Different Types of Computer Viruses
Resident Viruses
This type of virus is a permanent which dwells in the RAM memory. From there it can overcome and interrupt all of the operations executed by the system: corrupting files and programs that are opened, closed, copied, renamed etc.
Examples include: Randex, CMJ, Meve, and MrKlunky.
Direct Action Viruses
The main purpose of this virus is to replicate and take action when it is executed. When a specific condition is met, the virus will go into action and infect files in the directory or folder that it is in and in directories that are specified in the AUTOEXEC.BAT file PATH. This batch file is always located in the root directory of the hard disk and carries out certain operations when the computer is booted.
Overwrite Viruses
Virus of this kind is characterized by the fact that it deletes the information contained in the files that it infects, rendering them partially or totally useless once they have been infected.
The only way to clean a file infected by an overwrite virus is to delete the file completely, thus losing the original content.
Examples of this virus include: Way, Trj.Reboot, Trivial.88.D.
Boot Virus
This type of virus affects the boot sector of a floppy or hard disk. This is a crucial part of a disk, in which information on the disk itself is stored together with a program that makes it possible to boot (start) the computer from the disk.
The best way of avoiding boot viruses is to ensure that floppy disks are write-protected and never start your computer with an unknown floppy disk in the disk drive.
Examples of boot viruses include: Polyboot.B, AntiEXE.
Macro Virus
Macro viruses infect files that are created using certain applications or programs that contain macros. These mini-programs make it possible to automate series of operations so that they are performed as a single action, thereby saving the user from having to carry them out one by one.
Examples of macro viruses: Relax, Melissa.A, Bablas, O97M/Y2K.
Directory Virus
Directory viruses change the paths that indicate the location of a file. By executing a program (file with the extension .EXE or .COM) which has been infected by a virus, you are unknowingly running the virus program, while the original file and program have been previously moved by the virus.
Once infected it becomes impossible to locate the original files.
Polymorphic Virus
Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and encryption keys) every time they infect a system.
This makes it impossible for anti-viruses to find them using string or signature searches (because they are different in each encryption) and also enables them to create a large number of copies of themselves.
Examples include: Elkern, Marburg, Satan Bug, and Tuareg.
File Infectors
This type of virus infects programs or executable files (files with an .EXE or .COM extension). When one of these programs is run, directly or indirectly, the virus is activated, producing the damaging effects it is programmed to carry out. The majority of existing viruses belong to this category, and can be classified depending on the actions that they carry out.
Companion Viruses
Companion viruses can be considered file infector viruses like resident or direct action types. They are known as companion viruses because once they get into the system they "accompany" the other files that already exist. In other words, in order to carry out their infection routines, companion viruses can wait in memory until a program is run (resident viruses) or act immediately by making copies of themselves (direct action viruses).
Some examples include: Stator, Asimov.1539, and Terrax.1069
FAT Virus
The file allocation table or FAT is the part of a disk used to connect information and is a vital part of the normal functioning of the computer.
This type of virus attack can be especially dangerous, by preventing access to certain sections of the disk where important files are stored. Damage caused can result in information losses from individual files or even entire directories.
Worms
A worm is a program very similar to a virus; it has the ability to self-replicate, and can lead to negative effects on your system and most importantly they are detected and eliminated by antiviruses.
Examples of worms include: PSWBugbear.B, Lovgate.F, Trile.C, Sobig.D, Mapson.
Trojans or Trojan Horses
Another unsavory breed of malicious code are Trojans or Trojan horses, which unlike viruses do not reproduce by infecting other files, nor do they self-replicate like worms.
Logic Bombs
They are not considered viruses because they do not replicate. They are not even programs in their own right but rather camouflaged segments of other programs.
Monday, March 15, 2010
Organizations of Information Technology ( IT )
IT Organizations in the Philippines
1. Name: Information Technology Foundation of the Philippines.
Name: Information Technology Foundation of the Philippines (ITFP) Address: 32nd Flr Philam Life Tower
8767 Paseo de Roxas Ave, Makati City E Mail: cynthia.mamon@sun.com.ph Tel No: (632) 750-3742 Fax No: (632) Website: www.itfp.org.ph About: The Information Technology Foundation of the Philippines (ITFP) is a non-stock and non-profit organization. It is the federation of all the Philippine Computer IT organization. Programs & Projects: 8-POINT PROGRAM-ITFP aims to achieve the following:
For the ITFP Organization itself
• Be financially strong and stable
• Professionally run and managed.
