Spyware is computer software that collects personal information about

users without their informed consent. which was coined in 1995

Personal information is secretly recorded with
logging keystrokes ,
recording Internet web browsing history,
and scanning documents on the computer's hard disk.
Purposes range from: oertly criminal !theft of passwords and
financial details" to the merely annoying !recording Internet search
history for targeted adertising, while consuming computer resources".
#pyware may collect different types of information. #ome ariants
attempt to track the websites a user isits and then send this
information to an adertising agency. $ore malicious ariants attempt to
intercept passwords or credit card numbers as a user enters them into a
web form or other applications.
Spy Softwareuseful purpose is installed directly by the user wanting
to perform the monitoring. $any times spy software is confused with
%spyware%, but actually they are different. #py software is often used by
schools to monitor student activity. #ome businesses use it to monitor
employees behaior at the workplace.
. It creates detailed reports for the purchaser's information, which
are hidden from the person being monitored.
Malwarestands for %malicious% and %software% It includes computer
iruses, worms, tro&an horses, spyware, dishonest adware
'ntiirus ( approaches
)ictionary approach
#uspecious behaiour
*euristic approaches
+irst eer antiirus ,uropean -ernt Fix !also -ernd" in early 19./. +i0
neutrali1ed an infection of the Vienna virus
Den Zuk neutrali1ed the Brain virus
Adware adertisemene ware displays adertisements, whether or not
the user has consented $ost spyware is adware #ome obserers describe
the 'le0a 2oolbar, an Internet ,0plorer plug3in published by 'ma1on.com,
as spyware !and some anti3spyware programs report it as such". $any
users, howeer, choose to install it infected system does not attempt to
transmit the infection to other computers.
'nti3'dware called as AdAware
Trojan orse!" +or a malicious program to accomplish its goals, it
must be able to do so without being shut down, or deleted by the user or
administrator of the computer it's running on. 4oncealment can also help
get the malware installed in the first place. -y disguising a malicious
program as something innocuous or desirable, users may be tempted to
install it without knowing what it does. 2his is the techni5ue of the
Trojan horse or trojan.
6ften attempting to delete malicious software on a computer may
actiate the software. 'ntiirus hae33 irus chest file. 2his is an
isolated folder where infected files can be stored and protected from
usage until they are remoed.
#$T%& tro&an7s themseles do not cause any problem. 2hey in&ect into
the s8y some other worms or irus that damages the system. 2ro&an
horses known as droppers are used to start off a worm outbreak, by
in&ecting the worm into users' local networks.
#$T%& a ma&or use of rootkit is done here. 2he rootkit techni5ue is
used here to hide the malicious software from the user.
' 'ackdoor is a method of bypassing normal authentication
procedures for a backdoor to be installed in the system it needs the
help of other malicious s8w such as a tro&an or rootkit to be
present, they first compromise the system for these. 2o install
backdoors crackers may use 2ro&an horses, worms, or other methods.
Tippett (" person 'eind norton *e was an emergency room doctor who also ran a
computer software company2ippett made a number of contributions to the budding
field of irus detection. *e was an emergency room doctor who also ran a
computer software company. *e had read an article about the 9ehigh irus were
the first iruses to be deeloped, but it was 9ehigh that 2ippett read about
and he 5uestioned whether they would hae similar characteristics to iruses
that attack humans. +rom an epidemiological iewpoint, he was able to determine
how these iruses were affecting systems within the computer !the boot3sector
was affected by the -rain irus, the .com files were affected by the 9ehigh
irus, and both .com and .e0e files were affected by the :erusalem irus".
2ippett7s company 4ertus International 4orp. then began to create anti3irus
software programs. 2he company was sold in 199; to #ymantec 4orp, and 2ippett
went to work for them, incorporating the software he had deeloped into
#ymantec7s product, <orton 'nti=irus.
Active Virus Sield features malware scanning, which detects a ariety
of malware such as irus, spyware, and een &oke programs. It also
offers real3time file and e3mail scanning and protection.
ADVA#TA)%S&
'ctie =irus #hield is light compared to other commercial
anti3irus
It also does not consume much memory during startup.
updates, typically around eery ; hours,
In addition, 'ctie =irus #hield has better detection rates
than other free programs such as '=> +ree and 'ast *ome.
*+,T,*S& the license proided is only alid for one year, although the
same email address as used initially can easily be used to renew it up
to 1? times. It also does not support mail scanning when using 29# or
##9.
'dditionally, 'ctie =irus #hield does not currently work with @indows
=ista.
#ome users hae also reported compatibility problems with certain other
products such as $c'fee Personal +irewall Plus and Aonealarm.
McAfee !critisisms" $c'fee =irus#can is also known for annoying the
user by persistently displaying the same message until the demands
are met. It is also known for randomly interrupting full screen
programs, such as games.
It also happened to delete some files with no 5uestions asked, een
when none of its default actions are set to %delete%. 'ccording to
the technical support, some ery old irus definitions hae hard3
coded %delete% actions in them.
Its email scanning feature cannot be turned offB if the email scan
option is set to %neer,% it will still scan outbound emails for
iruses.
#ome ersions of the engine will consume 1??C of 4PD cyclesB to fi0
that problem
#orton AntiVirus !#AV" is a product of #ymantec 4orporation #ince its
release in 199?, oer 1?? million people around the world hae used it
#ymantec's 9ieDpdate proides irus definition updates, which enable
<orton 'nti=irus to detect iruses known to #ymantecB a total of
/(,(E.
F1G
iruses as of $ay ., ;??/.
-eginning with <orton 'nti=irus ;??E, <orton 'nti=irus includes an anti3
copying feature called %Product 'ctiation,% which is similar to the
actiation process in @indows HP and 6ffice HP.
'fter many years of customer complaints regarding the speed and system
resource utili1ation of the product, #ymantec responded in ;??/ with a
much needed rewrite of the code to make the product lighter and faster
*riticisms
*ustomer ServiceIetail customers e0perience slow and indifferent serice
on bugs, eg. error message that their alid subscriptions hae e0pired

