ASSIGNMENT 18
Utility programs
These are standard programs that run under control of the operating system just like your applications programs. They are called utilities because they perform general types of functions that have little relationship to the content of the data. Utility programs eliminate the need for programmers to write new programs when all they want to do is copy, print, or sort a data file.
Utility programs categories
-Disk Cleanup (cleanmgr.exe) is a computer maintenance utility included in Microsoft windows designed to free up disk space on a computer's hard drive. The utility first searches and analyzes the hard drive for files that are no longer of any use, and then removes the unnecessary files. There are a number of different file categories that Disk Cleanup targets when performing the initial disk analysis:
Compression of old files
Temporary Internet files
Temporary Windows file
Downloaded Program files
Recycle Bin
Removal of unused applications or optional Windows components
Setup Log files
Offline files
The above list, however, is not exhaustive. For instance, 'Temporary Remote Desktop files' and 'Temporary Sync Files' may appear only under certain computer configurations, differences such as Windows Operating System and use of additional programs such as Remote Desktop. The option of removal hibernation data may not be ideal for some users as this may remove the hibernate option.
-Disk checkers is a command on computers running DOS, OS/2 and Microsoft Windows operating systems that displays the file system integrity status of hard disks and floppy disk and can fix logical file system errors. It is similar to the fsck command in Unix. On computers running NT-based versions of Windows, CHKDSK can also check the disk surface for physical errors or bad sectors, a task previously done by SCANDISK. This version of CHKDSK can also handle some physical errors and recover data that is still readable.
-File managers is a computer program that provides a user interface to work with file systems. The most common operations used are create, open, edit, view, print, play, rename, move, copy, delete, attributes, properties, search/find, and permissions. Files are typically displayed in a hierarchy. Some file managers contain features inspired by web browsers, including forward and back navigational buttons.
-Backup utility refers to making copies of data so that these additional copies may be used to restore the original after a data loss event. The verb is back up in two words, whereas the noun is backup (often used like an adjective in compound nouns).
Backups are useful primarily for two purposes. The first is to restore a state following a disaster (called disaster recovery). The second is to restore small numbers of files after they have been accidentally deleted or corrupted. Data loss is also very common. 66% of internet users have suffered from serious data loss.
-Defragmentation is a process that reduces the amount of fragmentation in file systems. It does this by physically organizing the contents of the disk to store the pieces of each file close together and contiguously. It also attempts to create larger regions of free space using compactionto impede the return of fragmentation. Some defragmenters also try to keep smaller files within a single directory together, as they are often accessed in sequence.
-Data compression is the process of encoding information using fewer bits (or other information-bearing units) than an unencoded representation would use, through use of specific encoding schemes.
Another related concept to compression is that of Data deduplication. In computing, data deduplication is a specialized data compression technique for eliminating coarse-grained redundant data, typically to improve storage utilization.
-Virus protection is used to prevent, detect, and remove malware, including computer viruses, worms, and trojan horses. Such programs may also prevent and remove adware, spyware, and other forms of malware.
A variety of strategies are typically employed. Signature-based detection involves searching for known malicious patterns in executable code. However, it is possible for a user to be infected with new malware for which no signature exists yet. To counter such so-called zero-day threats, heuristics can be used.
-Data recovery is the process of salvaging data from damaged, failed, corrupted, or inaccessible secondary storage media when it cannot be accessed normally. Often the data are being salvaged from storage media such as hard disk drives, storage tapes, CDs, DVDs, RAID, and other electronics. Recovery may be required due to physical damage to the storage device or logical damage to the file system that prevents it from being mounted by the host operating system.
-Diagnosis utility recovers data from the message store. The utility tool checks the synchronization status of each subscription that the user is associated with and checks if it needs recovery. If it does, the tool recovers and writes the recovery status in an output file. You can run this utility before deleting or resetting a device or user ID to collect data that can help you diagnose client synchronization problems.
Friday, July 23, 2010
Wednesday, July 7, 2010
INTRODUCTION COMPUTER THREAT
ASSINGMENT 17
INTRODUCTION COMPUTER THREAT
The computer is a great tool to store important information. In certain cases, the information is very vital that losing it will harm the computer system.
Computer threats can come from many ways either from human or natural disasters. For example, when someone is stealing your account information from a trusted bank, this threat is considered as a human threat. However, when your computer is soaked in heavy rain, then that is a natural disaster threat.
MALICIOUS CODE
Malicious code is also known as a rogue program. It is a threat to computing assets by causing undesired effects in the programmer’s part. The effect is caused by an agent, with the intention to cause damage.
The agent for malicious code is the writer of the code, or any person who causes its distribution. There are various kinds of malicious code. They include virus, Trojan horse, logic door, trapdoor and backdoor, worm and many others.
a) VIRUS
• a program that can pass on the malicious code to other programs by modifying them
• attaches itself to the program, usually files with .doc, .xls and .exe extensions
• destroys or co-exists with the program
• can overtake the entire computing system and spread to other systems
b) TROJAN HORSE
• a program which can perform useful and unexpected action
• must be installed by users or intruders before it can affect the system’s assets
• an example of a Trojan horse is the login script that requests for users’ login ID and password
• the information is then used for malicious purposes
c) LOGIC BOMB
• logic bomb is a malicious code that goes off when a specific condition occurs.
