IRC – Stay Safe Online

August 1st, 2013 by spyadmin No comments »


Stay Safe Online:

IRC stands for Internet Relay Chat. It is a form of multi-user text messaging via the Internet through programs called ‘clients’. These clients connect to the servers that are part of a network. Once connected to a server on a network, the user can access various ‘channels’, which are forums for group discussions.

Jarkko Oikarinen developed the IRC in August 1988. Since then, thousands of users are using it to interact online. Each user uses a ‘nick’ or nickname to chat online. Channels usually begin with‘#’.

Thus, a channel name might be #channel. Channels might be made for general discussion or discussion on certain specific topics. The channel operators or ‘ops’ moderate them. Additionally, there might be ‘voices’ within a channel. These are users with the privilege of deciding, who can speak and who cannot within that channel.

Finally, IRC also allows private discussions between two users through a private channel only visible to the two.

Security:

It is important to remember that the use of IRC can compromise the security of one’s computer. For this reason, it is imperative for you to set up a host of security measures. In addition, file sharing online should be dealt with caution.

  • Trojans and viruses install themselves through downloaded files. If you receive a file, make sure that you know what the file contains and is sent form a trustable and known sender.
  • Equip yourself with a virus scanner and keep it updated. An outdated scanner will be no good against any new infections.
  • Install a firewall. This added security measure works only if your computer itself is secure.
  • Whatever operating system you use, update it with the security patches your system vendor provides.
  • Do not run a new script unless you know what every line of the script stands for.

Another kind of attack could be a Denial of Service (DoS) attack. These attacks are usually not personal, but are large-scale attacks. They twist the limitations of networking services to disconnect the user from their IRC server or Internet Service Provider.

  • Use a proxy-server to hide your actual IP address. This way, any viruses sent to your visible IP address will not affect your system. This is only useful in small DoS attacks.
  • You could contact your Internet Service Provider to set up a firewall for you. This will help avert the attacks before they find their way to your system.

If you are careful while conducting interactions and transfers online, your computer automatically stays safe.

Etiquette to be Maintained While Using IRC-

Like all interactive groups, channels on IRC maintain decorum through certain norms. Not respecting these can get the user ‘kicked’ out of the channel for a fixed period of time or even permanently.

  • Do not type using all CAPS. This is considered shouting and is generally not appreciated.
  • Use proper terms. For example, do not mix up channel with chat rooms.
  • Respect the channel operators. They run the show in the channel, and getting into their bad books will only lead to trouble for you, as opposed to a good time.
  • Do not repeat yourself too many times. This can be annoying.
  • Avoid flooding the channel, that is, do not insert more than four lines of text. Powerful flooding can cause the systems of other users to crash.
  • Though a wide variety of colors are available in which you can type your text, avoid using too much of color as this could distract other users.
  • Treat other users with respect. Do not be rude or aggressive.
  • If some user is causing trouble to you, do not respond in kind. Most of these troublemakers are attention seekers, so ignore them. If that does not work, talk to the channel operator. Responding in a similar fashion as that of the troubling user will get both of you in trouble.

It is important that you recognize the norms of the chatting community in general. In addition, keeping your computer safe is very important, as IRC can expose your system to various perils lurking in the World Wide Web. As long as you maintain etiquette and take proper security measures, you can remain secure while using IRC.

What are buffer overflows

July 28th, 2013 by spyadmin No comments »


What are buffer overflows?

Buffer overflows also known as buffer overrun is a state the happens in all type of applications, it can be in an offline or an online application, from a developer perspective a buffer overflow is a bug that the developer of the application did not thought about or he or she was a bit lazy.

In its basic concept a buffer overflow is when the application is waiting for input data on a fixed size, re the buffer, and receive a buffer that is greater from the expected, re: the overflow, when that happens the application might crash and show an error message to the user, someone that know how to use this information can catch the return address of the crash and manipulate it using a ‘jump call’ to another part in the code or to an added code that he want.

