15-03-2011, 03:19 PM
presented by
M.Shiva
[attachment=10213]
Abstract:
As the world is moving further into the online world, all the information related to different countries across the globe have become the target of online evils .To save this online information, we need to protect our network and information systems with very strong security.
Any hole in our online security can give path to hackers and malicious users to enter into our secret online world and hack our information that could be dangerous for any country and can cause the loss of lives and hence world.
The threats disrupt the key assets of business: data, internal networks, and website or commerce portals generating revenue. When attacks on these assets occur, they have a real impact on the revenue, brand, and productivity of the targeted organization.
Introduction:
Online freaks and users both alike are increasingly getting introduced to a variety of online security threats.
Online security is one of the key requirements today as they increasingly use the Internet to not only manage their stuff online.
This combined with the rapid growth in online phishing and identity scams and increasing regulatory pressure has ensured that online security is a critical concern among techies and non-techies today.
In this is Presentation I am going to discuss the following topics
1. Difference between a hacker and a cracker
2. What is a Virus, Worm and Trojan?
3. Sniffing and Spoofing
4. Phishing
5. Credit Card hacking
SECURITY:
Security is now in great demand but is also at greater risk. Because no single solution can ensure online security, a layered security approach industry-leading solutions are being developed.
A number of online users are naïve to the types of threats they face online and the precautions that they must take and hence they get into the trap of hackers, viruses, worms and what not?
Computer intrusions have grown so rapidly in recent years that they are no longer just an aggravation. The threats disrupt the key assets of business: data, internal networks, and website or commerce portals generating revenue. When attacks on these assets occur, they have a real impact on the revenue brand, and productivity of the targeted organization.
Identity theft, denial of service attacks and worms that thriveon the anonymity of the Internet are just a few of the dangers users may be exposing themselves to as they tap into the online world.
Now-a-days, the terms getting hacked, virus, trojan have become common terms. Knowingly or unknowingly you are pulled into these terms which of course are so hair raising!
It is much easier for the experienced eyes of an internet-savvy user to detect potential phishing attempts when compared with a user who is just a beginner, because no single solution can ensure online security, a layered security approach industry-leading solutions are being developed.
Now that we have known what security means in this modern world, it's important that we guard that door.
Hackers and Crackers:
When you think of security, it's a good bet that some of your thinking drifts to hackers and crackers.
These are both security threats that you have to take into account.
Well, some people do, and although many of them don't want their names bandied about, they can tell us much about the shadowy hacker community, and other security threats as well.
To understand the methodology of a hacker or cracker, one must understand what a hacker or a cracker is.
Internet enthusiasts have argued the difference between hackers and crackers for many years.
A Hacker and A Cracker can be defined as follows:
* A hacker is a person intensely interested in the arcane and recondite workings of any computer operating system.
Hackers are most often programmers. As such, hackers obtain advanced knowledge of operating systems and programming languages.
They might discover holes within systems and the reasons for such holes.
Hackers constantly seek further knowledge; freely share what they have discovered, and never intentionally damage data.
* A cracker is one who breaks into or otherwise violates the system integrity of remote machines with malicious intent. Having gained unauthorized access, crackers destroy vital data, deny legitimate users service, or cause problems for their targets.
Crackers can easily be identified because their actions are malicious. Cracker can also be defined as the one who tries to break anything and everything built up by a hacker.
Hacking predates computers. To the popular press, "hacker" means someone who breaks into computers. Among programmers it means a good programmer. But the two meanings are connected.
To programmers, "hacker" connotes mastery in the most literal sense: someone who can make a computer do what he wants—whether the computer wants to or not.
It should be mentioned that there are two major types of crackers.
The first is fortunately few and far between.
They are the expert crackers who discover new security holes and often write programs that exploit them.
The second type, the script kiddie, only knows how to get these programs and run them. Script kiddies are more numerous, but much easier to stop and detect
The most common threats are:
1. Virus
2. Worms
3. Trojans
The most common blunder people make when the topic of a computer virus arises is to refer to a worm or Trojan as a virus. While the words Trojan, worm and virus are often used interchangeably, they are not the same. Viruses, worms and Trojan Horses are all malicious programs that can cause damage to your computer, but there are differences among the three, and knowing those differences can help you to better protect your computer from their often damaging effects.
