SlideShare a Scribd company logo

Ne Course Part One

Download as PPT, PDF
B
backdoor

This document provides an overview of computer viruses and data security topics. It discusses different types of malware like viruses, worms, Trojan horses and hybrids. It also covers topics like encryption, firewalls, authentication, virtual private networks, digital certificates, digital signatures, certification authorities and online security assistants. The document aims to educate about computer viruses, data security issues and how to prevent and protect against malware.

Technology
1 of 71
Downloaded 32 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
Network Professional Course Data & Network Security U Nyein Oo COO/Director Myanma Computer Co., Ltd
Part One Computer Virus
Topics to be covered Computer virus Different type of virus Macro virus Worm Trojan horse Hybrids Malware Spam Spyware And preventing Computer Virus
What is Computer Virus? In 1983, Fred Cohen coined the term “computer virus”, assume a virus was " a program that can 'infect' other programs by modifying them to include a possibly evolved copy of itself .” Mr. Cohen expanded his definition a year later in his 1984 paper, “A Computer Virus”, noting that “ a virus can spread throughout a computer system or network using the authorizations of every user using it to infect their programs”.
Some History on Fred Cohen BS (Electrical Engineering ) MS (Information Science) Ph.D (Electrical and Computer Engineering) Inventor of “Computer Viruses” (1983) First published most current virus defense techniques Consultant, computer security Fred Cohen &Associates Sandia National Laboratories Global reputation for integrity
Macro virus Macro viruses are a special case of viruses. Instead of infecting software program files directly, macro viruses infect Microsoft Office documents and templates. They exist because Microsoft has implemented a complete programming language in their Office applications which allows any document to contain software code.
Macro virus (cont:) Macro viruses can be extremely dangerous, since the scripting language built-in to Microsoft Office (called "Visual Basic for Applications") gives the virus full control of the computer, including the ability to run arbitrary software, send e-mail, delete files, or activate some other malicious payload.
What is worm? In contrast to viruses, computer worms are malicious programs that copy themselves from system to system, rather than sensitive legal files. For example, a mass-mailing email worm is a worm that sends copies of itself via email. A network worm makes copies of itself throughout a network, an Internet worm sends copies of itself via vulnerable computers on the Internet, and so on.
What is Trojan Horses? Trojans, another form of malware, are generally agreed upon as doing something other than the user expected, with that “something” defined as malicious. Most often, Trojans are associated with remote access programs that perform illicit operations such as password-stealing or which allow compromised machines to be used for targeted denial (rejection) of service attacks.
Trojan Horses (cont:) One of the more basic forms of a denial of service (DoS) attack involves flooding a target system with so much data, traffic, or commands that it can no longer perform its core functions. When multiple machines are gathered together to launch such an attack, it is known as a distributed denial of service attack, or DDoS.
What is Hybrids? In fact, most dangerous software combines the features of several types. One of the first successful e-mail attacks, the Happy99 Virus , wasn't merely a virus. When opened, it displayed a pleasant fireworks animation, tricking the user into thinking it was a harmless entertainment like a trojan.
Hybrids (cont:) Then, like a virus, it modified the computer's operating system files and installed software code which would create copies of itself whenever the user sent e-mail. Finally, like a worm, Happy99 propagated to other computers via e-mail.
What is malware? Taken as a group, these many types of software are called "malicious software", because they modify your computer's files without asking and attempt to perform some kind of annoying or dangerous activity. In the computer community, the spectrum of malicious software is often called malware .
What is SPAM? "Spamming [the sending of unsolicited email] is the scourge of electronic-mail and newsgroups on the Internet. It can seriously interfere with the operation of public services, to say nothing of the effect it may have on any individual's e-mail mail system. Spammers are, in effect, taking resources away from users and service suppliers without compensation and without authorization."
Spyware Spyware is any software or program that employs a user's Internet connection in the background (the so-called "backchannel") without their knowledge or explicit permission.
 