Buffer overflow is a bug, the most common one is when an input contains a buffer that is longer from the variable that needs to contain the data, and this will cause an error that can be used to create an exploit to the application.

The steps to transfer this overflow to something that can be used to penetrate the application will include the following:

  1. The vulnerability – this is the area in the application that suffers for a buffer overflow.
  2. The exploit – which is the actual code that we use to run and send the overflow to the application to take it down.
  3. Shell code – Is the code we send with the exploit to take control over the returning code error after the exploit hit to manipulate the jump to our code, this can be a code to take control over the system, to reverse a command line to the system and so on.

Example of overflow in C/C++ programming language:

int main()

{

char name[80];

char password[80];

printf(“name: “);

scanf(“%s”, name);

printf(“\nPassword: “);

scanf(“%s”,password);

}

In the above buffer overflow example> if the user will input a buffer that is more than 80 characters long, as the name or the password the application will crash and an overflow will accord, a hacker can use this overflow to catch the returning address and point it to another location where it contain an exploit that he will be able to use and to gain control to the system that this application is currently running on this can be also call as a buffer overflow attack.

Most of the buffer overflow> cause due to the fact that developers not always pay attention to the input data that they receive in their application, SDK providers as a result to this and the commonly that buffer overflow attack accord hade to update their code functions with new function that are more secure and receive also a maximum size to the buffer that the function can get as an input, by that if the developer use the new functions, even if the input data is bigger than the buffer size that the developer expected, depend on the function, it can return an error that say that the buffer size is too big and/or it can copy into the buffer number of characters that only match to the size that was pass into the function and ignore all the rest of the buffer.

When a buffer overrun detected> or a buffer overflow detected in application, it is the responsible of the application author to fix it, by releasing a new version of the application or a release of a new patch that fix the overflow in the code. Today software development companies use automation and manuals tools to detect if their application might contains location that may be hacked using a buffer overflow techniques, the tool can check the source code itself and also run a set of checks against the compiles application, re: the exe.

What is buffer overflow attack?

A buffer overflow attack is a state that user using automation tool or manually try to send data to a service that expect to get data, but the data that the user send to the services does not contain only real expecting data but also some gibberish data, short data, long data, very long data, data that contains special characters and so on, that the user is hopefully generate an exception in the service and with this exception and the error code and the message code that the environment will generate he will be able to create his/her own pattern to regenerate this error, and also to create an exploit to use against this application, keep in mind that if one found in a common service that use over the global that mean that the user that found this overflow can use it against this service all around the global.

There are two main types of commonly used buffer overflows, the heap and the stack. the heap buffer overflow is when user try to hit the application heap location, the heap memory is allocated in run time. The stack buffer overflow is when user tries to hit the application stack memory, most of the fixed size variables are declare on the stack.

How to secure your Windows XP Operating System

July 15th, 2013 by spyadmin No comments »


In today’s technology savvy world, you just cannot do without a computer. Whether you have a desktop, a laptop, a palmtop, an I pad or an android phone, securing your operating system is an absolute must. Spyware and malware can have a devastating effect on your operating system and it can corrupt your operating system, beyond repair. Securing your computer with an efficient operating system security device or program has become necessary because most systems and businesses are completely dependent on computers and their uninterrupted functioning.

Windows XP is one of the latest and most efficient operating systems from the house of Windows to make the functioning of computer faster and better. Before you decide to take the plunge and install Windows XP, you should consider what you could do to make your computer system secure with the operating system. If you do a little bit of research then you can learn a lot about Windows XP operating system security. You can learn a lot about computer safety from malware, spyware and other technology deadly viruses by reading up on security measures for your operating system as well as for your computer on the whole. Overall, there are many things you can do to make your computer more secure and some of them are:

  • Installing updates
  • Getting an antivirus program
  • Using Windows firewall

Installing updates is the most pertinent thing you can do after downloading and installing your Windows XP operating system. You can choose to install these updates manually, or by visiting the Microsoft websites. You should install updates on a regular basis for complete protection of your computer. You can also use the built in update program found on the control panel for your computer to automatically find updates and install them.

