Computer Security Fundamentals by Chuck Easttom Chapter 5

Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware part 2

Trojan Horses A program that looks benign, but is not n A cute screen saver or apparently useful login box can q q q Download harmful software. Install a key logger. Open a back door for hackers. © 2016 Pearson, Inc. Chapter 5 Malware 2

Trojan Horses (cont. ) n Competent programmers can craft a Trojan horse: q q n To appeal to a certain person or To appeal to a certain demographic Company policy should prohibit unauthorized downloads. © 2016 Pearson, Inc. Chapter 5 Malware 3

Trojan Horses (cont. ) Still-valid CERT advisory on Trojan horses © 2016 Pearson, Inc. Chapter 5 Malware 4

Trojan Horses (cont. ) n Competent programmers can craft a Trojan horse: q q n To appeal to a certain person or To appeal to a certain demographic Company policy should prohibit unauthorized downloads. © 2016 Pearson, Inc. Chapter 5 Malware 5

The Buffer Overflow Attack n Elite. Wrap. © 2016 Pearson, Inc. Chapter 5 Malware 6

The Buffer Overflow Attack (cont. ) A Microsoft Security Bulletin on a buffer overflow attack © 2016 Pearson, Inc. Chapter 5 Malware 7

The Buffer Overflow Attack (cont. ) Web tutorial for writing buffer overflows © 2016 Pearson, Inc. Chapter 5 Malware 8

Spyware n n Requires more technical knowledge Usually used for targets of choice Must be tailored to specific circumstances Must then be deployed © 2016 Pearson, Inc. Chapter 5 Malware 9

Spyware (cont. ) n Forms of spyware q q Web cookies Key loggers © 2016 Pearson, Inc. Chapter 5 Malware 10

Spyware (cont. ) n Legal Uses q q n Monitoring children’s computer use Monitoring employees Illegal Uses q Deployment will be covert © 2016 Pearson, Inc. Chapter 5 Malware 11

Spyware (cont. ) Example of free spyware removal software © 2016 Pearson, Inc. Chapter 5 Malware 12

Other Forms of Malware n Rootkit q A collection of hacking tools that can n n Monitor traffic and keystrokes Create a backdoor Alter log files and existing tools to avoid detection Attack other machines on the network © 2016 Pearson, Inc. Chapter 5 Malware 13

Malicious Web-Based Code n Web-Based mobile code q q q Code that is portable on all operating systems Multimedia rushed to market results in poorly scripted code Spreads quickly on the web © 2016 Pearson, Inc. Chapter 5 Malware 14

Logic Bombs n Go off on a specific condition q q Often date Can be other criteria © 2016 Pearson, Inc. Chapter 5 Malware 15

APT n Advanced Persistent Threat q q Advanced techniques, not script kiddy’s Ongoing over a significant period of time © 2016 Pearson, Inc. Chapter 5 Malware 16

Detecting and Eliminating Viruses and Spyware n Antivirus software operates in two ways: n Scans for virus signatures q n Keeps the signature file updated Watches the behavior of executables § § © 2016 Pearson, Inc. Attempts to access e-mail address book Attempts to change Registry settings Chapter 5 Malware 17

Detecting and Eliminating Viruses and Spyware (cont. ) n Anti-spyware software q q www. webroot. com www. spykiller. com www. zerospy. com www. spectorsoft. com © 2016 Pearson, Inc. Chapter 5 Malware 18

Summary n n There a wide variety of attacks. Computer security is essential to the protection of personal information and your company’s intellectual property. Most attacks are preventable. Defend against attacks with sound practices plus antivirus and antispyware software. © 2016 Pearson, Inc. Chapter 5 Malware 19