data: storage/malware

Malware and Storage

Images from Shelly Cashman’s Discovering Computer 2004

Phishing – What is it?

“During our regular verification of accounts, we couldn’t verify your information.Please click here to update and verify your information.”

Internet fraudsters who send spam or pop-up messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims.

Phishing

Web sites frequently spoofed by phishers:PayPaleBayMSNYahooBest BuyAmerican Online

Social Engineering

Manipulating people into performing actions or divulging confidential information; trickery or deception.

Most cases, attacker never comes face-to-face with the victim. webopedia.com

This is the area where most users are VULNERABLE!

Advice: Be Skeptical!!!!

Avoid Getting Hooked! FTC Recommends…

If you get an e-mail requesting personal info – do not reply!

Don’t send personal information via e-mail / don’t click on any links in message If you have an account, open NEW browser window and type actual

address yourself

Load anti-malware software and firewall

Review credit card and bank statements ASAP

Be cautious about opening attachments from e-mails

Forward spam that is phishing for information to [email protected]

www.ftc.gov

Washington Post Article (2006)

Other Tips PC Magazine February ‘08

Avoid spidersPost your e-mail online as “name at domain dot

com” instead of [email protected]

Never reply to spam

Avoid Spim (Spam in IM)Use obscure username (harder to figure out who you

are)

Use secondary e-mail address for online stuff

Did You Know? 1 in 6…

Number of computers with active malwareSource: Prevx Automated Malware Research: PC Magazine Feb 2008

Your PC is under constant attack

No single software product can detect or eradicate all threats to your computer

What are Viruses?

Virus – unwanted program designed to damage a computer

Passed in a few ways:E-mail attachment Inserts itself into another programPart of a Web page program (example: scripts)Macro – instructions for word processing or

spreadsheet (data file)

Designed to deliver payload to other users; usually attaches itself to another program

A Few Virus Types

WormsSelf-Replicating computer program -- sends to others

Examples: Conflickr, Klez, Sircam, Melissa, MyDoom

Trojan HorseAppear to be legitimate programs, but hidden inside

is a malicious program

MacroMini-programs – found in MS Word and Excel

Example: Ethan

What is Adware?

Software that generates ads as you surf the Web (pop-ups)Might profile surfing habitsRead End User License Agreement of software

(especially free stuff)

What is Spyware?

Application that tracks your online and/or offline PC activity Capable of transmitting those findings for third

parties many times without your knowledge…Spyware can be installed by:

A hacker, through a pop-up window, via an Instant Messenger service, or delivered through e-mail.

File-sharing sites (such as Kazaa and BitTorrent Ultra) are well-known paths for spyware infections

Malware Terms

Back Door Accessing computer without your knowledge

Bot Small program designed to mimic person’s behavior

Keylogger Hidden program recording everything a person types

RootKit Program(s) which allows unauthorized users to maintain

access as systems administrators while concealing activities from legitimate system administrator.

Malware Terms (Cont’d)

PhishingCounterfeit e-mail messages or Web pages to trick

people into providing user names, passwords, etc.

Phone HomeKeyloggers, etc. transmit data to malware’s creator

SpywareHidden software that collects private information

Malware Terms (cont’d)

Trojan HorseMalware that pretends to be something else (ex.

another program)

VirusMalware that spreads itself by infecting other programs

WormStand-alone malware

ZombieHijacked computer

Anti-MalwarePC World (October 2009) Top Free Antivirus Software• Avira AntiVir Personal • Alwil Avast AntiVirus Home Edition• AVG Free 8.5 • Microsoft Security Essentials (beta version)• Keep an eye on… Panda Cloud Antivirus (beta version)

Other Contenders…• MalwareBytes Anti-Malware• SuperAntiSpyware• Microsoft Windows Defender (free)• Ad-Aware Pro (includes Antivirus) (free)• ThreatFire 3.5 (AntiVirus/AntiSpyware) (free)• Spybot Search & Destroy (free)

Security Suites

Macintosh

The big issue now is that Macintosh users don’t want to spread virus to Windows users (especially in a corporate environment)Norton Anti-Virus 11 for Macintosh Intego VirusBarrier X5McAfee VirusScan for MacClamXav (free) (Mac and Windows malware)PC Tools iAntiVirus (free version) (Only Mac malware)

Firewall

Critical

Inspects network traffic and permits or denies passage depending on set of rules

Computer has ‘Ports’ which are used to receive messages from the Web

PCs are made to look invisible to the Internet

Bidirectional (Vista and Mac OS)

Security Solutions!! Make sure Operating System is up-to-date (automatic updates)

• Windows XP, Windows Vista, Mac OS X

Install a ‘Security Suite’ or a good anti-malware program(s)• Scan memory, hard drives, downloaded files, emails• Make sure virus/spyware signatures up-to-date• Scan downloaded files and use ‘real-time’ protection• Watch macros (Word, Excel, etc.) and scripts in Web Browsers

Use a bidirectional firewall• Windows XP (inbound only)• Windows Vista and Mac OS X (bidirectional)• Security Suites (alternative)

Use additional anti-spyware programs (free)• Scan downloaded files

Try Firefox or Opera (browser)• Lose Internet Explorer

Be mindful of ‘Social Engineering’ issues• Avoid clicking on links in e-mails, avoid spam, watch for phishing scams,

watch social networking sites - source of malware (change passwords often)

What is Booting?

