function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar/2570503917182456284?origin\x3dhttp://xbuildsecurity.blogspot.com', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } });

Info Virus

About virus, worm,spyware, program,and many problem in internet

Google

Stealing Passwords And Other Juicy Googlebits

Monday, April 30, 2007

Disclaimer:

Before we even start, I'd like to let my readers know that I am a full-time information security professional. I do not condone the theft of anyone's personal information including passwords, social security numbers, credit card numbers, etc. Moreover, I condemn such acts as morally and ethically wrong. The purpose and goal of this article is not to assist people with criminal or nefarious intentions, but rather to educate about the type of information that can be easily found with a web browser and a search engine, and by extension, the type of information that should and should not be submitted to web sites.

By now we all know of Google's dominance in the search industry. Although Yahoo and Microsoft remain competitors, neither one of their search engines are as mature as Google's. And beyond the "big three", you're hard pressed to find any search engine worth using anymore. GYM (Google, Yahoo, and Microsoft) have all but eliminated the smaller players in search--including former giants like Altavista, Lycos, and Excite. But even amongst the big three, Google is far ahead of the pack. In fact, Google's indexing prowess and relevancy ratings have become so good that many information security professionals now use Google as a key part to their vulnerability assessment and penetration testing services. Security professionals know that the first step in performing a successful assessment is to gather intelligence about the target. This is known as the "footprinting" or "profiling" phase of the security engagement. And what better way to profile your target than to leverage the power of the world's greatest search engine? By simply using search queries (aka Just Google It, one can quickly locate sensitive and quasi-sensitive company information including domain names, subdomains, network address ranges, mail servers, FTP servers, whois contact information, even e-mail addresses. And the kicker is that all of the above can potentially be found about a target without sending even a single packet to the target's network. In an effort to better automate the footprinting phase using Google, some in the security industry have even written software that will go out and perform various search queries on the target inan effort to obtain an accurate profile. Of particular interest is Foundstone's SiteDigger and BiDiBLAH by Sensepost. SiteDigger will look for vulnerabilities, configuration problems, and other "interesting security nuggets" by searching Google's cache. Like SiteDigger, BiDiBLAH also uses a Google API license key to query the search engine for various keywords in an effort to determine a target's subdomains. Incidentally, BiDiBLAH is an all-around excellent free tool for professional penetration testers.

Now finding company web sites, domain names, and even e-mail addresses is one thing. But stealing people's eBay passwords? Credit card numbers? All by doing a few Google searches? Yes. And unfortunately not only is this possible, it's often simple to carry out. "But how can you search for someone's password if you don't know what it is"? Good question! The answer, of course, is you do not. Since the unique element is unknown, you need to search on a known, common element. Allow me to further explain.
By its very nature, software contains fingerprints--bits of information that uniquely identify and differentiate that software. For example, when you connect to a Microsoft IIS server, that web server will reply with its server string ("Microsoft-IIS/6.0", for example). Even tiny components of a software application will leave fingerprints. For example, McAfee VirusScan 8.0.0 has a small component called Access Protection which acts as a very simple firewall. But the log file for this component can be easily spotted because of a common, known element that is shared across all instances of that log. Now because this log file does not contain highly sensitive information such as passwords (it actually does contain disk path information though), the risk is not substantial if someone's log file found its away into the wrong hands. But what about other application log files that have common, known elements? How about configuration files? Spreadsheets? Accounting software? I think you get the point. Searching Google for these known application fingerprints will inevitably bring up "interesting" results. By the way, there are entire web sites devoted to sole purpose of sharing Google queries that will result in juicy googlebits such as passwords, social security numbersand yes, credit card numbers. And although I won't list any of those sites here, they are not hard to find (hint: use Google!).

