Trojan Horse Worms And Other Viruses Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

A Trojan horse is a malicious program inserted into a system by a hacker that disguised as a normal application. It is usually not self-replicating but it can be replicated as attachment to a virus. It is difficult to detect and remove a Trojan program.

A Trojan horse appears to be something useful. Therefore users willingly run the software and don't even know it is causing problems on their systems but it contains some types of malware and so it is designed to cause harm or disruption to a computer system or perform activities on a computer without the consent of the computer's owners.

A Trojan horses contains malicious code that when triggered cause loss or even theft of data. For a Trojan horse to spread, we must invite these programs onto our computers. For example, by opening an email attachment or downloading and running a file from the Internet. Trojan.Vundo is an example of Trojan horse.

What is a computer worm?

A computer worm is a program which can replicate itself from system to system without the use of a host file. It doesn't attach itself to another program. It is a self-contained program. A worm can do its work without any help and it uses network services such as e-mail to spread to other systems. Some insidious actions a worm can perpetrate include using large amounts of network bandwidth, deleting files, sending e-mails and creating backdoors into computers.

Worms are part of a broader category of malware. They are now very common because of the internet and widespread network connectivity. W32.Mydoom.AX@mm is an example of a worm.

What is a computer virus?

A computer virus is a small program. It is written to alter the way a computer operates, without the permission or knowledge of the user. A virus can infect desktop computers and network servers alike. A virus can create problems for computer users.

A virus can meet two criteria:

It can execute itself and often places its own code in the path of execution of another program.

It can replicate itself. For example, it can replace other executable files with a copy of the virus infected file.

Some viruses are programmed to damage the computer by damaging programs, deleting files, or reformatting the hard disk while others are not designed to do any damage, but simply to replicate themselves and make their presence known by presenting texts, videos, and audio messages.

Viruses typically take up computer memory used by legitimate programs.

As a result, viruses can often cause erratic behavior and can result in system crashes. In addition, many viruses are bug-ridden. The bugs may lead to system crashes and data loss.

There are five recognized types of viruses. They are

File infector viruses

Boot sector viruses

Master boot record viruses

Multipartite viruses (also known as polypartite viruses )

Macro viruses

Major network security issues are followings;

Protecting networks with firewall

Using a router as a firewall

Using Instrusion Detection Systems (IDS)

Using network address translation to improve security

Protecting a network from worms, viruses and Rootkits

Protecting a network from Spyware and Spam

Implementing wireless security

Task 3.2

A Network Security Policy will reflect the attitude of our organization. It will be a document. It will describe the rules governing access to a company's information resources, the enforcement of those rules, and the steps taken if rules are breached. It will describe not only who can have access to which resources, but also the permissible use of those resources after they are accessed.

A Network Security Policy will also protect the organization legally. If no policy exists, disciplining or prosecuting people who misuse or intrude on the network will be more difficult and then it will help network users in our organization to concentrate on the tasks they want to accomplish rather than how to get to data they need to perform those tasks.

Therefore, there should be a Nework Security Policy in place in all the networked companies.

Elements of a Nework Security Policy are followings;

Privacy policy

Privacy policy describes what staff, customers, and business partners can expect for monitoring and reporting network use.

Acceptable use of policy

Acceptable use of policy explains for what purposes network resources can be used.

Authentication policy

Authentication policy describes how users identify themselves to gain access to network resources. Logon names, password conventions, and authentication methods should be described.

Internet use policy

Internet use policy explains what constitutes proper or improper use of Internet resources.

Access policy

Access policy specifies how and when users are allowed to access network resources. Policies should exist for both on-site and remote access to the network.

Auditing policy

Auditing policy explains the manner in which security compliance or violations can be verified and the consequences for violations.

Data protection

Data protection outlines the policies for backup procedures, virus protection, and disaster recovery.

Task 2

Task 2.1: A brief overview of VPN technologies ( both hardware and software )

What are VPNs?

VPNs mean virtual private networks which are temporary or permanent connections across a public network such as the Internet instead of leased lines to communicate. VPNs use encryption technology to transmit and receive data. Although VPNs are transmitted across a public network, they are meant to make packets secure. They provide the private connection between sender and receiver. VPNs became more popular as more employees worked in remote locations.

A tunnel in a typical VPN connection carries data securely from the VPN client to the VPN server through the Internet. Therefore a direct point to point connection exists between client and server. The tunnel is really a special encapsulation of the IP protocol.