For the Member Associations
• Improve members well-being and supports its interest
For the IT Industry
• Focus on the local market but supports global competitiveness
• Support the national thrust to become the e-services hub of Asia
• Be strong lobby group
For the Public (Government and the civil society)
• To promote social responsibility
• To support and assist in e-governance
2007 Programs
• Push for "Strengthen CICT to DICT
• Procurement Law and its implementation (CICT and DBM)
- Forum
- Training (With ITAP-NCI)
• Automation of the Electoral System
• ICT Training and Certification (CICT, NCI, ITAP, TESDA, PAQTVET)
• Good Governance of IT Organizations and Associations (Code of Ethics)
MOA re Promoting English Proficiency (PEP)
Fund Raising
Vision: "The voice and the medium of the ICT community in the country that supports the ICT programs of the government and private sector." Mission: To contribute to the contribute to the economic, social and political development of the country
- by advocating the wise and widespread use of ICT;
- by representing the needs and interest of the ICT industry and community;
- by supporting the ICT-based programs of government and private sector; and
- by strengthening the country's global competitiveness through ICT Objectives:
• To accelerate the development of the Philippine Information Technology industry and help the profession by conducting and supporting projects and activities that will lead to the attainment of its purposes.
• To support and fund selected IT related activities of its member Associations.
• To contribute towards the social and economic development to the country through the promotion of IT utilization in all sectors of the Philippine society.
• To represent the IT industry in the government in the formulation and implementation of policies, laws, regulations and statues affecting the IT industry.
Date Founded:
Contact Person: Ellen Almazon
List of Officers CYNTHIA R. MAMON, President
SUN MICRO SYSTEMS PHILIPPINES
(632) 885-7867, 885-0401
(632) 885-7866
cynthia.mamon@sun.com.ph
2.)University of the Philippines Information Technology Training Center
The University of the Philippines Information Technology Training Center (UP ITTC) is a program of the University of the Philippines together with the Japan International Cooperation Agency (JICA) solely devoted to training professionals in information technology. The UP ITTC also hosts the Philippine Youth Congress in Information Technology or Y4IT every September, the largest gathering of IT enthusiasts from all over the Philippines.
University of the Philippines
Information Technology
Training Center
Helping You Build a Solid IT Career
Address
Quirino Avenue cor. Velasquez Street
Vidal A. Tan Hall
UP Diliman
Quezon City, 1101
Philippines
Coordinates- 14°39′7.60″N 121°4′5.88″ECoordinates: 14°39′7.60″N 121°4′5.88″E Information
Opened -2004
Authority University of the Philippines System
Director Dr. Jaime D.L. Caro
Website http://ittc.up.edu.ph/
3.) International Organization for IT
The heart of AITP lies in its local chapters. Chapter activities provide unique opportunities for informal but direct contact with other IT professionals. For more information about AITP chapter locations, contact the AITP Membership Department, call 1-800-224-9371 or visit a chapter’s Web site.
AITP gives you online access to local chapters by state or city. Chapter e-mail addresses and Web site pages are provided where available.
1. Name: Information Technology Foundation of the Philippines.
Name: Information Technology Foundation of the Philippines (ITFP) Address: 32nd Flr Philam Life Tower
8767 Paseo de Roxas Ave, Makati City E Mail: cynthia.mamon@sun.com.ph Tel No: (632) 750-3742 Fax No: (632) Website: www.itfp.org.ph About: The Information Technology Foundation of the Philippines (ITFP) is a non-stock and non-profit organization. It is the federation of all the Philippine Computer IT organization. Programs & Projects: 8-POINT PROGRAM-ITFP aims to achieve the following:
For the ITFP Organization itself
• Be financially strong and stable
• Professionally run and managed.