Incidentally, one of the things that makes these queries possible is Google's support of advanced operators. Google supports a growing number of these operators which help narrow down the output and generally provide a more specific result set. Using Google's advanced operators, you can even limit a searches to a specific domain or even filetype. For example, the following query searches registry files looking specifically for a text string beginning with "Username" and the word "putty" (PuTTY is a free implementation of telnet and SSH for the Windows and Unix platforms):

ext:reg "username=*" putty

If successful, the query would result in a list of username to machine mappings for folks who use puTTY. Armed with this useful information, an attacker could then possibly launch a brute-force password guessing attack against the target (assuming the. target's firewall allowed for inbound SSH connectivity). As you can see, coming up with searches that reveal Googlebits is mostly an excercise of the imagination.

As stated on their corporate website, Google's mission is to "organize the world's information and make it universally accessible and useful". So far, I'd say Google is doing an excellent job in fulfilling their mission statement. Are you upset that Google's database contains sensitive personal information such as credit card numbers? Me too. And though I won't give Google a complete pass, the primary parties at fault here are web site operators and web users (you and me). If you operate a Web site, please don't leave config files, log files, and other files that contain sensitive information sitting on your web server! And if you enjoy the many services the web has to offer, please understand that any information you send to a web site has the potential to show up in a Google search. I can't tell you how many forum posts I've stumbled on during a Google search that contained things like cell phone numbers, driver's license numbers, and even social security numbers.

posted by Calvin olisa @ 11:56 PM 0 comments

Public Relations and The Internet

Although the field of public relations is quite new, it is seen to be pivotal to many companies when coordinating advertising and marketing campaigns. Public relations, which is often defined as “The art or science of establishing and promoting a favorable relationship with the public” (Answers.com 2006, p: 1) has been increasing in popularity, especially now with the Internet being used as a tool for communication in modern society.

Frequent usage of the Internet has allowed consumers to communicate and access products and services from companies more easily. For example, Jerry Fireman states, “Public relations can be cost effective because the media—rather than the marketer—takes on the expense of delivering the information to the intended recipient.” (Fireman 2006, p: 1). Hence, by advertising on the Internet and promoting good relationships with clients, public relation officers are now able to achieve access to a wider market with a lower expenditure rate. Furthermore, the Internet has viewers from different nations and cultural beliefs; therefore, the scope of campaigns for modern public relation officers has increased.

Secondly, the technology of the Internet has increased the attractiveness and effectiveness of public relations. For example, public relations originated from Newspapers and News reports; however, communication can now take the form of interactive visual graphics as well as creative websites and short multimedia presentations. Techniques that are used by public relation consultants are varied, hence creativity and the impact of the statement on the website is very important in modern communication and public relations. Public relations in contemporary society is now inter-connected with understanding the discourse and the changes of supply and demand in the market, however, it is also about effective corporate ethics used to enhance the status of a company, and to provide effective long-term relationships with clients.
Although some academics would argue that public relations have become advertisement-based focusing mainly on persuading consumers to purchase a product, the effectiveness of these advertising and marketing techniques have also greatly enhanced the needs of the consumer market. The advantages of utilizing public relations on the Internet have also benefited people who may not have otherwise have had access to the advertising of these products due to their lifestyle or the location of their home. The Internet has indeed connected the wants and demands of consumers to the supply and services of the producers. Although the value and importance of the Internet is highly contentious and can be interpreted differently by separate discourses, most societies would agree that the Internet has established a prominent role in the globalization process, resulting in public relations and communication increases.

Labels: The Internet

posted by Calvin olisa @ 11:46 PM 0 comments

Your Own Personal Online Shopper

Saturday, April 28, 2007

by: Jim Edwards

Imagine you find yourself in the market to buy a new digital camera and, before you part with your money, you want to comparison shop for the best price online.
If you do a search for "digital camera" on Google.com, the Web's top search engine, you'll get back over 7 million page results.

Refine your search to a specific model, such as the HP Photosmart 935, and you get back 137,000 page results. Now do a search on BestBuy.com, CircuitCity.com, and Amazon.com and you'll only find it listed one time, and on that site it costs $60 more than I paid for it at Target.
Even though the web makes it easy to search out the products we want to buy, sometimes that mountain of information makes it almost impossible to find the best deal.

