DOCSLIB.ORG

MICROSOFT RESEARCH Rick Rashid Heads the Team That Is “Advancing the State of the Art” 36

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
MICROSOFT RESEARCH Rick Rashid Heads the Team That Is “Advancing the State of the Art” 36 1005red_cover.v1 9/13/05 1:40 PM Page 1 Beta Man Checks Out Spotlight on AD 27 OCTOBER 2005 WWW.REDMONDMAG.COM MICROSOFT RESEARCH Rick Rashid heads the team that is “advancing the state of the art” 36 Internet Explorer: A Look at the Alternatives 53 The Ultimate Admin’s Guide 57 > $5.95 10 • OCTOBER The Trouble 25274 867 27 71 with TCO 47 RED2005_CoverTip.tmp 9/6/05 3:56 PM Page 2 Improve Productivity and Security with Desktop Authority With Desktop Authority, you can: • Configure every aspect of the desktop including drives, printers, applications, the registry, Outlook settings and more • Use Desktop Authority’s patented Validation Logic technology to apply configuration settings to desired users and computers • Centrally manage the deployment of patches and spyware removal from one central console • Securely manage and remote control clients from any web browser Discover why your fellow readers of Redmond Magazine named Desktop Authority the Best Network Automation Tool of 2005! 1.800.424.9411 > www.scriptlogic.com SPECIAL OFFER! Go to www.scriptlogic.com/securityebook and register now for a FREE eBook, brought to you by ScriptLogic and Realtimepublishers.com © 2005 ScriptLogic Corporation. All rights reserved. ScriptLogic, Desktop Authority and the ScriptLogic logo are trademarks or registered trademarks of ScriptLogic Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. RED2005_CoverTip.tmp 9/6/05 3:56 PM Page 1 Sneakernet Got You Ready To Drop? Configure and secure all your desktops from one centralized console with Desktop Authority® ScriptLogic’s Desktop Authority significantly reduces total cost of desktop and application ownership by enabling administrators to proactively secure, manage and support desktops from a central location. See Back For FREE Security eBook 1.800.424.9411 > www.scriptlogic.com Project3 8/15/05 11:56 AM Page 1 Blended Threats Attack Multiple Entry Points… Are You Ready? Yesterday’s point-solution is no match for today’s blended threat—and you can’t expect your Enterprise Protection Suite enterprise IT security experts to be a 24/7 clean-up crew. But you can count on SurfControl’s Web, E-mail, IM/P2P, Mobile Enterprise Protection Suite to deliver unequaled protection against every threat—traveling through Enhance Security every entry point—every time. Manage Usage Policies & Compliance Increase Productivity It doesn’t matter whether it’s spam, spyware, phishing, viruses or a specialized day-zero hybrid. Reduce Costs & Administration Nor does it matter whether it comes from inside your organization, or from outside company walls. The SurfControl Enterprise Threat Protection Suite delivers a powerful unified threat management solution, securing Web, e-mail and IM/P2P traffic—from the network gateway to the user desktop. Plus, it’s backed by SurfControl’s 24/7 Adaptive Threat Intelligence Service.™ Now you’re ready. FREE 30-day trial www.surfcontrol.com/go/blended 1 800.368.3366 © 2005 SurfControl plc. 1005red_TOC_1.v5 9/13/05 2:59 PM Page 1 OCTOBER 2005 WWW.REDMONDMAG.COM Winner for Best Computer/Software Magazine 2005 RedmondTHE INDEPENDENT VOICE OF THE MICROSOFT IT COMMUNITY COVER STORY REDMOND REPORT 9 News Analysis The Power Inside WinFS Questions Persist As head of Microsoft Research, Rick 10 EventLog Rashid leads a team that remains Longhorn gives Itanium 2 the largely anonymous, but whose work squeeze, “Centro” slated for finds its way into nearly every midsize businesses, “Project product Redmond ships. Green” gets new name and more. 12 Roadmap Page 36 Microsoft Maps Out a Plan to Integrate Virtualization PHOTO BY KATHERINE LAMBERT into Windows 47 Smoke, but No Fire for TCO COLUMNS Total Cost of Ownership (TCO) is a concept touted by Microsoft and various Linux vendors as proof that their products are cheapest to run. But 4 Chief Concerns: TCO claims aren’t what they’re cracked up to be, and most IT shops never Doug Barney use TCO, or just plain do it wrong. Spy Hunter 53 Test Drive a Better Browser 27 Beta Man: These alternatives to Microsoft’s Don Jones Internet Explorer can add Spotlight Lights Web-browsing muscle, but they’re Up AD not without potential problems. 