January 2003 - Today is an Era of Information Technology .Due to a result of technology advances over the past decade, today we are enjoying lots of benefits out of it. Communication means have improved a lot over the past few years. A major communication media now a days is Internet. Considering Internet as one of major breakthrough of the past century as well as last decade, we can say it is very useful medium of communication. It has literally brought people together and made the world look like a small village. Now sitting at our home in Saudi Arabia, we find it very easy to have a voice chat with our family members as well as friends all over the world at a very nominal cost. Kids are taking most benefits out of it as most of the parents of today’s age find it difficult to be at ease with computer and esp. Internet use. But did we ever realize that while using Internet and all its benefits, how much risk we are putting ourselves as well as our privacy in at the same time .May be not or may be we realize it only when suddenly our computer goes down mostly due to a virus and now we are stuck. “No program is running, no Internet .No voice chat .Oh GOD , what to do .Let’s take it to a computer shop “. You go to a computer shop .The Technician will charge you a good amount of money and Format your hard disk and Reinstall Operating system. Most of the cases he will not care if you have some important files on your system and even if you insist, he will tell you that Virus corrupted all of your data so it is not possible to collect those files. And here you go. You are ought to loose your important files because of the virus as well a incompetency of the technician. You bring computer back home .use it for a while and the same happens again. Here we go again .Go to Technician, get the system formatted, loose all data and start again Till the Next time it happens again
The Purpose of this article is to avoid having this trouble as well as to let all people know about latest security threats and how can we save ourselves from them .so Let’s start. Whenever we are on Internet, we are part of a big network i.e. of our ISP’s Network which is connected to other ISP Networks and which is connected to Other Countries Networks and more networks, that’s why it is called Internet (Internetworking) i.e. Network of Networks. At one time in Saudi Arabia, there may be thousands of computers which can see you online. Like in this world not all People are good so is true for Internet. There are not all-Good guys using the Internet .Bad guys are there as well. Most of them are teenagers which consider it fun to break into other people ‘s system and steal their data. Plant a Trojan and in worst cases destroy their data as well .Let see how they do it.
Lets Assume I am a hacker and you are a legitimate user who uses internet Emails to get in touch with his/her family as well as you use MSN messenger or yahoo messenger to have a voice chat session with your family and friends. And since you are not aware with security threats so you are not using any Antivirus software as well as personal firewall .May be the vendor who sold you a computer Installed Norton antivirus for free but it is not updated and you don’t even know how to update it so it is practically useless in this scenario .Now you get an email with the subject of love or Important. You don’t know the sender but you see the subject and say may be it is friend using some other email id .you open the mail, it has an attachment, you double click on it and here you go. Suddenly your system becomes very slow, sort of hangs .You don’t know what to do, you wait for a while then you reboot the system. After rebooting the system, it seems OK . You use it but you don’t know that you have been infected by a virus .You will say, Hold on subhani, my computer is working fine .how can you say I am infected. Every thing seems OK. Before proceeding further, let see what a Virus is and what are its different forms and then I will explain that what happened to your computer actually.
What is a Virus?
A computer virus is a program – a piece of executable code – that has the unique ability to replicate. Like biological viruses, computer viruses can spread quickly and are often difficult to eradicate. They can attach themselves to just about any type of file and are spread as files that are copied and sent from individual to individual.
In addition to replication, some computer viruses share another commonality: a damage routine that delivers the virus payload. While payloads may only display messages or images, they can also destroy files, reformat your hard drive, or cause other damage. If the virus does not contain a damage routine, it can cause trouble by consuming storage space and memory, and degrading the overall performance of your computer.
Several years ago most viruses spread primarily via floppy disk, but the Internet has introduced new virus distribution mechanisms. With email now used as an essential business communication tool, viruses are spreading faster than ever.Viruses attached to email messages can infect an entire enterprise in a matter of minutes, costing companies millions of Riyals annually in lost productivity and clean-up expenses.
Viruses won't go away anytime soon. More than 60,000 have been identified and 400 new ones are created every month, according to the International Computer Security Association (ICSA). With numbers like this, it's safe to say that most organizations will regularly encounter virus outbreaks. No one who uses computers is immune to viruses.
Another form of virus is Trojan which is as dangerous as you have a servant or enemy who is hiding in your house and opening the gate at night for thieves to come in and rob you.
What is a Trojan?
A Trojan is malware (a program designed for malicious use) that performs unexpected or unauthorized, often malicious, actions. Trojans cause damage, unexpected system behavior, and compromise the security of systems. A Trojan, coined from Greek mythology's Trojan horse, typically comes in good packaging like some picture, screen saver or some small application which runs some joke on your screen but has some hidden malicious intent within its code. When a Trojan is executed users will likely experience unwanted system problems in operation, and sometimes loss of valuable data.
So What happened above may be that what you got was a Virus as well as Trojan. First it started sending emails to all of the people in your address book so that they will receive this virus from your name That’s why the system hanged and when you rebooted , it put itself in registry and became a part of your system. Now it will be launched every time you start your system. Once you are connected to internet ,it will detect Internet activity and send an email to an unknown hacker (the one who sent this virus ) about your IP Address and the open port to which the hacker can contact .Now hacker has your information .If he wants to tease you now, he can do it.Using this Trojan ,he can delete your system files ,disable your mouse ,flip your screen , crack your passwords ,steal your files and what not .By the time you realize ,it is mostly too late .A Very common & old Trojan which still is used at large is Sub Seven . Using Sub Seven, I can even record the sounds at the other end. flip my victim’s screen , delete his files ,change his screen resolution shut down his computer completely ,In short almost every thing you can think of .And remember Sub Seven is a very old Trojan horse . But still works today beause most of us do not bother to use any antivirus software.
In the past Viruses and Trojans were treated separately but as the technology grew, so grew the knowledge of hackers .Now they are making viruses which are trojans and worms as well. A worm is like a virus but it has the ability to replicate itself via Network shares .so not even at home, sometime you are not even safe at your workplace .One of your colleague is infected with a virus and there is no antivirus software in your organization, you have shared some of your directories to be used with other colleagues, It may be some games or some files of common use like price sheets. Using those shares virus will penetrate your system as well and you may loose a lot of data because of that. So after hearing all this stuff .you will definitely look up and say “You are right .I had this problems in the past and I suffered a lot because of it .So please tell me what can I do so that I feel safe while using Internet “. Yes, let see what we can do now .We can be safe on Internet if we do the following things.
a) Install an Antivirus Software
The first thing we should do is to Install an antivirus software on our home computer .There are many antivirus softwares in the market . You can use any of them but most poupular are
Mcafee VirusScan 7.0 (http://www.mcafee.com)
Norton Antivirus 2003 (http://www.norton.com) It will lead to http://www.symantec.com/nav/nav_9xnt/
PC-cillin 2003 by Trend Micro (http://www.pc-cillin.com)
You may find free antivirus in Pirated software CDs available in the market but I will not suggest you to buy that. Most of these cds themselves are infected with Viruses. Most of you will remember that CIH virus a.k.a. Chernobyl spread due to Windows Installer cds available in the market at that time and almost every PC which used Windows Installers got infected.
Another Important thing is that installing antivirus software is not enough .It should be able to recognize all the latest Virus threats. To know all the Latest Virus Threats, all the Antivirus Vendors work hard to come up with latest Virus definitions to detect them so that people who are using their Antivirus Software should get themselves updated with Latest Virus Definitions .It doesn’t look fair that we do not pay them a nominal price they are asking us against all their hard work . An Antivirus Cd can be purchased from 100 to 200 Saudi Riyals which is not a big amount if we compare it with all those losses that occurred to us when our computer was down esp. if we regularly talk with our friends and family via voice chat .Instead of voice chat ,if we have to make phone calls for one week .I am sure we will spend more than 200 riyals.
b) Use a Personal Firewall
Using Antivirus, we have closed on Major security hole in our computer . Yet we have to be careful about another i.e. Script Kiddies .Who is a Script Kiddie? Since now a days a lot of hacking tools are available over Internet for educational and commercial purposes, a new generation of hackers have emerged which do it just for fun. They are not very good at Operating System level so instead of doing sophisticated hacking they go for the easy Options i.e. destruction of Victim’s Computer. Mafia boy was one of them .At the age of 13, he was able to get into more than 13 Govt. Sites in US .Let See hot it works.
First of all a hacker Scans internet for all the people who are online .It can be done easily by using Scanning Softwares which are available on internet very easily .A common one is R3x. Also you can find GFI LanGuard Scanner. These scanners are used for Security purposes as well as for malicious use also .Due to Microsoft Netbios, All the machines over Internet announce their presence using ports 135-139. If you are not using a firewall, your machine will easily be detected by the hacker. Once he knows about your machine, he will try to access your machine by Other tools .If he is a good programmer, he may use his own software or he can use other hacking tools to gain access to your hard disk. He may exploit some of the software bugs of Outlook express or Internet Explorer or AOL Messenger .All these products have known security holes. And between the discovery of a security hole till its remedy, there is always a window of Opportunity for hackers who never let it go off their hands. But If there is a Black Hat hacker, there are White Hats Security Experts too who always try to trace the hackers back and try to minimize the damages caused by them to our society .To Save yourself from a hacker, I will suggest you to use a Personal firewall. In the past, Antivirus and Personal firewall were two different things but in today’s world. Antivirus vendors have combined the two in one package .Now you can find Antivirus as well as Firewall in one product .The Products are again the same.
Mcafee VirusScan Enterprise 7.0 Norton Antivirus 2003 PC Cillin 2003
ZoneAlarm (Personal firewall Only) .It can be downloaded from http://www.zonelabs.com
and is a MUST USE product.
How to get back to normal if you are infected with a Virus
Whenever you suspect that you are infected with a virus .you can do the following.
a) First of all note the virus symptoms on your machine. Sometime they are clear enough to tell you the Virus Name .If you do not have any virus Scanner but you can access internet on your machine , you can go to any Antivirus Vendor site and get your hard disk Scanned .It will tell you about the Virus name .One of the most commonly used site is
http://housecall.antivirus.com http://www.mcafee.com/myapps/mfs/default.asp
b) Once you have the virus name Or Symptoms, you can search for it on any of the following sites.
http://www.antivirus.com/vinfo http://vil.nai.com http://www.symantec.com/avcenter
c) All these sites will give you the Details about the Virus name and the procedure to undo its changes manually. Antivirus Softwares are not able to undo registry changes made by virus . Either we have to use special tools developed by Antivirus Vendor and do it manually .But mostly it is merely a 5 to 10 minute job to bring a system back to normal rather than formatting the system and waste hours in reinstalling the Operating system and all the Drivers and other programs.
I am sure now you have a better idea of the security threats as compared to when you started this article .we should not forget that Security is a process, not a product .By doing all the steps mentioned above , we can increase our security rather than no security at all .
You can always email at shahzad_subhani@yahoo.com if you need some assistance in this regards .
Are you a resident of Saudi Arabia? |
ContactPakistan.com. We publish such contents within 24 hours!
NO POLITICAL REPORTS - WE HAD ENOUGH!
ContactPakistan offers FREE hosting to all community contests.
If you like to sponsor a competition such as sporting events quiz,
Children Essay, Drawings etc. then drop an Email to Webmaster for more
details. We will design complete contest and advertisement campaign Free!!
Let us build virtual community and your business together
No comments:
Post a Comment