1 Spyware. ECE 4112-Internetwork Security2 Agenda Cookies Browser hijacking Bundled software Key loggers Spyware prevention and deletion.

Slides:



Advertisements
Similar presentations
Viruses & Spyware A Module of the CYC Course – Computer Security
Advertisements

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Grass Valley Learning Center Surf the Net Safely Roger Thornburn.
What is Spyware? Where did it come from?.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.
Spyware and Adware Rick Carback 9/18/2005
What is a Firewall Anyway?
Spyware and other annoying Pop-ups. What are we going to learn? What is spyware What is the threat Where does it come from Why does spyware exist How.
Spyware & It’s Remedies CS 526 Research Project Spring 2008 Presented By - Ankur Chattopadhyay Erica Kirkbride University Of Colorado At Colorado Springs.
Server-Side vs. Client-Side Scripting Languages
6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?
X-Ways Trace Prepared By: Leen F. Arikat Supervisor: Dr. Lo’ai Tawalbeh.
Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.
Viruses, Worms, Spyware, and Other Perils of an On- Line World Computer Services Tech Talk September 23, 2003.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
How to Protect Your PC Grayware Adware, Malware, Spyware.
Spring Definitions  Virus  A virus is a piece of computer code that attaches itself to a program or file so it can spread.
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.
FIRST COURSE Computer Concepts Internet and Microsoft Office Get to Know Your Computer.
GET CONTROL! Avoid The Headache… Five Simple Steps to a Safer Computer – NUIT Tech Talk.
Chapter Nine Maintaining a Computer Part III: Malware.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Microsoft ® Official Course Module 9 Configuring Applications.
HijackThis - A general Homepage Hijacker Detector and Removal Tool By: Tahira Farid Project 1 Fall 2004.
Adware, Spyware, and Malware Anand Dedhia Bharath Raj ECE 4112 Project 28 April 2005.
What is a Firewall Anyway?. What is a firewall? A firewall is a network security device positioned between two different networks, usually between an.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.
Malware Fighting Spyware, Viruses, and Malware Ch 4.
1 Spyware, Adware, and Browser Hijacking. ECE Agenda What is Spyware? What is Adware? What is Browser Hijacking? Security concerns and risks Prevention,
DBS Form 6 As Computer Applications Project Spy ware By L6D Wong Chiu Hung.
Adware By: Kevin Garnett, Charlie wancy, Go Diego Go, Batman braggster.
Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.
What is a Computer Worm? A computer worm is a self- replicating program very similar to a virus. A virus attaches itself and becomes part of another executable.
SPYWARE Computer Applications L6D, LAM Siu Fai (18)
1 Spyware Ryan Myers Andrew Sullivan ECE 4112 – Spring 2005.
How to remove spyware from your PC using Spybot S&D? A SeniorNet Workshop SeniorNet is a service program of the Lutheran Service Society of Western Pennsylvania.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 49 The Dangers of Spyware and Phishing.
Anti-Spyware Solutions for MIT IT Partners Conference, April 19, 2005 Jonathan Hunt Senior Manager Software Service, IS&T.
1 Protect Against Spywares – SpywareBlaster. 2 Content Introduction – - What is Spyware? - Danger - Sign of Trouble Solution Cleaning -- Spybot Protection.
Spyware and Viruses Group 6 Magen Price, Candice Fitzgerald, & Brittnee Breze.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.
Return to the PC Security web page Lesson 5: Dealing with Malware.
Spybot-S&D Course: Fall 2004 Presented By: Ataul Bari Instructor: Dr. A. K. Aggarwal.
1 Malware/Spyware Group 26 Jay Kim and Jimmy Patel.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
1 Lab 12: Spyware A Window’s User’s Worst Nightmare.
Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION.
IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
SPYWARE Spyware, a new class of malicious programs, is just as dangerous as viruses but generally Is underreported. The issues are no longer those of privacy,
Web Browsing *TAKE NOTES*. Millions of people browse the Web every day for research, shopping, job duties and entertainment. Installing a web browser.
Understand Malware LESSON Security Fundamentals.
Internet Explorer 7 Updated Advice for the NHS 04 February 2008 Version 1.3.
Internet Safety Topic 2 Malware Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other dangerous software exists, such.
GCSE Computing: A451 Computer Systems & Programming Topic 3 Software System Software (2) Utility Software.
Adware and Browser Hijacker – Symptoms and Preventions /killmalware /u/2/b/ /alexwaston14/viru s-removal/ /channel/UC90JNmv0 nAvomcLim5bUmnA.
Remove [Browser Hijackers] For more information regarding [Browser Hijackers] Please Visit:
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Computer Security Keeping you and your computer safe in the digital world.
Windows Vista Configuration MCTS : Internet Explorer 7.0.
Managing Windows Security
Warm Handshake with Websites, Servers and Web Servers:
Lesson #8 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 8 Configuring Applications and Internet Explorer.
Is your computer being used against you while you sleep?
HOW DO I KEEP MY COMPUTER SAFE?
Chapter 9: Configuring Internet Explorer
Presentation transcript:

