Dictionary of Computer Security
So many kinds of attacks, the term computer security even more variety. However, do not be confused. This article will guide my friend understand that the popular definition of the term security, including prevention.
Adware.
Definition: Adware or extension of the Advertising Ware, is a type of computer program that serves ads to appear on the screen.
Problems posed: Adware basically made for the needs of marketing a product or service. During normal use in conditions not at all problematic Adware or dangerous, such as adware which is embedded in a free program to support application development is concerned.
But Adware can be a problem if:A. Force it to install / install itself on a computer2. Settled in the computer and can not / difficult to remove3. Retrieve data from the activity of computing and sending it to a specific source without confirmation from the owner of the computer4. To install other applications that are not related to the ads displayed
All Adware is possible to make a computer or the system becomes slow because of the use of computer resources. In addition to the system, could potentially slow internet connection because Adware always download new creatives.
Several types of Adware such as "pop-up ads" could disrupt computer usersdue to appear at any time while the computer is being used for other things that are notassociated with adware.
Prevention / neutralization:A. Be careful using the application / program for free2. Use anti adware programs like Ad-Aware Lavasoft artificial.
Malware Bootsector.
Definition: As the name implies, Malware disk bootsector to bootsector settled in next to spread itself by first modifying the program path in a system, eg the operating system (OS).
Problems posed: type of malware is the most widely used to spread the virus because it works by altering the original information on the hard disk boot sector. The operating system has been infected will become a zombie (messenger system) to distribute malware to a discovery of all storage media, including CD ROM, USB Flash disk. In addition to the hard drive, this one malware can infect a variety of storage media, including CD ROM, DVD ROM, floppy disk, and USB Flash Disk.
Prevention / neutralization:A. Use an antivirus program2. Reinstall Windows.
Brute Force.
Definition: Brute Force is one means used cracker to guess the key word (password) specified. The process is done by way of guessing the sequence of a combination of password combinations of numbers ranging from 0 to, A to Z, and so on each digit password.
Posed problems: A successful keyword guessed by brute force techniques result in unauthorized access to an account. If a successful guess adalan administrator account (brass in a system), then it is not possible the system will change hands (take over).Brute Force is a system through the technique of the most popular and bsia used in almost any system that uses a keyword-based authentication system.
Prevention / neutralization:A. Create a keyword that is not predictable. For example, a combination of numbers, letters and combinations of special characters like "& ^% $ # @ *".2. Create the keyword with the number of characters not less than 8. The longer the number of characters used, the more difficult and takes time to brute force guess a combination.
Distributed Denial of Service attacks (DDoS).
Definition: Distributed Denial of Service (DDoS) is an attack against a computer or server is done by many other computers that are connected via the internet.
Posed problems: Because DDoS attacks carried out by many computers on a single target (computer / server), the lightest possible problem is the difficulty of a computer or server that is accessible to victims.
The worst case in a DDoS attack is total paralysis of a machine due to hardware damage due to "bombarded" a very large data packets. Some systems are very attractive for DDoS attackers are: Web server, FTP Server, Email Server, and so forth.
DDoS is also often involve malware called a botnet. It works like a trojan that menembuh to a computer system and make certain messengers (zombie). That's why computer users are used to attack other computers sometimes do not realize it.
Prevention / neutralization: Although there is no best way to avoid a DDoS, but we can begin to identify where the weakest point in the network. We can also use a firewall that is able to automatically eliminate the DDoS packets. The use of the ready-made range of Cisco Self Defending Network Appliance can also be other options to avoid DDoS attacks.
Email Malware.
Definition: Email Malware is the types of Malware (viruses, trojans, rootkits, etc.) are distributed in the form of attachments (attachment) email.
Problems posed: Malware that is spread through email attachments in the form of destructive properties, together with the malware that spread itself through other media. Email malware reproduce itself through the medium of email sent without the knowledge of his victim. Some of the latest malware that has been reported not only brings in a manner dangerous file attachments, but there is just insert the address to a particular site when opened, will download other malware to infect your system.
Prevention / neutralization: Attacks of this type can be easily avoided with the use of Anti-Spam application, or the like contained in the application package or a stand-alone security such as Comodo. Another inexpensive way is to not open the attachment file executable format (. Bat,. Exe,. Vbs,. Com) without being checked by antivirus applications.
Exploit.
Definition: Exploit is a kind of software or application is made to attack the weaknesses in a system specifically to gain access or infect.