• an example of a logic bomb is the time bomb
• it goes off and causes threats at a specified time or date
e) TRAPDOOR OR BACKDOOR
• a feature in a program that allows someone to access the program with special privileges
f) WORM
• a program that copies and spreads itself through a network
Primary Differences Between Worms And viruses
Worm Virus
Operates through the network Spreads through any medium
Spreads copies of itself as a standalone program Spreads copies of itself as a program that attaches to other
programs
HACKER
Hacking is a source of threat to security in computer. It is defined as unauthorised access to the computer system by a hacker. Hackers are persons who learn about the computer system in detail. They write program referred to as hacks. Hackers may use a modem or cable to hack the targeted computers.
NATURAL AND ENVIRONMENTAL THREATS
Computers are also threatened by natural or environmental disaster. Be it at home, stores, offices and also automobiles.Examples of natural and environmental disasters:
Flood
Fire
Earthquakes, storms and tornados
Excessive Heat
Inadequate Power Supply
THEFT
Two types of computer theft:
1) Computer is used to steal money, goods, information and resources.
2) Stealing of computer, especially notebook and PDAs.
Three approaches to prevent theft:
1) prevent access by using locks, smart-card or password
2) prevent portability by restricting the hardware from being moved
3) detect and guard all exits and record any hardware transported
INTRODUCTION COMPUTER THREAT
The computer is a great tool to store important information. In certain cases, the information is very vital that losing it will harm the computer system.
Computer threats can come from many ways either from human or natural disasters. For example, when someone is stealing your account information from a trusted bank, this threat is considered as a human threat. However, when your computer is soaked in heavy rain, then that is a natural disaster threat.
MALICIOUS CODE
Malicious code is also known as a rogue program. It is a threat to computing assets by causing undesired effects in the programmer’s part. The effect is caused by an agent, with the intention to cause damage.
The agent for malicious code is the writer of the code, or any person who causes its distribution. There are various kinds of malicious code. They include virus, Trojan horse, logic door, trapdoor and backdoor, worm and many others.
a) VIRUS
• a program that can pass on the malicious code to other programs by modifying them
• attaches itself to the program, usually files with .doc, .xls and .exe extensions
• destroys or co-exists with the program
• can overtake the entire computing system and spread to other systems
b) TROJAN HORSE
• a program which can perform useful and unexpected action
• must be installed by users or intruders before it can affect the system’s assets
• an example of a Trojan horse is the login script that requests for users’ login ID and password
• the information is then used for malicious purposes
c) LOGIC BOMB
• logic bomb is a malicious code that goes off when a specific condition occurs.
• an example of a logic bomb is the time bomb
• it goes off and causes threats at a specified time or date
e) TRAPDOOR OR BACKDOOR
• a feature in a program that allows someone to access the program with special privileges
f) WORM
• a program that copies and spreads itself through a network
Primary Differences Between Worms And viruses
Worm Virus
Operates through the network Spreads through any medium
Spreads copies of itself as a standalone program Spreads copies of itself as a program that attaches to other
programs
HACKER
Hacking is a source of threat to security in computer. It is defined as unauthorised access to the computer system by a hacker. Hackers are persons who learn about the computer system in detail. They write program referred to as hacks. Hackers may use a modem or cable to hack the targeted computers.
NATURAL AND ENVIRONMENTAL THREATS
Computers are also threatened by natural or environmental disaster. Be it at home, stores, offices and also automobiles.Examples of natural and environmental disasters:
Flood
Fire
Earthquakes, storms and tornados
Excessive Heat
Inadequate Power Supply
THEFT
Two types of computer theft:
1) Computer is used to steal money, goods, information and resources.
2) Stealing of computer, especially notebook and PDAs.
Three approaches to prevent theft:
1) prevent access by using locks, smart-card or password
2) prevent portability by restricting the hardware from being moved
3) detect and guard all exits and record any hardware transported
computer security
ASSIGNMENT 16
COMPUTER SECURITY
DEFINITION OF COMPUTER SECURITY
Computer security means protecting our computer systems and the information they contain against unwanted access, damage, destruction or modification.
We need to protect our computer from any intruders such as hackers, crackers and script kiddie.
We do not want strangers to read our e-mail, use our computer to
attack other systems, send forged e-mail from our computer, or examine personal information stored on our computer such as financial statements.
TYPES OF COMPUTER SECURITY
Three types of computer security are:
a) hardware security
b) software security/data security
c) network security
a) HARDWARE SECURITY
Hardware security refers to security measures used to protect the hardware specifically the computer and its related documents.
The examples of security measures used to protect the hardware include PC-locks, keyboard-locks, smart cards and biometric devices.
b) SOFTWARE AND DATA SECURITY
Software and data security refers to the security measures used to protect the software and the loss of data files.
Examples of security measures used to protect the software are activation code and serial number.
c) NETWORK SECURITY
The transfer of data through network has become a common practice and the need to implement network security has become significant.
PERSONAL COMPUTER SECURITY CHECKLIST
In order to make sure our computers are secured, here are the computer
security checklist to follow.
Do not eat, drink or smoke near the computer
Do not place the computer near open windows or doors
Do not subject the computer to extreme temperatures
Clean the equipment regularly
Place a cable lock on the computer
Use a surge protector
Store disks properly in a locked container
Maintain backup copies of all files
Stores copies of critical files off sites
Scan a floppy disk before you open it
Do not open any unknown email received
COMPUTER SECURITY
DEFINITION OF COMPUTER SECURITY
Computer security means protecting our computer systems and the information they contain against unwanted access, damage, destruction or modification.
We need to protect our computer from any intruders such as hackers, crackers and script kiddie.