Virus Encyclopedia 1. File Virus 2. Boot Virus 3. Multi parties Virus (File and Boot ) 4. Multi Platform Virus 5. Virus Constructors 6. Script Virus 7. Polymorphic Generator 8. Virus Hoaxes 9. Palm 10. Jokes
File Extensions of Evil User File Extension Xxx.doc Xxx.xls Xxx.ppt xxx.pmd Xxx.pdf Xxx.bmp And others System File Extension Xxx.exe Xxx.bat Xxx.com xxx.sys Xxx.int Xxx.dll And others
The Golden Rule of E-mail Protection NEVER OPEN AN E-MAIL ATTACHMENT UNLESS YOU HAVE INDEPENDENTLY CONFIRMED ITS CONTENT AND VALIDITY! a separate e-mail with a clear description of the file names and contents of the attachments, a telephone call discussing the attached files, a face-to-face conversation, or any other communication independent of the e-mail containing the attachments, which specifies the file names and file contents.
Example of Attached File
Other Ways to Secure Your System Don't use file and print sharing unless you must If you do use file sharing, use good passwords Don't allow Windows to open .VBS(vb script) or .WSF(Windows Script) files Beware software of unknown origin Forged E-mail Addresses Anti-virus Software Malicious Software Documented at Rice To get More Help To Find Security Patches
Example of Service Pack File
Top ten viruses reported to Sophos in April 2004 Top 10 Virus Report in Feb 2007
Top Antivirus Software Nortan Antivirus ( www.symantec.com ) Mcafee Antivirus ( www.macfee.com ) Bitdeffender ( www.bitdeffender.com ) F-Secure ( www.f-secrure.com ) PC-cillin ( www.trendmicro.com ) E-safe…etc
 
 
 
 
 
 
 