63 Security Advisor: Joern Wettern 57 Get Serious About Securing IE Page 53 Internet Explorer is one of the most Will R2 Make You More Secure? used products in nearly every environment, but most administrators know 68 Mr.Script: Chris Brooke little about how to tune it for best performance and security. Setting the Timer ILLUSTRATION BY DAVE WHAMOND 72 Ten: Paul Desmond Creative Server-Naming REVIEWS Conventions 17 RX for Windows 24 All Is Not Lost The utilities in Winternals Admin When you need to find a Pak can help you get through most long-lost document, dtSearch of the Windows troubleshooting Desktop delivers quick results. incidents you’ll ever encounter. 32 Your Turn 19 Truly Wireless Networking Keep Data in Line, Page 72 Strix Access/One’s unique Most of the Time configuration can put an end to ALSO IN THIS ISSUE cabled networks. For synchronizing data on PocketPCs and Smartphones, 2 Redmond magazine online 21 SoftGrid Serves ActiveSync 3.8 is easy enough to use, but many users say OS 6 Letters to Redmond Up Applications and phone service issues can 71 Ad and Editorial Indexes Deliver applications to your users knock it off balance. safely, conveniently and without a lot of overhead. COVER PHOTO BY KATHERINE LAMBERT 1005red_OnlineTOC_2.v5 9/14/05 10:28 AM Page 2 RedmondOCTOBER 2005 mag.com REDMOND COMMUNITY REDMONDMAG.COM Redmond Newsletters Exclusives Available Only on Redmondmag.com • Redmond Report: Our twice-weekly Make sure you stop by Redmondmag.com this month to get your e-mail newsletter featuring news analysis, exclusive online content, including: context and laughs. By Redmond’s •The latest Redmond Negotiator column by Scott Braden, our Editor in Chief Doug Barney. licensing and negotiation guru. Get Open Licensing tips and get FindIT code: Newsletters up to speed on rebate percentages for LARs and Software Redmond Negotiator Scott Braden • Security Watch: Keep current on the Assurance. (Find IT code: Braden) FindIT code: Braden latest Windows network security topics. •Recaps of Doug Barney’s twice-weekly Redmond Report column, This newsletter features exclusive, covering the ins and outs of the latest happenings in the Microsoft IT space. online columns by Contributing Editor (Find IT code: RReport) This column is a featured part of our free Redmond Russ Cooper of NTBugTraq fame. Report newsletter. (Sign up at Find IT code: Newsletters) FindIT code: Newsletters If you haven’t already, don’t forget to download the PDF version of the Redmond salary survey. (FindIT code: SSPDF) This extended, 27-page version Discussion and Forums of last month’s cover story includes many more charts and figures than were Post your thoughts and opinions under our articles, or stop by the forums for available in the print version. The PDF version is completely free, but does more in-depth discussions. require registration with our Tech Library. FindIT code: Forum If you work with or manage Microsoft Certified Professionals, you might also want to download the MCPmag.com version of the survey, which includes exclusive Your Turn charts on average salaries by skill and specialty area, all of which are broken down by The interactivity center of the related Microsoft certification. (FindIT code: MCPSSPDF) Redmond universe, where you get to express your views. FindIT code: YourTurn MCPMAG.COM • A weekly watch on the latest OTHER 101COMMUNICATIONS SITES Tales from the security news from Security Watch Trenches! columnist and NTBugtraq founder, ENTmag.com Russ Cooper. Special Report: Windows Vista, IE7 and Tales from the trenches is back! Take a minute to • Get your scripting fix with Don Longhorn Server Jones’ Scripting Answers column. Scott Bekker with the latest on what to learn from other readers’ Plus: Check out the latest columns expect from these betas. experiences and share in MCPmag.com’s Server Solver posted at http://mcpmag.com/ FindIT code: ENTWVIE the horror and humor of Sekou Page what your IT colleagues columns. And don’t miss the weekly CertCities.com have gone through. These tales will be MCP Radio broadcasts on Fridays: Feature: CertCities.com’s Guide to Storage featured all month on the site. http://mcpmag.com/webcasts/mcpradio. Certifications Also this month, don’t miss: Dan Hong looks at the wide • Andy Barkl reviews the latest revision variety of storage-related credentials FindITCodes of Microsoft’s 70-290 exam,“Managing available. Throughout Redmond magazine, FindIT code: CCStorage and Maintaining a Microsoft Windows Server 2003 Environment.” you’ll discover