We do not want strangers to read our e-mail, use our computer to
attack other systems, send forged e-mail from our computer, or examine personal information stored on our computer such as financial statements.
TYPES OF COMPUTER SECURITY
Three types of computer security are:
a) hardware security
b) software security/data security
c) network security
a) HARDWARE SECURITY
Hardware security refers to security measures used to protect the hardware specifically the computer and its related documents.
The examples of security measures used to protect the hardware include PC-locks, keyboard-locks, smart cards and biometric devices.
b) SOFTWARE AND DATA SECURITY
Software and data security refers to the security measures used to protect the software and the loss of data files.
Examples of security measures used to protect the software are activation code and serial number.
c) NETWORK SECURITY
The transfer of data through network has become a common practice and the need to implement network security has become significant.
PERSONAL COMPUTER SECURITY CHECKLIST
In order to make sure our computers are secured, here are the computer
security checklist to follow.
Do not eat, drink or smoke near the computer
Do not place the computer near open windows or doors
Do not subject the computer to extreme temperatures
Clean the equipment regularly
Place a cable lock on the computer
Use a surge protector
Store disks properly in a locked container
Maintain backup copies of all files
Stores copies of critical files off sites
Scan a floppy disk before you open it
Do not open any unknown email received
Friday, April 23, 2010
computer attack
ASSIGNMENT 15
COMPUTER CRIMES
Computer crime or cybercrime refers to any crime that involves a computer and a network, where the computers may or may not have played an instrumental part in the commission of the crime (Moore 2000). Issues surrounding this type of crime have become high-profile, particularly those surrounding hacking, copyright infringement, child porn, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise.
On the global level, both governments and non-state actors continue to grow in importance, with the ability to engage in such activities as espionage, financial theft, and other cross-border crimes sometimes referred to as cyber warfare. The international legal system is attempting to hold actors accountable for their actions, with the International Criminal Court among the few addressing this threat.
1.1 COMPUTER FRAUD
Computer fraud is any dishonest misrepresentation of fact intended to let another to do or refrain from doing something which causes loss. In this context, the fraud will result in obtaining a benefit by:
• altering computer input in an unauthorized way. This requires little technical expertise and is not an uncommon form of theft by employees altering the data before entry or entering false data, or by entering unauthorized instructions or using unauthorized processes;
• altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions: this is difficult to detect;
• altering or deleting stored data;
• altering or misusing existing system tools or software packages, or altering or writing code for fraudulent purposes. This requires real programming skills and is not common.
Other forms of fraud may be facilitated using computer systems, including bank fraud, identity theft, extortion, and theft of classified information.
A variety of Internet scams target consumers direct.
1.2 COPYRIGHT INFRIGMENT
Copyright infringement (or copyright violation) is the unauthorized or prohibited use of works covered by copyright law, in a way that violates one of the copyright owner's exclusive rights, such as the right to reproduce or perform the copyrighted work, or to make derivative works.
For electronic and audio-visual media, unauthorized reproduction and distribution is also commonly referred to as piracy. An early reference to piracy in the context of copyright infringement was made by Daniel Defoe in 1703 when he said of his novel The True-Born Englishman that "Its being Printed again and again, by Pyrates". The practice of labeling the act of infringement as "piracy" predates statutory copyright law. Prior to the Statute of Anne 1709, the Stationers' Company of London in 1557 received a Royal Charter giving the company a monopoly on publication and tasking it with enforcing the charter. Those who violated the charter were labeled pirates as early as 1603.
The legal basis for this usage dates from the same era, and has been consistently applied until the present time. Critics of the use of the term "piracy" to describe such practices contend that it is pejorative and unfairly equates copyright infringement with more sinister activity, though courts often hold that under law the two terms are interchangeable.
1.3 COMPUTER THEFT
It is very unfortunate that several identity thieves know how to operate your computer better than you. While they are skilled in their methods of deception, there are few things that can be done to protect your personal information:
• Always remove the hard drive on a computer you are selling or giving away.
• Keep it in safe place or destroy it
• Inquire within a reliable computer supplier about how to safely overwrite the files
• Use a quality hard disk cleaning program.
There are also a few items you should delete individually. Though it may be some what of a task, recovering from identity theft is even more of a challenge. Here are the files that must be deleted before selling or giving your computer away:
• all email contacts
• all email messages
• all important word documents
• all files in the recycle bin or trash folder of the operating system
• all temporary internet files
• your internet search history
• the cache of your web browser
• any non-transferable software that may be installed on the hard drive
You should also make sure that trusted users of your computer are practicing identity theft prevention as well. Children should protect themselves from identity theft by never using their real name in an email account and limiting personal details on social networking sites. Being that children are often prime targets of internet predators, it is very important to protect the contents of your computer to prevent identity theft and ensure their safety.
1.4 COMPUTER ATTACK
Back when the only Internet connection available was telephone dial-up, we didn't have to worry about worms, Trojans, and viruses attacking our computer systems. Today however, with permanent, lightening-fast DSL and cable modem Internet connections, you need to take extra protections against those who enter your computer system without your consent. The following list details attack methods that are common today.
Hackers are individuals or programs that attempt to gain access to your system without your permission or your knowledge. Some hackers are automated, searching for details inside your computer in order to improve targeted advertising. Other hackers are individuals searching for your private information, such as financial account access data.
Viruses are one of the most common methods of computer attack. There are some viruses circulating that are programmed to destroy your computer; these viruses can sometimes corrupt an entire network or more. Frequently, viruses come attached to an email in the form of an executable file (a file that ends with the letters ".exe").
