Preventing malicious hackers from gaining control of your computer - Part I
PROMOTIONAL
 
read review
So, you think your computer doesn't have anything a malicious hacker would be interested in. There aren't any credit card numbers, no national defense secrets, nothing top secret that a malicious hacker could find useful. That does not mean that your computer is not, or will not become, a target. Even if there is nothing that a malicious hacker might find directly useful, your computer can still be a target to launch denial of service (DoS) attacks, attack a commercial, government or military site without being caught, or collect user IDs and passwords, either those stored on disk, or as they travel across the network.
The following is the first in a five part series empowering users on understanding how malicious hackers gain control of your computer and offer simple tips and strategies to reduce the chance of your computer being hacked.
Viruses
Viruses are sometimes confused with computer worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself to other computers without needing to be transferred as part of a host, and a Trojan horse is a program that appears harmless but has a hidden agenda. A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. A virus is a small piece of software that piggybacks on real programs. For example, a virus might attach itself to a program such as a spreadsheet program. Each time the spreadsheet program runs, the virus runs, too, and it has the chance to reproduce (by attaching to other programs). A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer
Viruses are written to target program files and macros, or a computer's boot sector, which is the portion of the hard drive that executes the steps necessary to start the hardware and software. Program viruses attach themselves to the executable files associated with software programs, and can then attack any file that is used to launch an application, usually files ending with the "exe" or "com" extensions. Macro viruses infect program templates that are used to create documents or spreadsheets. Once infected, every document or spreadsheet opened with the infected program becomes corrupted. Boot sector viruses attack the computer's hard drive and launch themselves each time the user boots, or starts, the computer. Virus Prevention
Worms
A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other computers on the network and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or devour files on a targeted computer.
Many worms that have been created are only designed to spread, and don't attempt to alter the systems they pass through. However, as the Morris worm and Mydoom showed, the network traffic and other unintended effects can often cause major disruption. A "payload" is code designed to do more than spread the worm - it might delete files on a host system, encrypt files, or send documents via e-mail. A very common payload for worms is to install a backdoor in the infected computer to allow the creation of a "zombie" computer under control of the worm. Networks of such machines are often referred to as botnets and are very commonly used by spam senders for sending junk email or to cloak their website's address.
Being embedded inside everyday network software, computer worms easily penetrate most firewalls and other network security measures. Worm Prevention
Trojan horse programs
Trojan horse programs are a common way for malicious hackers to trick you (social engineering) into installing "back door" programs. These can allow intruders easy access to your computer without your knowledge, change your system configurations, or infect your computer with a computer virus. It is also a term used to describe malware that appears, to the user, to perform a desirable function but, in fact, facilitates unauthorized access to the user's computer system.
Trojan horses are designed to allow a hacker remote access to a target computer system. Once a Trojan horse has been installed on a target computer system it is possible for a hacker to access it remotely and perform operations. The type of operations that a malicious hacker can perform is limited by user privileges on the target computer system and the design of the Trojan horse itself. Trojan horse Prevention
Part II: Email Borne Viruses, Email Spoofing, Chat Clients
Part III: Unprotected Windows Shares, Windows Hidden File Extensions, Back Door & Remote Administration Programs
Part IV: Mobile Code, Denial of Service (DoS), Distributed Denial of Service (DDoS)
Part V: Cross Site Scripting (XSS), Packet Sniffing, Rootkits
Article Glossary
back door - A hole in the security of a computer system deliberately left in place by designers or maintainers. Synonymous with trap door; a hidden software or hardware mechanism used to circumvent security controls.
boot sector - The very first sector on a hard drive. It contains the codes necessary for the computer to start up. It also contains the partition table, which describes how the hard drive is organized. Also called the Master Boot Record.
executable - A binary file containing a program in machine language which is ready to be executed (run). MS-DOS and Windows machines use the filename extension ".exe" for these files.
file extensions - A suffix to the name of a computer file applied to indicate the encoding convention (file format) of its contents.
firewall - A piece of hardware or software (or a combination of the two) which is configured to allow or deny certain data from being sent and/or received between networks. A firewall is used to prevent malicious data attacks from an outside source as well as to stop unwanted transmission of specific data to and from the network.
macro - A macro is an abbreviation for a set of commands, so instead of typing a complicated sequence of commands you can simply type the macro's name.
malware - A general term for software programs that have been designed with or can be used for malicious intent. These include viruses, worms and Trojans.
social engineering - The act of manipulating people into performing actions or divulging confidential information. |