some stories contain FindIT codes. Key in those codes at • Sekou Page, Zenprise’s Exchange and TCPmag.com Redmondmag.com to quickly access Exam Review: Getting Past the PIX messaging expert and MCPmag.com’s expanded content for the articles Firewall Exam new Server Solver columnist, containing those codes. Andy Barkl reviews the latest takes on your toughest Exchange Just enter the code in the box at version of Cisco’s PIX exam for the troubleshooting questions. the top-right corner of any page on Redmondmag.com. Note that all CCSP title. • TechLine’s Chris Wolfe takes on FindIT code: TCPPIX FindIT codes are one word, and are your most perplexing networking and not case sensitive. troubleshooting dilemmas. 2 | October 2005 | Redmond | redmondmag.com | Project1 9/13/05 11:46 AM Page 1 your infrastructure may protect employees inside What protects employees outside? It’s no surprise; employees are often unaware of the threats that put View the latest Websense Security Labs webcast: “Six Degrees of Spyware” the security of their laptops—and your www.websensesecuritylabs.com/webcast network—at risk every day.
Load more

Recommended publications
  • Digital Blackmail As an Emerging Tactic 2016
    September 9 DIGITAL BLACKMAIL AS AN EMERGING TACTIC 2016 Digital Blackmail (DB) represents a severe and growing threat to individuals, small businesses, corporations, and government Examining entities. The rapid increase in the use of DB such as Strategies ransomware; the proliferation of variants and growth in their ease of use and acquisition by cybercriminals; weak defenses; Public and and the anonymous nature of the money trail will only increase Private Entities the scale of future attacks. Private sector, non-governmental organization (NGO), and government cybersecurity experts Can Pursue to were brought together by the Office of the Director of National Contain Such Intelligence and the Department of Homeland Security to determine emerging tactics and countermeasures associated Attacks with the threat of DB. In this paper, DB is defined as illicitly acquiring or denying access to sensitive data for the purpose of affecting victims’ behaviors. Threats may be made of lost revenue, the release of intellectual property or sensitive personnel/client information, the destruction of critical data, or reputational damage. For clarity, this paper maps DB activities to traditional blackmail behaviors and explores methods and tools, exploits, protection measures, whether to pay or not pay the ransom, and law enforcement (LE) and government points of contact for incident response. The paper also examines the future of the DB threat. Digital Blackmail as an Emerging Tactic Team Members Name Organization Caitlin Bataillon FBI Lynn Choi-Brewer
    [Show full text]
  • Contents in This Issue
    APRIL 2006 The International Publication on Computer Virus Prevention, Recognition and Removal CONTENTS IN THIS ISSUE 2 COMMENT LEAP YEAR Problems for AV vendors: some thoughts Although the hype surrounding OSX/Leap-A far outweighs the number of reported infections, the 3 NEWS virus does present a number of new ideas that we may well see again. Glyn Kennington investigates. More updating woes page 4 Spy couple sentenced ‘Real’ computer virus MR AND MRS ROOTKIT Viewers of the German version of the Mr. and Mrs. Smith movie DVD were surprised to find a little 3 VIRUS PREVALENCE TABLE more than they had bargained for on their DVDs thanks to the presence of a new protection system. VIRUS ANALYSES The protection software was found to be using 4 A small step for Mac OS X rootkit-like techniques to hide itself. Elia Florio discusses the security issues associated with the 6 Not a feeble attempt Settec DRM case. page 10 10 FEATURE LINUX COMPARATIVE Stories from the DRM world: the Settec case The main competition amongst products this month seemed to be to determine 13 COMPARATIVE REVIEW which could have the least useful Red Hat Linux 9 documentation – find out which products redeemed themselves by achieving a VB 100%. page 13 20 END NOTES & NEWS This month: anti-spam news & events and Sorin Mustaca takes an indepth look at PayPal phishing. ISSN 1749-7027 COMMENT ‘I see drowning in • Analysing proactive technologies, including heuristics and behaviour blockers so as to penetrate new malware as systems despite these barriers. one of the main • Interfering with anti-virus solutions, for instance, by issues facing the blocking automatic updates.