A virus often comes in the form of a Trojan Horse- a term that means "innocent appearance, malicious intent."
Trojan Horses are malicious viruses that attach to your computer using innocent-looking means. Often, you are lured to a Trojan-infected website through a deceptive popup or email advertisement.
Another common method to receive a Trojan is through downloading free software. Manufacturers can make money from their "free" software by allowing advertisers to add a Trojan horse. Certainly not all free software is rigged with malicious content, but it's difficult to tell when the software is truly free and when you will pay for it with loss choice or loss of privacy.
One type of Trojan hijacks your homepage and search engine preference in order to lead you to their webpage; this artificially inflates their visitor numbers, adding to the hijacker's advertising revenues. (Hijackers also hope you'll eventually buy products from their advertisers since you will be stuck looking at their webpages so frequently.) A Trojan horse hijacker is much like a rude taxi driver who takes you where he wants to go instead of where you want to go, then charges you double fare.
Worms are similar to a virus but they don't attach themselves to a file or a program on their own. Worms reside in your computer's memory and replicate themselves to spread throughout your system or network. They work their way across the Internet by attaching invisible copies to your outgoing email.
The most common types of worms are called backdoor worms. These worms can be used by hackers to open ports (entryways), allowing the hacker clear access to the computer or network.
Root Kit are Trojan viruses that go deeper into your system then typical Trojans do. These hide in your computer registry. When the Trojan attaches to your system registry, it becomes much harder to detect and remove.
Some Root Kit Trojans will allow a hacker to take control of system devices-including a web cam. This will allow the hacker to view you from your own web cam without your knowledge-a visual spy. Root Kits also have the ability to erase log files, allowing the hacker to cloak his actions so that you can't see what he's been up to in your system. If the Root Kit came as a backdoor worm, it will also allow the hacker to access your system over and again and again.
Hybrids are combinations of different viruses. A hybrid takes on the characteristics of worms and Trojans and does harm at both levels-software applications and computer system. If you don't remove a hybrid virus from your system properly it will continue to infect your system until you are unable to remove it.
One of the most common hybrids is the Subseven Root Kit hybrid. The Subseven virus attaches itself to an application-a piece of software-then takes over the name of the application in order to open its own unique library in your Windows registry. The virus can then inform outside attackers (through email) that it has infiltrated your system. Then outsiders can easily gain access. In essence, this hybrid virus gets into your system with a false ID card then secretly calls malicious friends to join the party.
Scanners are tools used by hackers to detect your computer's vulnerability; they are usually attached with worms. The scanner will check your ports looking for an open one to gain access to your system.
Security systems like firewalls use scanners to detect open ports in order to secure them before they are breached.
Some people assume viruses also come in the form of cookies, but this isn't accurate. But cookies can attack you. Cookies are small packets of data that are created when you visit a website; these are made by the vendor but stored on your computer. Each time you revisit the website the cookie is read by the vendor. Cookies are the vendor's way to store information about you and your previous visits to their website so that they can customize your visit. Cookies can also store your mailing address and credit card information to make online transactions with the vendor one step easier.
Some cookies take this a step further, however, and use the opportunity to store a tidbit of data on your computer to watch your Internet surfing habits for marketing purposes since cookies can track online movement. These cookies are called spyware since they watch your actions.
Some malicious cookies, called adware, allow advertisers to target you with ads. Though cookies don't damage your computer, they can compromise your privacy. This is a good reason to consider a firewall program that allows you to monitor and block inbound and outbound cookies.
All these computer attacks are common, but many people don't realize this until after they've become victims themselves. That's why it's important for you to be prepared with a good firewall whenever you browse the Internet.
Advanced firewall programs give you extra protection through cookie control, spyware control, adware control and software application control. We recommend the most bang for your buck; get a firewall program that keeps you informed of all the conversations your computer has on the Internet so that you can be in control.
COMPUTER CRIMES
Computer crime or cybercrime refers to any crime that involves a computer and a network, where the computers may or may not have played an instrumental part in the commission of the crime (Moore 2000). Issues surrounding this type of crime have become high-profile, particularly those surrounding hacking, copyright infringement, child porn, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise.
On the global level, both governments and non-state actors continue to grow in importance, with the ability to engage in such activities as espionage, financial theft, and other cross-border crimes sometimes referred to as cyber warfare. The international legal system is attempting to hold actors accountable for their actions, with the International Criminal Court among the few addressing this threat.
1.1 COMPUTER FRAUD
Computer fraud is any dishonest misrepresentation of fact intended to let another to do or refrain from doing something which causes loss. In this context, the fraud will result in obtaining a benefit by:
• altering computer input in an unauthorized way. This requires little technical expertise and is not an uncommon form of theft by employees altering the data before entry or entering false data, or by entering unauthorized instructions or using unauthorized processes;
• altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions: this is difficult to detect;
• altering or deleting stored data;
• altering or misusing existing system tools or software packages, or altering or writing code for fraudulent purposes. This requires real programming skills and is not common.
Other forms of fraud may be facilitated using computer systems, including bank fraud, identity theft, extortion, and theft of classified information.
A variety of Internet scams target consumers direct.
1.2 COPYRIGHT INFRIGMENT
Copyright infringement (or copyright violation) is the unauthorized or prohibited use of works covered by copyright law, in a way that violates one of the copyright owner's exclusive rights, such as the right to reproduce or perform the copyrighted work, or to make derivative works.
For electronic and audio-visual media, unauthorized reproduction and distribution is also commonly referred to as piracy. An early reference to piracy in the context of copyright infringement was made by Daniel Defoe in 1703 when he said of his novel The True-Born Englishman that "Its being Printed again and again, by Pyrates". The practice of labeling the act of infringement as "piracy" predates statutory copyright law. Prior to the Statute of Anne 1709, the Stationers' Company of London in 1557 received a Royal Charter giving the company a monopoly on publication and tasking it with enforcing the charter. Those who violated the charter were labeled pirates as early as 1603.
The legal basis for this usage dates from the same era, and has been consistently applied until the present time. Critics of the use of the term "piracy" to describe such practices contend that it is pejorative and unfairly equates copyright infringement with more sinister activity, though courts often hold that under law the two terms are interchangeable.
1.3 COMPUTER THEFT
It is very unfortunate that several identity thieves know how to operate your computer better than you. While they are skilled in their methods of deception, there are few things that can be done to protect your personal information:
• Always remove the hard drive on a computer you are selling or giving away.
• Keep it in safe place or destroy it
• Inquire within a reliable computer supplier about how to safely overwrite the files
• Use a quality hard disk cleaning program.
There are also a few items you should delete individually. Though it may be some what of a task, recovering from identity theft is even more of a challenge. Here are the files that must be deleted before selling or giving your computer away:
• all email contacts
• all email messages
• all important word documents
• all files in the recycle bin or trash folder of the operating system
• all temporary internet files
• your internet search history
• the cache of your web browser
• any non-transferable software that may be installed on the hard drive
You should also make sure that trusted users of your computer are practicing identity theft prevention as well. Children should protect themselves from identity theft by never using their real name in an email account and limiting personal details on social networking sites. Being that children are often prime targets of internet predators, it is very important to protect the contents of your computer to prevent identity theft and ensure their safety.
1.4 COMPUTER ATTACK
Back when the only Internet connection available was telephone dial-up, we didn't have to worry about worms, Trojans, and viruses attacking our computer systems. Today however, with permanent, lightening-fast DSL and cable modem Internet connections, you need to take extra protections against those who enter your computer system without your consent. The following list details attack methods that are common today.
Hackers are individuals or programs that attempt to gain access to your system without your permission or your knowledge. Some hackers are automated, searching for details inside your computer in order to improve targeted advertising. Other hackers are individuals searching for your private information, such as financial account access data.
Viruses are one of the most common methods of computer attack. There are some viruses circulating that are programmed to destroy your computer; these viruses can sometimes corrupt an entire network or more. Frequently, viruses come attached to an email in the form of an executable file (a file that ends with the letters ".exe").
A virus often comes in the form of a Trojan Horse- a term that means "innocent appearance, malicious intent."
Trojan Horses are malicious viruses that attach to your computer using innocent-looking means. Often, you are lured to a Trojan-infected website through a deceptive popup or email advertisement.
Another common method to receive a Trojan is through downloading free software. Manufacturers can make money from their "free" software by allowing advertisers to add a Trojan horse. Certainly not all free software is rigged with malicious content, but it's difficult to tell when the software is truly free and when you will pay for it with loss choice or loss of privacy.
One type of Trojan hijacks your homepage and search engine preference in order to lead you to their webpage; this artificially inflates their visitor numbers, adding to the hijacker's advertising revenues. (Hijackers also hope you'll eventually buy products from their advertisers since you will be stuck looking at their webpages so frequently.) A Trojan horse hijacker is much like a rude taxi driver who takes you where he wants to go instead of where you want to go, then charges you double fare.
Worms are similar to a virus but they don't attach themselves to a file or a program on their own. Worms reside in your computer's memory and replicate themselves to spread throughout your system or network. They work their way across the Internet by attaching invisible copies to your outgoing email.
The most common types of worms are called backdoor worms. These worms can be used by hackers to open ports (entryways), allowing the hacker clear access to the computer or network.
Root Kit are Trojan viruses that go deeper into your system then typical Trojans do. These hide in your computer registry. When the Trojan attaches to your system registry, it becomes much harder to detect and remove.
Some Root Kit Trojans will allow a hacker to take control of system devices-including a web cam. This will allow the hacker to view you from your own web cam without your knowledge-a visual spy. Root Kits also have the ability to erase log files, allowing the hacker to cloak his actions so that you can't see what he's been up to in your system. If the Root Kit came as a backdoor worm, it will also allow the hacker to access your system over and again and again.
Hybrids are combinations of different viruses. A hybrid takes on the characteristics of worms and Trojans and does harm at both levels-software applications and computer system. If you don't remove a hybrid virus from your system properly it will continue to infect your system until you are unable to remove it.
One of the most common hybrids is the Subseven Root Kit hybrid. The Subseven virus attaches itself to an application-a piece of software-then takes over the name of the application in order to open its own unique library in your Windows registry. The virus can then inform outside attackers (through email) that it has infiltrated your system. Then outsiders can easily gain access. In essence, this hybrid virus gets into your system with a false ID card then secretly calls malicious friends to join the party.
Scanners are tools used by hackers to detect your computer's vulnerability; they are usually attached with worms. The scanner will check your ports looking for an open one to gain access to your system.
Security systems like firewalls use scanners to detect open ports in order to secure them before they are breached.