criteria of anti-virus software. Ease of Use Effective at Identifying Viruses and Worms Effective at Cleaning or Isolating Infected Files Activity Reporting Feature Set (Scanning Capabilities) Ease of Installation and Setup Help Documentation
Main Features of Antivirus Provides complete e-mail virus Protection Eliminates all types of viruses   Easy to use: install and forget Automatic virus definitions updates   Uses powerful virus scanning engines   Creates detailed scan reports ..etc
Activity Log File Location
Preventing Computer Virus Install anti-virus software and keep the virus definitions up to date. Don't automatically open attachments Scan all incoming email attachments Get immediate protection Update your anti-virus software frequently. Avoid downloading files you can't be sure are safe Don't boot from a floppy disk Don't share floppies Scan floppies before using them Use common sense
Useful links Virus Encyclopedia http:// www.antivirus.com/vinfo/virusencyclo / Virus pattern downloads http:// www.antivirus.com/download/pattern.asp Subscribe to email alerts on Virus http:// www.antivirus.com/vinfo / Online virus scanner, Housecall                             http:// housecall.antivirus.com / Real-time Virus Tracking http:// wtc.trendmicro.com/wtc / Mcafee Security http://www.mcafee.com Nortan Antivirus http://symantec.com
Part Two O thers Data Security Issue
Topic to be covered Encryption Firewall Authentication Virtual Private Network (VPN) Digital Certificate Digital Signature Certification Authorities On-Line Security Assistants
Encryption The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text; encrypted data is referred to as cipher text. There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption.
Sample Diagram for Encryption
Firewall A combination of hardware and software that secures access to and from the LAN. A firewall blocks unwanted access to the protected network while giving the protected network access to networks outside of the firewall. An organization will typically install a firewall to give users access to the internet while protecting their internal information.
Sample usage of Firewall
Authentication Determines a user's identity, as well as determining what a user is authorized to access. The most common form of authentication is user name and password, although this also provides the lowest level of security. VPNs use digital certificates and digital signatures to more accurately identify the user.
Sample Authentication
Virtual Private Network A virtual private network (VPN) is a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures. The idea of the VPN is to give the company the same capabilities at much lower cost by using the shared public infrastructure rather than a private one.
Tunneling Protocol A tunneling protocol is a network protocol which encapsulates one protocol or session inside another. Protocol A is encapsulated within protocol B, such that A treats B as though it were a data link layer. Tunneling is used to get data between administrative domains which use a protocol that is not supported by the internet connecting those domains.
VPNs Scenarios Internet VPN Over the public access Internet Connect remote office across the Internet Connect remote dialup users to their home gateway through ISP: known as VPDN Intranet VPN Within an enterprise or organization that might or might not involve traffic traversing a WAN Extranet VPN Between two or more separate entities that can involve data traversing the Internet or some other WAN
Sample usage of VPN
Why should use VPN? Data confidentiality Encrypt the packets before transmitting across the network Data Integrity Authenticate peers and examine packets ensuring that data has not been altered during transmission Data origin authentication Authenticate the source of data sent Depend on data integrity service Anti-replay Detect and reject replayed packets preventing spoofing and MITM attacks
Digital Certificate Electronic counterparts to driver licenses, passports. Certificates are the framework for identification information, and bind identities with public keys. They provide a foundation for identification , authentication and non-repudiation. Enable individuals and organizations to secure business and personal transactions across communication networks.
Types of Certificates Root or Authority certificates These are self signed by the CA that created them Institutional authority certificates Also called as “campus certificates” Client certificates These are also known as end-entity certificates, identity certificates,or personal certificates. Web server certificates used for secure communications to and from Web servers
Sample of Digital Certificate
Content of Digital Certificate Version Serial number Certificate issuer Certificate holder Validity period Attributes, known as certificate extensions, that contain additional information such as allowable uses for this certificate Digital signature from the certification authority to ensure that the certificate has not been altered and to indicate the identity of the issuer And other…
Digital Signature An electronic signature that can be used to authenticate the identity of the sender of a message, or of the signer of a document. It can also be used to ensure that the original content of the message or document that has been conveyed is unchanged.
How Digital Signature Work?
Digital Certificate Sample
Verisign Certificate Sample
Certification Authority A third party organization which is used to confirm the relationship between a party to the https transaction and that party's public key. Certification authorities may be widely known and trusted institutions for Internet based transactions; where https is used on companies internal networks, an internal department within the company may fulfill this role.
How CA Work?
Some Famous CAs Verisign ( www.verisign.com) Europki (www.europki.org) CyberTrust ( www.cybertrust.com) And many more…
 
 
 
On Line Security Assistant The CERT® Program is part of the Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. Following the Morris worm incident, which brought 10 percent of internet systems to a halt in November 1988, the Defense Advanced Research Projects Agency (DARPA) charged the SEI with setting up a center to coordinate communication among experts during security emergencies and to help prevent future incidents. This center was named the CERT Coordination Center (CERT/CC) .
On Line Security Assistants
Area of work by CERT Software Assurance Secure Systems Organizational Security Coordinated Response Education and Training
Participation in Organizations Forum of Incident Response and Security Teams (FIRST) - The CERT/CC was a founding member of FIRST, which is a coalition of individual response teams around the world. Internet Engineering Task Force (IETF) - The IETF is an international organization that is instrumental in developing internet standards. National Security Telecommunications Advisory Committee's Network Security Information Exchange (NSTAC NSIE) - The NSTAC NSIE works to reduce vulnerabilities in critical infrastructures.
 
 
Myanmar Online Security
Thanks You!

More Related Content

PDF
CSC1100 - Chapter09 - Computer Security, Ethics and Privacy
Yhal Htet Aung
 
PPTX
Security presentation
Nathan Bateman
 
PPT
Event - Internet Thailand - Total Security Perimeters
Somyos U.
 
DOC
Wireless network security threats countermeasure
Edie II
 
PPT
Computer security
Dhani Ahmad
 
PDF
5 network-security-threats
ReadWrite
 
PPT
Data Security
backdoor
 
PDF
Survey on Computer Worms
rahulmonikasharma
 
CSC1100 - Chapter09 - Computer Security, Ethics and Privacy
Yhal Htet Aung
 
Security presentation
Nathan Bateman
 
Event - Internet Thailand - Total Security Perimeters
Somyos U.
 