    [Show full text]
  • Information Security Primer from Social Engineering to SQL Injection...And Everything Beginning with P
    Information Security Primer From Social Engineering to SQL Injection...and Everything Beginning with P PDF generated using the open source mwlib toolkit. See http://code.pediapress.com/ for more information. PDF generated at: Tue, 18 Aug 2009 21:14:59 UTC Contents Articles It Begins with S 1 Social engineering (security) 1 Spyware 7 SQL injection 26 Bonus Material 34 Password cracking 34 References Article Sources and Contributors 41 Image Sources, Licenses and Contributors 43 Article Licenses License 44 1 It Begins with S Social engineering (security) Social engineering is the act of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim. Social engineering techniques and terms All social engineering techniques are based on specific attributes of human decision-making known as cognitive biases.[1] These biases, sometimes called "bugs in the human hardware," are exploited in various combinations to create attack techniques, some of which are listed here: Pretexting Pretexting is the act of creating and using an invented scenario (the pretext) to persuade a targeted victim to release information or perform an action and is typically done over the telephone. It is more than a simple lie as it most often involves some prior research or set up and the use of pieces of known information (e.g. for impersonation: date of birth, Social Security Number, last bill amount) to establish legitimacy in the mind of the target.
    [Show full text]
  • 2016 ICIT Ransomware Report
    Expert research contributed by the following ICIT Fellows: Danyetta Magana (ICIT Fellow – President, Covenant Security Solutions) Igor Baikolov (ICIT Fellow – Chief Scientist, Securonix) Brian Contos (ICIT Fellow – Vice President & Chief Security Strategist, Securonix) John Menkhart (ICIT Fellow – Vice President, Federal, Securonix) George Kamis, (ICIT Fellow – CTO, Forcepoint Federal) Stacey Winn (ICIT Fellow - Senior Product Marketing Manager, Public Sector, Forcepoint) Thomas Boyden (ICIT Fellow – Managing Director, GRA Quantum) Kevin Chalker (ICIT Fellow – Founder & CEO, GRA Quantum) John Sabin (ICIT Fellow – Director of Network Security & Architecture, GRA Quantum) 1 Contents Introduction: .............................................................................................................................................................. 3 Origins of Ransomware: ........................................................................................................................................ 6 Overview of Ransomware: ................................................................................................................................... 8 Types of Ransomware: .......................................................................................................................................... 9 Locker Ransomware: ........................................................................................................................................ 9 Crypto Ransomware: .....................................................................................................................................
