Network Defense and Countermeasures

Similar documents
Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

What's the difference between spyware and a virus? What is Scareware?

Worms, Trojan Horses and Root Kits

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

COMPUTER-INTERNET SECURITY. How am I vulnerable?

Student Tech Security Training. ITS Security Office

STANDARD ON CONTROLS AGAINST MALICIOUS CODE

Spyware Linkages to Malware and its Affects A Multi-Layered Approach to Stopping Information Theft

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

When you listen to the news, you hear about many different forms of computer infection(s). The most common are:

Spyware. Michael Glenn Technology Management 2004 Qwest Communications International Inc.

Software. Webroot. Spy Sweeper. User Guide. for. Webroot Software, Inc. PO Box Boulder, CO Version 6.

Ohio University Computer Services Center October, 2004 Spyware, Adware, and Virus Guide

Computer Viruses: How to Avoid Infection

Malware, Spyware, Adware, Viruses. Gracie White, Scott Black Information Technology Services

FAKE ANTIVIRUS MALWARE This information has come from - a very useful resource if you are having computer issues.

User Documentation Web Traffic Security. University of Stavanger

ANTIVIRUS BEST PRACTICES

Computer Security Maintenance Information and Self-Check Activities

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

CougarTrack Troubleshooting - Internet Explorer 8

By:XÇzA A TÅÅtÜ ]A `t{åééw

Network Security. Demo: Web browser

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them

Guideline for Prevention of Spyware and other Potentially Unwanted Software

Spyware Doctor Enterprise Technical Data Sheet

Frequent Smart Updates: Used to detect and guard against new infections as well as adding enhancements to Spyware Doctor.

Survey of Spyware Tools and Counter Measures

E-BUSINESS THREATS AND SOLUTIONS

Chapter 4 Application, Data and Host Security

Spyware: Securing gateway and endpoint against data theft

Penetration Testing Service. By Comsec Information Security Consulting

Countermeasures against Spyware

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

Recommended Practice Case Study: Cross-Site Scripting. February 2007

Introduction to Computer Security Table of Contents

Chapter 8 Types of Utility Programs and Operating Systems. Discovering Computers Your Interactive Guide to the Digital World

How To Understand What A Virus Is And How To Protect Yourself From A Virus

Information Security Training on Malware

How to easily clean an infected computer (Malware Removal Guide)

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Cox Business Premium Security Service FAQs

Section 12 MUST BE COMPLETED BY: 4/22

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

Keystroke Encryption Technology Explained

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

WEB SECURITY. Oriana Kondakciu Software Engineering 4C03 Project

Software Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS

ESET NOD32 ANTIVIRUS 8

What Do You Mean My Cloud Data Isn t Secure?

The Care and Feeding of Your Computer Troubleshooting and Maintenance

How Spyware and Anti-Spyware Work

Information Security Threat Trends

Willem Wiechers 3 rd March 2015

1 Introduction. Agenda Item: Work Item:

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks

Evolutionism of Intrusion Detection

Spyware. Summary. Overview of Spyware. Who Is Spying?

System Administrator Guide

ANDRA ZAHARIA MARCOM MANAGER

Desktop and Laptop Security Policy

Contents. McAfee Internet Security 3

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

Web Plus Security Features and Recommendations

Codes of Connection for Devices Connected to Newcastle University ICT Network

McAfee Internet Security Suite Quick-Start Guide

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

Secure Your Mobile Workplace

Don t Fall Victim to Cybercrime:

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange

Bookmarks for Desktop Self-Defense

Understanding Internet Security. What you need to protect yourself online.

Mobile Devices and Malicious Code Attack Prevention

ESET NOD32 ANTIVIRUS 9

extranet.airproducts.com Windows XP Client Configuration

ESET NOD32 Antivirus 4 for Linux Desktop. Quick Start Guide

INTERNET & COMPUTER SECURITY March 20, Scoville Library. ccayne@biblio.org

Security Practices Essentials. Viruses McAfee Virus Software Critical Windows Updates Network Settings. Spyware Adaware Spybot Windows Defender

S3 Control and System Call Indirection

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

PC Security and Maintenance

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

Payment Fraud and Risk Management

SECURING INFORMATION SYSTEMS

CYBER-SAFETY BASICS. A computer security tutorial for UC Davis students, faculty and staff

DSL and Cable Modems: The Dangers of Having a Static IP Address

The Leading Provider of Endpoint Security Solutions

Welcome to Cox Business Security Suite:

Printed Documentation

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

G/On. Basic Best Practice Reference Guide Version 6. For Public Use. Make Connectivity Easy

Boston University Security Awareness. What you need to know to keep information safe and secure

Web Tap: Detecting Covert Web Traffic. Presented By: Adam Anthony

CYBER-SAFETY. A computer security tutorial for UC Davis students, faculty and staff

Attacks from the Inside

ESET SMART SECURITY 6

Security Consultant Scenario INFO Term Project. Brad S. Brady. Drexel University

TROJAN HORSES: THEY DECEIVE, THEY INVADE, THEY DESTROY

Quick Start. Installing the software. for Webroot Internet Security Complete, Version 7.0

Transcription:

Network Defense and Countermeasures Sir. Ahmad Kamalrulzaman Othman FSKM, UiTM Johor Chapter 10: Defending Against Trojan Horses, Spyware, and Adware