and
refuses to allow daily updates ia %Intelligent Dpdater
.
2hough the bug
was reported in ;??E, it was not corrected for the ;??5 ersion, and
continued unpatched during ;??J
because of #ymantec's policy that allows spy software
<orton 'ntiirus has one of the worst aerage response times for
proiding irus definition updates based on the worst irus outbreaks of
;??5, lagging behind eery ma&or competitor,
It proides updates only on weakly basis.
)ifficult to uninstall cleanly.
considerable demands on resources. <orton 'nti=irus relies on ,nternet
%xplorer-s we' interface, instead of using the standard >DI libraries.
-esides using more resources, any problems or changes to Internet
,0plorer will be reflected in <orton products, commonly resulting in
%Script %rror% messages
,ncompati'ility wit oter software& Aone'larm and #py #weeper. the
purchaser receies warnings that these programs are incompatible,
and should be uninstalled from the system before continuing. #ince
the purchaser is also adised to uninstall other antiirus programs
AV) Anti!Virus !'=> stands for Anti!Virus )uard" 1991
is a range of 'ntiirus software for the $icrosoft @indows and 9inu0
platforms.
'=> #ecurity products will be aailable directly from the @indows
#ecurity 4enter in @indows =ista.
!K"AV) %mail Server %dition
AV) ,nternet Security SBS %dition 3 a new licensing package, featuring a
combination of the Internet #ecurity <etwork ,dition and the ,3mail
#erer ,dition.
6ne feature of '=> that makes it popular with its users is its
conseratie resource re5uirements and does not slow it down noticeably,
unlike some other security software products. Iesource use is lowB the
Professional ,dition re5uires 1J$- I'$ and ;? $- of space on the hard
drie. 2he Internet #ecurity ersion re5uires JE $- I'$.
2he $penAntiVirus .roject is an open source pro&ect to create
antiirus software that was founded on 'ugust (?th ;???.
%nd!point!security is an information security concept that
basically means that each deice !end3point" is responsible for its
own security.
' group that calls themseles ackers refers to %a group that consists
of skilled computer enthusiasts
2he former became known as %ackers% or !within the computer security
industry" as wite ats/ and the latter as %crackers% or %'lack ats%.
$any black hats hack networks and web pages solely for financial 0ain.
4ommon software weaknesses e0ploited include buffer oerflow, integer
oerflow, memory corruption, format string attacks, race conditions,
cross3site scripting, cross3site re5uest forgery, code in&ection and #L9
in&ection bugs.
:on $urdock !also known as Xtasy" M1;,???,??? in online theft from
thousands of stolen paypal and e3gold accounts.
1y is linux more secured tan win222
9ike other Dni0 systems, 9inu0 implements a multi3user enironment
where users are granted specific priileges and there is some form
of access control implemented. 's such, iruses typically hae less
of an ability to change and impact the host system. 2hat is why none
of the iruses written for 9inu0, including the ones below, hae
eer propagated successfully. 'lso, the security holes that are
e0ploited by the iruses hae been fi0ed in the most recent ersions
of the 9inu0 kernel, so no longer pose any concern as long as the
kernel is updated regularly.
=irus scanners are aailable for 9inu0 systems in order to scan for
@indows iruses and protect downstream ,mail users with @indows
systems.
!eg" bliss cheese linu08lion slapper
' computer virus oax is a false email message warning the recipient of
a irus that is going around. 2he message usually seres as a chain e3
mail that tells the recipient to forward it to eeryone they know.
=irus hoa0es are usually harmless, and do nothing more than annoy
people who know it's a hoa0 or waste the time of people who forward the
message
3!day exploits threats that are released to affect the public before
the stipulated date for its release is called ...
According to Steve Ballmer, Microsoft founder Bill Gates receives four million e-mails per year, most of
them being spamIn order to send spam, spammers need to obtain the e-mail addresses of the intended
recipients. To this end, both spammers themselves and list merchants gather huge lists of potential e-mail
addresses. Since spam is, by definition, unsolicited, this address harvesting is done ithout the consent !and
sometimes against the e"pressed ill# of the address oners. As a conse$uence, spammers% address lists are
inaccurate. A single spam run may target tens of millions of possible addresses -- many of hich are invalid,
malformed, or undeliverableA popular method uses e-mail addresses hich their oners have published for
other purposes. &senet posts, especially those in archives such as Google Groups