1 Spyware

ECE 4112-Internetwork Security2 Agenda Cookies Browser hijacking Bundled software Key loggers Spyware prevention and deletion

ECE 4112-Internetwork Security3 Introduction Q: What is spyware A: analysis and tracking programs that reports your activities to the advertising providers' web site for storage and analysis. These programs are generally bundled with freeware or shareware and are typically downloaded without the users knowledge. Spyware is not illegal and is often times mentioned in very confusing and convoluted language within the user agreement for the freeware/shareware that the user is attempting to download.

ECE 4112-Internetwork Security4 Spyware Threats Spyware threats come in different flavors:  malware – modifies system settings, and can perform undesirable tasks on your system  hijacker – redirects your browser to web sites  dialer – dials a service (most likely porn sites) for which you are billed  collectware – collects information about you and your surfing habits

ECE 4112-Internetwork Security5 Cookies Q: What are cookies? A: Cookies are unique identifiers placed on your computer by a web server. Cookies are passive text strings which can be no larger than 4k but are typically only between characters long

ECE 4112-Internetwork Security6 Cookies: dispelling myths Cookies cannot collect personal information about users. The only way a cookie can contain this type of information is if you tell it to a particular website and that site chooses to include it in a cookie. Cookie security is such that only the originating domain can use the contents of a cookie Cookies are not scripts, though they may be written by a script. Cookies are not executable.

ECE 4112-Internetwork Security7 Cookies: so whats the big deal? Often times the use of cookies are harmless and even helpful at times. However more often than not companies employ the use of cookies to track a user’s activity on websites. This activity is then logged and a history of a user’s surfing habits can be maintained usually in order to target specific individuals with specific advertisements.. Information about a user can be swapped and sold from company to company to achieve a very comprehensive profile of any given user.

ECE 4112-Internetwork Security8 Browser Hijacking When your web browser is hijacked, attempts to view some websites (such as common search engines or popular web directory sites) get automatically redirected to an alternative website of the hijacker's choice without your consent, frequently via a BHO (Browser Help Object). Browser Hijacking can include altering the homepage for IE, changing the default URL prefix, performing DNS spoofing, or installing monitoring software

ECE 4112-Internetwork Security9 Homepage Altering Browser Hijackers can modify the homepage which is opened every time you start Internet Explorer Homepage could be set to an advertising website – companies pay web hosts on a per-click basis for their ads The option to edit your homepage in the tools>Internet Options menu of IE can also be disabled through the registry

ECE 4112-Internetwork Security10 Homepage Altering The default homepage for Internet Explorer is stored in the registry at: “HKEY_CURRENT_USER\Software\Microsoft/Internet Explorer\Main\Start Page” Also, the option to disable editing of the homepage in the tools->Intenet Options menu is stored in the registry at: “HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\ Control Panel\Homepage”

