Use Caution Opening Email Attachments
Never Share Your Passwords
When Away
Forwarding Emails
Social Media Privacy Settings

powered by zFeeder
Kris Curtis

The Sobek website is a production of Kris Curtis, the website was first produced as part of his Computing & Networks: Honours Project. The project aim was to study the internal threats to a company's computer network and create guide to the securities against internal threats. If there are any questions, problems or general enquiries then please do not hesitate to contact me by using the "kris curtis ©" link at the bottom of the page.. Thank you and please enjoy.


Welcome to Sobek, this website has been designed to provide easy to understand facts and information on computer security and specifically internal security. The different implementations of security have been divided into 4 categories, these categories are Prevention, Detection, Recovery and Extras. To the left are RSS feeds from SANS that provide the latest security hints and tips. Also on the right are a number of very helpful links to provide further assistance with computer security and below is an informative security video.

Internal security is the protection a network receives against threats and attacks within the network perimeter. Examples of internal threats are fires, power surges, intruders, staff and other threats that by their nature bypass firewalls and other external security implementations. Very often internal security is overlooked in favour of the more heavily publicised external security and this has produced a dramatic difference between internal security and external security as far as awareness and understanding is concerned.

Internal security threats can come in the form of accidents, ignorance actions or malicious actions. Accidents can consist of fire, flooding, water damage, accidental severing cables, power surges and other accidental incidents that have an adverse effect on the computer network.

Ignorance actions are incidents occur due to lack of knowledge or ability and result in an adverse effect on the computer network. Such ignorance actions could consist of water being spilled on network or computer equipment during cleaning, unplugging of power plugs, deleting or loss of critical data, downloading of malicious software and other security incidents that are carried out by staff without malicious intent.

Malicious actions are incidents that occur due to deliberate attacking of the computer network and result in an adverse effect on the computer network. Such actions could consist of spying on network security, damaging computer network equipment, misuse of network resources & services, stealing or deleting of critical data, fraud or data misuse and other security incidents that are carried out by staff with malicious intent.

Internal Security is not a single security technique or tool but rather a combination of different techniques and tools aimed at combating the different threats to the internal network. The threats that pose internal security risks to a network environment could be categorised into physical threats, data threats and activity threats.

Physical threats to the network are incidents such as fires or flooding occurring within network areas, liquid spillages on computer or network equipment, damage inflicted to computers or network components, theft of network components and other detrimental incidents that involve physical interaction with areas of the computer network. Physical threats can exist on a more basic level than other threats such as data theft or malicious activity over the network, the tools and expertise required to commit a serious physical incident can be very minimal.

Data threats to the network are incidents such as data being accidentally deleted or divulged, sensitive data being lost or stolen, copyright or intellectual property infringement and other detrimental incidents that involve data interaction with areas of the computer network.

Activity threats to the network are incidents such as accidentally downloading or exposing the network to malicious software, moving critical or sensitive data from the security of the network, visiting un-trusted or malicious websites, carrying out actions that reduce performance or security of the network and other detrimental incidents that involve activity within areas of the computer network.