VPN servers can be configured on network OSs as Windows Server 2003 and Linux. VPN servers can also be in the form of a dedicated device with the aim of handling VPN connection or as a software add-on solution to some routers. VPNs servers must have at least two network interfaces. They are one for the internal or company network and another which connects to the external or public network.

There are Four Categories of VPN;

Trusted VPN

Secure VPN

Hybrid VPN

Provider-provisioned VPN

VPN Topology: Three types of VPN are

Remote access VPN

Intranet VPN and

Extranet VPN

VPN in a Windows Environment

Windows OSs support Point to Point Tunneling Protocol (PPTP), a special TCP/IP protocol. With PPTP, users running Windows OSs can dial up Windows servers when they are running Routing and Remote Access Service (RRAS). This supports the equivalent of a private encrypted dial up session across the Internet. A VPN could be settled permanently across the Internet by leasing dedicated lines to an ISP at each end of a two-way link and maintain ongoing PPTP-based communications across that dedicated link.

Windows support a more secure VPN protocol called Layer 2 Tunneling Protocol (L2TP) starting from Windows 2000. Working in tandem with IPSec, Windows OSs can use PPTP or L2TP to create safe, secure VPN connections through a private carrier or across the Internet. L2TP supports advanced authentication and encryption technologies but it requires Windows machines on both sides of any remote connections.

VPN in Other OS Environments

In addition to Windows OSs, Linux OSs also support both VPN client and VPN server applications. VPNs Linux implementations typically use PPTP or IPSec and now an L2TP implementation is available. One of the most popular VPN solutions for Linux is OpenSwan that is a free downloadable package. OpenSwan uses IPSec as the encryption protocol. It is becoming the default in many Linux versions including Fedora Core 4. The Linux OpenSwan package can be discovered at www.openswan.org and documentation is included in the downloadable software.

VPN server connections to corporate networks for VPN clients are provided by Novell Net Ware along with BorderManager, the Novell firewall. To create a VPN WAN, corporate LANs can be tied together over VPN connections through the Internet.

Mac OS 9 and later supports VPN client connections to Windows servers and they use PPTP or IPSec. Mac OS X Server has a VPN server service and it allows Mac OS X, Windows, and UNIX/Linux clients to connect to a corporate LAN through the Mac OS X VPN server, using PPTP or L2TP.

One way to provide VPN services to connect remote sites is to use routers with VPN capability to create a router-to-router VPN connection. This VPN connection uses the Internet to connect remote sites with corporate headquarters or to connect corporate partners to form an extranet. In this arrangement, the VPN software resides on the router rather than on client systems and it is much less expensive than using leased or dedicated lines to connect remote networks.

Advantages and Disadvantages of VPN

Advantages

Greater scalability

Easy to add/remove users

Reduced long-distance telecommunications costs

Mobility

Security

Disadvantages

Lack of standards

Understanding of security issues

Unpredictable Internet traffic

Difficult to accommodate products from different vendors

VPN Benefits

Extends geographic connectivity

Boosts employee productivity

Improves Internet security

Scales easily

Costs associated with implementing VPN

In house implementation

Outsourced implementation

Middle Ground implementation

Two models available for Quality of Services functionality

Differentiated service model

Integrated service model

Task 2.5; A section of report on the responsibilities and level of service required from ISP in order to implement a successful VPN within the company

Responsibilities of ISP

To provide Quality, Reliability, and A Comprehensive Portfolio of Services

To support the customers among dialup or ADSL broadband access

To provide business customers with a choice of leased lines, Web hosting, collocation, dedicated servers, and application development services

To provide the 24-hour technical support to all customers.

Level of Services

Setting out to gain the ability to manage and optimize differentiated levels of service, EUnet defined its project goals to include:

Task1

Task1.1

Comparative Networking Features of Windows and Linux

Networking Features

Window Operation Systems

Linux Operation Systems

Internet Connection Firewall (ICF)

Used to protect computers and home networks connection.

This is a software-based firewall. It is enabled automatically when the Network Setup Wizard (below) is run.

Setting up firewall with default settings that will work for most networks.

The firewall can also be enabled or disabled manually through the Network Connections folder.

Paranoid

Lock everything down.

Only allow outgoing connections.

High

Allow outgoing connections.

Allow certain incoming high ports for point to point applications.

Medium

Allow outgoing connections.

Allow incoming ports for selected applications.

Allow incoming ports for point to point applications.

None

"Get out of my face" mode.

Laptop mode

Firewall starts without binding to an interface.