Wireless network security threats countermeasure
Edie II
 
Computer security
Dhani Ahmad
 
5 network-security-threats
ReadWrite
 
Data Security
backdoor
 
Survey on Computer Worms
rahulmonikasharma
 

What's hot (20)

PPT
Network Security Threats and Solutions
Colin058
 
PDF
Information security
JAMEEL AHMED KHOSO
 
PPTX
Introductions To Malwares
Cyber Vignan
 
PPTX
Security and ethics
Argie242424
 
PPT
3.2.1 computer security risks
hazirma
 
DOCX
Network virus detection & prevention
Khaleel Assadi
 
PPT
Itc lec 15 Computer security risks
AnzaDar3
 
PPTX
List of Malwares
Vishalya Dulam
 
PDF
4 threatsandvulnerabilities
richarddxd
 
PPTX
Network security presentation
Kudzai Rerayi
 
PDF
Cscu module 02 securing operating systems
Sejahtera Affif
 
PDF
Viruses and antiviruses
Sarhad Baez
 
PPTX
MALWARE AND ITS TYPES
Sagilasagi1
 
PPTX
Program security
Prachi Gulihar
 
PPTX
Types of attacks in cyber security
Bansari Shah
 
PDF
Ch14 Desktop Protection
phanleson
 
PPSX
Ids 006 computer worms
jyoti_lakhani
 
PPTX
Virus and malware presentation
Amjad Bhutto
 
PPT
The Way Virus Spread
wenxin
 
PPTX
Worm
S.M. Towhidul Islam
 
Network Security Threats and Solutions
Colin058
 
Information security
JAMEEL AHMED KHOSO
 
Introductions To Malwares
Cyber Vignan
 
Security and ethics
Argie242424
 
3.2.1 computer security risks
hazirma
 
Network virus detection & prevention
Khaleel Assadi
 
Itc lec 15 Computer security risks
AnzaDar3
 
List of Malwares
Vishalya Dulam
 
4 threatsandvulnerabilities
richarddxd
 
Network security presentation
Kudzai Rerayi
 
Cscu module 02 securing operating systems
Sejahtera Affif
 
Viruses and antiviruses
Sarhad Baez
 
MALWARE AND ITS TYPES
Sagilasagi1
 
Program security
Prachi Gulihar
 
Types of attacks in cyber security
Bansari Shah
 
Ch14 Desktop Protection
phanleson
 
Ids 006 computer worms
jyoti_lakhani
 
Virus and malware presentation
Amjad Bhutto
 
The Way Virus Spread
wenxin
 
Worm
S.M. Towhidul Islam
 
Ad

Viewers also liked (7)

PPT
Memories & Love
yoursamal
 
PPT
Taking Charge, Chapter 9.1
TSTC Publishing
 
PPT
User wareness
Securelogy
 
PPTX
Customer 2.0 Is Mad as Hell
Social Media Today
 
PPTX
Health Initiative for Men: From Theory to Practice
CBRC
 
PPTX
CHAMPionship Advertising
amagid15
 
PDF
Iwan Ridwansyah Morphometricand Watershedof Lake Diatas
Hartanto Sanjaya
 
Memories & Love
yoursamal
 
Taking Charge, Chapter 9.1
TSTC Publishing
 
User wareness
Securelogy
 
Customer 2.0 Is Mad as Hell
Social Media Today
 
Health Initiative for Men: From Theory to Practice
CBRC
 
CHAMPionship Advertising
amagid15
 
Iwan Ridwansyah Morphometricand Watershedof Lake Diatas
Hartanto Sanjaya
 
Ad

Similar to Ne Course Part One (20)

