Vulnerabilities in Home Computer
A vulnerability is a weakness in user’s information security that could be exploited by a threat; that is, a weakness in user’s system and network security, processes, and procedures.
Computer vulnerability is flaw in the computer system. Which when exploited allows intruder to compromise the system’s integrity. The common types of vulnerabilities are logical errors in operating system or applications due to poor coding techniques, allowing intruder to exploit them and giving him heightened access to the user’s computer. Various security tools are available to secure the system like firewalls etc. These tools provide excellent security mechanism but having flaw in design that could lead to security breach. The term “security through obscurity” fits into this arena, being the system is secure because nobody can see hidden elements. All types of file encryption come under this category. By means of encrypting the data an additional layer of protection is being added to the computer system. In case a system is compromised, the critical data is still protected by encryption. And the intruder may not be able to steal the
information from the hacked system.
What is Intrusion?
The users of home computers normally connect to internet through dial-in modems or internet connection through cable. Intruders are always looking for new ways to break into computers connected to internet. They may attempt to breach the computer security defenses from remote locations. Intruders seek old, unpatched vulnerabilities as well as newly discovered vulnerabilities in operating systems, network services, or protocols1 and take advantage of each. They develop and use sophisticated automated programs to rapidly penetrate the systems, alive on the Internet. Once the attacker is able to find a vulnerable system, he exploits the system to steal information or to launch further attacks.
Indications of Infection
Some of the indications are given below:
• Poor system performance
• Abnormal system behavior e.g. system restarts or hangs frequently.
• Unknown services are running
• Crashing of applications
• Change in file extensions or contents
• Hard Disk is busy or its light glows continuously
Since we have discussed the basic terminologies and methodologies, now we can start discussing the defensive actions.
Malicious Code
Malicious code, or malware, is a common name applied to all forms of unwanted and destructive software, such as viruses, worms, and Trojans. The best way to protect from malicious code is to install virus scanners and keep virus definition2 (signature) files current.
Virus: A virus is malicious code that infects or attaches itself to other objects or programs. All viruses have some form of replication mechanism, which is how they propagate.
Worm: A worm is malicious code that replicates by making copies of itself on the same computer or by sending copies of itself to another computer. Worms, unlike viruses, do not infect other program files on a computer. All worms have some form of replication mechanism, which is how they propagate. A worm does not require any host program unlike virus to execute, they can run independently.
Trojan: A Trojan horse is seemingly useful (or harmless) programs that perform malicious or illicit action when activated, such as destroying files. For example, user downloads what appears to be a movie or music file but he unleash a dangerous program which can erase in disk or can send his credit card numbersor password files to intruders.These backdoor programs may also open certain ports on user computer allowing unauthorised access to user computer.
The malicious code usually propagates through email attachments.
Virus and Spyware Prevention
Virus and Its Threats
§A virus is a computer program which can copy itself or infect the system without the knowledge of the user. A virus can spread from on e system to the other system, whenever a file with virus in an infected system is accessed from another system.
§Some viruses may cause damage to the system by infecting the files, deleting the files, formatting the hard disk etc.
§To protect the system from virus one should have knowledge of each program or a file they download into their computer. Since it is difficult, we can use anti-virus software which can help the system by protecting it from virus.
Countermeasures and Tools to Prevent Virus into the System
* Keep you anti-virus software up to date and make sure that it is working properly.
* Scan the files with anti-virus software before you download it from the Internet and execute it.
* Be careful while exchanging the files between the systems through disks or through network. While using the disk make sure that it is write protected, so that it prevents from accidental deletion and changes made to the files on the disk.
* While using Microsoft office make sure that macro virus protection option is enabled.
Note: A Macro virus is a computer virus that infects Microsoft Word and similar application by inserting some undesirable text in to the documents or by making some changes to the documents.
* Take backup of important files. This will help you in recovering the file when it is affected by virus.
* Scan the system with anti-virus software daily and keep your operating system up to date with all the latest patches.
* Some virus start executing as soon as they appear on the Outlook Express preview pane. So disable that option.
* Beware of the latest virus threats which may help you in detecting them and take the appropriate action to avoid it.