Some people assume viruses also come in the form of cookies, but this isn't accurate. But cookies can attack you. Cookies are small packets of data that are created when you visit a website; these are made by the vendor but stored on your computer. Each time you revisit the website the cookie is read by the vendor. Cookies are the vendor's way to store information about you and your previous visits to their website so that they can customize your visit. Cookies can also store your mailing address and credit card information to make online transactions with the vendor one step easier.
Some cookies take this a step further, however, and use the opportunity to store a tidbit of data on your computer to watch your Internet surfing habits for marketing purposes since cookies can track online movement. These cookies are called spyware since they watch your actions.
Some malicious cookies, called adware, allow advertisers to target you with ads. Though cookies don't damage your computer, they can compromise your privacy. This is a good reason to consider a firewall program that allows you to monitor and block inbound and outbound cookies.
All these computer attacks are common, but many people don't realize this until after they've become victims themselves. That's why it's important for you to be prepared with a good firewall whenever you browse the Internet.
Advanced firewall programs give you extra protection through cookie control, spyware control, adware control and software application control. We recommend the most bang for your buck; get a firewall program that keeps you informed of all the conversations your computer has on the Internet so that you can be in control.
cyber law
ASSIGNMENT 14
CYBER LAW
Cyberlaw is a term that encapsulates the legal issues related to use of communicative, transactional, and distributive aspects of networked information devices and technologies. It is less a distinct field of law in the way that property or contract are, as it is a domain covering many areas of law and regulation. Some leading topics include intellectual property, privacy, freedom of expression, and jurisdiction.
1.1 DIGITAL SIGNATURE ACT 1997
1.1.1 WHY THE DIGITAL SIGNATURE ACT 1997 ?
The Digital Signature Act was enforced on the 1st October 1998.
The Digital Signature Act 1997 aims at promoting the processing of transactions especially commercial transactions, electronically through the use of digital signatures.
This Act is an enabling law that allows for the development of, amongst others, e-commerce by providing an avenue for secure on-line transactions through the use of digital signatures. The Act provides a framework for the licensing and regulation of Certification Authorities, and the recognition of digital signatures.
The Controller of Certification Authority who has authority to monitor and license recognized Certification Authorities was appointed on 1st of October 1998.
1.1.2 WHAT IS DIGITAL SIGNATURE AS DEFINED BY THE ACT ?
"Digital Signature" is defined by the Act as a transformation of a message using an asymmetric cryptosystem such that a person having the initial message and the signer's public key can accurately determine whether the transformation was created using the private key that corresponds to the signer's public key and whether the message has been altered since the transformation was made.
Essentially, what this means is that a digital signature is an electronic version of a conventional signature. It is a pair of keys created with the use of asymmetric cryptosystem and involves the use of algorithm or a specific series of algorithm. The pair of keys is made up of a private key as well as a public key. The private key is used to create the digital signature while the public key is used to verify the digital signature. While the private key cannot be known by anyone else except the subscriber, the public key is known to the public and noted in the certificate issued by the certification authority and may be retrieved from the repository.
The transaction of a digitally signed message begins with the preparation of the message. The message is then transformed or hashed into message digest with the use of a one-way hash function. The signer signs this message digest using his private key. The result of using a private key on a message digest is called digital signature.
The original message is sent through an electronic line to the receiver. The recipient of the message, uses the signer's public key to verify the digital signature - only the signer's public key will verify a digital signature created with the signer's private key. The recipient may also verify if the message has been modified, by changing/hashing the received message with the use of the same algorithm (one way hash function).
If the value of the message digest is the same as the value of the message digest in the digital signature received, then no modification has been made to the message since its transformation. Digital signature is similar to the auto teller machine (ATM) card system.
1.2 COMPUTER CRIME ACT 1997
• Gives protection against the misuses of computers & computer criminal activities such as unauthorized use of programs, illegal transmission of data or messages over computers & hacking & cracking of computer systems & networks
• By implementing Computer Crimes Act 1997 users can protect their rights to privacy and build trust in the computer system. At the same time, the government can have control at a certain level over the Cyber Space to reduce Cyber Crime activities.
1.3 TELEMEDICINE ACT 1997
• The implementation of Communications & multimedia act 1998 ensures that information is secure, the network is reliable and the service is affordable all over Malaysia.
• This act also ensures high level of users confidence in the information & communication technology industry.
1.4 COMMUNICATION AND MULTIMEDIA ACT 1998
• The implementation of Communications & multimedia act 1998 ensures that information is secure, the network is reliable and the service is affordable all over Malaysia.
• This act also ensures high level of users confidence in the information & communication technology industry.
CYBER LAW
Cyberlaw is a term that encapsulates the legal issues related to use of communicative, transactional, and distributive aspects of networked information devices and technologies. It is less a distinct field of law in the way that property or contract are, as it is a domain covering many areas of law and regulation. Some leading topics include intellectual property, privacy, freedom of expression, and jurisdiction.
1.1 DIGITAL SIGNATURE ACT 1997
1.1.1 WHY THE DIGITAL SIGNATURE ACT 1997 ?
The Digital Signature Act was enforced on the 1st October 1998.
The Digital Signature Act 1997 aims at promoting the processing of transactions especially commercial transactions, electronically through the use of digital signatures.
This Act is an enabling law that allows for the development of, amongst others, e-commerce by providing an avenue for secure on-line transactions through the use of digital signatures. The Act provides a framework for the licensing and regulation of Certification Authorities, and the recognition of digital signatures.
The Controller of Certification Authority who has authority to monitor and license recognized Certification Authorities was appointed on 1st of October 1998.
