Malware Discussion Essay Example for Free

Malware Discussion Essay The use of malware is a way for attackers to gain access to person information from a personal computer or company information from an organization. There are several types of malware which include virus, rootkits, and worms. Each malware serves different purposes to achieve the goal of an attacker. An attacker could be envious of a past lover and could send a virus to their email to shutdown the operations of their computer. A disgruntle employee could send a worm to their old company and slow down production of the company. A random person looking for a thrill could set up a rootkit on a company’s network to gain access to company secrets. Each malware is given a name specified for its cause, for example the Trojan Worm. The name is given to this virus because of the activity that happens once it is executed. Viruses are named by antivirus companies who avoid using proper names. The Melissa virus was named by its creator, David Smith, for a Miami stripper. This paper will discuss 5 different types of malware and inform the targets for these attacks. Discussion of Malware The first malware that will be discussed is the Melissa Virus. This virus was detected on the 26th of March 1999. This virus is a Microsoft Word macro virus that is delivered as an E-mail attachment. The virus is activated when an attachment named, list. doc is opened. When it is activated, the Melissa virus searches the Microsoft Outlook address book and sends a message to the first 50 names. This virus proliferates itself as users open the attachment. Melissa doesn’t work on Outlook Express, just Outlook. The message appears to come from the person just infected, which means that the message will seem to come from a recognizable email address. Melissa doesn’t destroy files or other resources, but has the possibility to immobilize corporate and other mails servers. The origin of the Melissa virus is from an Internet alt. sex newsgroup and contains a list of passwords for various Web sites that require memberships. Melissa also has the ability to disable some security safeguards. Users of Microsoft Word 97 or 2000 with Microsoft Outlook 97, 98, or 200 are most likely to be affected. When the virus attacks, it can infect the copy of Microsoft Word that is installed as well as any following Word documents that are created. It can also change the setting of Microsoft Word to make it easier for the computer to become infected by it and succeeding macro viruses. Users of Word 97 or 2000 containing any other E-mail programs can be affected also; the difference is that Melissa will not automatically redistribute itself to the contacts through other E-mail programs. It can still however infect the copy of Microsoft installed on the machine. This infected copy can still be shared with others if a document is created in the infected copy and distributed through E-mail, floppy disk, or FTP. Although the virus won’t appeal to the mailout on a Mac system, it can be stored and resent from Macs. To avoid this virus, it is suggested to not double-click any file, such as an E-mail attachment, without scanning it first with antivirus software, regardless of who it is from. The next malware to be discussed is SQL injection which is an attack where malicious code is placed in within strings that are shortly passed on to an example of SQL Server for parsing and implementation. A form of SQL injection consists of direct placing of code into user-input variables that link with SQL commands and executed. An attack that is not as direct, inserts malicious code into strings that are intended for storage in a table or as metadata. The malicious code is executed once the stored strings are linked into a dynamic SQL command. In SQL Injection, the hacker uses SQL queries and ingenuity to get to the database of susceptible corporate data through the web application. Websites with features as login pages, support and product request forms, feedback forms, search pages, shopping carts and the general delivery of dynamic content, shape modern websites and provide businesses with the means necessary to communicate with prospects and customers are all vulnerable to SQL Injection attacks. The reason behind this is because the fields available for user input allow SQL statements to pass through and query the database directly. SQL Injection flaws are introduced when software developers create dynamic database queries that include user supplied input. There have been several reports of SQL attacks, dating back to 2005. The websites that have became victim to these attacks range from Microsoft U. K. to Lady GaGa’s website. To avoid SQL injection flaws, it is suggested that developers need to either: a) stop writing dynamic queries; and/or b) prevent user supplied input which contains malicious SQL from affecting the logic of the executed query. The next malware discussed will be Stuxnet. Stuxnet is a computer worm that targets Siemens industrial software and equipment running Microsoft Windows, and was discovered in June 2010. Although Stuxnet isn’t the first attack to target industrial systems, it is however the first discovered malware that actually moles on and weakens industrial systems. Stuxnet is also the first malware to include a programmable logic controller rootkit. Stuxnet is designed to target specifically Siemens supervisory control and data acquisition systems that are configured to control and monitor specific industrial processes. The PLCs are infected by Stuxnet weakening the Step-7 software application that is used to reprogram these devices. Stuxnet is different from other malware as it only attacks computers and networks that meet a specific configuration requirement. Stuxnet contains a safeguard and if Siemens software isn’t discovered on the infected computer will prevent each infected computer from spreading the worm to more than three others, and to erase itself on June 24, 2012. Along with other things for its victims, Stuxnets contains code for a man-in-the-middle attack. Stuxnet will spread through removable devices such as an USB drive in a Windows operating system by using a four zero-day attack. After it has infected the removable drive, it uses other utilizations and techniques to infect and update other computers inside private networks. Stuxnet infects Step 7 software by infecting project files belong to Siemen’s WinCC/PCS 7 SCADA control software and weakens a key communication library of WinCC called s7otbxdx. dll. It is recommended by Siemens to contact customer support if and infection is detected and advises installing Microsoft patches for security vulnerabilities and prohibiting the use of third-party USB flash drives. Next, Zeus, also known as Zbot virus will be discussed. This virus is geared toward financial institutions such as banks. Zeus was first discovered in July 2007 after being used to steal information from the US DOT. Zeus is set up to infect a consumers PC, and wait until the log onto a list of targeted banks and financial institutions and steal their credentials and sends them to a remote server in real time. Zeus can also inject HTML into a page that is provided by the browser, this displays its own content instead of the actual page from the bank’s web server. By doing this, it is able to obtain users information such card numbers and pins. According to SecureWorks, ZeuS is sold in the criminal underground as a kit for around $3000-4000, and is likely the one malware most utilized by criminals specializing in financial fraud. According to Lucian Constantin, Zeus is one of the oldest and most popular crimeware toolkits available on the underground market. Up until this year the Trojan could only be acquired for significant sums of money from its original author. However, a few months ago the source code leaked online and now anyone with the proper knowledge can create variations of the malware. Also according to SecureWorks, The latest version of Zeus as of this date is 1. 3. 4. x and is privately sold. The author has gone to great lengths to protect this version using a Hardware-based Licensing System. The author of Zeus has created a hardware-based licensing system for the Zeus Builder kit that you can only run on one computer. Once you run it, you get a code from the specific computer, and then the author gives you a key just for that computer. This is the first time they have seen this level of control for malware. The CTU recommends that businesses and home users carry out online banking and financial transactions on isolated workstations that are not used for general Internet activities, such as web browsing and reading email which could increase the risk of infection. The last malware that will be discussed is the Blaster worm also known as Lovsan, Lovesan, or MSBlast. The Blaster worm spreads on computers that have Windows XP and Windows 2000 as an operating system and was detected in August of 2003. The creator of the B variant of the Blaster worm, Jeffrey Lee Parson was an 18 year old from Hopkins, Minnesota. He was arrested on August 29, 2003, admitted to the creation of the B variant, and was sentenced to 18-months in prison in January 2005. A Windows component known as the DCOM (Distributed Component Object Model) interface which is a known vulnerability of Windows is taken advantage of by Blaster. The DCOM handles messages sent using the RPC (Remote Procedure Call) protocol. Vulnerable systems can be compromised without any interaction from a user, according to Johannes Ullrich, chief technology officer at the SANS Internet Storm Center, which monitors threats to the Internet infrastructure. According to Mikko Hypponen, manager of antivirus research at F-Secure in Helsinki, Blaster unlike the Code Red worm, which contained code for a similar attack against the IP address of White House’s main Web server, targets the windowsupdate. microsoft. com domain, which prevents Microsoft from changing the address of the domain to sidestep the attack. Blasters code is small and can be quickly removed using free tools provided by F-Secure as well as other antivirus vendors, Hypponen said. However, customers should patch their systems before removing Blaster to prevent from getting infected again from the worm, he said.

