Monday, June 9, 2008

Computer Security 1: Knowing your enemy

In my first post, I would like to discuss computer security...

'Ignorance is a bliss', as said by some.. but come to discover its absence in the area of security. Security should be accurately addressed as a 'measure' to protect and prevent malicious attacks, not as a pre-installed 'feature' that comes with our computers.

While the Internet facilitates information exchange, it has also been a playground for many budding virus writers. Worst of all, the Operating System(OS) we commonly use is Windows- very ironically recognised as the "standard" OS, one which allows many possible forms of system attacks.

And in case you were wondering about the boasts of Vista's "invulnerable" firewall, the Blue Pill breached its firewall in 1ms (milli seconds).. and uh oh.. >.<. Click Here to see the Blue Pill article.
Don't worry though, it's created by a virus researcher to prove her point on stealth malware- very much for research purposes.

Besides, most would regard the Vista firewall to be a phenomenal pain in the butt, and the XP firewall is merely an empty shell.. So how exactly can we implement security measures in our computers if the system firewall is trash?

Step 1: Know your enemy
Below is a brief overview of popular malicious codes in the 'market'...

-Viruses (often loosely used to describe any form of malware)

Has an 'engine' for propagation- meaning it has to infect files to spread, and usually a 'payload' which contains codes to execute after infection.





-Worms

Self-replicates and propagates itself over a network without having to infect files.







-Trojans

Does not propagate by infecting files or self-replication. Usually appears as harmless executable(.exe) files, but upon tricking user into execution, will inject malicious codes which can do anything from sniffing passwords to opening backdoors into the system.








-Spyware

Software installed on the system without the user's knowledge, to gather information for later retrieval. 2 main categories are:
*Surveillance*
Basically to capture data without the user's knowledge
Includes: Key loggers, screen capture devices, Trojans
*Advertising* (also called Adware)
Installed alongside other software or via Internet ActiveX controls, usually without the user's knowledge or without full disclosure. Used for gathering personal information and/or showing ads.


Step 2: Implementing your arsenal












Will be discussed in my next post. Stay tuned!
Continued Here

No comments: