Virus, Spyware and Adware - PowerPoint PPT Presentation

1 / 27
About This Presentation
Title:

Virus, Spyware and Adware

Description:

You are a small program written to alter the way a computer operates, without ... swapping programs, such as Audiogalaxy, KaZaa Lite, Limewire, Morpheus and WinMX. ... – PowerPoint PPT presentation

Number of Views:807
Avg rating:3.0/5.0
Slides: 28
Provided by: simont8
Category:

less

Transcript and Presenter's Notes

Title: Virus, Spyware and Adware


1
Virus, Spyware and Adware
  • Prevention and Detection
  • Presented by
  • Dr Stewart L J Grainger BSc (Hons) PhD (Dunelm)

2
The Usual Suspects
  • Virus
  • Spyware
  • Adware

3
Virus
What am I ?
  • You are a small program written to alter the way
    a computer operates, without the permission or
    knowledge of the user. A virus must execute and
    replicate itself.

4
Virus
Virus Transmission Trends
  • 1996 9 of users surveyed listed email
    attachments as the source of a virus, 71 put the
    blame on infected disks (20 others).
  • 2003 88 reported infected email attachments, 0
    disks (12 others).

5
Virus
  • A virus is software code that plants a version of
    itself in any program it can modify. The virus
    may append or otherwise attach itself in such a
    way that the program executes after the virus
    code, making it appear as if the program were
    functioning as usual. Alternatively the virus
    may overwrite the program such that only the
    virus will function from then onwards. A Trojan
    horse program could also initiate the spread of a
    virus, as could a worm.

6
Example Virus Categories
  • A Trojan Horse is a program that conceals harmful
    code. A Trojan Horse usually resembles an
    attractive or useful program that a user would
    wish to execute such as a screensaver or movie
    file.
  • A Logic Bomb is software code that checks for a
    certain set of conditions to be present. If
    these conditions are met, it may cause sudden and
    widespread damage from that point onwards.
  • A Time Bomb is a logic bomb that is triggered by
    a certain date or time and is most likely to be
    concealed as a Trojan Horse.
  • A Worm is a self-contained program that
    replicates itself rapidly across electronically
    connected networks.

7
Virus
Melissa one of the first big Internet based
infections !!!
  • Before Melissa it was thought that viruses could
    not be transmitted by data files, such as e-mail
    attachments.
  • Melissa arrived disguised as an email message
    with a Microsoft Word attachment.
  • When the attachment was opened, Melissa
  • Checked whether the recipient had Microsoft
    Outlook.
  • If Outlook was present, Melissa would mail a copy
    of itself to the first 50 names in Outlooks
    address book.
  • Melissa would then repeat this process with each
    of the next 50 recipients and so on exponentially
    across the Internet.
  • This resulted in Melissa paralysing and clogging
    email servers and also subsequent system crashes.

8
Virus
A New Generation of Virus - Sonic
  • Sonic the Internet Worm heralded a disturbing new
    generation of computer virus. A smart stealth
    virus that was designed not to cause mayhem,
    havoc, or global disruption, but to quietly find
    a home in the user's computer, and then invite
    its more potent master to join it. From here it
    would slowly take over control of the infected
    computer.
  • Sonic has two personalities - the first is the
    slave that infects the user's computer and finds
    a safe place to lodge. Once settled in it makes a
    call across the Internet to its master, or main
    module, and the master then downloads a more
    virulent payload.
  • The master is the smart part of the troublesome
    tag team, and has four main objectives
  • To steal data from the user's computer (like
    passwords, credit card numbers, and financial
    data).
  • To track the user's behaviour - to see which
    sites they visit, what networks they connect to.
  • To infect other computers by using the user's
    email address book information.
  • To ultimately take control of the user's computer
    system.

9
Virus
How can you avoid infection what are the best
practices to use
  • Only open email from known sources.
  • If an email looks suspect it probably is.
  • Avoid opening unknown file attachments.
  • Remember you can receive virus infected emails
    from trusted sources without their knowledge.
  • Make sure you always use virus protection
    software that auto updates daily from the
    Internet or connected server.

