Monday, August 31, 2009

AntiVirus software






These are stand-alone programs that will protect your computer from viruses, worms and some trojans, and allow you to clean it should you become infected.

• Norton Antivirus (http://www.symantec.com/) Trial / Buy
• Mcafee Virus Scan (http://www.mcafee.com/) Trial / Buy
• PC-Cillin (http://www.trendmicro.com/) Trial / Buy
• Anti-Viral Toolkit Pro (http://www.kaspersky.com/) Trial / Buy
• AVG Anti-Virus (http://www.grisoft.com/) Free / Buy

Note that all of these websites (except grisoft.com) have areas that will conduct free online virus scans on your machine; however, only Trend Micro’s “House Call” page (housecall.trendmicro.com) will actually clean your machine if it finds any. In any case, these online scans are only band-aid solutions for disinfecting your machine after the fact – you should still be purchasing a realtime Anti-Virus software package (such as those listed above) to prevent viruses from getting into your system in the first place.


  • Update your virus/trojan definitions on a regular basis. Definition files are the
    database that your anti-virus/trojan software draw from to detect, identify and
    remove new viruses, worms and trojans. With new ones constantly emerging, new
    definition files are constantly being compiled and released by the software
    companies to keep up. Make sure you download these definitions regularly
    (weekly) from your company’s website to keep your software up-to-date for your
    own protection (ie, for Norton Anti-Virus you can use their “live update” feature).
  • Scan all downloaded files/attachments with Anti-Virus/Anti-Trojan software,
    before you open them.
  • Backup your data. No matter how safe you think you are, unless you back up
    your data prior to being infected, you may lose it during the infection/payload
    process (viruses/worms/trojans may delete or scramble files) or anti-virus/trojan
    cleaning process (files may need to be deleted to clean the machine). If there is
    important data that you need, make sure you back it up on a regular basis (either
    on diskette, CD-ROM or uploaded to a website).

Viruses, Worms, Trojans Preventative Solutions

  • Use common sense - don’t visit, or download programs from, people/websites you don’t know or trust.
  • Don’t open “spam” or unknown emails or attachments – delete them instead.
  • Check with your friend over the phone if you receive an email from them with
    an attachment you weren’t expecting – verify they did intend to send you the
    email/attachment, to make sure it wasn’t a worm sending it instead (many
    viruses/worms/trojans are sent from people unaware they’ve been infected).
  • Obtain the latest patches for Windows, Internet Explorer and Outlook Express
    to plug the many security holes and vulnerable exploits found in these programs.
  • Un-hide file extensions. This addresses the problem where Windows by default
    likes to hide the extensions of filenames; ie "susie.jpg" shows up as just "susie".
    The danger is that "susie.jpg.exe", which is an executable program, would be
    shown as "susie.jpg" which many would mistake for just a picture. This is
    potentially very dangerous and confusing.

In Windows 95 / 98:
- Open Explorer
- Under View menu, select Options
- Check "show all files"
- UNcheck "hide MSDOS file extensions that are registered"
- Click OK to finish
In Windows ME / 2000 / XP:
- select Start Settings Control Panels Folder Options
- select the View tab
- check "show hidden files and folders"
- UNcheck "hide file extensions for known file types"
- Click OK to finish

…or follow this illustrated guide: www.granneman.com/techinfo/windows/showexte

IMPORTANT EXCEPTION: Even after you unhide the extensions using the
above steps, you still cannot see certain hidden extensions for files ending with
.shs, .pif, and .lnk (blame Microsoft for its infinite lack of wisdom).
Unfortunately these files are executable, and are rapidly becoming the most
popular choices for many trojan horses, worms and viruses, such as
"Movie.avi.pif" which will look like "Movie.avi", and
"LIFE_STAGES.TXT.SHS" which will look like "LIFE_STAGES.TXT". Instead
of being a movie and text file, respectively, they are both dangerous programs.
Again, unless you know where the file you are getting comes from or who sent it,
do not download/accept, or open it.