PPTX
Computer security threats & prevention
PriSim
 
PPT
RRB JE Stage 2 Computer and Applications Questions Part 5
CAS
 
PPT
Safe Computing At Home And Work
John Steensen, MBA/TM, CISA, CRISC
 
PPT
networkmanagementandsecurity-160406183558.ppt
haymanottaddess2015m
 
PPT
Network management and security
Ankit Bhandari
 
PPT
Wong Pau Tung-special-topic-02-Virus
sharing notes123
 
PPT
viruses
khadija habib
 
PDF
The process of computer security
WritingHubUK
 
PPTX
Internet security
at1211
 
PDF
Computer crimes
Muniba Bukhari
 
PPT
Presentation2
Jeslynn
 
PPTX
Mitppt
Aarti Prakash
 
PDF
Threats of Computer System and its Prevention
Universitas Pembangunan Panca Budi
 
PPTX
Firewall , Viruses and Antiviruses
Vikas Chandwani
 
PPT
Tutorial 09 - Security on the Internet and the Web
dpd
 
PPTX
(Training) Malware - To the Realm of Malicious Code
Satria Ady Pradana
 
PPTX
Computing safety
Brulius
 
PDF
185
vivatechijri
 
PPTX
Computing safety ryr
ryrsyd
 
PPT
Software security
jes_d
 
Computer security threats & prevention
PriSim
 
RRB JE Stage 2 Computer and Applications Questions Part 5
CAS
 
Safe Computing At Home And Work
John Steensen, MBA/TM, CISA, CRISC
 
networkmanagementandsecurity-160406183558.ppt
haymanottaddess2015m
 
Network management and security
Ankit Bhandari
 
Wong Pau Tung-special-topic-02-Virus
sharing notes123
 
viruses
khadija habib
 
The process of computer security
WritingHubUK
 
Internet security
at1211
 
Computer crimes
Muniba Bukhari
 
Presentation2
Jeslynn
 
Mitppt
Aarti Prakash
 
Threats of Computer System and its Prevention
Universitas Pembangunan Panca Budi
 
Firewall , Viruses and Antiviruses
Vikas Chandwani
 
Tutorial 09 - Security on the Internet and the Web
dpd
 
(Training) Malware - To the Realm of Malicious Code
Satria Ady Pradana
 
Computing safety
Brulius
 
185
vivatechijri
 
Computing safety ryr
ryrsyd
 
Software security
jes_d
 

More from backdoor (20)

PPT
Java Database Connectivity
backdoor
 
PPT
Distributed Programming using RMI
backdoor
 
PPT
Programming Server side with Sevlet
backdoor
 
PPT
Distributed Programming using RMI
backdoor
 
PPT
Client Side Programming with Applet
backdoor
 
PPT
Java Network Programming
backdoor
 
PPT
Windows Programming with Swing
backdoor
 
PPT
Windows Programming with AWT
backdoor
 
PPT
Multithreading
backdoor
 
PPT
Object and Classes in Java
backdoor
 
PPT
IO and serialization
backdoor
 
PPT
Exception Handling
backdoor
 
PPT
Java Intro
backdoor
 
PPT
Object Oriented Programming with Java
backdoor
 
PPT
AWT Program output
backdoor
 
PPT
Net Man
backdoor
 
PPT
Ne Course Part Two
backdoor
 
PPT
Net Sec
backdoor
 
PDF
Security Policy Checklist
backdoor
 
PPT
Bcis Csm Chapter Three
backdoor
 
Java Database Connectivity
backdoor
 
Distributed Programming using RMI
backdoor
 
Programming Server side with Sevlet
backdoor
 
Distributed Programming using RMI
backdoor
 
Client Side Programming with Applet
backdoor
 
Java Network Programming
backdoor
 
Windows Programming with Swing
backdoor
 
Windows Programming with AWT
backdoor
 
Multithreading
backdoor
 
Object and Classes in Java
backdoor
 
IO and serialization
backdoor
 
Exception Handling
backdoor
 
Java Intro
backdoor
 
Object Oriented Programming with Java
backdoor
 
AWT Program output
backdoor
 
Net Man
backdoor
 
Ne Course Part Two
backdoor
 
Net Sec
backdoor
 
Security Policy Checklist
backdoor
 
Bcis Csm Chapter Three
backdoor
 

Recently uploaded (20)

PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Approach and Philosophy of On baking technology
30anthuong17
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
KodekX | Application Modernization Development
KodekX
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Encapsulation theory and applications.pdf
gurumoop
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 

Ne Course Part One

  • 1. Network Professional Course Data & Network Security U Nyein Oo COO/Director Myanma Computer Co., Ltd
  • 3. Topics to be covered Computer virus Different type of virus Macro virus Worm Trojan horse Hybrids Malware Spam Spyware And preventing Computer Virus
  • 4. What is Computer Virus? In 1983, Fred Cohen coined the term “computer virus”, assume a virus was " a program that can 'infect' other programs by modifying them to include a possibly evolved copy of itself .” Mr. Cohen expanded his definition a year later in his 1984 paper, “A Computer Virus”, noting that “ a virus can spread throughout a computer system or network using the authorizations of every user using it to infect their programs”.
  • 5. Some History on Fred Cohen BS (Electrical Engineering ) MS (Information Science) Ph.D (Electrical and Computer Engineering) Inventor of “Computer Viruses” (1983) First published most current virus defense techniques Consultant, computer security Fred Cohen &Associates Sandia National Laboratories Global reputation for integrity
  • 6. Macro virus Macro viruses are a special case of viruses. Instead of infecting software program files directly, macro viruses infect Microsoft Office documents and templates. They exist because Microsoft has implemented a complete programming language in their Office applications which allows any document to contain software code.
  • 7. Macro virus (cont:) Macro viruses can be extremely dangerous, since the scripting language built-in to Microsoft Office (called "Visual Basic for Applications") gives the virus full control of the computer, including the ability to run arbitrary software, send e-mail, delete files, or activate some other malicious payload.
  • 8. What is worm? In contrast to viruses, computer worms are malicious programs that copy themselves from system to system, rather than sensitive legal files. For example, a mass-mailing email worm is a worm that sends copies of itself via email. A network worm makes copies of itself throughout a network, an Internet worm sends copies of itself via vulnerable computers on the Internet, and so on.
  • 9. What is Trojan Horses? Trojans, another form of malware, are generally agreed upon as doing something other than the user expected, with that “something” defined as malicious. Most often, Trojans are associated with remote access programs that perform illicit operations such as password-stealing or which allow compromised machines to be used for targeted denial (rejection) of service attacks.
  • 10. Trojan Horses (cont:) One of the more basic forms of a denial of service (DoS) attack involves flooding a target system with so much data, traffic, or commands that it can no longer perform its core functions. When multiple machines are gathered together to launch such an attack, it is known as a distributed denial of service attack, or DDoS.
  • 11. What is Hybrids? In fact, most dangerous software combines the features of several types. One of the first successful e-mail attacks, the Happy99 Virus , wasn't merely a virus. When opened, it displayed a pleasant fireworks animation, tricking the user into thinking it was a harmless entertainment like a trojan.
  • 12. Hybrids (cont:) Then, like a virus, it modified the computer's operating system files and installed software code which would create copies of itself whenever the user sent e-mail. Finally, like a worm, Happy99 propagated to other computers via e-mail.
  • 13. What is malware? Taken as a group, these many types of software are called "malicious software", because they modify your computer's files without asking and attempt to perform some kind of annoying or dangerous activity. In the computer community, the spectrum of malicious software is often called malware .
  • 14. What is SPAM? "Spamming [the sending of unsolicited email] is the scourge of electronic-mail and newsgroups on the Internet. It can seriously interfere with the operation of public services, to say nothing of the effect it may have on any individual's e-mail mail system. Spammers are, in effect, taking resources away from users and service suppliers without compensation and without authorization."