10
Virus
Best Practices - continued
  • With Windows XP have Service Pack 2 installed and
    set Windows to Automatically Update for the
    latest Microsoft security patches if this was
    the case updating would of reduced the widespread
    infection associated with the Blaster Poza
    viruses.
  • Use a reputable software or hardware firewall.
  • Use an Internet Service Provider that removes the
    virus infected emails before they reach you.
  • If you have a server based network, use a Mail
    Server with its own in built virus scanner.

11
Virus
Recommended Antivirus Programs
  • Computer Associates EZ Etrust www.my-etrust.com
  • Norton Anti-Virus Security Centre www.norton.co
    m
  • AVG Anti-Virus (Free for personal
    use) www.grisoft.com
  • Sophos Anti-Virus (popular in education) www.sopho
    s.com

12
Spyware
Spyware - What am I?
  • You collect and transmit user and computer
    information on the Internet without the users
    knowledge or consent. You are also known as
    sneakware, snoopware and are also combined with
    AdWare.
  • You can also come bundled with some Peer to Peer
    software (P2P) - Kazaa for example is a good one.
    Kazaa allows users to share files, computing
    capabilities, networks, bandwidth and storage.

13
Spyware
Is Spyware a Security Threat?
  • When spyware invades, it can create a real
    security threat to your environment. Spyware can
    log keystrokes to capture input before
    encryption, redirect browsers to unapproved Web
    sites, attach Trojan Horses to programs and
    disrupt your system, collect information about
    users and Web surfing habits and send and receive
    cookies to and from other spyware programs (even
    if the cookies setting is turned off).

14
Spyware
Example Categories
  • P2P Any peer-to-peer file swapping programs,
    such as Audiogalaxy, KaZaa Lite, Limewire,
    Morpheus and WinMX.
  • Search Hijacker Any software that resets your
    browser's settings to point to other sites when
    you perform a search.
  • Toolbar Toolbars may be created by Spyware and
    then cause related performance issues.
  • Commercial RAT Any commercial product that is
    normally used for remote administration. This
    product could then be used to exploit the users
    system without the users consent or awareness.
  • Key Logger A program that runs in the
    background, recording all the keystrokes. Once
    keystrokes are logged, they are hidden in the
    machine for later retrieval, or shipped raw to
    the attacker.

15
Spyware
Face the Facts !!!
  • The problem with Spyware is so extensive that
    Microsoft has published estimates stating that
    Spyware may be responsible for more than half of
    all PC crashes. Some major hardware vendors claim
    that more than 30 per cent of all tech-support
    calls involve spyware in some manner or form.
  • Spyware also uses precious computer and system
    bandwidth through a near-constant delivery of
    pop-ups, banner-ads and Spam. Some systems that
    are overcome with Spyware can take more than 10
    minutes to start and subsequently the PC can
    become unusable.

16
Spyware
Best Practices - Be Cautious on the Internet The
battle to keep your information safe from
unauthorised access is constant. Software will
need to be updated and policies reviewed.
  • Be aware of the hazards of downloads and pop-up
    messages from suspect websites, adopt best
    practices when surfing.
  • Use Windows XP with Service Pack 2 as your
    operating system. Use Automatic Windows Update to
    download all the latest Microsoft security
    patches.
  • Use a reputable software or hardware Firewall.
    The simplest one is integrated within Windows XP
    Service Pack 2 and is now available on Service
    Pack 1 with Windows Server 2003.

17
Spyware
Best Practices
  • In some cases, it may even be worth moving your
    Web browser away from Internet Explorer to
    Mozilla or Opera. Not that these are better
    browsers but because Spyware specifically
    targets Internet Explorer.
  • Keep your Spyware detector e.g. Spybot Search and
    Destroy up to date with the latest downloadable
    patches. This can be done automatically.

18
Spyware
Detection and Removal
  • The best way to detect and remove Spyware is
    using a detection and removal tool such as
  • Spybot Search and Destroy (Free Download)
  • Lavasoft Personal Ad-aware (Free Download)
  • eTrust PestPatrol Anti-Spyware
  • Norton Security Centre

19
Adware
What am I?
  • You are advertising software. This is neither
    malware, nor is it necessarily illegal although
    it can often go beyond the basic advertising
    expected from freeware or shareware. Adware is
    often a separate program that is loaded along
    with shareware programs. It often goes
    hand-in-hand with Cookies and can transmit
    details of Web site browsing patterns and other
    data to Internet advertisers.

20
Adware
Adware What Do I Do
  • Today a growing number of software developers
    often offer their goods as "sponsored" freeware
    until you pay to register. Generally most
    features of the freeware are enabled but you have
    to look at specific adverts.
  • The adverts usually run in a small section of the
    software interface or as a pop-up ad box on your
    desktop. When you stop running the software, the
    ads should disappear.

21
Adware
Example Adware
  • In many cases, adware is a legitimate revenue
    source for companies who offer their software
    free to users. A perfect example of this would be
    the e-mail program, Eudora. You can choose to
    purchase Eudora or run the software in sponsored
    mode. In sponsored mode Eudora displays an
    ad-window in the program and up to three
    sponsored toolbar links.
  • Eudora adware is not malicious it reportedly
    doesn't track your habits or provide information
    about you to a third party. This type of adware
    is simply serving up random paid ads within the
    program. When you quit the program the ads stop
    running on your system.

22
Adware
Is Adware a Security Threat?
  • Adware is generally not a security threat,
    however the advertising pop-ups and banners are
    annoying and can reduce Internet Performance and
    Bandwidth.
  • If Adware becomes malicious e.g. the transmitting
    of personal information it then moves into the
    realms of Spyware.

23
Firewall
What is a Firewall?
  • A firewall is a protective system that sits
    between your computer network and the Internet.
    Firewalls can be either hardware or software and
    can also consist of both options integrated on
    your network. When used correctly, it prevents
    unauthorized access to your systems and provides
    a protective barrier against most forms of attack
    coming from the outside world.
  • A firewall carefully analyzes data entering and
    exiting the network and rejects information that
    comes from unsecured, unknown or suspicious
    locations. In addition to limiting access to your
    systems, a firewall also allows remote access to
    a private network through secure authentication
    certificates, logins and VPNs (Virtual Private
    Networks).

24
Firewall
Do I need a Firewall?
  • Many people don't completely understand the
    importance and necessity of a firewall, or they
    think it's something that only businesses need.
    If your computer (networked or not) accesses the
    outside world via the Internet, then you should
    have a firewall to protect your computer systems.

25
Firewall
Hardware Software Firewalls
  • You can buy a hardware firewall as a stand-alone
    product, but it is now common to find them
    integrated into broadband routers for smaller
    systems.
  • For individual users, the most popular firewall
    of choice is a software firewall. Software
    firewalls install on your computer just like any
    other software program. You can then customize it
    to control its functions and features.
  • Software firewalls may also incorporate privacy
    controls, Web filtering and more. The downside to
    personal software firewalls is that they will
    only protect the computer they are installed on.

26
Firewall
Examples of Hardware Firewalls for Networked
systems
  • Sonicwall
  • WatchGuard
  • Zyxel

Single user small workgroups
  • Belkin
  • D-Link
  • Linksys

Examples of Software Firewalls
  • Norton Security Centre
  • Zone Alarm

27
Food For Thought
Pertinent Questions
  • HAVE YOU BACKED UP RECENTLY ?
  • DO YOU VERIFY TEST RESTORE YOUR BACKED UP DATA
    ?
  • HAVE YOU GOT A WIRELESS NETWORK IS IT ENCRYPTED
    ?
  • DO YOU HAVE BROADBAND AT WORK / HOME WHAT
    FIREWALL PROTECTION DO YOU HAVE ?
  • DISASTER RECOVERY WHAT FACILITIES DO YOU HAVE
    IN PLACE ?
  • WHAT FACILITIES DO YOU HAVE FOR REMOTE WORKING
    AND ARE THEY SECURE ?
Write a Comment
User Comments (0)
About PowerShow.com