For the Member Associations
• Improve members well-being and supports its interest
For the IT Industry
• Focus on the local market but supports global competitiveness
• Support the national thrust to become the e-services hub of Asia
• Be strong lobby group
For the Public (Government and the civil society)
• To promote social responsibility
• To support and assist in e-governance
2007 Programs
• Push for "Strengthen CICT to DICT
• Procurement Law and its implementation (CICT and DBM)
- Forum
- Training (With ITAP-NCI)
• Automation of the Electoral System
• ICT Training and Certification (CICT, NCI, ITAP, TESDA, PAQTVET)
• Good Governance of IT Organizations and Associations (Code of Ethics)
MOA re Promoting English Proficiency (PEP)
Fund Raising
Vision: "The voice and the medium of the ICT community in the country that supports the ICT programs of the government and private sector." Mission: To contribute to the contribute to the economic, social and political development of the country
- by advocating the wise and widespread use of ICT;
- by representing the needs and interest of the ICT industry and community;
- by supporting the ICT-based programs of government and private sector; and
- by strengthening the country's global competitiveness through ICT Objectives:
• To accelerate the development of the Philippine Information Technology industry and help the profession by conducting and supporting projects and activities that will lead to the attainment of its purposes.
• To support and fund selected IT related activities of its member Associations.
• To contribute towards the social and economic development to the country through the promotion of IT utilization in all sectors of the Philippine society.
• To represent the IT industry in the government in the formulation and implementation of policies, laws, regulations and statues affecting the IT industry.
Date Founded:
Contact Person: Ellen Almazon
List of Officers CYNTHIA R. MAMON, President
SUN MICRO SYSTEMS PHILIPPINES
(632) 885-7867, 885-0401
(632) 885-7866
cynthia.mamon@sun.com.ph
2.)University of the Philippines Information Technology Training Center
The University of the Philippines Information Technology Training Center (UP ITTC) is a program of the University of the Philippines together with the Japan International Cooperation Agency (JICA) solely devoted to training professionals in information technology. The UP ITTC also hosts the Philippine Youth Congress in Information Technology or Y4IT every September, the largest gathering of IT enthusiasts from all over the Philippines.
University of the Philippines
Information Technology
Training Center
Helping You Build a Solid IT Career
Address
Quirino Avenue cor. Velasquez Street
Vidal A. Tan Hall
UP Diliman
Quezon City, 1101
Philippines
Coordinates- 14°39′7.60″N 121°4′5.88″ECoordinates: 14°39′7.60″N 121°4′5.88″E Information
Opened -2004
Authority University of the Philippines System
Director Dr. Jaime D.L. Caro
Website http://ittc.up.edu.ph/
3.) International Organization for IT
The heart of AITP lies in its local chapters. Chapter activities provide unique opportunities for informal but direct contact with other IT professionals. For more information about AITP chapter locations, contact the AITP Membership Department, call 1-800-224-9371 or visit a chapter’s Web site.
AITP gives you online access to local chapters by state or city. Chapter e-mail addresses and Web site pages are provided where available.
Thursday, February 4, 2010
Can I consider myself as an IT professional after I graduate?
Taking a course in IT is not easy for me its so hard, well I try my best that I can graduate hopefully.i cannot say that I may consider my self as an IT professional after I graduate because it is only a degree holder once we finish our studies. Even after I graduate. But I could not say I am a professional until if I could be able to find a job. I may consider myself as an IT professional if I have a job. But as of now I cannot say that I am a IT professional.
What are the benefits of joining (IT) professional organization?what might be some dis advantages in your discussions mention.
There are some benefits of joining IT professional organizations one of them is the Greater Professeional Fiel Exposure: to pursue the IT skills and to continue enhancment of IT.
Should an IT professional either be licensed or certified? Why or why not?
Being a licensed or certified IT professional is important. Whether it should be licensed or certified the most important is that your capable enough of doing something in choosen IT field because we have a set of skills that we know and proudly show of to our boss. But for the most important of It professional is being a licensed IT. Because mostly now in school there are license exams in our filed but in IT students don’t give much attention to how much they’ve learned in the school. The important is we must end up a IT graduates with diplomas and name.
As an IT graduating students of the collegfe, what are aiming for? Why?
Well, I’ve choosen CompTIA + Certification because I want to be a computer support technician equiped with knowledge and certification that is vendor - neutral. It entails certfication competence in areas such as installation preventative maintenance, networkingf, security and troubleshooting.
Taking a course in IT is not easy for me its so hard, well I try my best that I can graduate hopefully.i cannot say that I may consider my self as an IT professional after I graduate because it is only a degree holder once we finish our studies. Even after I graduate. But I could not say I am a professional until if I could be able to find a job. I may consider myself as an IT professional if I have a job. But as of now I cannot say that I am a IT professional.
