Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded...
Transcript of Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded...
![Page 1: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/1.jpg)
Viruses, Hacking, and AntiVirus
![Page 2: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/2.jpg)
What is a Virus?
• A type of Malware
– Malware is short for malicious software
• A virus – a computer program
– Can replicate itself
– Spread from one computer to another
![Page 3: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/3.jpg)
First Viruses
• Creeper Virus detected on ARPANET
• Would display “I'm the creeper, catch me if you can!“
• “Elk Cloner” – attach to Apple DOS 3.3 OS and spread via floppy disk
![Page 4: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/4.jpg)
Types of Viruses
• Viruses that infects popularly traded software
• Macro Viruses: written in scripting languages for Microsoft programs such as Word and Excel
• Viruses in Executables
![Page 5: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/5.jpg)
How Your Computer Gets Infected
• Binary Executable files (DLL’s, EXE’s)
• An external, physical device
• General Purpose Script files
• System Specific Autorun Script files
• Documents that contain Macros
• Exploitable bugs in a program
• Links to malicious code in PDFs, HTML, other documents
![Page 6: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/6.jpg)
An Example
• A file could be named “picture.png.exe”
• When opened, the program runs and infects computer
• Spoofing an email address to make it sound legitimate so you’ll download and open an attachment
![Page 7: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/7.jpg)
Malware
• Includes viruses, worms, Trojan horses, spyware, adware
![Page 8: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/8.jpg)
Purpose of Malware
• Used to steal personal, financial, or business information
• Destroy data
• Hijacking computers for various purposes
![Page 9: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/9.jpg)
Cookies
• Cookies are small files deposited on a system during a web site visit
• Can be useful: – Allows web servers to maintain state (position and
information) of a session with a user – Can keep track of your login information, shopping
cart, etc.
• May be harmful – Allows web sites to track information unbeknownst to
user – Source of data for Pop-ups
![Page 10: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/10.jpg)
Worms
• Worms are similar to viruses in the way they are spread
• Doesn’t need user action to spread
• Actively transmits itself over networks to infect other computers
![Page 11: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/11.jpg)
Trojan Horses
• A program that looks like a harmless program but contains malicious code
• Used to install other malware such as backdoors or spyware
![Page 12: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/12.jpg)
Rootkits
• Rootkits: modify OS so malware is hidden
• “Each ghost-job would detect the fact that the other had been killed, and would start a new copy of the recently stopped program within a few milliseconds. The only way to kill both ghosts was to kill them simultaneously (very difficult) or to deliberately crash the system.”
![Page 13: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/13.jpg)
Backdoors
• A way to bypass normal authentication procedures
• Example: a hard coded user and password that gives access to a system or computer
• Easter Eggs
• Many viruses and worms attempt to create backdoors for more viruses
![Page 14: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/14.jpg)
Spyware
• Software that monitors and gathers information about your system or computing
• Can collect personal information, Internet surfing habits, user logins, bank or credit account information
• Can change computer settings
• Keyloggers – collects information about what you type
• Port Sniffers – intercept and log data sent over a network
![Page 15: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/15.jpg)
Port Scanners and Sniffers
• Port Sniffers – intercept and log data sent over a network
• Port Scanner – software that probes a server or computer network for open ports. Use ports to access network.
![Page 16: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/16.jpg)
Bots and Botting
• Programs that take control of a computers normal operation, or operate in stealth mode on a computer
• Can be used to disrupt normal operations
• Can turn a user’s computer into a source of malware attacks on others (Email Spamming)
![Page 17: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/17.jpg)
Adware
• Advertising-supported software: automatically renders unwanted advertisements
• Object is to generate revenue for its author
![Page 18: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/18.jpg)
Non-Malware, Active Threats
• Phishing – Posing as a trustworthy entity to acquire information
• Fake websites
• Email Spoofing
![Page 19: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/19.jpg)
Non-Malware, Active Threats
• (Distributed) Denial of Service, AKA DDOS attack
• Flooding a web server with spurious traffic generated to overwhelm the server’s capabilities thus denying legitimate users or exposing system flaws
• Related to Botting
![Page 20: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/20.jpg)
Scareware
• Holds your PC hostage
![Page 21: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/21.jpg)
Hacking
USES ALL OF THE ABOVE
![Page 22: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/22.jpg)
Additional Hacking
• Password Cracking
• Software bugs: buffer-overrun, SQL Injections
• http://hackertyper.com/
• http://en.wikipedia.org/wiki/Stuxnet
![Page 23: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/23.jpg)
Protecting Your Computer
![Page 24: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/24.jpg)
Signs Your Computer May Be Hacked
• Your computer is running slow
• Processes you don’t recognize are running
• You are asked for personal information via email, or by phone
• You see data or programs disappear or change
• A Pop-up says your machine is infected and you need to scan it right now – and it is not the security software you installed
![Page 25: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/25.jpg)
Anti-Spyware
• When a large number of pieces of spyware have infected a Windows computer, the only remedy may involve backing up user data, and fully reinstalling the OS.
1. Scans incoming network data for spyware
2. Detects and removes spyware
![Page 26: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/26.jpg)
Firewalls
• Similar to Anti-Spyware but controls all incoming and outgoing traffic and what should and shouldn’t be allowed in and out
![Page 27: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/27.jpg)
Anti-Virus
Pros:
• Prevents, detects and removes malware
Cons:
• False Positives, False Negatives
• Slows down your computer
![Page 28: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/28.jpg)
Be Smart!
• Don’t open emails that you don’t recognize
• Don’t download attachments you don’t recognize
• Don’t run programs or install applications you don’t know or trust
![Page 29: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/29.jpg)
Personal Checklist
Passwords are set, sufficiently complex, and not shared
Legitimate Anti-Malware software running
Home wireless network protected by WPA
Firewall software running
Browser settings appropriate
Sensitive files are protected - password and encrypted
Smartphone protected – locate, lock, wipe
Software is kept up to date
I'm being cautious:
- Which web sites I visit
- When I open emails
- Where I leave my laptop, smartphone, USB drive
- When asked for information via email, internet, phone
- When I use public wireless networks
- When I download applications
![Page 30: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/30.jpg)
Some Anti-Virus Software
• http://anti-virus-software-review.toptenreviews.com/
• http://www.techsupportalert.com/best-free-anti-virus-software.htm
![Page 31: Viruses, Hacking, and AntiVirusspp2k/1150/001/L06.pdf · •Viruses that infects popularly traded software •Macro Viruses: written in scripting languages for Microsoft programs](https://reader033.fdocuments.in/reader033/viewer/2022042310/5ed731e3c30795314c175fd1/html5/thumbnails/31.jpg)
Some Anti-Virus Software
• Avast!: http://www.avast.com/en-us/index
• Avira: http://www.avira.com/en/index
• AVG: http://www.avg.com/us-en/homepage
• Microsoft Security Essentials: http://windows.microsoft.com/en-US/windows/security-essentials-download
• MalwareBytes: http://www.malwarebytes.org/