Virus Suspicious

Computer Virus Suspicious File Types. Be wary if any of these show up in your email

•.ade: Microsoft Access projectextension
• .adp: Microsoft Access project
• .bas: Microsoft Visual Basic class module
• .bat: Batch file
• .chm: Compiled HTML Help file
• .cmd: Microsoft Windows NT Command script
• .com: Microsoft MS-DOS program
• .cpl: Control Panel extension
• .crt: Security certificate
• .exe: Program
• .hlp: Help file
• .hta: HTML program
• .inf: Setup Information
• .ins: Internet Naming Service
• .isp: Internet Communication settings
• .js: JScript file
• .jse: Jscript Encoded Script file
• .lnk: Shortcut
• .mdb: Microsoft Access program
• .mde: Microsoft Access MDE database
• .msc: Microsoft Common Console document
• .msi: Microsoft Windows Installer package
• .msp: Microsoft Windows Installer patch
• .mst: Microsoft Visual Test source files
• .pcd: Photo CD image, Microsoft Visual compiled script
• .pif: Shortcut to MS-DOS program
• .reg: Registration entries
• .scr: Screen saver
• .sct: Windows Script Component
• .shs: Shell Scrap object
• .shb: Shell Scrap object
• .url: Internet shortcut
• .vb: VBScript file
• .vbe: VBScript Encoded script file
• .vbs: VBScript file
• .wsc: Windows Script Component
• .wsf: Windows Script file
• .wsh: Windows Script Host Settings file

Computer Virus How you get infected?

In each case, viruses/worms/trojans can all be spread in the guise of literally ANYTHING people find desirable, such as a free game, movie, song, etc. Victims typically downloaded the file from a website, via file sharing programs such as KaZaa, over instant messaging (such as MSN), or by just carelessly opening some email attachment without thinking. Although these programs can also be exchanged on floppy disks, today the Internet has taken precedent as the distribution medium of choice.

• Viruses, worms and trojans often masquerade under files with various extensions, the most common of which are .exe (executable program – beware!), .com, .vbs, .pif, and .js. Be very suspicious if files with the following extensions arrive in your email without you expecting them, as they could contain a virus, worm or trojan.

• Macro viruses may arrive in the form of Microsoft Word (.doc), Microsoft Excel (.xls), and Microsoft Powerpoint (.ppt) files. Also, be wary of .htm and .html files; because they can access the Internet, they may direct you to a website that will forcibly attempt your machine to download unsafe files or exploit an un-patched security hole in Windows or Internet Explorer.


• In the case of worms, it is also possible to get one that activates just by reading an email, even when there is no attachment. A recent worm spread by taking advantage of a security hole in Microsoft Outlook Express that allowed it to run, even though there was no attachment in the email.

Trojan Types


Again, just as with viruses and worms, there are many types of Trojan programs - the most popular being “Back Orifice”, “Netbus” and “SubSeven”. Depending on the type of trojan installed and the motives of someone who gains access to an infected machine, the results can be disastrous: trojans can allow someone to see what you are seeing (on their screen), to transfer files from your computer to theirs, to delete your files and crash your computer, to use keyloggers to track (log) what you type in order to steal passwords/bank account/credit card info, to open and close CD-ROM drives, take control of your mouse, turn the machine and monitor on/off, and much more.

Almost all trojans will attempt to open a “port” (metaphorically, an open port is like an open door to a house) to broadcast the presence of an infected machine to “port scanners” (people looking for open ports on infected machines, to break into). Some trojans are also programmed to establish a direct connection to a specific person/computer, or to commit illegal DoS (Denial of Service) attacks on specific websites. Firewalls (see futher in this document) are particularly useful to block Trojans from trying to access the Internet, and from people trying to gain access to your machine.

What is computer Trojan



In today's computer world, a Trojan horse is often defined as a program that seemingly does one thing, but its true function is hidden in order to fool you. For example, you download what appears to be a movie or music file, but when you click to open it, you unleash a program that could do any number of things. Trojans usually operate silently, in the background - the most common purpose for them is that they can allow someone to gain access and control your computer over the Internet, and use it for whatever purposes they wish, often without your knowledge.