To solve this problem there are "personal online shoppers" which help you seek, find, and comparison shop multiple offers for just about any product you want to buy, online or offline.
An online personal shopper-type service enables you to log on to a single site, enter the product details you want to search, and then have the website give you back a list of prices and places where you can purchase the item.

The personal shopping assistant sites that rate the best don't accept commissions for the sale of items through their services because getting paid based on what the customer buys would eliminate unbiased product comparisons.
The best services make their money by selling targeted advertising to merchants and only displaying products in their search results based on price and features.
~ MySimon.com ~
MySimon.com ranks as one of the oldest personal shopping assistants on the Internet.

Highlights of the service include an extensive homepage directory to help you choose the correct product category to search and a database of millions of products.
On the negative, MySimon.com does manipulate their merchant listings pages based on how much money the advertiser pays to show up in the results.
~ PriceScan.com ~
PriceScan.com does not accept money from advertisers to manipulate their search results, though they will show targeted advertising on the search results pages.
A very nice feature on this site involves the ability to enter features you want in a particular item (such as a computer) and then search all makes, models, and manufacturers matching those features.
You'll find this especially valuable when comparing things like computers, which often carry many different variables and configurations.
~ Froogle.com ~

Operated by Internet giant, Google.com, Froogle.com allows you to search for specific items you want to buy and then sort them by price.
You can also specify a price range you're willing to pay for the item and Froogle will only search for and display those items that fall within the range.
Froogle also clearly draws a line (literally) between unbiased search results on the left side of the page and advertisers on the right.

In the testing for this article, Froogle consistently returned the highest quantity and most relevant search results for specific product names entered.

About The Author :

Jim Edwards is a syndicated newspaper columnist and the co-author of an amazing new ebook that will teach you how to use fr^e articles to quickly drive thousands of targeted visitors to your website or affiliate links...
Need MORE TRAFFIC to your website or affiliate links? "Turn Words Into Traffic" reveals the secrets for driving Thousands of NEW visitors to your website or affiliate links... without spending a dime on advertising! Click Here> http://www.turnwordsintotraffic.com

posted by Calvin olisa @ 7:13 AM 0 comments

Spyware Information

Thursday, April 12, 2007

Spyware is one of the fastest-growing internet threats. According to the National Cyber Security Alliance, spyware infects more than 90% of all PCs today. These unobtrusive, malicious programs are designed to silently bypass firewalls and anti-virus software without the user’s knowledge. Once embedded in a computer, it can wreak havoc on the system’s performance while gathering your personal information. Fortunately, unlike viruses and worms, spyware programs do not usually self-replicate.

Where does it come from?
Typically, spyware originates in three ways. The first and most common way is when the user installs it. In this scenario, spyware is embedded, attached, or bundled with a freeware or shareware program without the user’s knowledge. The user downloads the program to their computer. Once downloaded, the spyware program goes to work collecting data for the spyware author’s personal use or to sell to a third-party. Beware of many P2P file-sharing programs. They are notorious for downloads that posses spyware programs.

The user of a downloadable program should pay extra attention to the accompanying licensing agreement. Often the software publisher will warn the user that a spyware program will be installed along with the requested program. Unfortunately, we do not always take the time to read the fine print. Some agreements may provide special “opt-out” boxes that the user can click to stop the spyware from being included in the download. Be sure to review the document before signing off on the download.

Another way that spyware can access your computer is by tricking you into manipulating the security features designed to prevent any unwanted installations. The Internet Explorer Web browser was designed not to allow websites to start any unwanted downloads. That is why the user has to initiate a download by clicking on a link. These links can prove deceptive. For example, a pop-up modeled after a standard Windows dialog box, may appear on your screen. The message may ask you if you would like to optimize your internet access. It provides yes or no answer buttons, but, no matter which button you push, a download containing the spyware program will commence. Newer versions of Internet Explorer are now making this spyware pathway a little more difficult.