A firewall is very essential for all operating systems. A firewall is the basic protection against viruses and spyware and it comes built in with the Windows XP operating system. All Windows operating systems come with a built in firewall, which can be readily utilized. You can also download some very effective firewalls for free or by paying for them. The installation manager will ask you if you want to able or disable the firewall while you install the operating system. The firewall can be found on the control panel and once you find the firewall you can configure the setting to suit, your individual needs.

Today an antivirus program is a complete must for all computers. Windows XP does not come with an in-built antivirus program but you will find a number of good antivirus programs, which you can download from the net. Some of these antivirus programs are free while you may have to pay for some others. You can also buy an antivirus program online and just use the code to renew your antivirus program. Most of the good antivirus programs have real time scanners to ensure protection of your operating systems and computer at all times. They also update automatically on a daily basis.

Intrusion Detection Systems

July 10th, 2013 by spyadmin No comments »

Know more about Intrusion detection systems, a tool to secure computers

A passive security result which is specifically manufactured and in designed in order to surveillance every network traffic both inbound and out bound is called intrusion detection system (IDS). The main function of thus IDS is to monitor, identify and notify the unauthorized and unauthenticated network activities which tried to break the system security or try to make compromise with the systems. This is considered to be passive because, it just keeps the users alerted on the suspicious accessibility over the system and will not protect the system from them. It continuously monitors the network traffic and analyses the problems, exploits and all other vulnerabilities. It normally reacts to the unauthorized events in more than one ways. It could be by popping up the alerts on window, informing the system administrators and even logging these events.

Intrusion detection system has at times change and re-configures the system network in order to decrease the authentications from suspicious intrusions. It also identifies and alerts the events happening because of computer infestation from virus, hackers and other worms. This is the result of focusing on authorized intrusion signatures and also attack signatures. These signatures are monitored for different virus and worms; make a note of general difference that are varied from their normal activities. IDS can be procured for free as they are distributed under open source program which also offers security to several costlier supplier software appliances. They also protect the sensor electronic devices that are usually installed at every different stag of network. IDS are characterized based on their functionalities. First and foremost functionality is their detection based on host and the network, detection based on irregularity and misuse, and the other is based on the systems which are reactive and also passive in nature.

When an Intrusion detection system is based on the network is just the standalone device hardware. Here the hardware will have all the capabilities similar to IDS. At various network points’ locations, they will have few hardware sensors, which is integrated with the system and its network connected. It continuously monitors all the data packets that is inbound and out bound to the system network. IDS aren’t providing real time security detection; however, they offer the genuine detection when they are configured without faults. The IDS installed on the every individual computer are all the software agents which are basically host based. They monitor both in bound and out bound network traffic of specific computers. Also, host based IDS are all characterized to be specific and not get into any other IDS which are network based.

When intrusion detection system detection is based on misuse or unauthorized suspicious events, then the IDS collects all the required information and compares it with the attack signatures of large data base. It detects the virus attacks and it is similar to the intrusion data base signatures which are used to compare against the data packets. The analyzing detectors usually monitor the each segment of network and compare them to the normal baselines.

Firewall, Antivirus And Malware In Computer Security

July 9th, 2013 by spyadmin No comments »

Have you recently bought a computer for your home? Are you new to the world of computers and terminologies such as antivirus, firewall and malwares? In case you are, no need to worry further, as here you will find host of information on what these terminologies are and what you need to know about them. As you read below, you shall find handy tips on what all precautions are needful for protecting your computers from harmful viruses that exist in the cyberspace. Furthermore, you will also find instances, with possible dos and don’ts. However, you need not be a computer expert to understand the following article, as it does not demand any higher education to comprehend. Even a layman can read this and be able to successfully implement methods to protecting his/her desktop on their own.

Where Do Malwares Stay?

To begin with, Malwares are harmful programs that corrupt system files. They usually come in different file names. However, files that contain them have an .EXE file extension. For those who wonder on what file extensions are, will understand them better the moment they recall Word files with .DOC and Excel files with .XLS extensions. Similarly, .EXE files are executable files that contain malicious programs, which carry potentials to damage your system as well as erase the data.

