COMPUTER SECURITY & VIRUSES

Computer Security and virus:-
Security:- "Data or information security is the the protection of data against accidental or intentional, destruction, disclosure or modification". Computer data security refers to the technological safeguards and managerial procedure which can be applied to computer hardware, software and data to ensure that organizational and individual privacy are protected.
Computer Security Tools:-
Firewalls:- Firewalls is a software which is used to protect your system against unauthorised access.
There are several types of firewall techniques:
- Packet filter: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure
- Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
- Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
- Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.
Cryptographic Techniques:- It can be used to defined data in transit between systems, reducing the probability that data exchanged between systems can be intercepted or modified.
Anti-Virus Program:- It is also a software program, developed by programmer. Viruses can be cured with Antivirus program. The Antivirus program perform one or more of the following functions:-
Prevention
Identification or
Detection
Damage control
Vaccination
A good antivirus utility is one which checks whether the system has been infected or not. these program stop the virus from infecting the system. The do not allow modification or executable files. e.g AVG, QUICK HEEL, NORTRAN, ESAT, AVIRA, AVAST,KASPERSKY, BIT DEFENDER etc.
Pinging:- The ping (Packet InterNet Groper) application can be used by potential crackers to find if an IP address is reachable. If cracker finds a computer they can try a port scan to detect and attack services on that computer.
Encryption:- It is used to protect the message from the eye of others. It can be done In several ways by switching the characters around, replacing characters with others and even removing characters from the message.
Honey Pots:- A honey pot is an information system resource whose value lies in unauthorized or illicit use of that resource. Or in other word, A honey pot is a computer system on the Internet that is expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems.
Hacker:- Hacker is term used by some to mean "a clever programmer" and by others, especially those in popular media, to mean "someone who tries to break into computer systems." A Hacker can be a xpert programmer.
Note:- Malicious Hacker known as cracker, refers to those who break into computers without authorization.
Different Hacker Attitude:-
White Hat:- A white hat hacker breaks security for non-malicious reasons, for instance testing their own security system. 'White hat' hacker is called an ethical hacker. The International Council of Electronic Commerce Consultants, also known as the EC-Council has developed certifications, courseware, classes, and online training covering the diverse arena of Ethical Hacking
Blue Hat:- A blue hat hacker is someone outside computer security consulting firms who is used to bug test a system prior to its launch, looking for exploits so they can be closed. Microsoft also uses the term Blue Hat to represent a series of security briefing events.
Black Hat:- A Black Hat Kacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain. Black Hat Hackers break into secure networks to destroy data or make the network unusable.
Grey Hat:- A grey hat hacker is a combination of a Black Hat and a White Hat Hacker. A Grey Hat Hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has been hacker, for example. Then they may offer to repair their system for a small fee.
Elite Hacker:- A social status among hackers, elite is used to describe the most skilled. Newly discovered exploits will circulate among these hackers. Elite groups such as Masters of Deception conferred a kind of credibility on their members
Script Kiddie:- A script kiddie is a non-expert who breaks into comuter systems by using pre-packaged automated tools written by others, usually with little understanding of the underlying concept-hence the term script (i.e. a prearranged plan or set of activities) kiddie (immature).
Neophyte:- A neophyte, "n00b", or "newbie" is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology, and hacking.
Common Security Breach Methods;-
Worm:- Like a virus, a WORM is also a self replicating program. The difference between a Virus and Worm is that a WORM does not create copies of itself on one syste,. It propagate through computer Network.
Trojan Horses:- A Trojan horse is a program which seems to be doing one thing, but is actually doing another. A trojan horse can be used to set up a back door in a computer system such that the intruder can gain access later.
Computer Virus:- Computer virus is a software program, developed by a programmer that infects other programs. The problem created by viruses include:-
Destruction of file allocation table (FAT)
Erasing of specific program and data on discs
Alter contents of fields in the file
Suppress execution of RAM
Destroy part of program/data held on disc by creating bad sectors
Reduction of free space on disc
Formatting of discs or tracks on discs in a different way.
