| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
AntiVirus Software
|
|
Spam
|
|
Worms
|
|
Beating the Superbug: Recent Developments in Worms and Viruses Viruses and worms are significant risks in today’s increasingly networked computing environment. This paper will examine the differences between worms and viruses, and then discuss recent developments in virus and worm technology. Some defensive techniques will be examined, and an attempt will be made to predict future possible techniques that may emerge in viruses or worms.
04/15/2004
|
|
Virii Generators: Understanding the Threat Ever since Robert Morris unleashed his first Internet worm in 1988, virii have been a nuisance and a threat to both corporations and individuals alike. In the early days, worms such as these took an understanding of at least basic programming and of the vulnerabilities inherent in the operating systems at work in computer networks. Those virii that were released took time and effort to produce and often were not created with destructive or malicious intentions in mind. But that was then, and this is now. A lot has changed in the world in the past fourteen years. While in the past the novice would have no access to a common global network (the Internet), yet alone GUI tools to create, package, and distribute malicious code against any whimsical target, today even foreign pre-pubescents have the chance to annoy and harm the networked community at large.
04/15/2004
|
|
The Code Red Worm On July 12, 2001, a new worm began propagating across the internet. Although the worm did not yet have a name, it was the first incarnation of what was to become known as the “Code Red” worm. This initial version of the worm is commonly referred to as CRv1. On July 19, another variant of the worm, which shared nearly all its code with the first version of the worm, began to spread even more rapidly than its predecessor a week before. The new variant of the Code Red worm was reported to have infected more than 250,000 systems in just nine hours. This variant of the worm is now commonly referred to as CRv2.
04/15/2004
|
|
Code Red and Code Red II: Double Dragons Before July 2001, if you ask people about Code Red, you may hear they say about pop rock artist from England whose songs had been in the music charts years ago. However, in July 2001 people recognize the name “Code Red” as one of the harmful worm that spread through the Internet. This year, many worms have been discovered on various platforms. In January, Ramen worm is the one that use vulnerability of wu-ftpd software on Linux platform to spread. Another one called Lion worm, which exploits vulnerability of BIND DNS server on Unix system, has been discovered in March. The sadmind/IIS worm attack both Sun Solaris and Windows plat form by using exploitation on Solaris to propagate and then attack Microsoft IIS web server.
04/15/2004
|
|
The Legend of Nimda On September 18, 2001, another little unfriendly virus was introduced to the Information Technology (IT) world. The virus has been given the name W32.Nimda.A@mm ("Nimda" for short). Nimda is a mass-mailing worm that utilizes several methods to spread itself to multiple servers and personal computers. Nimda not only infects PCs running Windows 95, Windows 98, Windows ME and Windows 2000, but also servers running Windows 2000. Nimda caused massive traffic across the Internet resulting in slowdowns as it attacked computers and created a ripple effect. The virus invaded computers using e-mail clients and containing Microsoft's Web Server, Internet Information Server (IIS). The purpose of Nimda appears to be the traffic slowdown itself. In other words, Nimda does not appear to destroy files or cause damage to the system except for the considerable amount of time that may be lost to the slowing or loss of traffic through denial-of-service.
04/15/2004
|
|
The Code Red Message in a Bottle On July 12th 2001, computers worldwide began seeing signs of what would arguably become one of the most significant security events of the past few years.1 The original Code Red Worm (CRv1) had a rather quiet beginning, but Intrusion Detection Systems (IDS) across the globe were soon inundated with the following indication of its presence in their logs. There are several lessons to be drawn from the Code Red incident, and this paper will focus on those I believe are the most important.
04/15/2004
|
|
Code Red Worm Invasion A malicious worm has once again threatened our technological environment. The Code Red worm has broken down our security by attacking Microsoft’s Internet Information Services tool. IIS is a network file and application server that transmits information in Hypertext Markup Language. IIS is used to connect client users to the Internet. The Internet has become an important tool for businesses and home users but it has also become a target for abuse and destruction. The Code Red worm is the latest attack that reminds us that security maintenance is crucial for our systems. Hackers are always going to look for opportunities to attack.
04/15/2004
|
|
Stopping Malicious Code at the Desktop To better understand how to protect the desktop from malicious code, we will discuss methods for identifying and intercepting such code before it causes any damage. And since there is no magic pill that cures all malicious code ills, we will examine how these different methods respond against some of the different types of attack mechanisms that are available. But first, lets take a brief look at some of the ways in which malicious code tries to circumvent protection products and establish a foothold on a local computer.
04/15/2004
|
|
Psst... Hey Buddy, Wanna Create a Virus? So, you think there are only a handful of virus creators out there? Just a couple of guys sitting in a back room in some third-world country clunking away on what we would consider a boat anchor of a PC? Think again. The person in the cubicle next to yours could, at this very moment, be creating a virus. Viruses will continue to be generated in greater numbers than ever before. Why? First of all, the number of people with access to computers and the Internet will continue to escalate. Secondly, creating viruses has become easier with the development and availability of virus authoring kits such as the (K)alamar Virus Creation Toolkit or Triniti’s VBS Worm Toolbox. The ability to write viruses has also become easier. Languages such as Visual Basic and Visual C, C++, both of which make use of GUI interfaces, make it so that very little actual programming knowledge is required.
04/15/2004
|
|
How Spyware fits into Defense in Depth Defense in Depth describes a layered approach to securing information and resources, as well as maintaining confidentiality, integrity, and availability of these resources. A common threat to such resources that is often overlooked in this process is Spyware, or Ad ware. Most IT staff only defends against malicious code in the guise of viruses, or hackers and disgruntled employees who plan on compromising or damaging information. So what is the real risk of these Spyware programs to individuals and corporations? What are their potential for damage or information leakage and how realistic is it to maintain or create a policy and procedure for coping with these programs? These are the questions I will provide some insight to in this paper.
04/15/2004
|
|
Page: 12345 6 78910 |