What are the benefits of joining (IT) professional organization?what might be some dis advantages in your discussions mention.
There are some benefits of joining IT professional organizations one of them is the Greater Professeional Fiel Exposure: to pursue the IT skills and to continue enhancment of IT.
Should an IT professional either be licensed or certified? Why or why not?
Being a licensed or certified IT professional is important. Whether it should be licensed or certified the most important is that your capable enough of doing something in choosen IT field because we have a set of skills that we know and proudly show of to our boss. But for the most important of It professional is being a licensed IT. Because mostly now in school there are license exams in our filed but in IT students don’t give much attention to how much they’ve learned in the school. The important is we must end up a IT graduates with diplomas and name.
As an IT graduating students of the collegfe, what are aiming for? Why?
Well, I’ve choosen CompTIA + Certification because I want to be a computer support technician equiped with knowledge and certification that is vendor - neutral. It entails certfication competence in areas such as installation preventative maintenance, networkingf, security and troubleshooting.
What is profession?
A profession is a specific line of work - Like in the medical industry you could say the medical profession. The people in a profession typically have education that trains them in the field they choose. We cannot say that we are a professional if we have not a profession.
What is professional?
A professional is a member of a vocation founded upon specialised educational training.
The word professional traditionally means a person who has obtained a degree in a professional field. The term professional is used more generally to denote a white collar working person, or a person who performs commercially in a field typically reserved for hobbyists or amateurs.
Because of the personal and confidential nature of many professional services and thus the necessity to place a great deal of trust in them, most professionals are held up to strict ethical and moral regulations.http://en.wikipedia.org/wiki/Professional.
A profession is a specific line of work - Like in the medical industry you could say the medical profession. The people in a profession typically have education that trains them in the field they choose. We cannot say that we are a professional if we have not a profession.
What is professional?
A professional is a member of a vocation founded upon specialised educational training.
The word professional traditionally means a person who has obtained a degree in a professional field. The term professional is used more generally to denote a white collar working person, or a person who performs commercially in a field typically reserved for hobbyists or amateurs.
Because of the personal and confidential nature of many professional services and thus the necessity to place a great deal of trust in them, most professionals are held up to strict ethical and moral regulations.http://en.wikipedia.org/wiki/Professional.
Wednesday, February 3, 2010
assignment
Types of attack
There are too many types, methods and mechanisms of attack to provide a comprehensive description of all of them. New attack techniques and exploits are constantly being developed and discovered.
One of the main advantages of KFSensor is that it assumes all connections made to it are malevolent, as there is no legitimate reason to connect to its simulated servers. Because of this it is effective at detecting unknown attack techniques as it does not rely on signature databases of known attacks.
This section provides an introduction to some of the types and techniques used to attack and compromise a system.
The perpetrators
Ultimately all attacks are originated by people with a motivation to steal, cause vandalism, prove themselves to be elite hackers, or just for the thrill it gives them. Most attacks are actually performed by automated tools that such people release on the Internet.
* Virus
Computer viruses have a long history. A virus attempts to install itself on a user's system and to spread directly to other files on that system with the aim that these infected files will be transferred to another machine. The payload of a virus can range from 'comical' pranks to destruction of the system itself.
A virus relies on users to spread by sharing infected files either directly or via email. Once launched, a virus is completely independent of its creator.
Although the most common threat to security, the traditional virus does not attack other systems directly and so is unlikely to be detected by KFSensor.
* Worm
A worm is very similar to a virus. The key difference is that a worm attempts to propagate itself without any user involvement. It typically scans other computers for vulnerabilities which it is designed to exploit. When such a machine is identified, the worm will attack that machine, copying over its files and installing itself, so that the process can continue.
KFSensor excels at detecting worms as they scan and attempt to attack very large numbers of systems at random.
* Trojan
Trojans take their name from the trojan horse of Greek mythology.
Computer trojans work in the same way. A game, screen saver or cracked piece of commercial software is given to a victim. The software may appear to work as normal, but its real purpose is to deliver a payload, such as a virus or a root kit.
* Root Kit
A root kit is a piece of software that once installed on a victim's machine opens up a port to allow a hacker to communicate with it and take full control of the system. Root kits are also known as back doors. Some root kits give a hacker even more control of a machine than a victim may have themselves.
