.



• Those who use it as a gateway computer: They disguise themselves by using your system to attack other systems.

• Information stealers: By watching the computer, opening some files, internet connection password, mail password, bank account password, etc. they try to get the information.

• Attackers for pleasure: People who are generally not very knowledgeable, who try to get passwords by attacking using some programs they find on the internet, or who cause the system to malfunction by deleting some files.



• Every day new security vulnerabilities are detected and published on the internet. Program producers are rapidly producing and releasing patches for these vulnerabilities, but most people do not install them either because they are unaware or difficult to install.

• In addition, the fact that some ready-made programs that facilitate attacks using existing vulnerabilities can be found on the internet, enables people who do not have much technical knowledge about security and programming to easily attack.



The studies and technical measures taken by the system administrators in order to ensure information security create integrity with the awareness of the end user and thus high efficiency can be obtained in the work carried out. As is known, 80% of the security gaps can be covered with 20% of the total effort to close these gaps. Our aim is to remind the common mistakes of the end user and simple precautions that can be taken, to create a kind of checklist.


1. Server operating systems on desktop computers

Desktop computers for end-user use are generally not designed for server-based jobs. However, one of the common mistakes made by the end user is the idea that the more comprehensive the operating system, the better it will work. Services that are automatically installed and running on server-grade operating systems without the user's knowledge reduce system performance and cause serious security vulnerabilities. It should be ensured that users are made aware of this issue and that they install / use an operating system that is suitable for their needs.

2.Server applications on desktop computers

Although operating systems are clients, users can set up insecure FTP servers or web servers, especially to share files or serve web pages. For example, it is known that the use of Microsoft IIS as a web server has caused serious security vulnerabilities in the past and today, and CodeRed and Nima viruses spread by using the vulnerability of this software. In order to prevent this situation, it should be ensured that these server-qualified services are provided centrally by system administrators through secure software on secure operating systems. For example, users should be able to prepare a web page on UNIX server systems using their own user accounts, and move their files with FTP programs running on server systems.

3.Operating systems updates

One of the common mistakes end users make is that after installing the operating system, they assume that the installation is complete and that there are no vulnerabilities. Updates of operating systems are constantly being released after they are released. These updates replace the drivers and problematic system files with new ones, and more importantly, they close the security gaps in the operating system. Some operating systems automatically install their own updates or can be set up for automatic installation. Viruses often infect and spread the computer using the vulnerabilities of operating systems that are not updated.

4. Application software updates

In addition to operating systems, some application software may cause security vulnerabilities when they are not updated, due to these vulnerabilities, the computer may be affected by viruses and information may be lost. Especially Microsoft Outlook etc. Message programs such as e-mail reading programs, Microsoft Office packages, MSN Messenger and ICQ need to be updated.

5.Administrator rights on desktop

One of the most common mistakes made by desktop computer users is that they want to be the administrator of the computer they use. Administrator rights are not required to use desktop computers. However, system administrators also allow users to manage computers from time to time in order to get rid of unnecessary phones and unnecessary explanations. The installations made or the configuration parameters changed by the end user without realizing it with the administrator rights can cause security vulnerabilities on the computer.

6.Anti virus software and updates

Some users think that antivirus software slows down their computers. Indeed, antivirus software causes a 0.5-2% decrease in system performance. However, this performance loss is incomparably small with the drop in computer performance when the virus affects the computer. For this reason, using antivirus software on desktop computers is one of the first precautions to be taken against viruses. In addition, one of the common mistakes made by users is to think that the computer is safe from viruses after the anti virus software is installed, and the software is not updated. Users should be made aware of how antivirus software works, how it detects newly released viruses, and how to update the virus scan engine and virus pattern files.

7.File shares

While users are sharing their files with other users on the network, they do not realize that these files are seen by everyone. In addition, instead of sharing certain directories, they open the directories with operating system files and programs for sharing, create security vulnerabilities as a result of these shares opened without a password, and on the other hand, they create a suitable ground for viruses spreading over the network. It is necessary to raise the awareness of the users about the risks of file sharing and to offer safer ways to share files.

8.File exchange

Users download and run the programs they receive from the computers that they do not recognize and whose reliability is unknown through P2P file sharing programs such as Kazaa, Imesh or messaging programs such as ICQ. These programs can be virus or Trojan horse qualified. Users should be informed about this.

9. Programs that run unconsciously on the web

Unconsciously downloaded programs and plugins from some websites can cause computers to be invaded by viruses or malicious code. In order to prevent this situation, users are required to make security settings in their Internet browser programs, and to approve the questions that arise when a connection is made to web pages only after they understand.

10. Email attachments

The operation of the attachments of the e-mails prepared by the virus, which the user does not know from or which is shown as coming from a well-known user as a work of social engineering, is a common error that causes the virus to affect the computer. In order to prevent viruses spreading via e-mail from affecting the computer, anti-virus software and operating systems should be updated and secure e-mail reading programs should be preferred. (Netscape Messenger, Pine, Mutt etc. instead of Microsoft Outlook).

11. Security Standards (Security Baseline) and Usage Policies

prepared by system administrators and determined policies are generally deemed unnecessary by end users, and security settings suggested in these are not made. Users need to be informed so that they understand the importance of these standards.​

Son düzenleme:

Turkhackteam.org internet sitesi 5651 sayılı kanun’un 2. maddesinin 1. fıkrasının m) bendi ile aynı kanunun 5. maddesi kapsamında "Yer Sağlayıcı" konumundadır. İçerikler ön onay olmaksızın tamamen kullanıcılar tarafından oluşturulmaktadır. Turkhackteam.org; Yer sağlayıcı olarak, kullanıcılar tarafından oluşturulan içeriği ya da hukuka aykırı paylaşımı kontrol etmekle ya da araştırmakla yükümlü değildir. Türkhackteam saldırı timleri Türk sitelerine hiçbir zararlı faaliyette bulunmaz. Türkhackteam üyelerinin yaptığı bireysel hack faaliyetlerinden Türkhackteam sorumlu değildir. Sitelerinize Türkhackteam ismi kullanılarak hack faaliyetinde bulunulursa, site-sunucu erişim loglarından bu faaliyeti gerçekleştiren ip adresini tespit edip diğer kanıtlarla birlikte savcılığa suç duyurusunda bulununuz.