Wireless LAN Enhancements

Increase Ethernet and Wireless Security (IEEE 802.1X Support). Previously wireless LAN networking lacked an easy to efficiently use security solution with a key management system Microsoft and several Wireless LAN and PC vendors worked with the IEEE to precisely define IEEE 802.1X, a standard for port-based network access control. This is applicable to either Ethernet or Wireless LANs. Microsoft implemented IEEE 802.1X support in Windows XP and worked with wireless LAN vendors to support the standard in their access points.

Network Setup Wizard

Is to ease the task of setting up user's network. This wizard allows user to configure the Internet connection the computers on user's network will use. It enables the Internet Connection Firewall. It configures the network adapters on user's computer and enables the Network Bridge if appropriate, share files and printers and name user's computers.

Network Diagnostics Features

The Network Diagnostics Web Page and NetSh helper

Network Connections Support Tab

Network Connection Repair Link

Task Manager Networking Tab

Updated Command Line Network Diagnostics Tool

Internet Connection Sharing (ICS) Enhancements

Is to enable sharing of a single Internet connection among all of the computers on a home or small business network. The computer connected to the Internet would have ICS enabled and it would provide addressing and network address translation services for all of the computers on the network.

Task1.2: Interoperability features of Ubuntu with Microsoft Windows Workstation

Many programs are written for the Windows API. They depend on an implementation of that API. Source compatibility of Windows with some of UNIX programs is carried out by way of POSIX subsystem (Windows NT and 2000), or Subsystem for UNIX application (formerly Interix) (2000, XP, 2003, Vista). Linux is a UNIX-like OS, and can run programs that are written for UNIX programming standards. Few programs, however, are written for various frameworks specific to Linux and those usually with a Window port. KOffice runs on Linux and some versions of UNIX and offers limited Microsoft Office compatibility and OpenOffice.org (www.openoffice.org), an open-source office application, runs on both Windows and Linux. It is available as a free download consisting of a word processor, a spreadsheet program, presentation software, a database program, and a drawing and diagramming application. If an organization is sold on Linux because of its open-source licensing and improved security over some competitors, there are solutions for running Windows applications in Linux. Windows Emulation (WINE) allows some Windows programs to run on Linux but sometimes with some glitches. In some organizations, versions of their products work on both Windows and Linux. The installation is that there is an interpreter layer and the actual program binary files and then the interpreter layer runs on the-fly to deliver the appropriate program experience to whichever OS is running. Therefore, software can be created independent of the OS by using this method but the interpreter layer needs to be configured for the platform. VMware is a virtualization program. It allows one computer to run two or more OSs simultaneously. VMware software permits an entire Windows OS along with applications to run on a Linux desktop. Therefore, user still needs the Windows OS license by using VMware. Many Microsoft libraries have not been ported to other OSs but many Microsoft's frameworks can be replaced by counterparts in other OSs. GNU toolchain has been ported on Windows, GTK, Qt and many other libraries and many projects already have windows builds. Software which is written in cross platform language and frameworks are usually easily ported.

Finally Linux has come a long way. But its suitability for the desktop depends on the expertise of the computer and network technician and the compatibility of applications the organization needs to run.

Task-2.2: Design of a suitable VPN within the Bank

Fig 2.2.1 Design of a suitable VPN within the Bank

Task -2.3

The followings are the requirements to create the Bank's VPN

Hardware

Servers-

Processor E 7500Core 2 Duo 2.93 GHz

Main Board MSI P43-C51(Intel P43,Sound+GbLAN)

Hard Disk Seagate 250GB SATA2 7200rpm with Fan

RAM Kingston 2GB DDR3 1333 MHz

Graphic Card ASUS 1 GB 9500GT

Monitor Acer X233H 23" Wide LCD

ROM Drive ASUS 22x SATA DVD Writer

Keyboard Gaming Multimedia Keyboard

Mouse UTOPIA AMU-100 Optical Mouse

Casing ORLANDO Casing (OLDL-604VA)

Network Card NIC

Workstations-Clients

Processor E5300 Pentium Dual-Core 2.6 GHz

Main Board ASUS P5P41D(Intel G41, Sound+GbLAN)

Hard Disk Seagate 250 GB SATA2 7200 rpm with Fan

RAM Kingston 1GB DDR 2 800MHz

Graphic Card Intel GMA X3100

Monitor Samsung P2050 20" Wide LCD

ROM Drive Pioneer 22x SATA DVD Writer

Key Board, Mouse PS2

Network Card NIC

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.