Problems posed: If an Exploit found a weak point in the system, then he could easily put another malware or cripple a system. Exploit can also be used crackers to infiltrate into the system before it was realized by the vendor of the affected application, which has been commonly known as Zero-Day Exploit.
Prevention / neutralization:A. Using antivirus application with the latest updates2. Ensure a system to get the latest patch or update.3. Using the Buffer Overflow protection technology4. Using a personal firewall program.
Fake Antivirus (Antivirus False).
Definition: Fake Antivirus is a fake antivirus program that operates in a way to scare computer users and providing false information that a computer has been infected. Then the fake antivirus is advised to buy a license at the same time giving fake virus cleaning services. Such programs also known as Scareware.
Posed problems: Although malware at once into the category of adware, fake anti-virus is not very harmful to the system. His job is simply deceive computer users into buying something that was not needed.
The process of distributing fake antivirus is also not semasif other malware that use vulnerabilities in the system. Because the weapons are fake Antivirus is by committing fraud by changing the outcome (for example) the search engine on the internet so as if the antiviral is seen as genuine security providers.
Prevention / neutralization:A. Make sure you choose an antivirus with a famous brand and made by a credible company, such as: Symantec, Sophos, McAfee, TrendMicro, F-Secure, and so forth.2. Use an antivirus program such as at point 1 with the conditions of the latest update.
Hoax.
Definitions: Hoax is hoax / false about a trend that is circulated or circulated on the Internet, either via email, website, blog, or the like, giving rise to particular concern.
Problems caused: the most serious problem caused by an outstanding Hoax is panic and deceit. Hoax at a certain level can also be used to campaign for a product or a black person. Because it is a chain, it is not impossible Hoax able to overload the Internet and email servers, causing inaction or non-functioning access email providers.
Prevention / neutralization:Hoax could not be prevented by antivirus or antimalware program anywhere, because he attacked the psychological and not a computer user's computer itself. Therefore, wise behavior in forwarding a message to friends or relatives is needed to avoid the spread of Hoax. Another effective way is to seek a second source (second opinion) to the news received via the internet.
Keylogger.
Definition: Keylogger records all activities are entered by keyboard input which is then stored for analysis.
Posed problems: Because it is able to record all the information coming from the keyboard, then Keylogger is an application form is often used to steal sensitive information kinds username, password, credit card numbers, PIN numbers, and others. The information has been obtained for this would be very dangerous if it is then sent to the responsible party is not automatically a virus or trojan with the help of unwitting victims.
Prevention / neutralization: Some types of applications Keylogger is very difficult to detect. Therefore it is better if you use the facilities on-screen keyboard (onscreen keyboard) belongs to Windows when using a public computer (eg in internet cafes). Such applications can also be downloaded freely here.
Mobile Phone Malware.
Definition: Malware mobile phones made specifically to attack by certain operating systems, including the type of smart phones such as Personal Digital Asistant (PDA), Blackberry, and the like.
Problems posed: In addition to damaging the phone operating system, malw are of this type also has a unique spread and generally uses the connectivity of this phone. One of the most popular is the Bluetooth.
Because it could enable Bluetooth to automatically and without being detected, the phone is infected with this malware will run out of batteries faster than phones running under normal conditions. Bluetooth connection is active is not always possible not to damage the Bluetooth radio transmitter device or other component damage due to overheating (overheating).
Prevention / neutralization: Some malware such as Cabir mobile phone or Skull-A can be detected easily by phone antivirus like those of F-Secure or Norton (Symantec). However, the latest variant as a PDF file that could potentially attack the hole on the Blackberry has not been anticipated by the manufacturer of the antivirus. The easiest thing is to not install any application on mobile phones that are vulnerable (have a market such as the Symbian operating system).
Phishing.
Definition: Phishing is a form of electronic fraud. Phishing is generally done to a person / victim willing to share sensitive information to certain parties by utilizing the credibility of the company's large / reputable (eg bank, insurance, credit cards, internet service provider, etc.). Spread through the most phishing emails and web sites.
Posed problems: A victim of phishing will not realize that he is a victim of fraud. So it is not possible sensitive data obtained from the victim misused to deceive the other party, or take advantage of the victim. If you have this, the property could be a major bet that hit a phishing victim.
The main target being targeted by Phisers (the person doing the phishing) is a person who has an account at a bank or credit card. Phishing is also not uncommon to send in the form of a surprise prize where the victim must deposit a certain sum of money.