Finally, some spyware applications infect a system by attacking security holes in the Web browser or other software. When the user navigates a webpage controlled by a spyware author, the page contains code designed to attack the browser, and force the installation of the spyware program.

What can spyware programs do?
Spyware programs can accomplish a multitude of malicious tasks. Some of their deeds are simply annoying for the user; others can become downright aggressive in nature.
Spyware can:
1. Monitor your keystrokes for reporting purposes.
2. Scan files located on your hard drive.
3. Snoop through applications on our desktop.
4. Install other spyware programs into your computer.
5. Read your cookies.
6. Steal credit card numbers, passwords, and other personal information.
7. Change the default settings on your home page web browser.
8. Mutate into a second generation of spyware thus making it more difficult to eradicate.
9. Cause your computer to run slower.
10. Deliver annoying pop up advertisements.
11. Add advertising links to web pages for which the author does not get paid. Instead, payment is directed to the spyware programmer that changed the original affiliate’s settings.
12. Provide the user with no uninstall option and places itself in unexpected or hidden places within your computer making it difficult to remove.

Spyware Examples
Here are a few examples of commonly seen spyware programs. Please note that while researchers will often give names to spyware programs, they may not match the names the spyware-writers use.

CoolWebSearch, a group of programs, that install through “holes” found in Internet Explorer. These programs direct traffic to advertisements on Web sites including coolwebsearch.com. This spyware nuisance displays pop-up ads, rewrites search engine results, and alters the computer host file to direct the Domain Name System (DNS) to lookup preselected sites.
Internet Optimizer (a/k/a DyFuCa), likes to redirect Internet Explorer error pages to advertisements. When the user follows the broken link or enters an erroneous URL, a page of advertisements pop up.
180 Solutions reports extensive information to advertisers about the Web sites which you visit. It also alters HTTP requests for affiliate advertisements linked from a Web site. Therefore the 180 Solutions Company makes an unearned profit off of the click through advertisements they’ve altered.
HuntBar (a/k/a WinTools) or Adware.Websearch, is distributed by Traffic Syndicate and is installed by ActiveX drive-by downloading at affiliate websites or by advertisements displayed by other spyware programs. It’s a prime example of how spyware can install more spyware. These programs will add toolbars to Internet Explorer, track Web browsing behavior, and display advertisements.

How can I prevent spyware?
There are a couple things you can do to prevent spyware from infecting your computer system. First, invest in a reliable commercial anti-spyware program. There are several currently on the market including stand alone software packages such as Lavasoft’s Ad-Aware or Windows Antispyware. Other options provide the anti-spyware software as part of an anti-virus package. This type of option is offered by companies such as Sophos, Symantec, and McAfee. Anti-spyware programs can combat spyware by providing real-time protection, scanning, and removal of any found spyware software. As with most programs, update your anti virus software frequently.

As discussed, the Internet Explorer (IE) is often a contributor to the spyware problem because spyware programs like to attach themselves to its functionality. Spyware enjoys penetrating the IE’s weaknesses. Because of this, many users have switched to non-IE browsers. However, if you prefer to stick with Internet Explorer, be sure to update the security patches regularly, and only download programs from reputable sources. This will help reduce your chances of a spyware infiltration.
.
And, when all else fails?
Finally, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.

Labels: Info Virus

posted by Calvin olisa @ 1:37 AM 0 comments

Keylogger System

The Advancement of the Keylogger

A keylogger is a program that runs in your computer’s background secretly recording all your keystrokes. Once your keystrokes are logged, they are hidden away for later retrieval by the attacker. The attacker then carefully reviews the information in hopes of finding passwords or other information that would prove useful to them. For example, a keylogger can easily obtain confidential emails and reveal them to any interested outside party willing to pay for the information.

