Setting up your new computer
You've just purchased a new PC or you are upgrading your current PC.
Don't know where to begin?
This guide will walk you through the steps to configure your PC into a usable and safe workstation.
Of course, not everyone has the exact same needs.
This guide will get you started
What is the Difference Between a Virus, Trojan Horse and Worm?
The most common mistake when the topic of a computer virus arises is that people will often refer to a
Worm or Trojan Horse as a Virus. While the words Trojan, worm, and virus are used interchangeably, they
are not the same. Viruses, worms, and Trojan Horses are all malicious programs that can cause damage to
your computer, but there are differences between the three, and knowing those differences can help you
to better protect your computer from their often damaging effects.
This guide will explain the differences
What is the Difference Between SSL and TLS?
SSL and TLS both use cryptography to provide authentication and security to Internet communications. TLS was designed
to replace SSL. There are a handful of minor differences. So, why create a new protocol?
Because SSL, created by Netscape in 1994 to provide application-independent secure communications over the Internet, is
a closed proprietary protocol. The community cannot make changes or validate its security. The Internet Engineering Task
Force (IETF) created TLS, an open version of the protocol, so everyone would be free to use and comment on it.
This guide will explain the differences
What is a bot?
The user generally remains unaware that his computer has been taken over because it can still be used, although
it might slow down considerably. As this computer begins to either send out massive amounts of spam or attack
Web pages, he becomes the focal point for any investigations involving his computer's suspicious activities.
This guide will explain what a bot is
Cross-site scripting (XSS)
Cross-site scripting (XSS) is a type of computer security vulnerability typically found
in web applications which enable malicious attackers to inject client-side script into web pages
viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers
to bypass access controls such as the same origin policy. Cross-site scripting carried out on
websites were roughly 80% of all documented security vulnerabilities. Their impact may range
from a petty nuisance to a significant security risk, depending on the sensitivity of the data
handled by the vulnerable site, and the nature of any security mitigations implemented by site owner.
This guide will explain what Cross-site scripting is
What is a drive-by download?
is a program that is automatically downloaded to your computer without
your consent or your knowledge. Drive-By download attacks often favour Zero-Day Flaws as it
means there are no defences avialable against these attacks.
targeted yet another Adobe Zero-Day Flaw. Both Firefox and
Internet Explorer have to constantly plug drive-by security holes. We have also seen large
scale attacks that
affected more than eight million pages
. The expression drive-by download
is used to define
This guide will help explain what a drive-by download is
In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where
a process stores data in a buffer outside the memory the programmer set aside for it. The extra
data overwrites adjacent memory, which may contain other data, including program variables and
program flow control data. This may result in erratic program behavior, including memory access
errors, incorrect results, program termination (a crash), or a breach of system security.
Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way
the program operates. They are thus the basis of many software vulnerabilities and can be maliciously
exploited. Bounds checking can prevent buffer overflows.
This guide will explain what a buffer overflow is
What is a "packet sniffer"?
A packet sniffer is computer software that can intercept and log traffic passing
over a digital network or part of a network. As data streams travel back and forth
over the network, the sniffer captures each packet and eventually decodes and analyzes
its content according to the appropriate RFC or other specifications.
However, computer conversations consist of apparently random binary data.
Therefore, packet sniffer programmes also come with a feature known as
"protocol analysis", which allow them to "decode" the computer traffic
and make sense of it.
This guide will explain what a packet sniffer is
What is a "keystroke logger"?
A keystroke logger
is a tiny device or programme that records every keystroke
typed on any PC computer. This means that any logon names, passwords, or other
security keystrokes are recorded by this logger programme.
You may think that you are not in danger from this attack. It is now a matter of record that most email
scams and phishing expeditions are for the sole purpose of installing a key logger on to your system.
Ever been to a friend's place and needed to urgently check something online that requires password access?
Are THEY running the software mentioned above? If you have NEVER used any computer,
other than your own, to log in to any password protected account, then perhaps you are not.
Ever had your computer upgraded or repaired? Did you leave it there in the morning
and pick it up on the way home? Well – guess what !!! Probably nothing happenned, but
there was the opportunity if the service people were not ethical. Or even if they are completely trustworthy,
perhaps a rogue technician isn't.
These scenarios are unlikely, but you should be aware of the dangers.
will explain what a keystroke logger is and how it works.
In our "Crime Scene Investigation:Internet"
experts examine suspicious files using every trick in the book. Watch over their shoulders as they track down malware because all of this
really could have happened. All of the malware samples shown in CSI:Internet have been used in real attacks and have been analysed using various
methods, including those described in each episode.
The second series of "Crime Scene Investigation:Internet" begins here
Hunt Down and Kill Malware with Sysinternals Tools
Use some of the popular Sysinternals tools to hunt down malware on your system. Windows Sysinternals is now a part of the Microsoft TechNet website
but was once an independent source of some excellent software. Rootkit Revealer was their best known product, while now
Process Explorer is probably the most used. The Sysinternals Troubleshooting Utilities have been rolled up into
a single suite of tools
. This article will show you how to utilize some of the popular Sysinternals utilities to assist
in your malware hunt.
The Sysinternals tools are free to download from the Windows Sysinternals page on the
TechNet web site
will explain how to Hunt Down and Kill Malware with Sysinternals Tools.