David Suzukis A Planet For The Taking :: essays research papers

David Suzuki's A Planet for the Taking In the essay "A Planet for the Taking," David Suzuki describes Canadians' odd appreciation for this great natural bounty we call our own. He is an internationally acclaimed scientist who is concerned about the welfare of Canada. Suzuki's intended audience is the Canadian population that does not realize the grave danger they are instilling upon themselves by haphazardly taking our resources without looking at the subsequent repercussions of their actions. The essay is persuasive and informative. He compares various facets of science and gives reasons why none of these fields can explain why we are destroying nature. The organization of the essay supports the author's views well. It begins with general opinions about the Canadian population and is followed by more detailed explanations. The general opinions in the beginning are well- chosen considering the audience. Suzuki's tone is evident when he states "We have both a sense of the importance of the wilderness and space in our culture and an attitude that it is limitless and therefore we needn't worry." These words suggest that we are willing to reap the rewards of our vast resources but we fail to see the harm that we are doing, and will continue to do if we do not stop these actions. Although his approach for explaining his beliefs changes, Suzuki's tone of great concern remains consistent throughout the essay. After his views are presented, Suzuki begins to tell us what we have done to our country and how we are destroying it. Present day Canadians are compared to native Canadians which successfully serves its purpose in illustrating how, for centuries, people lived off the natural resources in Canada. With the development of science and technology, we have developed better ways of mass harvesting resources but these methods are taking at a faster rate than nature can sustain. Science suggests means of replacing these resources we are taking but there is no quick replacement for ecosystems that have taken thousands of years to evolve. Following his explanations of how we have destroyed nature, Suzuki discusses science and how society deals with it, "I believe that in large part our problems rest on our faith in the power of science and technology." This statement and the following sentences are used to describe how people deal with great developments in science and technology. Because there have been so many great advances in these fields in the past century, people are comfortable placing their faith in science though scientists are still far from discovering all of the secrets to the universe. Scientists interfere with nature without

Mountain Resorts in Malaysia

There are three mountain resorts that are famous as a tourist attraction throughout the Asian region. The thousands of tourists who visit and revisit these three places are proof that these three mountain resorts are fun, addictive and keep you coming back for more. Which three mountain resorts that I am talking about? The three most popular mountain resorts as a tourist attraction in Malaysia are Genting Highland, Cameron Highland and Fraser’s Hill. Genting Highland, the Las Vegas of Malaysia, have three main activities.The first is a wide selection of outdoor and indoor theme parks. The indoor theme park has six theme areas from around the world, each with unique rides. The outdoor theme park features rides suitable for the entire family, such as the double loop Corkscrew for the adults and teenagers and the Flying Jumbo for small children. (pktan, Travel Guide Malaysia, 2007) If you are looking for something else to do, you could gamble at the only legal casinos in Malaysia . There are table games and slot machines for your entertainment. Wikitravel, n. d) Other than that, Arena of Stars in Genting has shows from musical concerts to live shows and sporting events. This fully-roofed amphitheater can make your holiday to be an unforgettable one. (rwgenting. com, n. d) Cameron Highlands is one of the most popular highlands retreat around Malaysia, losing out only to Genting Highlands. There are many different activities that can occupy your time there. Firstly, there are many agriculture farms there, such as tea plantations, strawberry farms and vegetable farms.To savor the delicious fruits, you can pluck the strawberries yourself or just visit the day market at Kea Farm. (Cameron Highlands Online, n. d) There are also honey bee farms and butterfly farms scattered around Cameron. Various honey products and framed preserved butterflies can be bought as a souvenir. (Cameron. com. my, n. d) Thirdly, there is a museum called Time Tunnel Gallery, where the pas t of Cameron Highlands can be seen through photographs.It is full of heartwarming relics from the local descendants from the pre-war days. (Clove Two, 2009) Fraser’s Hill is one of the famous mountain resorts in Malaysia. A few hundred years ago, Scottish James Fraser recruited some guides and hacked his way to the top of the mountains on Titiwangsa range in search of gold and precious metal. He did not find gold but made a home there and opened a tin mine as it is rich in tin deposits. The British authorities build a hill tation there after he disappeared 25 years later and named it Fraser’s Hill. (JourneyMalaysia. com, n. d) Fraser’s Hill is the coolest place in Malaysia. (Kuantan Hotels. com, n. d) The view is spectacular and is a hotspot for naturalists and photographers. As a result, it is a popular tourist attraction and attracts around 60,000 tourists a year, as reported by M. Hamzah Jamaludin from The New Straight Times. Other than visiting Fraserâ€℠¢s Hill for nature, there are also many sport activities that could be enjoyed by the whole family.Nature walk, bird watching, golf, fishing and horse riding are just some of the many activities that could fill your day. (Pahang Tourism, 2011) As the years grow, Fraser’s Hill is slowly growing to be the top tourist attraction in Malaysia. In conclusion, Genting Highland, Cameron Highland and Fraser’s Hill, are all exciting, tourist attraction mountain resorts in Malaysia. These three resorts lure many tourists, local and international, to Malaysia every year, no doubt making them the three most renowned mountain resorts in Asia.