Prevention / neutralization:A. Never send your personal data like credit card numbers, ATM PIN via email or anything though requested by the bank, credit card companies, or any where you are enrolled in it. Because the company had never and will never ask for personal details via email.2. Do not easily believe that if you are asked to pay something for a gift that you've won without doing any checks to the parties concerned.
Rootkit.
Definition: A rootkit is a program or an application that can hide another program or a process running on a computer. Rootkits are often used to hide malware activity or steal data.
Problems posed: Rootkits are used to hide the keylogger application could potentially complicate the detection of the theft of sensitive data is entered via the keyboard. Because it is able to hide processes, Rootkits are often used to hide malware that has been planted for the purpose of attacking the system regards the other systems (DDoS) computer without user knowledge.
Prevention / neutralization:A. Use antivirus or antimalware application that features antirootkit therein.2. Some rootkits require a separate application (such as Sophos AntiRootkit) to be removed perfectly.
Social Engineering.
Definition: Social Engineering is a trick that dolakukan by a hacker / cracker to fool the victim to want to do something. Usually things that are related to social engineering is done in order to incite a victim would visit a certain website or run a malicious file that's embedded in the email attachment.
Problems caused: Many adverse effect caused by social engineering because a victim does not realize that he was deceived. Most cases of this technique is lost password, account, or transfer of confidential data to a particular party. Another problem posed is the spread of computer viruses or malware because a victim considers a result of social engineering news is both right and go pass it.
Prevention / neutralization: Due to technical matters not involving the field of computer technology, the only way to avoid social engineering is aware of all sedition, news, or information from various parties. Including friends or relatives who have known though. Check back to other sources can be effective measures to prevent social engineering.
SPAM.
Definition: Spam is unsolicited email that goes into someone's email box and sent in a mass (to many addresses at once). Email this generally contain commercial advertising that invites a person to purchase or view the product or service.
Problems caused: Many reports mention that the main problem of spam is time lost in vain. There is truth in it, because most spam emails unwanted by the recipient and it takes time to delete the messages. This will be an additional problem if the span has reached hundreds a day.
Spam is also not infrequently took part in the spread of malware, because it is the easiest and most inexpensive way to publish social engneering, malware, and phishing as well.
Prevention / neutralization: Currently manufacturers are security applications providing Anti-Spam programs that are reliable. Some are packaged in an antivirus application. Http://www.freeantispam.org/ sites even provide such a program in a free license.
Spyware.
Definition: Spyware is software that enables advertisers or hackers obtaining sensitive information without being noticed by the victim.
Posed problems: Because it is not easy to know, spyware is often used to steal valuable data from computer users. If you have this, do not be surprised if all of a sudden password, ATM PIN numbers, credit card numbers, and so suddenly changed hands.
Prevention / neutralization: A system can be infected with spyware just by visiting certain web sites (hazardous). Some sites that contain spyware will require the installation of the application via a pop up window. But there is also a direct install itself without permission.
To avoid this make sure the browser used to surf the internet already have a reporting system to malicious sites. Browsers like Internet Explorer 8, Firefox (with NoScript plugin), Google Chrome, and Opera is providing this facility.
Trojan.
Definition: The Trojan is a program that seemed as if the program works as well. Though he was hiding a dangerous secret functions of the system. Trojan is also sometimes used as the substitute for other malware such as bots, backdor trojan, and downloader trojan.
Problems posed: Trojan often seen as an exceptional program that can be used for productivity. He also frequently claim to have only a single function for a particular purpose. However, unbeknownst to the victim, he runs the other functions such as data theft or search for system weaknesses. This information is then sent to the hacker without the knowledge of the victim.
Trojan is spread in many pirated applications, including KeyGenerator (to make a false license number) and the like. The number of trojan is currently also growing rapidly compared with the virus because of its ability to spread independently.
Prevention / neutralization: Trojan can be recognized easily by antivirus or antimalware application with the latest updates. It is advisable to always check the applications downloaded from the internet using a program / antivirus application.
Source: Magazine & tabloid InfoKomputer PCplus
"dictionarry about computer security, understand the popular definition of the term security: adware, Malware Bootsector, Brute Force, Distributed Denial of Service attacks (DDoS), Email Malware, Exploit, Fake Antivirus (Antivirus False), hoax, keylogger, phising, mobile phone malware, rootkit, spam, spyware, trojan"
Tidak ada komentar:
Posting Komentar