  • 15. Spyware Spyware is any software or program that employs a user's Internet connection in the background (the so-called "backchannel") without their knowledge or explicit permission.
  • 16.  
  • 17. Virus Encyclopedia 1. File Virus 2. Boot Virus 3. Multi parties Virus (File and Boot ) 4. Multi Platform Virus 5. Virus Constructors 6. Script Virus 7. Polymorphic Generator 8. Virus Hoaxes 9. Palm 10. Jokes
  • 18. File Extensions of Evil User File Extension Xxx.doc Xxx.xls Xxx.ppt xxx.pmd Xxx.pdf Xxx.bmp And others System File Extension Xxx.exe Xxx.bat Xxx.com xxx.sys Xxx.int Xxx.dll And others
  • 19. The Golden Rule of E-mail Protection NEVER OPEN AN E-MAIL ATTACHMENT UNLESS YOU HAVE INDEPENDENTLY CONFIRMED ITS CONTENT AND VALIDITY! a separate e-mail with a clear description of the file names and contents of the attachments, a telephone call discussing the attached files, a face-to-face conversation, or any other communication independent of the e-mail containing the attachments, which specifies the file names and file contents.
  • 21. Other Ways to Secure Your System Don't use file and print sharing unless you must If you do use file sharing, use good passwords Don't allow Windows to open .VBS(vb script) or .WSF(Windows Script) files Beware software of unknown origin Forged E-mail Addresses Anti-virus Software Malicious Software Documented at Rice To get More Help To Find Security Patches
  • 22. Example of Service Pack File
  • 23. Top ten viruses reported to Sophos in April 2004 Top 10 Virus Report in Feb 2007
  • 24. Top Antivirus Software Nortan Antivirus ( www.symantec.com ) Mcafee Antivirus ( www.macfee.com ) Bitdeffender ( www.bitdeffender.com ) F-Secure ( www.f-secrure.com ) PC-cillin ( www.trendmicro.com ) E-safe…etc
  • 25.  
  • 26.  
  • 27.  
  • 28.  
  • 29.  
  • 30.  
  • 31.  
  • 32. criteria of anti-virus software. Ease of Use Effective at Identifying Viruses and Worms Effective at Cleaning or Isolating Infected Files Activity Reporting Feature Set (Scanning Capabilities) Ease of Installation and Setup Help Documentation
  • 33. Main Features of Antivirus Provides complete e-mail virus Protection Eliminates all types of viruses   Easy to use: install and forget Automatic virus definitions updates   Uses powerful virus scanning engines   Creates detailed scan reports ..etc
  • 34. Activity Log File Location
  • 35. Preventing Computer Virus Install anti-virus software and keep the virus definitions up to date. Don't automatically open attachments Scan all incoming email attachments Get immediate protection Update your anti-virus software frequently. Avoid downloading files you can't be sure are safe Don't boot from a floppy disk Don't share floppies Scan floppies before using them Use common sense
  • 36. Useful links Virus Encyclopedia http:// www.antivirus.com/vinfo/virusencyclo / Virus pattern downloads http:// www.antivirus.com/download/pattern.asp Subscribe to email alerts on Virus http:// www.antivirus.com/vinfo / Online virus scanner, Housecall                             http:// housecall.antivirus.com / Real-time Virus Tracking http:// wtc.trendmicro.com/wtc / Mcafee Security http://www.mcafee.com Nortan Antivirus http://symantec.com
  • 37. Part Two O thers Data Security Issue
  • 38. Topic to be covered Encryption Firewall Authentication Virtual Private Network (VPN) Digital Certificate Digital Signature Certification Authorities On-Line Security Assistants
  • 39. Encryption The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text; encrypted data is referred to as cipher text. There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption.
  • 40. Sample Diagram for Encryption
  • 41. Firewall A combination of hardware and software that secures access to and from the LAN. A firewall blocks unwanted access to the protected network while giving the protected network access to networks outside of the firewall. An organization will typically install a firewall to give users access to the internet while protecting their internal information.
  • 42. Sample usage of Firewall
  • 43. Authentication Determines a user's identity, as well as determining what a user is authorized to access. The most common form of authentication is user name and password, although this also provides the lowest level of security. VPNs use digital certificates and digital signatures to more accurately identify the user.