Classification of Viruses:- viruses are classified on the basis of their mode of existence and there are three categories of viruses:-
Boot Infectors:- A system infected by such virus will have the virus residing in particular area of the disk rather in a program file. This virus get loaded soon after the Power on self Test and control the system and remains in control at all times. Boot infectors create "bad sectors".
System Infectors:- this category of virus deals with the components of the system itself. System infectors attach themselves to a file such as COMMAND.COM or other memory resident files and manipulate these files. System infectors differ from boot infectors that system infectors gain control after the computer is booted and infects a hard disk or bootable floppies which contain system files only.
General Executable Program infectors:- This type of viruses are most dangerous virus. They attach themselves to a program files and can spread to almost any executable prograam in any system. This viruses change original program instruction. As a result, whenever the program is executed, the virus gets loaded and executed first and then allows the original program to proceed.
Different types of Virus:-
Brain Virus:- This is the first developed virus, also known as Pakistani virus. It was developed by Pakistani brothers. The virus pops up screen saying "welcome to the Dungeon". This virus is known to destroy data and are highly contiguous.
Scores Virus:- Score virus has a built in time trigger that activates at 2,3,4, and seven davs after the disk has infected. Data files are not directly affected by this virus, but ensure of this virus requires deletion of all files.
Lehigh Virus:- This virus originated at the Lehigh University computer centre: This virus stays in the stack space of COMMAND.COM. With the booting of a PC from an infected disk, the virus is spread through commands such as COPY,TYPE, DIR etc. The boot sector and FAT get ruined from this virus.
Friday the 13th:- This virus attack not only COMMAND.COM but also other executable files. When a .COM or .EXE file is executed for the first time after booting, the virus captures a specific interrupt and inserts its own code. It increases the .EXE and .COM file size cause the program to become too large in loaded into the memory
SunnyVale Slug Virus:- This virus display a message" Greetings from SunnyVale. Can u find me?". And also modifies the COPY command resulting in deletion of files instead of copying.
Raindrops Virus:- This virus infects COM files. It intercepts th~load and execute function of MS-DOS. It checks whether the file is .EXE or not, if the file is not an EXE file, the fist three bytes of the file are replaced by a jump instruction at the end of the file, where it gets attached after encryption. This results in dropping or showering of characters on the screen like raindrops with sounds.
Happy Birthday 30th:- This virus gets activated on January 5th. If any of the program get executed,-and will ask the user to type "Happy Birthday 30th". It can destroy all the data on the disk.
Key Logger:- A Key logger is a software program designed to record every key stroke on the machine. Its purpose is usually to allow the user of this tool to gain access to confidential information typed on the affected machine, such as a user's password or other private data.
Password cracking:- Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.
Packet sniffer:- A packet sniffer is an application that captures data packets, which can be used to capture passwords and other data in transit over the network.
Spoofing attack (Phishing):- A spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another program. The purpose of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and passwords, to the attacker.
Rootkit:- A rootkit is designed to conceal the compromise of a computer's security, and can represent any of a set of programs which work to subvert control of an operating system from its legitimate operators. Rootkits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.
Important Point:-
Wikipedia introduced by jimmy wales in jan 15,2001.
You Tube launched by Javed Karim, Chad Hurely, Steve Chen in Fed 15, 2005
the Pandora internet radio service is launched in Aug 25,2005.
Bing launched by Microsoft as search engine in June 3,2009.
Orkut was launched officially on January 24 2004 by Google engineer Orkut Buyukkokten
Google:- It was first incorporated as a privately held company on September 4, 1998. Founder:- Sergey Brin and Larry Page.
Yahoo:- (Yet Another hierarchical Oficious Oracle) started in Jan 1994 by Jerry Yang and David Fillo.