Of course there are variations on this network layout and some details have been left out for the sake of simplicity but this drawing should give you some idea about what goes on behind the scene on the network at your organization. Some servers and server functions have not been shown here. The firewall is the device that protects all computers in the network from many attacks. It allows some types of network traffic into the network from the outside, but usually only for mail or web services. Usually the internet traffic that that is allowed to come into the network is routed to the part of the network labeled "DMZ" on the right side of the diagram. DMZ stands for demilitarized zone and is also called a semi-private network. In this DMZ is a web server which is used to allow people surfing on the internet to see web pages posted by the organization. A mail server is also shown in the DMZ but this could be replaced by a mail relay server while the mail server is placed inside the private network. The mail relay server would forward mail traffic from the outside to the mail server. This would increase the security of the network since a direct connection from the internet to the mail server would not be allowed. The private network is of course the most secure part of the network. There are several servers on this network including: A login server (called a domain controller) which controls everyones permissions and access to the network resources such as files. Without this server, they cannot login to the network. An address server (called a DHCP server) which provides addresses to computers on the network so they can communicate as discussed earlier. A file server which provides common files and a private folder for users. A remote access server which allows users to connect to the network by telephone from the outside. Also the workstations are part of this network. Conclusion Knowing the above information, if someone cannot get their mail, they may think the network is down. This is not likely to be the case. The mail server may be down but the network is not likely to be down. The same goes for when someone can't surf the web. There may be a problem with the firewall or the line connecting to the internet, but it is unlikely that the whold netwlrk is down. When problems are noticed it is best for the user to describe what they were trying to do and what happened. What is the Internet The word internet is used to describe a network of networks which incorporate a very large and complicated set of equipment. To understand the internet, there are three areas of discussion which are very helpful. These include the various services provided across the internet, the functions that enable the internet to work, and the various organizations that are part of the internet. Internet Services The main services used on the internet include: Web browsing - Supported by the HTTP protocol, this functions allows users to view web pages using a web browser. E-mail - Allows people to send and receive electronic messages. Other lesser used services include telnet (allows remote login to computers), FTP (Allows quick file transmission to remote computers), and gopher (An early form of text based form of reading internet documents which is rarely used today). Internet Functions The internet provides for the following two functions which support communications. Without the communications support mentioned below, the internet could not function. These two functions are provided by internet service providers listed below under the "Internet Organizations" header. Physical lines that data is sent across. Routing of data - There are special machines on the internet called routers, that determine where data needs to go to get from the sender of the data to the receiver of the data. Internet Organizations ISPs (Internet Service Providers) - They provide the connection to the internet for users and also provide routers that direct internet traffic. Corporations or Web hosting providers with mail servers and web servers - They provide the information posted on the internet and virtual data connections to other mail servers. There are also other organizations that regulate the internet, providing communication standards and designing new communication standards for improvements. These communication standards are also known as protocols. Summary So the internet is a collection of organizations that provide equipment that support the internet functions and services. The internet connects many corporate and organizational private networks together thus enabling all these organizations to easily communicate. Accessing the Internet People use an internet browser to access web pages that are available across the internet. Internet browsers include Microsoft Internet Explorer, Netscape Navigator, Mozilla, and others. Web pages are created in a marked up form of text file called HTML (Hyper-Text Markup Language). The markup within the text indicates document structure showing where paragraphs begin and end, what items are in a list, headers, tables and other document structure. When people are browsing of surfing the internet, they usually go from place to place by clicking on links. These links are locations for specific pages and indicate the three things: Protocol being used such as http or ftp The domain that the web page is found on. This will point to a specific organization's or company's web server. The location of the page on the server including the directory path and file name. Operating System Functions What is an Operating System The operating system is the core software component of your computer. It performs many functions and is, in very basic terms, an interface between your computer and the outside world. In the section about hardware, a computer is described as consisting of several component parts including your monitor, keyboard, mouse, and other parts. The operating system provides an interface to these parts using what is referred to as "drivers". This is why sometimes when you install a new printer or other piece of hardware, your system will ask you to install more software called a driver. What does a driver do? A driver is a specially written program which understands the operation of the device it interfaces to, such as a printer, video card, sound card or CD ROM drive. It translates commands from the operating system or user into commands understood by the the component computer part it interfaces with. It also translates responses from the component computer part back to responses that can be understood by the operating system, application program, or user. The below diagram gives a graphical depiction of the interfaces between the operating system and the computer component.
Computer Data
To help understand computers it is best to first learn about computer data. Computer data is information required by the computer to be able to operate. It is used to:
Run programs - This is the actual executable program data that the computer will execute to run the program such as Microsoft Word.
Store program or system configuration information.