What is Firewall?

Firewall is actually a device, which set standards over network and connectivity. It prevents logging onto corrupt websites containing malicious data. Latest computers come with installed firewall softwares that protect your desktop from possible internet and connectivity threats.

How Malware Operates?

Every file contains source codes, however you can only see the ones that are visible to you by the user-friendly interface platform provided by your operating system. These malicious programs hide inside extension files of .EXE and execute when they run into your device. However, you can avoid these malicious scripts from running into your systems, if someone informs you about the Malware threat well before you run them. Indeed, alerts like these are possible to set. You may use anti-virus that distinguishes between Malware and ordinary files. They read the source code algorithmically and conclude on which executable files contain Malware and which not. Thus, it becomes very easy for you to decide over which one is corrupt and which ones not.

Can Humans Detect Malware Threat Without An Anti-virus Support?

It would have been lot tedious if there were no anti-virus for human support. In fact, the information that every operating system displays about files is only half the truth. They only show us readable higher-level languages. In fact, there are two types of languages – machine language or lower-level language, and human language or higher-level language. Malwares hide inside programs with lower-level languages, which only a machine can compute or read. Without an anti-virus in place, it would be like finding a particular spec of dust from vast sand of beach. Hence, it is highly improbable to find virus threads without an actual support from an anti-virus.

What An Anti-Virus Does?

Like other programs, a virus too is a program. However, what makes it different from other programs is the fact that it can self-replicate. A virus can quickly grow bulky and threat other hardware components along. However, anti-virus softwares are programs that look for possible programs containing potentials to multiply and grow. They cleverly scan through source codes of the files to detect for possible presence of virus. Thus, they bring malwares into your notice.

How Can One Avoid Malwares?

It is ideal to install good anti-virus softwares in your desktop. These anti-virus programs provide helpful services by providing you an alert in advance over possible threats in the programs. You can advice your anti-virus software to scan through the systems before actually running them. Thus, viruses cannot affect your desktop systems, as you can detect them well ahead using anti-virus software.

How Many Anti-virus Programs Does One Need To Install?

An Anti-virus program is a single program with multiple files used in detecting a possible virus threat. However, a word of caution along with installing anti-virus is, you need not download multiple programs to protect from threat. Some people may hold beliefs such as downloading multiple anti-virus would additionally strengthen their system. However, not all of it is true. In fact, one anti-virus sees another anti-virus as a possible threat. Furthermore, the risk of detecting spywares reduces instead of increasing. It is advisable to download one single program of anti-virus than downloading different softwares. Moreover, it is ideal to download latest versions of anti-virus, as new versions are equipped with additional features to secure your system in better ways.

What To Do When You See A Virus?

As explained, a virus is a program that bears properties such as self-replicating. In case you experience them, for instance, if you find a chain of folders creating inside a folder, then it is ideal to run an anti-virus without wasting any time further. An anti-virus includes tools that let it detect the root of virus and eliminate its loop. Thus, all anti-virus software are well equipped to remove viruses from the system, provided they are of the latest version.

Which Is The Best Anti-Virus Software In Market?

Most people, especially those who have recently invested in a desktop may ask common questions like these. In fact, there are host of anti-virus softwares that are available in the market. It is ideal to research through reviews that would enable you to better judge on which software to purchase and which not. In fact, there is nothing that proves that one software is better than the other. Besides, all anti-virus softwares come with added assurance for protecting your systems from possible threats. However, the only difference between best and better lies on which version of anti-virus you use. There are many versions of anti-virus softwares. It is ideal to invest in latest ones as they carry low-risk towards possible threats.

Bottomline:

Anti-virus software runs on your system to detect possible Malware threats, and executes their timely elimination. Malwares usually come in program source codes of .EXE files that only an anti-virus can detect. Buying latest version of anti-viruses is the only way of protecting your system.