The SubSeven root kit allows an attacker to turn off a victim's monitor, move the mouse and even turn on an installed web cam and watch the victim without their knowledge.
* Hybrids
Often malware is a dangerous hybrid that can combine the features of the different classifications described above. The SubSeven root kit is delivered and classified as a trojan.
* Scanners
Scanners are tools designed to interrogate machines on the Internet to elicit information about the types and versions of the services that they are running. There are a variety of scanners, some just ping for the presence of a machine, others look for open ports, while others are more specialized in looking for vulnerabilities of a particular type of service, or the presence of a root kit. Scanners are often incorporated into other malware such as worms.
Scanners are a favorite tool of a hacker, but are just as useful to security professionals trying to detect and close down system vulnerabilities. KFSensor detects scanners and is effective at misleading them.
* Hacker
Hacker, H4x0r5, crackers and black hats are all terms for those individuals that KFSensor is ultimately designed to detect and offer protection from. The term hacker is used in this manual to cover all such individuals.
Direct, or manual actions, by a hacker are much rarer than the attacks launched by the tools described above. Hackers usually only attack a system directly once a system has been identified as vulnerable or has already been exploited by an automated tool.
There are too many types, methods and mechanisms of attack to provide a comprehensive description of all of them. New attack techniques and exploits are constantly being developed and discovered.
One of the main advantages of KFSensor is that it assumes all connections made to it are malevolent, as there is no legitimate reason to connect to its simulated servers. Because of this it is effective at detecting unknown attack techniques as it does not rely on signature databases of known attacks.
This section provides an introduction to some of the types and techniques used to attack and compromise a system.
The perpetrators
Ultimately all attacks are originated by people with a motivation to steal, cause vandalism, prove themselves to be elite hackers, or just for the thrill it gives them. Most attacks are actually performed by automated tools that such people release on the Internet.
* Virus
Computer viruses have a long history. A virus attempts to install itself on a user's system and to spread directly to other files on that system with the aim that these infected files will be transferred to another machine. The payload of a virus can range from 'comical' pranks to destruction of the system itself.
A virus relies on users to spread by sharing infected files either directly or via email. Once launched, a virus is completely independent of its creator.
Although the most common threat to security, the traditional virus does not attack other systems directly and so is unlikely to be detected by KFSensor.
* Worm
A worm is very similar to a virus. The key difference is that a worm attempts to propagate itself without any user involvement. It typically scans other computers for vulnerabilities which it is designed to exploit. When such a machine is identified, the worm will attack that machine, copying over its files and installing itself, so that the process can continue.
KFSensor excels at detecting worms as they scan and attempt to attack very large numbers of systems at random.
* Trojan
Trojans take their name from the trojan horse of Greek mythology.
Computer trojans work in the same way. A game, screen saver or cracked piece of commercial software is given to a victim. The software may appear to work as normal, but its real purpose is to deliver a payload, such as a virus or a root kit.
* Root Kit
A root kit is a piece of software that once installed on a victim's machine opens up a port to allow a hacker to communicate with it and take full control of the system. Root kits are also known as back doors. Some root kits give a hacker even more control of a machine than a victim may have themselves.
The SubSeven root kit allows an attacker to turn off a victim's monitor, move the mouse and even turn on an installed web cam and watch the victim without their knowledge.
* Hybrids
Often malware is a dangerous hybrid that can combine the features of the different classifications described above. The SubSeven root kit is delivered and classified as a trojan.
* Scanners
Scanners are tools designed to interrogate machines on the Internet to elicit information about the types and versions of the services that they are running. There are a variety of scanners, some just ping for the presence of a machine, others look for open ports, while others are more specialized in looking for vulnerabilities of a particular type of service, or the presence of a root kit. Scanners are often incorporated into other malware such as worms.
Scanners are a favorite tool of a hacker, but are just as useful to security professionals trying to detect and close down system vulnerabilities. KFSensor detects scanners and is effective at misleading them.
* Hacker
Hacker, H4x0r5, crackers and black hats are all terms for those individuals that KFSensor is ultimately designed to detect and offer protection from. The term hacker is used in this manual to cover all such individuals.
Direct, or manual actions, by a hacker are much rarer than the attacks launched by the tools described above. Hackers usually only attack a system directly once a system has been identified as vulnerable or has already been exploited by an automated tool.
Subscribe to:
Posts (Atom)