Cold boot Turning on computer that has been powered off

Warm boot Restarting computer that is powered on Warm boot from Windows

desktopWarm boot from system unit

Process of starting or restarting a computer

Image: © Shelly Cashman Vermaat 2004

Types of Memory

RAM (temporary) Random Access MemoryStorage for programs and data “Workspace” for the CPU

ROM (permanent)Read Only MemoryStartup instructions for computer (“Boot”)Or – more specialized applications like games for

small computers

Hard Disks

Step 1.Circuit board controls movement of head actuator and a small motor.

Step 2.Small motor spins platters while computer is running.

Step 3.When software requests a disk access, read/write heads determine current or new location of data.

Step 4.Head actuator positions read/write head arms over correct location on platters to read or write data.


Hard Disks

clearance

read/write head

platter

hair

dustsmoke

A smoke particle, dust particle, or human hair could render drive unusable

Clearance between head and platter is approximately two-millionths of an inch


Hard Disk Capacity


Hard Drive Capacity Explained• If 1 GB = 1,073,741,824 (2^30), then

• 46,102,659,072 bytes / 1,073,741,824 = 42.9 GB

Disks What are tracks and sectors?

Trackis narrow

recording bandthat forms fullcircle on disk

Sector stores up

to512

bytesof data

Formatting prepares disk for use and marks bad sectors as unusable


Disk Defragmenter

file before defragmentingfragmented disk

file after defragmenting

Reorganizes files and unused space on hard disk so programs run faster

Can be time-consuming – may want to run overnight


Solid State Hard Drive

Data storage device that uses solid-state memory to store data

Emulates a hard disk drive

No moving parts, therefore less fragile and quieter

Solid State Drive - Wikipedia Link

Laptops

More $$$

Hard Drives

RPM- Revolutions Per MinuteExamples: 7200 RPM, 5400 RPM, 4200 RPM

10,000 RPM

Desktop hard drives usually faster RPM than laptop

Other Storage Devices?

CD / DVDOptical drivesCD - 650 MB to 1 GBDVD - 4.7 GB to 17 GB

Flash DrivesFlash Memory Data Storage

Device64 MB to 64 GBConnect thru USB port Image from www.haimei.com

Image from www.digitalswirl.com

Flash Memory

Erasable, programmable ROM

EEPROM

Used for storage devices:Digital camerasHome video game consoles

Memory Stick, SmartMedia, CompactFlash

BIOS Chip

Howstuffworks.com link

Processing… Fastest Faster Fast

Applications

Today’s applications are LARGE in size

Not practical to place all of an application in memory while processingMultitasking

So – what is the solution???

Virtual Memory

Virtual Memory – using a portion of free hard drive space as memory.

Large enough to hold programs and data for all currently running applications

Use main memory as cache for files Just as cache memory, itself, is temporary storage

for CPU.

Pages – blocks of hard drive space used for programs and data

Virtual Memory

Virtual memory contains entire program and data for an application as it runs

RAM contains sections of the program and data recently used

Cache contains the most recent materials used in processing by the CPU

Programs and data moved on an ‘as-needed’ basis

Application Execution Progression…

Hard Drive

Virtual Memory on hard drive

RAM

Cache

CPU/registers

Virtual Memory

Step 1. The operating system transfers the least recently used data and program instructions to disk because memory is needed for other functions.

Step 2. The operating system transfers data and program instructions from disk to memory when they are needed.

Portion of free hard drive space that is used as RAM


How Much Memory??

Depends …

Enough to run desired programs and plan for the future

Applications increase in size with each new version that is released!

I would recommend at least:

2 GB – 4 GB RAM to start

- more if you can afford it!

Thrashing

Constant movement of materials between disk and main memory

Why?? Memory too small

Terms – Malware / Storage Adware Anti-spyware programs Anti-virus program Back Door Boot (Warm/Cold) Bot Disk Defragmentation Firewall Flash Memory Hard Disk Keylogger Malware Page Permanent Storage Phishing Phone Home RAM (temporary)

ROM Rootkit RPM Sector ‘Security Solutions’ Security Suites Social Engineering Spyware Storage devices

Hard Drive, Solid State Drive, CD, DVD, Flash, etc.

Track Trojan Horse Thrashing Virtual memory Viruses Worm Zombie

data: storage/malware

Documents

mac malware

program virus malware

computer program

antimalware pc world

good antimalware programs

active malware source

free stuff

windows users