! Welcome !

1. Stealth mode
2. Malware characteristics
3. Classofying intruders
4. Unexpected intruders
5. Malware motivation

WHAT MALWARE CAN DO AND ITS WARNING SIGNS:

1. Interferes with user experiance
2. Degrades computer and browser performance
3. monitors user and performance
4. Invades privacy
5. Generates pop-ups
6. Hijacks broswer home page
7. Adds new browser toolbar
8. Redirects browser
9. Adds unfamiliar website to favourites
10. Changes configurations
11. Changes directories and or system files
12. Generates unexpected messages
13. Causes expensive phone bills
14. Causes modem to become busy unexpectedly
15. Deactivates anti-malware software
16. Changes equiptment behavior
17. Resists removal
18. Causes memory or disk space problems
19. Attacks websites
20. Acts silently and provides no clues

MALWARE INSTALLATION

1. Active X controls
2. Acceptng an EULA (end user licence agreement)
3. Web browsing
4. Downloading
5. Hacking
6. Bundling
7. Peer to Peer file sharing
8. Pop-up-ads
9. Email or attachment
10. Deception
11. Other methods like clicking hyperlinks,IM chat services, etc,

SPYWARE

Spyware is a specific type of malware, its a covert software program which scans or monitors activities on a computer or system, online or offline doesnt matter It transmits the gathered information to other computers or locations on the internet. This informtion is usually collected and sent to third-parties, often with malicious intent, without the user even knowing, spyware can also make changes to the users computer on wich it is installed. Among the different types of malware there are spyware is one of the worst.

WHAT SPYWARE CAN DO!

Spyware can collect information and send it to the attacker (all the above apply to Spyware) this can be a major problem if you use internet banking at the worse case, then can do as little as tracking cookies, mostly the actions of Spyware programs are just simply annoying like degrading the performance of the users computer by effecting the pc speed. You can check the danger or risk of a Spyware program if detected on your pc at these websites

Symantec     Spywareguide

Not all Spyware is bad though to some they Spyware can be very useful Example: a users online activitie scan be monitored and used to target ads or steer the user to websites that can provide goods or service the the user wishes to see or can benifit from in some way. May i add that once permission is granted, covert software cannot be called Spyware!

HOW IS SPYWARE INSTALLED

There are so many ways that Spyware can be installed onto a machine most will work in stealth mode. The most common way is via an internet connection with so many computers conected to the internet its an easy threat for infection. As stated in the previous section Spyware can be installed through viruses, worms, adware, Trojan horse programs, Keyloggers, and obviously websites, some tricks to install spyware could be :

1. Hideing inside another program: The Spyware hides inside another program. For example, when a P2P program is installed the hidden program, typically Spyware or Adware is also installed.
2. Useing confuseing legal jargon : The EULA is written in such a way so that the user just get so confused or simply its just so long and boreing it seems like useless information and users skip section or just agrees it, which gives the vendor enough leeway to install the Spyware legally.
3. Being persistent and annoying  : When your surfing the web you might get a window pop-up (pop_ups) which when you click the decline button it just keeps poping up and doesnt go away so eventually some users will just accept it through frustration.
4. Offering free scanning              : Some website offer a free scan, after the scan is complete they show a number of results showing something has been found, in some cases the results show cookies which are not Spyware, so the user is scared into buying the other half of the program the removal tool !

LEADING ANTI-SPYWARE TOOLS

• Spy Sweeper                                                                               Spy Sweeper
• Spyware Doctor                                                                           Spyware Doctor
• Ad-Aware SE Personal (The one i use very good)                            Ad-Aware
• ewido anti-spyware (AVG anti-spyware)                                         ewido
• Pest Patrol                                                                                   PestPatrol
• SUPERAntiSpyware                                                                       SUPERAntispyware
• Windows Defender                                                                        Windows Defender
• StopZilla                                                                                      StopZilla

Most of the Anti-Spyware above do a free version , Personally i use Utorrent to get the full version FREE FREE being the importance word there .

SPAM - PHISHING - IM's

1. Click the start button
2. Open run
3. Type "regedit"
4. Click ok

This will bring up the registry editor, within the registry editor you need to go to :

HKEY_CURRENT_USER\Software\Yahoo\pager\profiles\YOUR ID WILL BE HERE\Custom Msgs

There you will see your messages in the right hand pane, just delete as you please, if you wish to delete all custom messages then just delete the whole reg key, it will re-new when a new custom message is typed in YM.

1. The Main Access Password: This password gives the client full access to all files and folders.
2. Specific File Or Folder Password: Speaks for its self.

The most common methods of authentication used by web sites is either CGI-based or JavaScript-based. Another type of Authentication that is popular is HTTP Basic authentication. Basically password protected web sites, which pop-up a dialog box with the following text:

• Username and Password Required
• Enter Username and Password for xxxx here
• Username  :
• Password   :

Cracking The HTTP Basic Authentication Passwords :

This changes from server to server slightly, also it depends on how the administrator has set up the service :

1. First of all find out if the server is actually running HTTP Basic authentication service, to do this just enter a wrong password; if you get a 401 Error message you can be sure its running HTTP Basic authentication. To hack the HTTP Passwords, you need to get the sniffer logs, which would contain what a request would look like if you were able to request the page. It would be something like the following:

GET /pagehere HTTP/1.1

Authorization: Basic rTyna2yrqw2ADGHsghis==

• The text after the Basic is the password altho it looks encrypted its not, its just Base 64 encoding. You can easily decode it in perl useing the MIME::Base 64 module. The code would be as follows:

use MIME: :Base64;

print decode_base64("rTyna2yrqw2ADGHsghis==");

• You can get the MIME::Base64 module from HERE . After it has been decoded you will something like name.name:passwordhere. The first two are the username and the last is the passwordin plain text.

1. Do not use words from a dictionary, this will prevent you from dictionary attacks.
2. Do not leave it blank or use your username or part of it.
3. Do not use you name followed by your birthdate, or anything someone can find on a profile page.
4. Do not repeat your password.
5. Do not use the same password at multiple places.

And some basic things to do :

1. Make your password a combination of numbers, letters & special characters, try to use both lowercase & uppercase.
2. You should change your password regularly.
3. Try to random your password, but not so much you forget it.

Theres a few programs out there which are good for storeing passwords Click Here  for a good one.