1.1.2 WHAT IS DIGITAL SIGNATURE AS DEFINED BY THE ACT ?
"Digital Signature" is defined by the Act as a transformation of a message using an asymmetric cryptosystem such that a person having the initial message and the signer's public key can accurately determine whether the transformation was created using the private key that corresponds to the signer's public key and whether the message has been altered since the transformation was made.
Essentially, what this means is that a digital signature is an electronic version of a conventional signature. It is a pair of keys created with the use of asymmetric cryptosystem and involves the use of algorithm or a specific series of algorithm. The pair of keys is made up of a private key as well as a public key. The private key is used to create the digital signature while the public key is used to verify the digital signature. While the private key cannot be known by anyone else except the subscriber, the public key is known to the public and noted in the certificate issued by the certification authority and may be retrieved from the repository.
The transaction of a digitally signed message begins with the preparation of the message. The message is then transformed or hashed into message digest with the use of a one-way hash function. The signer signs this message digest using his private key. The result of using a private key on a message digest is called digital signature.
The original message is sent through an electronic line to the receiver. The recipient of the message, uses the signer's public key to verify the digital signature - only the signer's public key will verify a digital signature created with the signer's private key. The recipient may also verify if the message has been modified, by changing/hashing the received message with the use of the same algorithm (one way hash function).
If the value of the message digest is the same as the value of the message digest in the digital signature received, then no modification has been made to the message since its transformation. Digital signature is similar to the auto teller machine (ATM) card system.
1.2 COMPUTER CRIME ACT 1997
• Gives protection against the misuses of computers & computer criminal activities such as unauthorized use of programs, illegal transmission of data or messages over computers & hacking & cracking of computer systems & networks
• By implementing Computer Crimes Act 1997 users can protect their rights to privacy and build trust in the computer system. At the same time, the government can have control at a certain level over the Cyber Space to reduce Cyber Crime activities.
1.3 TELEMEDICINE ACT 1997
• The implementation of Communications & multimedia act 1998 ensures that information is secure, the network is reliable and the service is affordable all over Malaysia.
• This act also ensures high level of users confidence in the information & communication technology industry.
1.4 COMMUNICATION AND MULTIMEDIA ACT 1998
• The implementation of Communications & multimedia act 1998 ensures that information is secure, the network is reliable and the service is affordable all over Malaysia.
• This act also ensures high level of users confidence in the information & communication technology industry.
proses of internet filtering
ASSIGNMENT 13
PROSES OF INETRNET FILTERING
INTERNET FILTERING
It is our responsibility to ensure that the teenagers are protected from these corruptions of the mind by filtering access to the Internet.Internet filtering is a process that prevents or blocks access to certain materials on the Internet.
It is our responsibility to ensure that the teenagers are protected from these corruptions of the mind by filtering access to the Internet.
What is Internet filtering?
Internet filtering is a process that prevents or blocks access to certain materials on the Internet. Filtering is most commonly used to prevent children from accessing inappropriate material and to keep employees productive on the Internet.
CONTROLLING ACCESS TO THE INTERNET
The current preferred method of choice to limit access on the Internet is to filter content either by:
• keyword blocking
• site blocking
• web rating systems
These methods require software to be installed at a client of server level.
1.1 KEYWORD BLOCKING
One of the strategies is by using the keyword blocking method. This method uses a list of banned words or objectionable terms.
As the page is downloading, the filter searches for any of these words. If found, it will block the page completely, stop downloading the page, block the banned words and even shut down the browser.
1.2 SITE BLOCKING
-software company maintains a list of ‘dubious Internet sites’
-the software prevents access to any sites on this list
‘denial lists’ regularly updated
-some software provides control over what categories of information you block
-Who decides what goes on the ‘denial list’ and what criteria are they using?
-can you keep track of the whole of the Internet?
-filters can use both site blocking and word blocking
1.3 WEB RATING SYSTEMS
Web sites are rated in terms of nudity, sex, violence and language. The Recreational Software Advisory Council (RSACI) is responsible for the rating of the websites on the content on the internet.
• ratings done either by the web page author or by the independent bureau.
• browsers set to only accept pages with certain levels of ratings.
PROSES OF INETRNET FILTERING
INTERNET FILTERING
It is our responsibility to ensure that the teenagers are protected from these corruptions of the mind by filtering access to the Internet.Internet filtering is a process that prevents or blocks access to certain materials on the Internet.
It is our responsibility to ensure that the teenagers are protected from these corruptions of the mind by filtering access to the Internet.
What is Internet filtering?
Internet filtering is a process that prevents or blocks access to certain materials on the Internet. Filtering is most commonly used to prevent children from accessing inappropriate material and to keep employees productive on the Internet.
CONTROLLING ACCESS TO THE INTERNET
The current preferred method of choice to limit access on the Internet is to filter content either by:
• keyword blocking
• site blocking
• web rating systems
These methods require software to be installed at a client of server level.
1.1 KEYWORD BLOCKING
One of the strategies is by using the keyword blocking method. This method uses a list of banned words or objectionable terms.
As the page is downloading, the filter searches for any of these words. If found, it will block the page completely, stop downloading the page, block the banned words and even shut down the browser.
1.2 SITE BLOCKING
-software company maintains a list of ‘dubious Internet sites’
-the software prevents access to any sites on this list
‘denial lists’ regularly updated
-some software provides control over what categories of information you block
-Who decides what goes on the ‘denial list’ and what criteria are they using?
-can you keep track of the whole of the Internet?