Teaching Children to Count

A childs first teacher is their parent. Children are often exposed to their earliest math skills by their parents. When children are young, parents use food and toys as a vehicle to get their children to count or  recite numbers. The focus tends to be on rote counting, always starting at number one rather than the understanding the concepts of counting. As parents feed their children, they will refer to one, two, and three as they give their child another spoonful or another piece of food or when they refer to building blocks and other toys. All of this is fine, but counting requires more than a simple rote approach whereby children memorize numbers in a chant-like fashion. Most of us forget how we learned the many concepts or principles of counting. Principles Behind Learning to Count Although weve given names to the concepts behind counting, we dont actually use these names when teaching young learners. Rather, we make observations and focus on the concept. Sequence: Children need to understand that regardless of which number they use for a starting point, the counting system has a sequence.Quantity or Conservation: The number also represents the group of objects regardless of size or distribution. Nine blocks spread all over the table are the same as nine blocks stacked on top of each other. Regardless of the placement of the objects or how theyre counted (order irrelevance), there are still nine objects. When developing this concept with young learners, its important to begin with pointing to or touching each object as the number is being said. The child needs to understand that the last number is the symbol used to represent the number of objects. They also need to practice counting the objects from bottom to top or left to right to discover that order is irrelevant--regardless of how the items are counted, the number will remain constant.Counting Can Be Abstract: This may raise an eyebrow but have you ever asked a child to count the number of times youve thought about getting a task done? Some things that can be counted arent tangible. Its like counting dreams, thoughts or ideas--they can be counted but its a mental ​and not tangible process.Cardinality: When a child is counting a collection, the last item in the collection is the amount of the collection. For instance, if a child counts 1,2,3,4,5,6, 7 marbles, knowing that the last number represents the number of marbles in the collection is cardinality. When a child is prompted  to recount the marbles how many marbles there are, the child doesnt yet have cardinality. To support this concept, children need to be encouraged to count sets of objects and then probed for how many are in the set. The child needs to remember the last number represents the quantity of the set. Cardinality and quantity are related to counting concepts.Unitizing: Our number system groups objects into 10 once 9 is reached. We use a base 10 system whereby a 1 will represent ten , one hundred, one thousand, etc. Of the counting principles, this one tends to cause the greatest amount of difficulty for children. Note We’re  sure youll never look at counting quite the same way when working with your children. More importantly, always keep blocks, counters, coins or buttons to ensure that you are teaching the counting principles concretely. The symbols wont mean anything without the concrete items to back them up.