Computer Worm Types

There are many types of worm programs, many of which are quite insidious - they can compromise the security of an infected machine and leave it vulnerable to future attacks, collect passwords and other confidential information (which can then be automatically emailed to other people), or be programmed to delete files or deface websites.


Worms are particularly well-known for scanning through a person’s computer for email addresses, and then propagating themselves to the addresses found. Some worms will also send a file from your computer to every person they propagate to, which could be disastrous if the attached file is confidential/personal information.

Computer Worms


Worms are programs that once run, take advantage of a computer’s ability to send and receive information. They use this ability to propagate themselves automatically (usually through email) over a network such as the Internet, and cause massive congestion (slow response time, server overloads) in the process. They can also do more malicious acts, and slow down your machine.

Computer Virus types

  • Boot Sector Virus: replaces or implants itself in the boot sector - an area of the hard drive (or any other disk) accessed when you first turn on your computer. This kind of virus can prevent you from being able to boot your hard disk/computer.
  • File Virus: infects applications. These executables then spread the virus by infecting associated documents and other applications whenever they're opened or run.
  • Macro Virus: Written using a simplified macro programming language, these virusesaffect Microsoft Office applications, such as Word (.doc) and Excel (.xls). A document infected with a macro virus generally modifies a pre-existing, commonly used command (such as Save) to trigger its payload upon execution of that command.
  • Multipartite Virus: infects both files and the boot sector - a double whammy that can
    reinfect your system dozens of times before it's caught.
  • Polymorphic Virus: changes code whenever it passes to another machine; in theory these
    viruses should be more difficult for antivirus scanners to detect, but in practice they're
    usually not that well written.
  • Stealth Virus: hides its presence by making an infected file not appear infected, but
    doesn't usually stand up to antivirus software.

Depending on the virus, some will perform more malicious deeds than others. Examples include deleting and renaming of files, scrambling contents of the entire hard drive (so you can’t access your data), or not letting the machine boot into Windows. Some viruses also slow down your machine, disable certain functions, or cause erratic system behavior and crashes.

Viruses, Worms, Trojans What are they?

Virus:
Simply put, viruses are (primarily) destructive computer programs created by someone that once run, attempt to destroy the data (files) on your computer. A virus spreads when an infected program is run (executing the virus code), which in turn infects more files on the same machine. This usually happens silently and without your knowledge until its too late. In general, viruses have 1) an infection phase where they reproduce widely, 2) an attack/trigger phase (such as a certain date or time) which causesthem to 3) deliver their “payload”, and do whatever damage they have been programmed to do (if any).

Spyware What is it?


Spyware is any application that collects information about your computer activities and then sends that information to another individual or company without your knowledge or permission. Spyware often arrives bundled with freeware (free) or shareware (trial) programs, through email or instant messenger, as an Active X install, or by someone with access to your computer. Once on your drive, spyware secretly installs itself and goes to work. Spyware can be difficult to detect, and difficult (if not impossible) for the average user to remove.

Spyware can:
• Track your online surfing habits, profile your shopping preferences, gather personal information (age, sex, etc, possibly credit card info, PIN numbers)

• Send your email address to the company/person that made the spyware; that company/person can now send spam to your email account.

• Decrease your connection speed/hog your internet connection by sending information about you and your computer to the company/person that made the spyware

• Hijack your web browser’s start page, bombard you with pop-up advertisement boxes
• Run in the background and slow your computer down, alter important system files, make your computer unstable and crash

Spyware comes in many flavors including:

• Trojan Horses

As mentioned previously, Trojans are malicious programs that appear asharmless or desirable applications. Trojans are often designed to cause loss or theft of computer data. Some Trojans called RATs (Remote Administration Tools) allow an attacker to gain unrestricted access of your computer whenever you are online. The attacker can perform activities such as file transfers, adding/deleting files or programs, and controlling your mouse and keyboard. Trojans are generally distributed as a desirable program or file, in email attachments or bundled with another software program.