    [Show full text]
  • Paul Collins Status Name/Startup Item Command Comments X System32
    SYSINFO.ORG STARTUP LIST : 11th June 2006 (c) Paul Collins Status Name/Startup Item Command Comments X system32.exe Added by the AGOBOT-KU WORM! Note - has a blank entry under the Startup Item/Name field X pathex.exe Added by the MKMOOSE-A WORM! X svchost.exe Added by the DELF-UX TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in the Winnt or Windows folder X SystemBoot services.exe Added by the SOBER-Q TROJAN! Note - this is not the legitimate services.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a HelpHelp subfolder of the Windows or Winnt folder X WinCheck services.exe Added by the SOBER-S WORM! Note - this is not the legitimate services.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a "ConnectionStatusMicrosoft" subfolder of the Windows or Winnt folder X Windows services.exe Added by the SOBER.X WORM! Note - this is not the legitimate services.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a "WinSecurity" subfolder of the Windows or Winnt folder X WinStart services.exe Added by the SOBER.O WORM! Note - this is not the legitimate
    [Show full text]
  • Introducción Definiendo Algunos Malvare
    Computación / enfermería /UNPA Software malintencionado e infeccioso Introducción Los virus informáticos son un tipo de programa malicioso (malware). El término virus informático suele aplicarse de forma incorrecta para referirse a todos los tipos de malware, incluidos los virus verdaderos1. Por lo que en la actualidad sería más correcto mejor usar el término MALWARE en el momento de referirse a cualquier código malicioso (parásito/infección). Malware - malicious software - software malicioso - también llamado badware, código maligno, o software malintencionado. Es un tipo de software que tiene como objetivo infiltrarse o dañar una computadora o sistema de información sin el consentimiento de su propietario. El software se considera malware en función de los efectos que provoque en un computador. En sí, el término malware es muy utilizado por profesionales de la informática para referirse a una variedad de software hostil, intrusivo o molesto. Debe aclararse que Malware no es lo mismo que software defectuoso (este último contiene bugs2 peligrosos, pero no de forma intencionada). En el mundo de los Malware encontramos nombres como Virus, Troyanos(Trojans), Gusanos (Worm), y Spywares, pero también ha habido una evolución de como los conocíamos, surgiendo nuevos integrantes como Rootkits (la mayor parte), ladrones de los Troyanos Bancarios, secuestradores de PCs (Botnets), "Falsos Antivirus" (Rogues), FakeAVs, Keyloggers, Ransomwares, Adware intrusivo, Hijackers, Bootkits, Scareware, Crimeware y otros software malicioso e indeseable que no dejarán de salir. Si se trata de clasificar, los Malware podría tenerse los siguientes grandes grupos: el Malware infeccioso, el Malware oculto y el Malware para obtener beneficios. El Malware infeccioso incluye a los virus y gusanos.
    [Show full text]
  • The Techrepublic Comprehensive Spyware Removal Checklist
    The TechRepublic Comprehensive Version 1.0 Spyware Removal Checklist May 20, 2008 By Erik Eckel For many users, spyware has become an even bigger problem than viruses. Regardless of size, everyone from small businesses to enterprise organizations must battle the associated risks that include key trackers, Web page redirectors, persistent pop-up advertisements, inoperable network connections, unwanted tracking applications and other nefarious programs that slow and even render systems and programs non-operational. Infected systems have become the bane of many systems administrators, consultants and support professionals. While the best spyware defense is a combination of behavior modification -- teaching users not to indiscriminately click on attachments, surf My Space and similar sites freely and engage in other risky computing behavior -- and effective, business-class protection, IT professionals are often tasked with cleaning spyware infected systems. Methods and recommendations differ, just as with many other technology issues. When particularly problematic infections exist, some technology professionals advocate simply backing up user data, reformatting the drive and reinstalling Windows. Others believe most forms of spyware, and the related problems these infections leave behind, can be eliminated. When systems can be salvaged, much time and expense is saved. For example, cleaning a system of spyware infections and repairing post-incident damage can save the time required to track down CDs and DVDs for previously installed programs and associated license keys (if they can even be found), not too mention the time required to actually reinstall Windows, reinstall the applications and mirror the user's previous Windows settings and application configurations. While not every infected system can be saved, following the steps in this TechRepublic checklist can go a long way toward eliminating common infections and repairing the collateral damage.
    [Show full text]
  • CONTENTS in THIS ISSUE Fighting Malware and Spam
    APRIL 2009 Fighting malware and spam CONTENTS IN THIS ISSUE 2 COMMENT ROGUE TRADERS Flooding the cloud Rogue anti-malware applications have been around for several years, 3 NEWS conning and causing Ghostly goings on confusion among users as well as posing problems for anti-malware Internet fraud complaints rise vendors. Gabor Szappanos takes a look at a piece of anti-virus scamware. page 9 3 VIRUS PREVALENCE TABLE APPLE CATCHER Mario Ballano Barcena and Alfredo Pesoli take 4 TECHNICAL FEATURE a detailed look at what appears to be the fi rst real attempt to create a Mac botnet. Anti-unpacker tricks – part fi ve page 12 VB100 ON WINDOWS XP MALWARE ANALYSES VB’s anti-malware testing team put 9 Your PC is infected a bumper crop of products through their paces on Windows XP. Find out 12 The new iBotnet which products excelled and which have some more work to do. page 15 15 COMPARATIVE REVIEW Windows XP SP3 36 END NOTES & NEWS This month: anti-spam news and events; and John Levine looks at message authentication using Domain Keys Identifi ed Mail (DKIM). ISSN 1749-7027 COMMENT ‘An even better mutated variations of malware in large volume. While this strategy won’t work against all technologies solution is to be (for example it is ineffective against HIPS, advanced proactive in the heuristics, generic detection etc.), it is well worth the cloud.’ effort for its ability to evade signature detection. I was interested to fi nd out whether these explanations Luis Corrons could be verifi ed by our detection data – for example Panda Security to see for how long each threat was active.
    [Show full text]
  • A Cybercrime Report
    A CyberCrime Report Information White Paper March, 2008 This paper uncovers the covert and often unnoticed dealings related to cybercrime. It offers steps to the common user on how to reclaim control of their computer and to restore system performance. Suitable applications for these tasks are identified and recommended throughout this report and in conclusion. ParetoLogic – The Company ParetoLogic is an international software development company headquartered in Victoria, British Columbia, Canada. We are a member of SIIA (Software Information Industry Association) and we specialize in providing advanced security applications and performance tools for business and personal computer users. ParetoLogic creates solutions that combine sophisticated technology with a truly user-friendly interface. Our products empower people to secure and optimize their computers and are currently available in eight languages in 186 countries around the world. ParetoLogic has established partnerships on a global scale to make our products available to all computer users regardless of location, language, or computing experience. We provide attention to the customer needs based on a commitment to delivering exceptional software applications using resource-rich websites. Our solutions exceed expectations. © 2008 ParetoLogic Inc. 2 Addressed in this Product White Paper This paper includes the following: CyberCrime – Spyware, Adware, and Malware 4 - The “Definitions” 4 - The Examples 7 Getting Infected 10 - Getting Infected: Deception 10 - Getting Infected: Exploitation 15 Vulnerabilities 19 Rootkits 21 Botnets 22 E-Crime: Profit and Profile 24 Undetected Malware 27 Solutions 28 - Be Secure 30 - Be Smart 31 - Be Able 33 Cyber Reality 34 ParetoLogic – The Products 36 3 CyberCrime – Spyware, Adware, and Malware Our reliance on computer technology has progressed exponentially.
    [Show full text]
  • State of Spyware 2005
    TABLE OF CONTENTS Foreword 4 Highlights 8 The State of Spyware 11 News & Incidents 14 Threat Research/Phileas 26 Top Threats 33 Enterprise & Compliance 41 Consumer 53 Legal & Legislation 68 Conclusion 83 Appendix 86 Credits 93 About Webroot Software 95 FOREWORD FOREWORD “The Former Prince of Freedonia Needs Your Help” How many of us have received this e-mail or something like it: the former prince of Freedonia has been bilked of his family’s fortune, and he needs your help because he has heard you are an honest person and can be trusted. Won’t you please respond and help? So begins one of the oldest con games in the world. Here’s how it goes. The prince says he has all this money but can’t get at it because he doesn’t have a U.S. bank account. You agree to help by accepting the money into your bank account. He says ‘Wait, how do I know you won’t run off with my money’ and asks you to put up some money as collateral. You agree to wire your money to his account, and once his money is in your account and safe he’ll wire your money back. A variation on this con almost snagged a friend of mine in college and another variation is what gets Robert Redford in trouble with the mob in “The Sting.” But, you’d never fall for that. And yet, I get this e-mail or one like it about three times a month, for the simple reason that it must work on somebody.