1. Virus:
A computer virus attaches itself to a program or file so it can spread from one computer to another, leaving infections as it travels. Much like human viruses, computer viruses can range in severity: Some viruses cause only mildly annoying effects while others can damage your hardware, software or files. Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it cannot infect your computer unless you run or open the malicious program. It is important to note that a virus cannot be spread without a human action, (such as running an infected program) to keep it going. People continue the spread of a computer virus, mostly unknowingly, by sharing infecting files or sending e-mails with viruses as attachments in the e-mail.
Computer viruses are small software programs that are designed to spread from one computer to another and to interfere with computer operation.
A virus might corrupt or delete data on your computer, use your e-mail program to spread itself to other computers, or even erase everything on your hard disk.
Viruses are most easily spread by attachments in e-mail messages or instant messaging messages. That is why it is essential that you never open e-mail attachments unless you know who it's from and you are expecting it.
Viruses can be disguised as attachments of funny images, greeting cards, or audio and video files.
A Virus also spread through downloads on the Internet. They can be hidden in illicit software or other files or programs you might download.
In 2007 at least one system connected in a network is affected with virus. There are thousands of viruses and still hundreds are being created.
2. Worm:
A worm is similar to a virus by its design, and is considered to be a sub-class of a virus. A computer worm is a program which copies itself across a network without any external help. A computer worm can spread without a host program, although some modern computer worms also use files to hide inside. A worm replicates fast but many times do not require infecting another file or embedding its code in them. A worm takes advantage of file or information transport features on your system, which allows it to travel unaided.
The biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge devastating effect.
A worm that replicates itself by spreading through emails is known as an email worm.
The worm infects a PC and spreads using the address book on the infected user's PC. This makes the reach of the worm global and devastating.
One example would be for a worm to send a copy of itself to everyone listed in your e-mail address book. Then, the worm replicates and sends itself out to everyone listed in each of the receiver's address book.
Both worms and viruses are self-replicating codes that travel from machine to machine by various means.
Both worms and viruses have, as their first objective, merely propagation.
Both can be destructive, depending on what payload, if any, they have been given.
There are some differences in that worms may replace files, but do not insert themselves into files, while viruses insert themselves into files, but do not replace them.
There are two types of worms - host computer worms and network worms.
Host computer worms are entirely contained in the computer they run on and use network connections only to copy themselves to other computers. Host computer worms where he original terminates itself after launching a copy on another host (so there is only one copy of the worm running somewhere on the network at a given moment) are also called "rabbits".
Network worms consist of multiple parts (called "segments"), each running on different machines (and possibly performing different actions) and using the network for several communication purposes. Propagating a segment from one machine to another is only one of those purposes. Network worms that have one main segment, which coordinates the work of the other segments are sometimes called "octopuses."
3. Trojan:
A Trojan Horse is full of as much trickery as the mythological Trojan Horse it was named after. The Trojan Horse, at first glance will appear to be useful software but will actually do damage once installed or run on your computer. Those on the receiving end of a Trojan Horse are usually tricked into opening them because they appear to be receiving legitimate software or files from a legitimate source.
Trojans typically enter computers through e-mail attachments, downloaded programs and file-sharing services.
When a Trojan is activated on your computer, the results can vary. Some Trojans are designed to be more annoying than malicious (like changing your desktop, adding silly active desktop icons) or they can cause serious damage by deleting files and destroying information on your system. Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate.
Trojans are also known to create a backdoor on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised.
A large segment of trojan programs download other harmful software components to a user's PC without his/her knowledge .This application is most likely downloaded and installed by another application that is considered to be adware or spyware.
Some of trojans do have a devastating option called "Key logger". The mal function of key logger is it catches each and every key-stroke of key board. So your passwords can be get into bad hands.
Another option available in trojans is "File Manager". Using this one can steal information and download anything from your PC.
Trojan horses are broken down in classification based on how they breach systems and the damage they cause. The seven main types of Trojan horses are:
* Remote Access Trojans
* Data Sending Trojans
* Destructive Trojans
* Proxy Trojans
* FTP Trojans
* security software disabler Trojans
* denial-of-service attack (DoS) Trojans.
