data: storage/malware
TRANSCRIPT
Malware and Storage
Images from Shelly Cashman’s Discovering Computer 2004
Phishing – What is it?
“During our regular verification of accounts, we couldn’t verify your information.Please click here to update and verify your information.”
Internet fraudsters who send spam or pop-up messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims.
Phishing
Web sites frequently spoofed by phishers:PayPaleBayMSNYahooBest BuyAmerican Online
Social Engineering
Manipulating people into performing actions or divulging confidential information; trickery or deception.
Most cases, attacker never comes face-to-face with the victim. webopedia.com
This is the area where most users are VULNERABLE!
Advice: Be Skeptical!!!!
Avoid Getting Hooked! FTC Recommends…
If you get an e-mail requesting personal info – do not reply!
Don’t send personal information via e-mail / don’t click on any links in message If you have an account, open NEW browser window and type actual
address yourself
Load anti-malware software and firewall
Review credit card and bank statements ASAP
Be cautious about opening attachments from e-mails
Forward spam that is phishing for information to [email protected]
www.ftc.gov
Washington Post Article (2006)
Other Tips PC Magazine February ‘08
Avoid spidersPost your e-mail online as “name at domain dot
com” instead of [email protected]
Never reply to spam
Avoid Spim (Spam in IM)Use obscure username (harder to figure out who you
are)
Use secondary e-mail address for online stuff
Did You Know? 1 in 6…
Number of computers with active malwareSource: Prevx Automated Malware Research: PC Magazine Feb 2008
Your PC is under constant attack
No single software product can detect or eradicate all threats to your computer
What are Viruses?
Virus – unwanted program designed to damage a computer
Passed in a few ways:E-mail attachment Inserts itself into another programPart of a Web page program (example: scripts)Macro – instructions for word processing or
spreadsheet (data file)
Designed to deliver payload to other users; usually attaches itself to another program
A Few Virus Types
WormsSelf-Replicating computer program -- sends to others
Examples: Conflickr, Klez, Sircam, Melissa, MyDoom
Trojan HorseAppear to be legitimate programs, but hidden inside
is a malicious program
MacroMini-programs – found in MS Word and Excel
Example: Ethan
What is Adware?
Software that generates ads as you surf the Web (pop-ups)Might profile surfing habitsRead End User License Agreement of software
(especially free stuff)
What is Spyware?
Application that tracks your online and/or offline PC activity Capable of transmitting those findings for third
parties many times without your knowledge…Spyware can be installed by:
A hacker, through a pop-up window, via an Instant Messenger service, or delivered through e-mail.
File-sharing sites (such as Kazaa and BitTorrent Ultra) are well-known paths for spyware infections
Malware Terms
Back Door Accessing computer without your knowledge
Bot Small program designed to mimic person’s behavior
Keylogger Hidden program recording everything a person types
RootKit Program(s) which allows unauthorized users to maintain
access as systems administrators while concealing activities from legitimate system administrator.
Malware Terms (Cont’d)
PhishingCounterfeit e-mail messages or Web pages to trick
people into providing user names, passwords, etc.
Phone HomeKeyloggers, etc. transmit data to malware’s creator
SpywareHidden software that collects private information
Malware Terms (cont’d)
Trojan HorseMalware that pretends to be something else (ex.
another program)
VirusMalware that spreads itself by infecting other programs
WormStand-alone malware
ZombieHijacked computer
Anti-MalwarePC World (October 2009) Top Free Antivirus Software• Avira AntiVir Personal • Alwil Avast AntiVirus Home Edition• AVG Free 8.5 • Microsoft Security Essentials (beta version)• Keep an eye on… Panda Cloud Antivirus (beta version)
Other Contenders…• MalwareBytes Anti-Malware• SuperAntiSpyware• Microsoft Windows Defender (free)• Ad-Aware Pro (includes Antivirus) (free)• ThreatFire 3.5 (AntiVirus/AntiSpyware) (free)• Spybot Search & Destroy (free)
Security Suites
Macintosh
The big issue now is that Macintosh users don’t want to spread virus to Windows users (especially in a corporate environment)Norton Anti-Virus 11 for Macintosh Intego VirusBarrier X5McAfee VirusScan for MacClamXav (free) (Mac and Windows malware)PC Tools iAntiVirus (free version) (Only Mac malware)
Firewall
Critical
Inspects network traffic and permits or denies passage depending on set of rules
Computer has ‘Ports’ which are used to receive messages from the Web
PCs are made to look invisible to the Internet
Bidirectional (Vista and Mac OS)
Security Solutions!! Make sure Operating System is up-to-date (automatic updates)
• Windows XP, Windows Vista, Mac OS X
Install a ‘Security Suite’ or a good anti-malware program(s)• Scan memory, hard drives, downloaded files, emails• Make sure virus/spyware signatures up-to-date• Scan downloaded files and use ‘real-time’ protection• Watch macros (Word, Excel, etc.) and scripts in Web Browsers
Use a bidirectional firewall• Windows XP (inbound only)• Windows Vista and Mac OS X (bidirectional)• Security Suites (alternative)
Use additional anti-spyware programs (free)• Scan downloaded files
Try Firefox or Opera (browser)• Lose Internet Explorer
Be mindful of ‘Social Engineering’ issues• Avoid clicking on links in e-mails, avoid spam, watch for phishing scams,
watch social networking sites - source of malware (change passwords often)
What is Booting?
