Protecting From Malware And Network Intruders Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Now days with the advancements in technology there are a lot more threats to computers than there were ever before. Each day there are breaches of security by system intruders, viruses, worms, phishers, and adware. . These malicious attacks may damage a computer's boot sector, system BIOS, software and data files, cause disruption of internet traffic, create back door to allow unauthorized access to a personal computer, and steal confidential information from users. So what measures can be taken to stop this from happening?

Malware including computer viruses, worms, and Trojan horses are spread via email, instant messages and file sharing. Computer viruses need a host program to run whereas computer worms are self contained and replicate automatically. Trojan horses usually do not replicate, they are downloaded and run by the computer users pretending to be some innocent programs, such as free games or free screensavers.

Computer intruders are computer users who gain unauthorized access to a computer. They look for unprotected network or enter a system via a back door installed by other malware.

Spyware are usually downloaded from web sites, email messages, instant messages or file sharing network. Sometimes, spyware are installed with some legitimate programs when a user accept the End User License Agreement.

Phishing is an emerging form of malicious attack. Phishers send out spam messages pretending to be legitimate companies such as banks, financial institutes, PayPal. They would use scare tactic to urge users to update the personal information on phish sites which look remarkably similar to the legitimate company sites. If a user logs on, the phishers will steal that person's id and password.

Defence against Intruders:

According to Wikipedia:

"In common usage, a hacker is a person who breaks into computers, usually by gaining access to administrative controls. The subculture that has evolved around hackers is often referred to as the computer underground. Proponents claim to be motivated by artistic and political ends, and are often unconcerned about the use of illegal means to achieve them.

Other uses of the word hacker exist that are not related to computer security (computer programmer and home computer hobbyists), but these are rarely used by the mainstream media. Some would argue that the people that are now considered hackers are not hackers, as before the media described the person who breaks into computers as a hacker there was a hacker community. This community was a community of people who had a large interest in computer programming, often creating open source software. These people now refer to the cyber-criminal hackers as "crackers"."

How do we deal with these system and network intruders?

Protecting from Virtual Thieves at home:

With all the new technology and all the large number of people who know how to benefit from their shortcomings out there, it's important to keep ourselves secure. This may not be always possible but some of the following basic precautions can be taken to protect ourselves:

Change the default administrator password and username of the wireless network on setup.

Changing the default settings helps protect the computer because normally the tech savvy thieves are well aware of the default settings of the devices.

Change the default service set identifier (SSID) and Disable the SSID broadcast

Change the default service identifier so that intruders can not become aware of it. Even tough knowing it may not directly lead them to steal data off the computer it can serve as a jumping point for further data stealing.

Also, SSID broadcast should be disabled so that networks are not available for intruders to intrude into and may not come in their notice.

Don't connect automatically to open wireless networks

This is important because some of these networks aren't safe and intruders can monitor data exchange on these networks meaning that important data may be lost to them.

Smartly locate the physical wireless router:

Wireless routers sometimes have a tendency to leak outside the house meaning that they are available for others to view and enter into. Its always wise to locate the wireless router somewhere towards the center of the house so that its leakage outside the house remains minimal.

These are just five strategies for protecting the home network from intrusion. They mainly consist of what we can do physically to stop any attacks. However, this may not be enough. So now I will highlight some of the other options that a user may consider to protect their computer.

Consider a firewall:

Today even the safest computers face the threat of intruders. Therefore anyone connected to the Internet should consider using a firewall. This is a special hardware device or piece of software that checks all incoming traffic for signs of nefarious intent.

Software vendors are constantly finding security weaknesses in their products. They constantly look for ways in which an intruder to exploit a weakness of their software. As a result, vendors quickly work to release patches that will fix shortcomings, but these patches can't do any good until users install them. Thus, users should always keep their firewall softwares up-to-date.

It is also important to regularly update the operating system and Internet-related software, including Web browsers. A more efficient solution is to use Windows Update, which is part of Windows 98, to keep system files and device drivers current.

Windows Networking:

An area where Windows really leaves a computer in jeopardy is in the default installation of Windows Networking. Microsoft includes networking capabilities as a regular feature of the operating system, rather than as an option that users must choose. Therefore, Windows file sharing is usually left active.

That means someone from the Internet may now have permission to share the files and devices, making the computer open to invasion.

One solution to the problem is to remove the Microsoft networking client from the PC. To do this, right-click Network Neighborhood, select Properties, click the Configuration tab, highlight Client For Microsoft Networks, and then click the Remove button

If the user has a home network, or if he/she uses a notebook computer that must connect to a network at the office, they'll need to review what network adapters (such as dial- up adapters or network cards) are installed on the computer and what protocols these adapters use. Such protocols include Transmission Control Protocol/Internet Protocol (TCP/IP), NetBIOS extended user interface (NetBEUI, Microsoft's networking protocol), and Internetwork Packet Exchange (IPX, a Novell networking protocol). Again, right-click Network Neighborhood, click Properties, and select the Configuration tab. Adapters have little printed circuit card icons next to them; protocols are next to icons that look like plugs on wires.

Delete all TCP/IP protocols, except for those that say they are for the adapters being used to get on the Internet. Next, delete all other protocols for those same adapters that get the computer onto the Internet. Now, highlight each adapter being used to connect to the Internet and click the Properties button. Select the Bindings tab and be sure that only TCP/IP is checked, and then click OK. Similarly, highlight each adapter not used for the Internet, click the Properties button, and select the Bindings tab. For these adapters, though, uncheck TCP/IP.

More Precautions:

Beyond that, users can go to various websites that contain tools that examine the vulnerability of a PC to attack from Internet intruders. An example of such a site is: Gibson Research Web site (

Another step that can be taken is to password-protect the computer. It should not be easy-to-remember because there are programs that hackers can use to decipher passwords. This means don't use any word in an English dictionary or names of people. Use a combination of letters, numbers, or symbols.