Keyloggers can be either software or hardware based. Software-based keyloggers are easy to distribute and infect, but at the same time are more easily detectable. Hardware-based keyloggers are more complex and harder to detect. For all that you know, your keyboard could have a keylogger chip attached and anything being typed is recorded into a flash memory sitting inside your keyboard. Keyloggers have become one of the most powerful applications used for gathering information in a world where encrypted traffic is becoming more and more common.

As keyloggers become more advanced, the ability to detect them becomes more difficult. They can violate a user’s privacy for months, or even years, without being noticed. During that time frame, a keylogger can collect a lot of information about the user it is monitoring. A keylogger can potential obtain not only passwords and log-in names, but credit card numbers, bank account details, contacts, interests, web browsing habits, and much more. All this collected information can be used to steal user’s personal documents, money, or even their identity.

A keylogger might be as simple as an .exe and a .dll that is placed in a computer and activated upon boot up via an entry in the registry. Or, the more sophisticated keyloggers, such as the Perfect Keylogger or ProBot Activity Monitor have developed a full line of nasty abilities including:

· Undetectable in the process list and invisible in operation
· A kernel keylogger driver that captures keystrokes even when the user is logged off
· A remote deployment wizard
· The ability to create text snapshots of active applications
· The ability to capture http post data (including log-ins/passwords)
· The ability to timestamp record workstation usage
· HTML and text log file export
· Automatic e-mail log file delivery

All keyloggers are not used for illegal purposes. A variety of other uses have surfaced. Keyloggers have been used to monitor web sites visited as a means of parental control over children. They have been actively used to prevent child pornography and avoid children coming in contact with dangerous elements on the web. Additionally, in December, 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke logging device on a suspect’s computer. The judge allowed the FBI to keep details of its key logging device secret (citing national security concerns). The defendant in the case, Nicodemo Scarfo Jr., indicted for gambling and loan-sharking, used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfo’s password and gain access to the needed file.

Labels: Info Virus

posted by Calvin olisa @ 1:23 AM 0 comments

about Detection system

Wednesday, April 11, 2007

What are Intrusion Detection Systems?

Intrusion Detection System (IDS) are a necessary part of any strategy for enterprise security. What are Intrusion Detection systems? CERIAS, The Center for Education and Research in Information Assurance and Security, defines it this way:

"The purpose of an intrusion detection system (or IDS) is to detect unauthorized access or misuse of a computer system. Intrusion detection systems are kind of like burglar alarms for computers. They sound alarms and sometimes even take corrective action when an intruder or abuser is detected. Many different intrusion detection systems have been developed but the detection schemes generally fall into one of two categories, anomaly detection or misuse detection. Anomaly detectors look for behavior that deviates from normal system use. Misuse detectors look for behavior that matches a known attack scenario. A great deal of time and effort has been invested in intrusion detection, and this list provides links to many sites that discuss some of these efforts"(http://www.cerias.purdue.edu/about/history/coast_resources/intrusion_detection/)

There is a sub-category of intrusion detection systems called network intrusion detection systems (NIDS). These systems monitors packets on the network wire and looks for suspicious activity. Network intrusion detection systems can monitor many computers at a time over a network, while other intrusion detection systems may monitor only one.

Who is breaking into your system?

One common misconception of software hackers is that it is usually people outside your network who break into your systems and cause mayhem. The reality, especially for corporate workers, is that insiders can and usually do cause the majority of security breaches. Insiders often impersonate people with more privileges then themselves to gain access to sensitive information.

How do intruders break into your system?

The simplest and easiest way to break in is to let someone have physical access to a system. Despite the best of efforts, it is often impossible to stop someone once they have physical access to a machine. Also, if someone has an account on a system already, at a low permission level, another way to break in is to use tricks of the trade to be granted higher-level privileges through holes in your system. Finally, there are many ways to gain access to systems even if one is working remotely. Remote intrusion techniques have become harder and more complex to fight.

How does one stop intrusions?

There are several Freeware/shareware Intrusion Detection Systems as well as commercial intrusion detection systems.