Objectives Describe Trojan horses Take steps to prevent Trojan horse attacks Describe spyware Use anti-spyware software Create anti-spyware policies Horses, Spyware, and Adware 2

Introduction Though not as common as viruses, Trojan horses still pose a real threat to computer systems. Spyware and adware continue to grow and clutter computer networks and individual computers. This chapter provides ways to combat these particular types of threats. Horses, Spyware, and Adware 3

Trojan Horses Typical actions Trojan horses take: Delete files from a computer Spread other malware Use the computer to launch a DDoS Search for personal information Install back door to the computer Horses, Spyware, and Adware 4

Identifying Trojan Horses Back Orifice Internet Explorer Trojan Horse NetBus Linux Trojan Horses Portal of Doom Horses, Spyware, and Adware 5

Back Orifice Allows control over TCP/IP Entirely self-installing Can be attached to legitimate applications Does not appear in the task list Registry is the best way to remove Horses, Spyware, and Adware 6

Internet Explorer Trojan Horse Released in 2003 Targets Microsoft s Internet Explorer Browser Changes the DNS configuration on the Windows machine Redirects requests to the hacker s site Patch released by Microsoft Check out Secunia to see if your browser is vulnerable Horses, Spyware, and Adware 7

NetBus Similar to Back Orifice Only works on port 20034 Simple to check infection Removal through the Registry Easy-to-use GUI Horses, Spyware, and Adware 8

Linux Trojan Horses These Trojans are not new One released in 1999 Typical back door Trojan Uploaded to at least one FTP server Not known how many systems were compromised Horses, Spyware, and Adware 9

Portal of Doom Back door tool allows remote users to perform the following: Open and close the CD tray Shut down the system Open files or programs Access drives Change passwords Log keystrokes Take screen shots Horses, Spyware, and Adware 10

Symptoms of a Trojan Horse Home page for your browser changes Any change to passwords, usernames, accounts, etc. Any change to screen savers Changes to mouse settings, backgrounds, etc. Any device seeming to work on its own Horses, Spyware, and Adware 11

Preventing Trojan Horses The answer is a hybrid approach using: Technological measures Policy measures Horses, Spyware, and Adware 12

Technological Measures Block unneeded ports (e.g. 20034) Utilize anti-virus software (most check for Trojans) Prevent active code in browsers Limit user s rights to just what is needed Horses, Spyware, and Adware 13

Policy Measures Never download any attachments unless absolutely certain they are safe or expected If a port is not needed, close it Restrict the downloading of software Be cautious of hidden file extensions Horses, Spyware, and Adware 14

Trojan Horse and Associated Port(s) Table 10.1 Ports used by well known Trojan Horses Port(s) Used Trojan Horse 57341 NetRaider 54320 Back Orifice 2000 37651 Yet Another Trojan (YAT) 33270 Trinity 31337 and 31338 Back Orifice 12624 Buttman 9872-9872, 3700 Portal of Doom (POD) 7300-7308 Net Monitor 2583 WinCrash Horses, Spyware, and Adware 15

Spyware and Adware Becoming more and more intrusive Can cause systems to crash Made to gather information and send it to third-parties Generate Pop-Ups not detected by pop-up blockers Horses, Spyware, and Adware 16

Identifying Spyware and Adware Like viruses and Trojan horses, spyware and adware programs become well known Gator (Adware) Two methods of removal Add/Remove Programs The Registry RedSheriff (Spyware) Twofold problem: No one is certain what data is collected (except Manufacturer) Many people have a negative reaction to web site monitoring Horses, Spyware, and Adware 17

Anti-Spyware Spy Sweeper (www.webroot.com) Spyware Doctor (www.pctools.com/spywaredoctor/) Zero Spyware Microsoft Anti-Spyware (www.microsoft.com/athome/security/spywar e/software/default.mspx) Horses, Spyware, and Adware 18

Spy Sweeper Horses, Spyware, and Adware 19

Spy Sweeper cont. Horses, Spyware, and Adware 20

Spyware Doctor Horses, Spyware, and Adware 21

Zerospyware Horses, Spyware, and Adware 22

Researching and Comparing Anti- Spyware Products The following sites provide reviews of antispyware software or the actual product Spyware Warrior reviews Tech News World utilities Ars Technica anti-spyware reviews PC magazine anti-spyware reviews Spyware Avenger Horses, Spyware, and Adware 23

Anti-Spyware Policies Never download any attachments you are not certain is safe Configure browser to block cookies Configure browser to block scripts Utilize browser pop-up blockers Horses, Spyware, and Adware 24

Anti-Spyware Policies cont. Never download the following if you are uncertain of their safety: Applications Browser skins Screen savers Utilities Block Java applets, or require manual approval of such Horses, Spyware, and Adware 25

Summary Both Trojan horses and spyware pose significant dangers Virus scanners and appropriate policies are your only protection against Trojan horses and spyware Carefully develop and implement anti-trojan horse policies Horses, Spyware, and Adware 26

Summary cont. Spyware and Adware are growing problems for networks Spyware can compromise security Confidential information can be compromised by spyware Adware is more a nuisance than a real security threat However, there is a threshold of adware that can make a system unusable Horses, Spyware, and Adware 27

Summary cont. There are numerous utilities that can help protect against Trojan horses (Anti-virus software) Available utilities can protect against spyware and adware Policies can work in conjunction with utilities to further protect systems Horses, Spyware, and Adware 28

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information