Technology Reading: March 2011

Brain Virus

written by Basit and Amjad (Alvi brothers) in 1986 of Lahore, Pakistan
first malware which is relatively harmless and capable of infecting a DOS-based PC
embedded their real names and business address in the code
wrote the virus to protect their medical software from piracy

Malware

useful tool of bad guys used to steal information
production and online sale of “kits” that allow relatively unskilled hackers to create and launch malware attacks
facilitate concerted and widespread attacks on networked computers
composed of prewritten malicious code for exploiting vulnerabilities along with various tools to customize, deploy, and automate widespread attacks
selling on the Web from $40 or $50 to about $4000
even offer online support, subscription services and updated versions
offering to help install and set up purchased attack kits for a fee

7 reasons to concern

easier for unsophisticated hackers to launch an attack
simplicity and effectiveness of the attack kits likes ZeuS designed primarily to steal financial details
cyber criminals spending money to buy those attack kits believe in a return on investment
newest and most potent versions of the malware means users will be hit even harder.
exploits for vulnerabilities that encompass multiple applications and technologies
can attack multiple platforms
anti-virus and other types of protection might not recognize them, but many are known

Brain Virus

written by Basit and Amjad (Alvi brothers) in 1986 of Lahore, Pakistan

first malware which is relatively harmless and capable of infecting a DOS-based PC

embedded their real names and business address in the code

wrote the virus to protect their medical software from piracy

Malware

useful tool of bad guys used to steal information

production and online sale of “kits” that allow relatively unskilled hackers to create and launch malware attacks

facilitate concerted and widespread attacks on networked computers

composed of prewritten malicious code for exploiting vulnerabilities along with various tools to customize, deploy, and automate widespread attacks

selling on the Web from $40 or $50 to about $4000

even offer online support, subscription services and updateds versions

offering to help install and set up purchased attack kits for a fee

Six reasons to concern

easier for unsophisticated hackers to launch an attack

PacketFence

http://www.packetfence.org
open source Network Access Control (NAC) system for wired and wireless
integrates with the Snort intrusion detection system and the Nessus vulnerability scanner

SmoothWall

http://www.smoothwall.org
a firewall in hardened GNU/Linux OS with Web management interface
has iso image for Intel and AMD processors and installation can be updated online
has a standard set of firewall features and does QoS, traffic stats, Web proxying and real-time graphs
offers commercial support for the product and sells appliances

ModSecurity

http://www.modsecurity.org
open source Web application firewall (WAF) project as a module for the Apache HTTP server
features its own scripting, HTTP traffic monitoring, logging and real-time analysis, attack prevention and a rules engine

Untangle

http://www.untangle.com
multi-purpose security gateway in Linux image and runon dedicated hardware or virtual machines
supports free and paid security applications likes web Filter, anti-virus, spam prevention, advertising and phishing blocking, anti-spyware, firewall and tools for reporting and VPNs

TrueCrypt

http://www.truecrypt.org
can encrypt an entire partition or storage device, including USB flash drives or regular hard drives.
encryption is in real-time and should be transparent to the user
supports hardware-accelerated encryption on modern processors
run on Windows, Mac OS X and Linux

SmoothWall

ModSecurity

SmoothWalModSecuritySss

Technology Reading