In A Corporation:

In a corporation, systems administrators typically have access to any computer connected to the network, and it's actually the company's legal right to monitor what is on one of its computers.

However sometimes it may be important to protect the data for the people monitoring the network.

It isn't possible to lock a system or network administrator out of a PC. So, that leaves the option of locking others out of a particular file. One way to do this is to keep the file on removable media, such as a diskette or a Zip disk. This is also protection against someone deleting the file.

Another tool in the security kit is encryption. It is easy to find products that will encrypt files. One that security expert Colin Bartram of Vector Networks suggests is CryptoGram from SpartaCom. However encryption has its drawbacks as sometimes encryption of word files etc can be very easily broken.

Protecting against malware:

Malware is a group term for anything malicious that can run on the computer, such as viruses, spyware, adware, trojan horses, and rootkits.

Virus: Anything that copies and duplicates itself on a hard drive.

Spyware: A program that spies on users and potentially sends information from the hard drive to remote locations.

Adware: Software that shows advertisements.

Trojan Horse: A malicious program that acts as something else to gain access to the computer.

Rootkit: Hides services at the kernel level to avoid detection.

In broader terms, malware is anything that connects to the Internet without the knowledge and approval or that displays something unintentional.

So how are users to protect against malware?

Download Windows Updates:

Downloading Windows Updates is the most important step a computer user can perform. Downloading Windows Updates not only keeps the user's copy of Windows current, but it also contains needed fixes for possible vulnerabilities

Install Anti-virus software

Anti-virus software is an absolutely must. Not running anti-virus software leaves users open to viruses, which may lead to more malware invading the system.

Make sure that users install only one anti-virus software. Doing otherwise will cause severe system instability and the possibility of having to reinstall the operating system.

Install Anti-malware Software

Anti-malware software is a must. Anti-virus software is a good first step, but most malware is not viruses. Without an effective anti-malware application users leave the computer susceptible to other various critters floating around the net, such as:

Spyware: A program that tracks what users do on the computer and the web - and does things without the knowledge on the computer and the web, sometimes with the personal information.

Adware: Software that plays advertisements on the computer.

Trojan Horse: An application that says it will do one thing, but actually does something very different.

Rootkit: Hides things that are installed on the system, and conceals activities of other applications on the system, allowing those applications to do things without the knowledge.

Users can install more than one Anti-malware application. Please be aware, however, that if users have too many Anti-malware applications it may slow down the computer.

Install Firewall Software

A firewall is a very important piece of software. Firewalls keep the computer hidden from potential attackers.

Please make sure that users only install one firewall, otherwise users will cause severe system instability and may have to reinstall the operating system. If users are currently using another program's firewall, make sure to uninstall it before using either of these programs.

Avoiding Malicious Websites

The best way to protect the computer from malware is to avoid malicious websites. Unfortunately, it isn't always easy to see the difference between a legitimate site and a malicious one.

Using McAfee SiteAdvisor

McAfee SiteAdvisor is a useful Mozilla Firefox extension and Internet Explorer add-on that uses a database of sites to analyze web pages and determine whether the page is safe to visit. It does not however, prevent users from going to the website if users choose to ignore a warning. To interpret what McAfee SiteAdvisor is telling users look at its logo (either in the toolbar or down by the clock) and check if it's:

Red: Sites that users want to avoid. These sites most likely contain malware or have some other type of scam. Avoid at all costs!

Yellow: Sites that users may want to avoid. It is up to users whether users want to stay on this site or not.

Grey: Sites that have not yet been analyzed. These are sites that could be good or bad; use the best judgment.

Green: Sites that are okay to visit. These sites have absolutely no malicious intent.

Download Security Patches:

Download security patches for the application programs and browser programs. Some programs are vulnerable to malicious attack and the patches can fix these vulnerabilities.

P2P File Sharing

Peer-to-peer file transfer clients such as Gnutella, BitTorrent, Kazaa, LimeWire and others are very popular nowadays as they are an easy means of sharing music and video files with otherp people with similar interests. Unfortunately, they can also share sensitive corporate and personal data with intruders with the use of viruses. Recent studies of P2P file sharing have demonstrated how easy it is for programs being used for media sharing to gain access to top secret information. According to network "In Dartmouth University's Tuck School of Business study of P2P file sharing at America's top thirty banks, P2P file sharing searches for text in song or video filenames found matching information of all types, including company names, addresses and much more. A study by security firm Tiversa found over 200 classified documents in just a couple of hours of searching with P2P client LimeWire."

That brings us to ask why P2P file sharing is so dangerous. The website continues to describe it as: "Depending on the client, P2P file sharing is usually keyed to file types, not folders. Consequently, a music or video file in the same folder as confidential information can expose the entire folder's contents to a P2P search. What's worse is that some P2P clients make it easy to share an entire drive rather than just specified folders. P2P clients pop up everywhere, including corporate PCs, as well as the children's PCs or other home PCs.

To stop the threat of P2P file sharing at work, corporations should configure security to block P2P clients. If users are telecommuting, use file encryption on work folders and make sure users never, ever set up a P2P client to monitor work folders. Stay on top of the P2P game with resources such as a P2P and file-sharing resources search at TechRepublic."

Be careful with email attachment:

Do not open unexpected email attachment even if it comes from people in the address book. An internet security program can protect the computer by scanning the attachment before users open it or save it to the computer.

To sum up, malicious attacks come in various forms and they spread and attack the computer in different ways. However, there are software tools available to help users fend off these attacks. If users practice all of the above, users can reduce the chance of malicious attack substantially.