  • 45. Virtual Private Network A virtual private network (VPN) is a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures. The idea of the VPN is to give the company the same capabilities at much lower cost by using the shared public infrastructure rather than a private one.
  • 46. Tunneling Protocol A tunneling protocol is a network protocol which encapsulates one protocol or session inside another. Protocol A is encapsulated within protocol B, such that A treats B as though it were a data link layer. Tunneling is used to get data between administrative domains which use a protocol that is not supported by the internet connecting those domains.
  • 47. VPNs Scenarios Internet VPN Over the public access Internet Connect remote office across the Internet Connect remote dialup users to their home gateway through ISP: known as VPDN Intranet VPN Within an enterprise or organization that might or might not involve traffic traversing a WAN Extranet VPN Between two or more separate entities that can involve data traversing the Internet or some other WAN
  • 49. Why should use VPN? Data confidentiality Encrypt the packets before transmitting across the network Data Integrity Authenticate peers and examine packets ensuring that data has not been altered during transmission Data origin authentication Authenticate the source of data sent Depend on data integrity service Anti-replay Detect and reject replayed packets preventing spoofing and MITM attacks
  • 50. Digital Certificate Electronic counterparts to driver licenses, passports. Certificates are the framework for identification information, and bind identities with public keys. They provide a foundation for identification , authentication and non-repudiation. Enable individuals and organizations to secure business and personal transactions across communication networks.
  • 51. Types of Certificates Root or Authority certificates These are self signed by the CA that created them Institutional authority certificates Also called as “campus certificates” Client certificates These are also known as end-entity certificates, identity certificates,or personal certificates. Web server certificates used for secure communications to and from Web servers
  • 52. Sample of Digital Certificate
  • 53. Content of Digital Certificate Version Serial number Certificate issuer Certificate holder Validity period Attributes, known as certificate extensions, that contain additional information such as allowable uses for this certificate Digital signature from the certification authority to ensure that the certificate has not been altered and to indicate the identity of the issuer And other…
  • 54. Digital Signature An electronic signature that can be used to authenticate the identity of the sender of a message, or of the signer of a document. It can also be used to ensure that the original content of the message or document that has been conveyed is unchanged.
  • 58. Certification Authority A third party organization which is used to confirm the relationship between a party to the https transaction and that party's public key. Certification authorities may be widely known and trusted institutions for Internet based transactions; where https is used on companies internal networks, an internal department within the company may fulfill this role.
  • 60. Some Famous CAs Verisign ( www.verisign.com) Europki (www.europki.org) CyberTrust ( www.cybertrust.com) And many more…
  • 61.  
  • 62.  
  • 63.  
  • 64. On Line Security Assistant The CERT® Program is part of the Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. Following the Morris worm incident, which brought 10 percent of internet systems to a halt in November 1988, the Defense Advanced Research Projects Agency (DARPA) charged the SEI with setting up a center to coordinate communication among experts during security emergencies and to help prevent future incidents. This center was named the CERT Coordination Center (CERT/CC) .
  • 65. On Line Security Assistants
  • 66. Area of work by CERT Software Assurance Secure Systems Organizational Security Coordinated Response Education and Training
  • 67. Participation in Organizations Forum of Incident Response and Security Teams (FIRST) - The CERT/CC was a founding member of FIRST, which is a coalition of individual response teams around the world. Internet Engineering Task Force (IETF) - The IETF is an international organization that is instrumental in developing internet standards. National Security Telecommunications Advisory Committee's Network Security Information Exchange (NSTAC NSIE) - The NSTAC NSIE works to reduce vulnerabilities in critical infrastructures.
  • 68.  
  • 69.