Open Source Intrusion Detection Systems

Below are a few of the open source intrusion detection systems:

AIDE (http://sourceforge.net/projects/aide) Self-described as "AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more. There are other free replacements available so why build a new one? All the other replacements do not achieve the level of Tripwire. And I wanted a program that would exceed the limitations of Tripwire."

File System Saint (http://sourceforge.net/projects/fss) - Self-described as, "File System Saint is a lightweight host-based intrusion detection system with primary focus on speed and ease of use."

Snort (www.snort.org) Self-described as "Snort® is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry."

Labels: Info Virus

posted by Calvin olisa @ 4:34 AM 0 comments

What the Heck are Botnets?

What the Heck are Botnets?

"A botnet is comparable to compulsory military service for windows boxes" - Stromberg (http://project.honeynet.org/papers/bots/)

Botnets are networks of computers that hackers have infected and grouped together under their control to propagate viruses, send illegal spam, and carry out attacks that cause web sites to crash.

What makes botnets exceedingly bad is the difficulty in tracing them back to their creators as well as the ever-increasing use of them in extortion schemes. How are they used in extortion schemes? Imagine someone sending you messages to either pay up or see your web site crash. This scenario is starting to replay itself over and over again.

Botnets can consist of thousands of compromised machines. With such a large network, botnets can use Distributed denial-of-service (DDoS) as a method to cause mayhem and chaos. For example a small botnet with only 500 bots can bring corporate web sites to there knees by using the combined bandwidth of all the computers to overwhelm corporate systems and thereby cause the web site to appear offline.

Jeremy Kirk, IDG News Service on January 19, 2006, quotes Kevin Hogan, senior manager for Symantec Security Response, in his article "Botnets shrinking in size, harder to trace", Hogan says "extortion schemes have emerged backed by the muscle of botnets, and hackers are also renting the use of armadas of computers for illegal purposes through advertisements on the Web."

One well-known technique to combat botnets is a honeypot. Honeypots help discover how attackers infiltrate systems. A Honeypot is essentially a set of resources that one intends to be compromised in order to study how the hackers break the system. Unpatched Windows 2000 or XP machines make great honeypots given the ease with which one can take over such systems.
A great site to read up on this topic more is The Honeynet Project (http://project.honeynet.org) which describes its own site's objective as "To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned."

posted by Calvin olisa @ 4:17 AM 0 comments

Spyware Beware

Spyware and Adware are not only an ever increasing nuisance for computer users everywhere, but also a booming industry. According to Webroot Software, Inc., the distribution of online advertisements through spyware and adware has become a $2 billion industry.

The aggressive advertising and spying tactics demonstrated by some of these programs, require an equally aggressive response from a seasoned eradicator. Sunbelt Software is such a company. A leader in Anti-Spyware, Anti-Spam, Network Security and System Management tools, they gave consistently remained on the cutting-edge of anti-spyware programming since 1994.

One of their more notable software applications is CounterSpy 1.5. CounterSpy is designed to detect and remove spyware that is already in your computer system. Additionally, it provides real-time protection while preventing browser hijacking and changes to your computer’s Registry.

Other notable features include:
¨ Detection and Removal of Tracking Cookies – while it is true that applications like Microsoft AntiSpyware Beta are free, they do not include the ability to detect and remove tracking cookies like CounterSpy does.
¨ History Cleaner - erases any traceable trails left on your computer as you surf the Internet.
¨ Secure File Eraser - a powerful deletion tool that can completely eliminate all files you want removed from your computer including images, music, movies and applications.
¨ PC Explorer - allows you a look into files and areas that are normally inconvenient to access, such as your startup programs, browser helper objects, and ActiveX programs that are being downloaded or used.
¨ Support for Older Operating Systems – includes Windows 98SE, Windows ME, and Windows NT.

Spyware---
Recommended by PC World, ConsumerSearch, and Dell, CounterSpy holds one of the highest effective ratings for spyware removal. It also received high marks from TopTenReviews (2006) for ease of use, customization/installation, and help/support. For only $19.95 per machine, users can receive a one year subscription with updates, upgrades, and technical support from real live humans. CounterSpy definitely provides ease of use and affordability for just about any computer user from the novice to the expert.

