Upload
others
View
18
Download
0
Embed Size (px)
Citation preview
Informatics Viruses, antivirus software, backup software
Computer security threats
different types
targeting both servers and ordinary clients
protection IS necessary
Types of consequences
difficult access, blocked services
crashes of the operating system, programs, services
loss of data, incl. deletion of programs and files
theft of private data, incl. passwords, bank accounts and cards and potential loss of real money
Types of threats
denial of service
site and server substitution
unauthorized access to internal/private networks, programs, data
traffic sniffing
malicious software (malware)
Denial of service (DoS) attacks
could also be distributed denial of service (DDoS) attacks
obstruct or stop completely the entire operating system, services (i.e. the web server), programs or network connections
are usually performed remotely using the network and commonly consist of flooding
primarily against servers but could also target ordinary client machines
Site and server substitution
site hacking / substitution and changing the content to some jokes, statements, etc.
site imitation without that leads to users to believe it is the original site (phishing) so that they could enter confidential information
DNS server attacks (DNS spoofing) that substitute real names with false (hackers') IP-addresses
Unauthorized access to internal/private networks
unauthorized access (usually over the Internet) to internal networks and resources (e.g. a company's network)
can be used to obtain confidential information, to disrupt or stop the network
personal data can be stolen or deleted from end users' machines
Stopping attacks
constantly applying operating system and program service packs and updates
proper user management
most browsers have built-in anti-phishing protection
firewalls
Traffic sniffing
done through remote machines and networks
each node the connection passes through (and for a typical Internet connection they are over 10) could intercept traffic
visited pages, exchanged data, sent/received information, e-mail can be monitored
Stopping sniffing
ordinary HTTP can not be protected
for confidential information HTTPS (encryption) should be used
e-mail client access can and should also be encrypted (POP3/SMTP/IMAP protocols do have such options)
Malicious software (malware)
viruses
worms
Trojan horses
spyware
adware, spam
Viruses
A computer virus is a computer program that can replicate itself and spread from one computer to another (called an infection). It imitates biological virus behavior.
Harmful activities
not necessary
data deletion - random, on specific dates or events; separate files or the entire disk
Reasons for creating viruses
fame
experiments
revenge (i.e. against former employers)
(economic) profit
warfare
Computer wormsA computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. Unlike a computer virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
Trojan horses
A Trojan horse, or Trojan, is a malicious application that masquerades as a legitimate file or helpful program but whose real purpose is, for example, to grant a hacker unauthorized access to a computer. Trojans do not attempt to inject themselves into other files like a computer virus. Trojan horses may steal information, or harm their host computer systems.
Spyware
Spyware is a type of malware installed on computers that collects information about users without their knowledge. The presence of spyware is typically hidden from the user and can be difficult to detect.
Types of spyware
key(board) loggers
screen caps
Adware, spam
Unwanted advertisements. In programs, sites, e-mail.
through discs, flash drives, files downloaded from the Internet
through e-mail, Skype and other messages
start to replicate after infection
try to stay resident and invisible ("stealth" technology)
Malware distribution
Preventing/fighting malware
avoid starting executable files downloaded from the Internet; movies and music are relatively safe
avoid starting executable files from e-mails or from instant messengers
some malware files have double or misleading extensions, e.g. demo.scr, document.pif, picture.jpg.exe
use antivirus software
antivirus or anti-virus software is software used to prevent, detect and remove malware (not only viruses)
computer security is commonly offered in products and services of antivirus software companies
Antivirus software
Antivirus software principles of operation
scans memory
scans media (diskettes, disks/discs, flash drives)
monitors and prevents execution of harmful software
scans e-mail messages
usually depends on "definitions" which should be regularly updated
(Business) Anti-virus software categories
paid
free
free for personal use only
Paid antivirus software
avast!AviraAVG Anti-VirusBitDefenderBullGuardCA Anti-VirusCisco Security AgentDriveSentryeSafeFortinet FortiClient End Point Security
F-PROTF-SecureG DATA SoftwareGraugon AntiVirus ProKaspersky Anti-VirusLinuxShieldMcAfee VirusScannProtectNOD32Norman ASA
Norton AntiVirusPanda SecurityPC Tools AntiVirusRising AntiVirusSophos Anti-VirusTrend Micro Internet SecurityVba32 AntiVirusVirus ChaserWindows Live OneCareZoneAlarm
Free antivirus software
Windows DefenderAvira AntiVir Personal - Free AntivirusAOL Active Virus ShieldAVG Anti-Virus Freeavast! Home Edition BitDefender Free Comodo AntiVirus DriveSentry F-PROT for Linux, FreeBSD, MS-DOSGraugon AntiVirusPC Tools AntiVirus Free EditionRising Antivirus Free Edition
Backup/archiving and compression
not the same thing
can be used separately or together
Backup
the process of creating auxiliary, archive, reserve copies of data, usually on external media
it is a measure against data loss
data can be restored/recovered if needed
Frequent backup media
external hard drives, incl. network drives and storage servers
tape backup
optical media
Backup principles
backup should not be online all the time
regular/scheduled backups
incremental backup
compression (although rare)
Paid backup software.Mac BackupAcronis True ImageAltexa online BackupAtempo TIMEnavigatorBackup4allBackupAssistBakBone NetVaultCommVault Systems GalaxyComputer Associates ARCserve BackupdeVaultDiscoEMC Legato NetworkerEMC Corporation RetrospectGenie Backup Manager
GRBackProHandy BackupHP OpenView Storage Data Protector and Archive Backup systemi-driveIBM Tivoli Storage ManagerIBM Aggregate Backup And Recovery SystemImage for WindowsLangmeier BackupMacrium ReflectMicrosoft Data Protection ManagerNero BackItUpRoxio Toast
SonicWALLStorageCraft ShadowProtectSymantec Backup Exec, NetBackup, Norton 360, Norton GhostSyncsort Backup ExpressTime MachineUltraBac SoftwareUnitrendsVentis BackupSuite 2008Windows Live OneCareWindows Recovery EnvironmentYosemite Backup
Free backup software
AMANDA BSDAreca Backup GPLBackup NinjaBackupPC GPLBacula GPLCobian Backup MozillacpioDAR GPLdump duplicity GPL
FlyBack GPLMondo GPLrsync GPLtarTimeVaultVenti Open SourceZmanda Recovery Manager GPL
Compression of files
the original data (one or more files) are encoded in such a way into new data (file/s) that they occupy less disk space
mathematical algorithms are used
no loss of information (unlike JPEG compression for example)
How it works
the algorithms search for duplicate fragments of data and store only one copy of each
search is usually byte or bit-based
Common compressed formats
ZIP
GZ
RAR
TAR
ARJ
SIT, SITX
ACE