ECE 4112-Internetwork Security11 Homepage Altering By setting “Homepage” to 1, you can no longer edit your homepage in IE Writing and reading to the registry is simple with Visual Basic Script files, which could easily be included as attachments in

ECE 4112-Internetwork Security12 Homepage Altering Example script code: Dim WSHShell, q Dim itemtype, newpage Set WSHShell = WScript.CreateObject("WScript.Shell") q = "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page" itemtype = "REG_SZ" newpage = “ WSHShell.RegWrite q, newpage, itemtype

ECE 4112-Internetwork Security13 URL Prefix Attack When you type in an website address in a browser that includes “www”, the prefix “ is automatically appended to the front This prefix value is not permanent, and it too can be edited in the registry at: “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes\” As before, a hacker could redirect you in an attempt to force you to use their search engine or go through their gateway to monitor your usage of the Internet. They may also receive money on a per-click basis from another company every time a certain link is visited.

ECE 4112-Internetwork Security14 Host Hijack (DNS Spoofing) As we examined in an earlier lab, it is possible to edit the file: C:/WINDOWS/system32/drivers/etc/hosts to bypass requests to a DNS server, and instead resolve hostnames to IP address specified in the file

ECE 4112-Internetwork Security15 Recovering From BH Attacks There are many applications available to help remove the effects of browser hijacking attacks One excellent tool for this matter is hijackthis, available at Hijackthis will provide a list of all the registry entries and files a BH could attack, including the homepage registry entry and the hosts file

ECE 4112-Internetwork Security16 Preventing BH Attacks To help prevent Browser Hijacking attacks, an application called BHBlaster is available which will monitor changes to registry files and host files and alert the user when something is attempting to alter these values

ECE 4112-Internetwork Security17 Bundled Software Today, there are a large number of programs used to share files over the Internet. The most popular of these are peer to peer programs which are anonymous to use and free to download However, these programs are notorious for their reputation of having bundled 3rd party software which is installed when the main program is installed, often without the user’s knowledge

ECE 4112-Internetwork Security18 Bundled Software In the lab, you will install an old version of a peer-to-peer client and examine what spyware programs are installed along with the client These spyware programs may include pop- up ad generators, browser add-ons such as search toolbars, and software to monitor your usage statistics and report them to a 3 rd party company

ECE 4112-Internetwork Security19 Key Loggers Q: What are key loggers? A: A key logger is a program that runs in the background recording all keystrokes. Though many key loggers can be seen in the running process list good key loggers will change their names in the process list to something inconspicuous. Even better key loggers can make themselves totally invisible from the process list.

ECE 4112-Internetwork Security20 Key Loggers Q: Why are key loggers so easy to find? A:Key loggers are not only used maliciously. There are many other uses for key loggers such as: Making sure children are using the internet appropriately and safely Ensuring that employees are not misusing company computers Safeguarding against lost information in the event of a power outage or other unforeseen circumstances.

ECE 4112-Internetwork Security21 Spyware Prevention and Deletion In recent years, there has been a dramatic increase in the number of anti-spyware applications available. Of course, the best way to protect your computer from spyware is to carefully examine license agreements when you install free software and be cautious of what websites you visit on the Internet

ECE 4112-Internetwork Security22 Spyware Prevention and Deletion Some of the best (and free) anti-spyware programs available include: AdAware Spybot – Search and Destroy Microsoft AntiSpyware

ECE 4112-Internetwork Security23 Spyware Prevention and Deletion AdAware was one of the first applications designed to remove spyware. It performs very thorough searches and is very simple to use. However, it does not provide real-time protection (in the free version). Spybot – Search and Destroy not only implements all the features of AdAware, but it also has real-time protection. It’s updating software to download the latest spyware signatures, however, is a little lacking.

ECE 4112-Internetwork Security24 Spyware Prevention and Deletion Microsoft’s AntiSpyware is an excellent application which runs smoothly in the background in Windows. When spyware threats are detected, a window pops up prompting the user as to what action to take. The main weakness of this application is that it is still in beta testing.

ECE 4112-Internetwork Security25 Sources

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.