Informatics Viruses, antivirus software, backup software

Computer security threats

different types

targeting both servers and ordinary clients

protection IS necessary

Types of consequences

difficult access, blocked services

crashes of the operating system, programs, services

loss of data, incl. deletion of programs and files

theft of private data, incl. passwords, bank accounts and cards and potential loss of real money

Types of threats

denial of service

site and server substitution

unauthorized access to internal/private networks, programs, data

traffic sniffing

malicious software (malware)

Denial of service (DoS) attacks

could also be distributed denial of service (DDoS) attacks

obstruct or stop completely the entire operating system, services (i.e. the web server), programs or network connections

are usually performed remotely using the network and commonly consist of flooding

primarily against servers but could also target ordinary client machines

Site and server substitution

site hacking / substitution and changing the content to some jokes, statements, etc.

site imitation without that leads to users to believe it is the original site (phishing) so that they could enter confidential information

DNS server attacks (DNS spoofing) that substitute real names with false (hackers') IP-addresses

Unauthorized access to internal/private networks

unauthorized access (usually over the Internet) to internal networks and resources (e.g. a company's network)

can be used to obtain confidential information, to disrupt or stop the network

personal data can be stolen or deleted from end users' machines

Stopping attacks

constantly applying operating system and program service packs and updates

proper user management

most browsers have built-in anti-phishing protection

firewalls

Traffic sniffing

done through remote machines and networks

each node the connection passes through (and for a typical Internet connection they are over 10) could intercept traffic

visited pages, exchanged data, sent/received information, e-mail can be monitored

Stopping sniffing

ordinary HTTP can not be protected

for confidential information HTTPS (encryption) should be used

e-mail client access can and should also be encrypted (POP3/SMTP/IMAP protocols do have such options)

Malicious software (malware)

viruses

worms

Trojan horses

spyware

adware, spam

Viruses

A computer virus is a computer program that can replicate itself and spread from one computer to another (called an infection). It imitates biological virus behavior.

Harmful activities

not necessary

data deletion - random, on specific dates or events; separate files or the entire disk

Reasons for creating viruses

fame

experiments

revenge (i.e. against former employers)

(economic) profit

warfare

Computer wormsA computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. Unlike a computer virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.

Trojan horses

A Trojan horse, or Trojan, is a malicious application that masquerades as a legitimate file or helpful program but whose real purpose is, for example, to grant a hacker unauthorized access to a computer. Trojans do not attempt to inject themselves into other files like a computer virus. Trojan horses may steal information, or harm their host computer systems.

Spyware

Spyware is a type of malware installed on computers that collects information about users without their knowledge. The presence of spyware is typically hidden from the user and can be difficult to detect.

Types of spyware

key(board) loggers

screen caps

Adware, spam

Unwanted advertisements. In programs, sites, e-mail.

through discs, flash drives, files downloaded from the Internet

through e-mail, Skype and other messages

start to replicate after infection

try to stay resident and invisible ("stealth" technology)

Malware distribution

Preventing/fighting malware

avoid starting executable files downloaded from the Internet; movies and music are relatively safe

avoid starting executable files from e-mails or from instant messengers

some malware files have double or misleading extensions, e.g. demo.scr, document.pif, picture.jpg.exe

use antivirus software

antivirus or anti-virus software is software used to prevent, detect and remove malware (not only viruses)

computer security is commonly offered in products and services of antivirus software companies

Antivirus software

Antivirus software principles of operation

scans memory

scans media (diskettes, disks/discs, flash drives)

monitors and prevents execution of harmful software

scans e-mail messages

usually depends on "definitions" which should be regularly updated

(Business) Anti-virus software categories

paid

free

free for personal use only

Paid antivirus software

avast!AviraAVG Anti-VirusBitDefenderBullGuardCA Anti-VirusCisco Security AgentDriveSentryeSafeFortinet FortiClient End Point Security

F-PROTF-SecureG DATA SoftwareGraugon AntiVirus ProKaspersky Anti-VirusLinuxShieldMcAfee VirusScannProtectNOD32Norman ASA

Norton AntiVirusPanda SecurityPC Tools AntiVirusRising AntiVirusSophos Anti-VirusTrend Micro Internet SecurityVba32 AntiVirusVirus ChaserWindows Live OneCareZoneAlarm

Free antivirus software

Windows DefenderAvira AntiVir Personal - Free AntivirusAOL Active Virus ShieldAVG Anti-Virus Freeavast! Home Edition BitDefender Free Comodo AntiVirus DriveSentry F-PROT for Linux, FreeBSD, MS-DOSGraugon AntiVirusPC Tools AntiVirus Free EditionRising Antivirus Free Edition

Backup/archiving and compression

not the same thing

can be used separately or together

Backup

the process of creating auxiliary, archive, reserve copies of data, usually on external media

it is a measure against data loss

data can be restored/recovered if needed

Frequent backup media

external hard drives, incl. network drives and storage servers

tape backup

optical media

Backup principles

backup should not be online all the time

regular/scheduled backups

incremental backup

compression (although rare)

Paid backup software.Mac BackupAcronis True ImageAltexa online BackupAtempo TIMEnavigatorBackup4allBackupAssistBakBone NetVaultCommVault Systems GalaxyComputer Associates ARCserve BackupdeVaultDiscoEMC Legato NetworkerEMC Corporation RetrospectGenie Backup Manager

GRBackProHandy BackupHP OpenView Storage Data Protector and Archive Backup systemi-driveIBM Tivoli Storage ManagerIBM Aggregate Backup And Recovery SystemImage for WindowsLangmeier BackupMacrium ReflectMicrosoft Data Protection ManagerNero BackItUpRoxio Toast

SonicWALLStorageCraft ShadowProtectSymantec Backup Exec, NetBackup, Norton 360, Norton GhostSyncsort Backup ExpressTime MachineUltraBac SoftwareUnitrendsVentis BackupSuite 2008Windows Live OneCareWindows Recovery EnvironmentYosemite Backup

Free backup software

AMANDA BSDAreca Backup GPLBackup NinjaBackupPC GPLBacula GPLCobian Backup MozillacpioDAR GPLdump duplicity GPL

FlyBack GPLMondo GPLrsync GPLtarTimeVaultVenti Open SourceZmanda Recovery Manager GPL

Compression of files

the original data (one or more files) are encoded in such a way into new data (file/s) that they occupy less disk space

mathematical algorithms are used

no loss of information (unlike JPEG compression for example)

How it works

the algorithms search for duplicate fragments of data and store only one copy of each

search is usually byte or bit-based

Common compressed formats

ZIP

GZ

RAR

TAR

ARJ

SIT, SITX

ACE