    [Show full text]
  • Prof.Islam-Social Engineering
    Project Title: Distributed and Cloud-based Network Defense System for NRENs (DCNDS) Series 2 Workshop (18-20 November, 2020) Botnet Mitigation Best Practices and System Evaluation Workshop Social Engineering and Botnet Proliferation by Md. Saiful Islam Institute of Information and Communication Technology Bangladesh University of Engineering and Technology 2 Outline • Human factor in security • Social Engineering (SE) • Threat actors using social engineering • Characteristics of social engineer • Basic tendencies of human nature • SE categories & SE cycle • SE attack vectors: tailgating, impersonating, phishing etc. • Attack tools of an social engineer • Why do cybercriminals use botnet attacks? • Botnet defense- best practices 3 Security? • Security can be defined as - “The state of being free from danger or threat” . Security is all about knowing who and what to trust. It is important to know when and when not to take a person at their word and when the person you are communicating with & what they say who they are. 4 Security’s weakest link ? • A company may have purchased the best security technologies that money can buy, trained their people so well that they lock up all their secrets before going home at night, and hired building guards from the best security firm in the business. - That company is still totally vulnerable. • Individuals may follow every best-security practice recommended by the experts, slavishly install every recommended security product, and be thoroughly vigilant about proper system configuration and applying security patches. - Those individuals are still completely vulnerable 5 Human Factor: Security’s weakest link • Anyone who thinks that security products alone offer true security is settling for the illusion of security.
    [Show full text]
  • Listado De Falsos Antivirus / Falsos Antispywares / "Rogue Software"
    Listado de Falsos Antivirus / Falsos Antispywares / "Rogue Software" http://www.forospyware.com/t5.html El siguiente listado fue generado y es mantenido por el equipo de "ForoSpyware.com" con colaboración de SpywareWarrior (lugar donde se origino el primer listado oficial y el cual se encuentra descontinuado desde Abril del 2007), por lo que desde esa fecha en más, los programas listados son enteramente de nuestra responsabilidad e investigación. Si tiene cualquiera de estos programas desinstálelo inmediatamente si no quiere correr el riesgo de infectarse con la misma basura que irónicamente muchos de ellos dicen quitar (virus/spyware) Que es un Falso Antivirus / Antispyware? Se le denomina Rogue Software (o también Rogue, Rogueware, FakeAVs, Badware, Scareware) a los “Falsos” programas de seguridad” que no son realmente lo que dicen ser, sino que todo lo contrario. Bajo la promesa de solucionar falsas infecciones, cuando el usuario instala estos programas, su sistema es infectado. Estos falsos Antivirus y Antispyware están diseñados para mostrar un resultado predeterminado (siempre de infección) y no hacen ningún tipo de escaneo real en el sistema al igual que no eliminaran ninguna infección que podamos tener. • Ver artículo completo de: Qué es el Rogue Software o FakeAV ? • Ver nuestra recopilación de imágenes de Falsos Antivirus en Flickr Falsos Antispywares / Antivirus / Rogue Software, FakeAVs: Ultimas inclusiones: 47 nuevos Rogue Antispywares. Ultima Actualización: - 01 de Septiembre del 2009 - 898 aplicaciones: 1. #1 Spyware Killer 2. 1 Click Spy Clean 3. 100 Percent Anti-Spyware 4. 1-2-3 Spyware Free 5. 1stAntiVirus 6. 2004 Adware/Spyware Remover & Blocker 7. 2-AntiSpyware A 8.
    [Show full text]