Spyware is one of the fastest-growing internet threats. According to the National Cyber Security Alliance, spyware infects more than 90% of all PCs today. These unobtrusive, malicious programs are designed to silently bypass firewalls and anti-virus software without the user’s knowledge. Once embedded in a computer, it can wreak havoc on the system’s performance while gathering your personal information. Fortunately, unlike viruses and worms, spyware programs do not usually self-replicate. Where does it come from? Typically, spyware originates in three ways. The first and most common way is when the user installs it. In this scenario, spyware is embedded, attached, or bundled with a freeware or shareware program without the user’s knowledge. The user downloads the program to their computer. Once downloaded, the spyware program goes to work collecting data for the spyware author’s personal use or to sell to a third-party. Beware of many P2P file-sharing programs. They are notorious for downloads that posses spyware programs. The user of a downloadable program should pay extra attention to the accompanying licensing agreement. Often the software publisher will warn the user that a spyware program will be installed along with the requested program. Unfortunately, we do not always take the time to read the fine print. Some agreements may provide special “opt-out” boxes that the user can click to stop the spyware from being included in the download. Be sure to review the document before signing off on the download. Another way that spyware can access your computer is by tricking you into manipulating the security features designed to prevent any unwanted installations. The Internet Explorer Web browser was designed not to allow websites to start any unwanted downloads. That is why the user has to initiate a download by clicking on a link. These links can prove deceptive. For example, a pop-up modeled after a standard Windows dialog box, may appear on your screen. The message may ask you if you would like to optimize your internet access. It provides yes or no answer buttons, but, no matter which button you push, a download containing the spyware program will commence. Newer versions of Internet Explorer are now making this spyware pathway a little more difficult. Finally, some spyware applications infect a system by attacking security holes in the Web browser or other software. When the user navigates a webpage controlled by a spyware author, the page contains code designed to attack the browser, and force the installation of the spyware program. What can spyware programs do? Spyware programs can accomplish a multitude of malicious tasks. Some of their deeds are simply annoying for the user; others can become downright aggressive in nature. Spyware can: 1. Monitor your keystrokes for reporting purposes. 2. Scan files located on your hard drive. 3. Snoop through applications on our desktop. 4. Install other spyware programs into your computer. 5. Read your cookies. 6. Steal credit card numbers, passwords, and other personal information. 7. Change the default settings on your home page web browser. 8. Mutate into a second generation of spyware thus making it more difficult to eradicate. 9. Cause your computer to run slower. 10. Deliver annoying pop up advertisements. 11. Add advertising links to web pages for which the author does not get paid. Instead, payment is directed to the spyware programmer that changed the original affiliate’s settings. 12. Provide the user with no uninstall option and places itself in unexpected or hidden places within your computer making it difficult to remove. Spyware Examples Here are a few examples of commonly seen spyware programs. Please note that while researchers will often give names to spyware programs, they may not match the names the spyware-writers use. CoolWebSearch, a group of programs, that install through “holes” found in Internet Explorer. These programs direct traffic to advertisements on Web sites including coolwebsearch.com. This spyware nuisance displays pop-up ads, rewrites search engine results, and alters the computer host file to direct the Domain Name System (DNS) to lookup preselected sites. Internet Optimizer (a/k/a DyFuCa), likes to redirect Internet Explorer error pages to advertisements. When the user follows the broken link or enters an erroneous URL, a page of advertisements pop up. 180 Solutions reports extensive information to advertisers about the Web sites which you visit. It also alters HTTP requests for affiliate advertisements linked from a Web site. Therefore the 180 Solutions Company makes an unearned profit off of the click through advertisements they’ve altered. HuntBar (a/k/a WinTools) or Adware.Websearch, is distributed by Traffic Syndicate and is installed by ActiveX drive-by downloading at affiliate websites or by advertisements displayed by other spyware programs. It’s a prime example of how spyware can install more spyware. These programs will add toolbars to Internet Explorer, track Web browsing behavior, and display advertisements. How can I prevent spyware? There are a couple things you can do to prevent spyware from infecting your computer system. First, invest in a reliable commercial anti-spyware program. There are several currently on the market including stand alone software packages such as Lavasoft’s Ad-Aware or Windows Antispyware. Other options provide the anti-spyware software as part of an anti-virus package. This type of option is offered by companies such as Sophos, Symantec, and McAfee. Anti-spyware programs can combat spyware by providing real-time protection, scanning, and removal of any found spyware software. As with most programs, update your anti virus software frequently. As discussed, the Internet Explorer (IE) is often a contributor to the spyware problem because spyware programs like to attach themselves to its functionality. Spyware enjoys penetrating the IE’s weaknesses. Because of this, many users have switched to non-IE browsers. However, if you prefer to stick with Internet Explorer, be sure to update the security patches regularly, and only download programs from reputable sources. This will help reduce your chances of a spyware infiltration. . And, when all else fails? Finally, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.