-filters can use both site blocking and word blocking
1.3 WEB RATING SYSTEMS
Web sites are rated in terms of nudity, sex, violence and language. The Recreational Software Advisory Council (RSACI) is responsible for the rating of the websites on the content on the internet.
• ratings done either by the web page author or by the independent bureau.
• browsers set to only accept pages with certain levels of ratings.
Wednesday, March 31, 2010
verification
ASSIGNMENT 10
VERIFICATIONS
The word verification may refer to:
• Verification and validation, in engineering or quality management systems, it is the act of reviewing, inspecting or testing, in order to establish and document that a product, service or system meets regulatory or technical standards. By contrast, validation refers to meeting the needs of the intended end-user or customer.
• Verification (spaceflight), in the space systems engineering area, covers the processes of qualification and acceptance
• Verification theory, philosophical theory relating the meaning of a statement to how it is verified
• Third-party verification, use of an independent organization to verify the identity of a customer
• Authentication
COMPUTING
• Verification and Validation (software)
• In applications:
o CAPTCHA, device to verify that a user of a web-site is human to prevent automated abuse
o File verification, checking the formal correctness or integrity of a file
o Speech verification, checking of the correct speaking of given sentences
o Verify (command), DOS command
• In software development:
o Formal verification, mathematical proof of the correctness of algorithms
o Intelligent verification, automatically adapts the testbench to changes in RTL
o Runtime verification, during execution
o Software verification, An overview of techniques for verifying software
• In circuit development:
o Functional verification of design of digital hardware
o Analog verification, applies to analog or mixed-signal hardware
o Physical verification, design of a circuit
• In systems engineering:
o Testing to confirm that the system, subsystem or component meets documented requirements or specifications levied on the design.
• In ICT uses, it is used to check whether data entered meets that which is required to continue, for example - the user needs to be 18 years old to watch a video posted on the internet, when requested to enter his or her date of birth, the date of birth will have to be equal or greater to that which means they are 18 before being allowed to continue, if a date of birth entered is lower than that of an 18 year old they will be disallowed from watching the video.
1.1 METHOD OF VERIFICATION
These examples show several common methods that Wikipedia editors use to make their articles verifiable. Wikipedia editors are free to use any of these methods, or to develop newer methods—no particular method is preferred. However some method is required and each article must use the same method throughout the entire article. (When making changes to an article that already has sources, an editor should study the method already in use.)
This article is only intended to provide examples and give a rough introduction to the methods in use. This article does not debate their respective merits or consider any precise technical details. For this information, please see other guides such as: Citing sources, Citation templates, Footnotes and Harvard references.
1.2 USER IDENTIFICATION
The examples of validating process using the user identification are:
• Key in the user name to log-in to a system and the system will verify whether the user is valid or invalid user
• Show the exam slip to verify that you are the valid candidate for the exam.
• show a passport before departure.
1.3 PROCESS OBJECT
Process object refers to something the user hasidentification card, security token and cell phone.
VERIFICATIONS
The word verification may refer to:
• Verification and validation, in engineering or quality management systems, it is the act of reviewing, inspecting or testing, in order to establish and document that a product, service or system meets regulatory or technical standards. By contrast, validation refers to meeting the needs of the intended end-user or customer.
• Verification (spaceflight), in the space systems engineering area, covers the processes of qualification and acceptance
• Verification theory, philosophical theory relating the meaning of a statement to how it is verified
• Third-party verification, use of an independent organization to verify the identity of a customer
• Authentication
COMPUTING
• Verification and Validation (software)
• In applications:
o CAPTCHA, device to verify that a user of a web-site is human to prevent automated abuse
o File verification, checking the formal correctness or integrity of a file
o Speech verification, checking of the correct speaking of given sentences
o Verify (command), DOS command
• In software development:
o Formal verification, mathematical proof of the correctness of algorithms
o Intelligent verification, automatically adapts the testbench to changes in RTL
o Runtime verification, during execution
o Software verification, An overview of techniques for verifying software
• In circuit development:
o Functional verification of design of digital hardware
o Analog verification, applies to analog or mixed-signal hardware
o Physical verification, design of a circuit
• In systems engineering:
o Testing to confirm that the system, subsystem or component meets documented requirements or specifications levied on the design.
• In ICT uses, it is used to check whether data entered meets that which is required to continue, for example - the user needs to be 18 years old to watch a video posted on the internet, when requested to enter his or her date of birth, the date of birth will have to be equal or greater to that which means they are 18 before being allowed to continue, if a date of birth entered is lower than that of an 18 year old they will be disallowed from watching the video.
1.1 METHOD OF VERIFICATION
These examples show several common methods that Wikipedia editors use to make their articles verifiable. Wikipedia editors are free to use any of these methods, or to develop newer methods—no particular method is preferred. However some method is required and each article must use the same method throughout the entire article. (When making changes to an article that already has sources, an editor should study the method already in use.)
This article is only intended to provide examples and give a rough introduction to the methods in use. This article does not debate their respective merits or consider any precise technical details. For this information, please see other guides such as: Citing sources, Citation templates, Footnotes and Harvard references.
1.2 USER IDENTIFICATION
The examples of validating process using the user identification are:
• Key in the user name to log-in to a system and the system will verify whether the user is valid or invalid user
• Show the exam slip to verify that you are the valid candidate for the exam.
• show a passport before departure.
1.3 PROCESS OBJECT
Process object refers to something the user hasidentification card, security token and cell phone.
Subscribe to:
Posts (Atom)