1 / 24

Protecting your On-Line Privacy and PC

Protecting your On-Line Privacy and PC. Viruses, Worms, Trojan Horses, Spam, and Hoaxes. Of the billions of e-mail messages per year, an increasing proportion of which is unpleasant.

seda
Download Presentation

Protecting your On-Line Privacy and PC

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Protecting your On-Line Privacy and PC

  2. Viruses, Worms, Trojan Horses, Spam, and Hoaxes • Of the billions of e-mail messages per year, an increasing proportion of which is unpleasant. • An e-mail security firm scanned 413 million e-mails in August 2003. Three percent contained a virus, 52 percent were spam, and in many cases contained some kind of pornographic image.

  3. Viruses • Designed to replicate themselves and potentially cause harmful actions. • Often hidden inside innocuous programs. • Viruses in e-mails often masquerade as games or pictures and use beguiling subject lines (e.g., "My girlfriend nude") to encourage users to open and run them. • Try to replicate themselves by infecting other programs on your computer.

  4. Worms • Like viruses, worms attempt to replicate themselves, but they are programmed to use one’s mail list and send out e-mails rather than simply infecting programs on a single computer.

  5. Trojan Horses • Malicious programs that pose as benign applications (do not replicate like viruses and worms). • Trojan horses are used to smuggle viruses and worms inside your computer.

  6. Spam • Spam, or unsolicited commercial e-mail, wastes bandwidth and time. The sheer volume of it can be overwhelming, and it can be a vehicle for viruses. Much of it is of an explicit sexual nature, which can create an oppressive working environment and, potentially, legal liabilities if companies do not take steps to stop it.

  7. Hoax e-mails • Hoax e-mails, such as fake virus warnings, chain letters, or implausible free offers, waste readers' time. Hoax e-mails often contain viruses or Trojan horses.

  8. Common Security Threats Against Networks • Attackers have different motivations—profit, mischievousness, glory—but they all work in similar ways. • The Basic Threats (infinite variation): • Spoofing • Tampering • Repudiation • Information disclosure • Denial of Service • Elevation of privilege

  9. Spoofing • IP spoofing means creating packets that look as though they have come from a different IP address. • E-mail spoofing means forging an e-mail so that the From address does not indicate the true address of the sender.

  10. Tampering • Altering the contents of packets as they travel over the Internet or altering data on computer disks after a network has been penetrated.

  11. Repudiation • The ability of a user to falsely deny having performed an action that other parties cannot prove otherwise. • For example, a user that deleted a file can successfully deny doing so if no mechanism (such as audit records) can prove otherwise.

  12. Information Disclosure • Information disclosure consists of the exposure of information to individuals who normally would not have access to it.

  13. Denial of Service (DoS) • DoS attacks are computerized assaults launched by an attacker in an attempt to overload or halt a network service, such as a Web server or a file server. • For example, clogging a server with superfluous requests and thus making it impossible for legitimate inquiries to get through.

  14. Elevation of Privilege • A process by which a user misleads a system to grant unauthorized rights, usually for the purpose of compromising or destroying the system. • For example, attacker exploits a weakness in the software that lets her/him change the guest privileges to administrative privileges.

  15. Spyware • Spyware is the latest threat to computers and its users. It joins a host of parasites, such as, viruses, worms, spam, plus e-mail, and network attacks.

  16. Spyware • Spyware is a self installing software that presents varying degrees of maliciousness that range from a program running on your computer in the background (without your knowledge) to a simple tracking cookie.

  17. Spyware Activities • Monitors Web-browsing patterns • Triggers related pop-up ads • Resets Home Page or Search Engines • Adds links to Bookmarks • Attempts to capture personal information

  18. Adware • Adware is another form of spyware that monitors users’ Web-browsing patterns and displays related pop-up and pop-under ad windows based on this information. • Adware may also send the gathered information back to its creator.

  19. Spyware Scanning Tools • Computer Associates’ eTrust PestPatrol • FBM Software ZeroSpyware and ZeroAds • LavaSoft Ad-Aware • McAfee Anti-Spyware • Trend Micro’s InterScan Web Security Suite

  20. Eliminating Adware & Spyware • Find • Remove and, • Keep out

  21. Finding Spyware • Step 1: Scanning for spyware • Requires antispyware tools • Consider several categories of spyware scanning tools (do not run the tools concurrently)

  22. Step 2: Eliminating Spyware • Since Spyware programs are constantly modified (DLL and registry settings) use a variety of tools and in hard cases manual removal may also be necessary. • Reformatting the HD and reinstalling the OS may be less work than manually looking for Spyware.

  23. Step 3: Install Spyware-blocking Software • Install at least two Spyware-blocking applications and run them one at a time. • Enlist users in the fight against Spyware

  24. References • CDW-G Higher Education March 2005 • An Introduction to Criminal Hacking, Viruses, and Malicious Activities. Retrieved March 28th, 2005.http://www.microsoft.com/smallbusiness/gtm/securityguidance/articles/an_introduction_to_criminal_hacking_viruses_and_malicious_activities.mspx

More Related