List of Anti Virus Tools available for Preventing Virus in to the system are given below:
AVG Antivirus Free, Quick Heal, Avira Antivirus, Clean Win Antivirus, Cleaner4.2, AVG Internet Security, Bit Defender Free edition, Bit defender Antivirus 2008, Avast 4 Home edition, McAfee Avert Stinger 3.8.0, Calm Win (open source) Free Antivirus.
Key loggers
Key loggers are software application (or hardware based as well) which are able to capture the key logging events and can mail them to remote intruder via email. These are invisible and undetectable to users so there is a huge risk of sending important information such as credit card numbers passwords to the remote intruders. The set program can be combined with useful applications like that whenever user install that application the key logger program also get installed along with that application.
Bots
The term Bot is derived from the word “Robot”. Robot comes from the Czech word "robot," which means "worker". In computer world Bot is a generic term used to describe an automated process.
Bots are being used widely on the Internet for various purposes. Bot functionality may vary from search engines to game bots and IRC channel bots.Google bot is one such famous search bot, which crawls through the web pages on the net to collect information and build database to enable variety of searches. Computer controlled opponents and enemies in multiple player video games are also a kind of bot, where the computer process tries to emulate the human behavior.
However, the usage of bots is not limited to good purpose only. Bots are widely used to perform malicious activities ranging from information stealing to using as a launching pad for distributed attack. Such software’s gets installed on user’s computer without their knowledge. Some bot infected machines, pass the control of the machine to a remote attacker and act as per the attackers command.
Such machines are popularly known as zombie machines.
Adware and Spyware
Adware is 'freeware', whereby ads are embedded in the program. These ads will show up whenever user opens the program. Most adware authors provide the free version with ads and a registered version whereby the ads are disabled.
As such, the users have the choice, either to use the freeware with ads served or purchase the registered version.
Spyware, as the name suggest is the software installed on user’s computer which is constantly sending user information to the mother website.
Spyware, however, is published as 'freeware' or as 'adware', but the fact that an analysis and tracking program (the 'spyware' agent, which reports user’s activities to the advertising providers' web site for storage and analysis) is also installed on user’s system when a user install this so-called 'freeware', and this is usually not mentioned. Even though the name may indicate so, spyware is not an illegal type of software. But what the adware and spyware providers do with the collected information and what they're going to 'feed' the user with, is beyond his control. And in some cases it all happens without the user’s consent.
For a comprehensive list of spywares, please refer:
http://www.spywareguide.com
Spyware and Methods to Identify It
* Spy ware is a program that secretly observes the users behaviour and sometimes interfere with the users control of the computer for downloading some additional software and for redirecting the web pages to malicious sites.
* Spy ware gets installed into the system without the user’s knowledge from downloaded software, Cd's etc.
* Anti-Spy ware helps us to avoid Spy ware entering into the system in two ways.
1. Anti-Spy ware works in real time by avoiding the Spy ware getting installed into the system. It scans all the packets coming in to the system and drops the packets if they are malicious.
2. Another way of removing the spy ware from the system is by detecting the Spy ware if
it is already present on the system and remove it, if it is found.
Symptoms that we Can Observe When a System is Infected by Spyware are
§A number of pop up windows while browsing Internet.
§ Redirection to other website without our control.
§Search engines, we use in the browser may get replaced with the other ones.
§We notice new tool bars present on the web browser.
§The surfing speed of Internet may go down and even slow down the system.
Tips and Tools to Prevent Spyware
§Do not click on anywhere inside the pop up window while browsing Internet, because this may contain some Spy ware that can get in to the system with a single click inside the pop up window.
§Beware of freely downloadable softwares and also make sure that the softwares are downloaded from the trusted website. Downloading the software from an untrusted site may automatically introduce the Spy ware in to the system along with the software.
§Do not follow the links that offer free anti Spy ware software.
§Block the pop up windows that are not trust worthy by going in to web browser settings.
§Run the anti-spy ware program and anti-virus program periodically depending upon the Internet usage .
Continued......................
No comments:
Post a Comment
You Have Successfully Posted the Message.