posted by Calvin olisa @ 2:21 AM 0 comments

Trojan Horses

Tuesday, April 10, 2007

Trojan Horse….GreekNemesis ? Myth or Computer

We have all heard the term Trojan Horse, but what exactly is it? A Trojan Horse is a destructive program that masquerades as a harmless application. Unlike viruses, Trojan Horses do not replicate themselves, but they can be just as destructive. One of the most dangerous examples of a Trojan is a program that promises to rid your computer of viruses but instead introduces viruses into your computer.

The Trojan can be tricky. Who hasn’t been online and had an advertisement pop up claiming to be able to rid your computer of some nasty virus? Or, even more frightening, you receive an email that claims to be alerting you to a new virus that can threaten your computer. The sender promises to quickly eradicate, or protect, your computer from viruses if you simply download their “free”, attached software into your computer. You may be skeptical but the software looks legitimate and the company sounds reputable. You proceed to take them up on their offer and download the software. In doing so, you have just potentially exposed yourself to a massive headache and your computer to a laundry list of ailments.

When a Trojan is activated, numerous things can happen. Some Trojans are more annoying than malicious. Some of the less annoying Trojans may choose to change your desktop settings or add silly desktop icons. The more serious Trojans can erase or overwrite data on your computer, corrupt files, spread other malware such as viruses, spy on the user of a computer and secretly report data like browsing habits to other people, log keystrokes to steal information such as passwords and credit card numbers, phish for bank account details (which can be used for criminal activities), and even install a backdoor into your computer system so that they can come and go as they please.

To increase your odds of not encountering a Trojan, follow these guidelines.

1. Remain diligent Trojans can infect your computer through rogue websites, instant messaging, and emails with attachments. Do not download anything into your computer unless you are 100 percent sure of its sender or source.

2. Ensure that your operating system is always up-to-date. If you are running a Microsoft Windows operating system, this is essential.

3. Install reliable anti-virus software. It is also important that you download any updates frequently to catch all new Trojan Horses, viruses, and worms. Be sure that the anti-virus program that you choose can also scan e-mails and files downloaded through the internet.

4. Consider installing a firewall. A firewall is a system that prevents unauthorized use and access to your computer. A firewall is not going to eliminate your computer virus problems, but when used in conjunction with regular operating system updates and reliable anti-virus software, it can provide additional security and protection for your computer.
Nothing can guarantee the security of your computer 100 percent. However, you can continue to improve your computer's security and decrease the possibility of infection by consistently following these guidelines.

Labels: Info Virus

posted by Calvin olisa @ 2:43 AM 0 comments

About Me

Name: Calvin olisa
Home:
About Me:
See my complete profile

Previous Post

Archives

April 2007

Links

Powered by

© 2005 Info Virus Template by Isnaini Dot Com