System Monitors/Keyloggers

System monitors are applications designed to monitor computer activity to various degrees. These programs can capture virtually everything you do on your computer including recording all keystrokes, emails, chat room dialogue, web sites visited, and programs run. System monitors usually run in the background so that you do not know that you are being monitored. The
information gathered by the system monitor is stored on your computer in an encrypted log file for later retrieval. Some programs are capable of emailing the log files to another location/person. System monitors can be installed by someone that shares your computer, or come disguised as email attachments or "freeware" software products.

Dialers

Dialers are a type of software typically used by vendors serving pornography via the Internet. Once dialer software is installed, the user is disconnected from their usual Internet service provider and then redirected by the dialer program to call into another phone number where the user is billed per minute. Dialers do not "spy" on their intended victims, but these malevolent programs can rack up significant long distance phone charges, costing victims time and money.

Adware

Adware is advertising-supported software that displays pop-up advertisements whenever the program is running. The software is usually available via free download from the Internet, and it is the advertisements that create revenue for the company. Although seemingly harmless (aside from intrusiveness and annoyance of pop-up ads), adware can install components onto your computer that track personal information (including your age, gender, location, buying preferences, surfing habits, etc.). Most advertising supported software doesn't inform you that it installs adware on your system, other than through a buried reference in a license agreement. In many cases the software will not function without the adware component. Some Adware will install itself on your computer even if you decline the offer.

Adware Cookies

Cookies are pieces of information that are generated by a web server and stored on your computer for future access. Cookies were originally implemented to allow you to customize your web experience, and continue to serve a useful purpose in enabling a personalized web experience. However, some web sites now issue “adware” cookies, which allow multiple web sites to store and access cookies that may contain personal information (including surfing habits, user names and passwords, areas of interest, etc.), and then simultaneously share the information they contain with other web sites. This sharing of information allows marketing firms to create a user profile based on your personal information, which they then sell it other firms. Adware cookies are almost always installed and accessed without your knowledge or consent.

A list of some common spyware programs:
• Bonzai Buddy
• Comet Cursor
• Download Accelerator
• Go!Zilla
• Gator
• Hotbar
• Huntfly
• Lop.com
• Web3000 programs
• Xupiter Toolbar
- Spyware components can also be found in many popular file-sharing programs such as KaZaa, BearShare, LimeWire, iMesh and Grokster.

Tag

Assignment Lanka Tag Cloud
Computer Networks The History of Local Area Networks, LAN, The Topologies of a Networks, LANs describe different types of transmission Medias, Local Area Networks Access Methods, Carrier Sense Multiple Access with Collision Detect, Development of LAN Technologies. LAN -Token Ring, LAN Ethernet Digital, LAN - Ethernet Sun microsystems, LAN - Ethernet Mixed Environment, LAN - Token Ring was introduced by IBM LAN - IBM implementation of Token Ring, Token Ring Novell, LAN Token Ring - in a mixed environment, LAN - Fiber Distributed Data Interface, LAN - ATM, LAN Components, LAN Switching Methods, Virtual Local Area Network, Port based VLAN, Mac based VLAN, Protocol based VLAN, User Base VLAN, PC networks Components, PC networks Shared resources, PC Network operating systems, PC networks Novell Netware, PC networks Windows NT, PC networks IBM LAN Server Computer Programming Languages HTML Language, The Generations of Programming Languages, Different types of High Level Languages, Different types of High Level Languages Disadvantages
Computer Networks - IBM LAN Server, Windows NT Networks, Novell Netware, Network operating systems, Networks Shared, Networks Components, User Base, Protocol based, Mac based, Port based, VLAN, LAN Switching, LAN Components, ATM, Fiber Data, Token Ring, Token Ring Novell, IBM implementation, Ethernet, Sun microsystems, Ethernet Digital, Token passing, LAN Technologies, CSMA/CD, Access Methods, Transmission, Networks, The History of Local Area Networks, LAN