Cold boot Turning on computer that has been powered off
Warm boot Restarting computer that is powered on Warm boot from Windows
desktopWarm boot from system unit
Process of starting or restarting a computer
Image: © Shelly Cashman Vermaat 2004
Types of Memory
RAM (temporary) Random Access MemoryStorage for programs and data “Workspace” for the CPU
ROM (permanent)Read Only MemoryStartup instructions for computer (“Boot”)Or – more specialized applications like games for
small computers
Hard Disks
Step 1.Circuit board controls movement of head actuator and a small motor.
Step 2.Small motor spins platters while computer is running.
Step 3.When software requests a disk access, read/write heads determine current or new location of data.
Step 4.Head actuator positions read/write head arms over correct location on platters to read or write data.
Image: © Shelly Cashman Vermaat 2004
Hard Disks
clearance
read/write head
platter
hair
dustsmoke
A smoke particle, dust particle, or human hair could render drive unusable
Clearance between head and platter is approximately two-millionths of an inch
Image: © Shelly Cashman Vermaat 2004
Hard Disk Capacity
Image: © Shelly Cashman Vermaat 2004
Hard Drive Capacity Explained• If 1 GB = 1,073,741,824 (2^30), then
• 46,102,659,072 bytes / 1,073,741,824 = 42.9 GB
Disks What are tracks and sectors?
Trackis narrow
recording bandthat forms fullcircle on disk
Sector stores up
to512
bytesof data
Formatting prepares disk for use and marks bad sectors as unusable
Image: © Shelly Cashman Vermaat 2004
Disk Defragmenter
file before defragmentingfragmented disk
file after defragmenting
Reorganizes files and unused space on hard disk so programs run faster
Can be time-consuming – may want to run overnight
Image: © Shelly Cashman Vermaat 2004
Solid State Hard Drive
Data storage device that uses solid-state memory to store data
Emulates a hard disk drive
No moving parts, therefore less fragile and quieter
Solid State Drive - Wikipedia Link
Laptops
More $$$
Hard Drives
RPM- Revolutions Per MinuteExamples: 7200 RPM, 5400 RPM, 4200 RPM
10,000 RPM
Desktop hard drives usually faster RPM than laptop
Other Storage Devices?
CD / DVDOptical drivesCD - 650 MB to 1 GBDVD - 4.7 GB to 17 GB
Flash DrivesFlash Memory Data Storage
Device64 MB to 64 GBConnect thru USB port Image from www.haimei.com
Image from www.digitalswirl.com
Flash Memory
Erasable, programmable ROM
EEPROM
Used for storage devices:Digital camerasHome video game consoles
Memory Stick, SmartMedia, CompactFlash
BIOS Chip
Howstuffworks.com link
Processing… Fastest Faster Fast
Applications
Today’s applications are LARGE in size
Not practical to place all of an application in memory while processingMultitasking
So – what is the solution???
Virtual Memory
Virtual Memory – using a portion of free hard drive space as memory.
Large enough to hold programs and data for all currently running applications
Use main memory as cache for files Just as cache memory, itself, is temporary storage
for CPU.
Pages – blocks of hard drive space used for programs and data
Virtual Memory
Virtual memory contains entire program and data for an application as it runs
RAM contains sections of the program and data recently used
Cache contains the most recent materials used in processing by the CPU
Programs and data moved on an ‘as-needed’ basis
Application Execution Progression…
Hard Drive
Virtual Memory on hard drive
RAM
Cache
CPU/registers
Virtual Memory
Step 1. The operating system transfers the least recently used data and program instructions to disk because memory is needed for other functions.
Step 2. The operating system transfers data and program instructions from disk to memory when they are needed.
Portion of free hard drive space that is used as RAM
Image: © Shelly Cashman Vermaat 2004
How Much Memory??
Depends …
Enough to run desired programs and plan for the future
Applications increase in size with each new version that is released!
I would recommend at least:
2 GB – 4 GB RAM to start
- more if you can afford it!
Thrashing
Constant movement of materials between disk and main memory
Why?? Memory too small
Terms – Malware / Storage Adware Anti-spyware programs Anti-virus program Back Door Boot (Warm/Cold) Bot Disk Defragmentation Firewall Flash Memory Hard Disk Keylogger Malware Page Permanent Storage Phishing Phone Home RAM (temporary)
ROM Rootkit RPM Sector ‘Security Solutions’ Security Suites Social Engineering Spyware Storage devices
Hard Drive, Solid State Drive, CD, DVD, Flash, etc.
Track Trojan Horse Thrashing Virtual memory Viruses Worm Zombie