Store information that the computer user needs such as text files or other files that are associated with the program the computer user is running. A common example of a program the computer user is running is the Microsoft Office suite of products which include Microsoft Word, Microsoft Excel, and others. These programs are also known as applications.
Data Structure
Computer data is in what is called binary format. This means that it is always a 0 or a 1. It only has these two states and must be in one of them.
There are several fundamental data units which include:
Bit - A data unit which must be in one of the two binary states described above. It is the smallest data unit that exists.
Byte - 8 bits of data which has a possible value from 0 to 255.
Word - Two bytes or 16 bits of data with a possible unsigned value from 0 to 16535.
Data transmission
Data transmission is the act of sending data from one place to another. Data is transmitted both inside and outside your c
omputer. There are two fundamental methods of data transmission.
Serial - Data is sent on a single line and one bit is sent at at a time. This is similar to a line which one item must come one after another.
Parallel - Data is sent on more than one line at a time. This may be any number of bits at a time, but is usually one word at a time (two bytes) or possibly three bytes at a time.
Computer Hardware
The term computer hardware refers to the various electronic components that are required for you to use a computer along with the hardware components inside the c
omputer case. As you know your computer equipment is made of several common components. These include:
The main computer box.
A monitor - Looks like a television screen.
A keyboard.
A mouse.
Speakers.
An optional printer
The main computer box is the main component of the computer. It has computer hardware parts inside that perform the following functions:
Temporary storage of information (known as data in more technical terms) - This function is done by memory.
Permanent storage of information - This function is done by a hard disk, floppy disk, or CD ROM.
Manipulation or processing of data - Used to determine where data is stored and perform calculations which support operations that the user is doing.
Interfacing to the outside components or to the outside world - This supports the ability for the user to communicate with the computer and know how the computer is responding to commands which are done primarily through the monitor, keyboard, and mouse along with their interface components in the main computer box.
A power supply which provides the electrical power to the components in the computer box.
The Main Computer Box
The main computer box is made of several computer hardware components and subcomponents which include:
The case - The outside component which provides protection for the parts inside and provides a fan and power supply which are used to both cool the working parts inside and provide power to them.
The motherboard - Hold the following computer hardware subcomponents:
Memory - Used to provide temporary storage of information as discussed earlier.
Microprocessor - Used to provide the processing of data function as discussed earlier.
Video interface card which is also called the video card - This card is an interface between the computer monitor and the motherboard and its subcomponents such as the microprocessor and memory. This card may be included as part of the motherboard or it may plug into a card slot on the motherboard.
Sound card is an interface between the computer speakers and the motherboard and its subcomponents such as the microprocessor and memory. This card may be included as part of the motherboard or it may plug into a card slot on the motherboard.
One or more permanent storage devices some of which may be optional:
Hard disk - Most computers today have a hard disk (sometimes called hard drives) which is the component most commonly used to provide permanent storage of data. Hard disks are usually permanantly installed in a computer.
CD ROM drive or DVD drive - Used to provide permanant storage of data but this type of drive is used to bring information into the computer more commonly than it is used to store information from the computer. Sometimes this type of drive is used to back up data from the hard drive so data is not lost if a hard drive breaks. A DVD drive holds more data than a CD ROM drive and DVDs have enough storage capacity that they may be used to play or store movies. The storage media, the CD ROM or DVD may be removed from the computer.
Floppy Drive - A low capacity storage device which can be written to as easily as it is read. The floppy disk may be easily removed from the computer. It is called a floppy because the part of the media that holds the data is on a material that is not rigid but it is enclosed in a more rigit case to give it durability.
There are also other minor computer hardware components inside the case which include cables which may be used to hook other internal parts together along with connecting an interface to the case for printers and other devices such as a high speed serial bus called USB. (A serial bus simply refers to the fact that data is sent in a stream which is like sending one bit at a time.
The Case
The drawing below shows a typical case. It may help you understand where your connections for your monitor, keyboard, mouse, and other devices are if you should need to hook them up. For more specific information you should refer to your computer owner's manual.
Software and Hardware
Hardware
The term hardware describes the physical parts of your computer which you can physically touch or see such as your monitor, case, disk drives, microprocessor and other physical parts.
Software
The term software describes the programs that run on your system. This includes your computer operating system and other computer programs which run. Software is written in a computer language (such as Basic, C, Java, or others) by programmers. The computer language is in a text format and can be read by a person although if you do not understand the structure and rules of the language you may not understand it very well. Once a program is written, an operation is performed on it which is called compiling. Compiling is the process of changing the textual written language into a binary language which can be understood by the computer.Writing these text files and converting them to computer readable files is the way operating systems and most application programs are created.
BIOS (Basic Input/Output System)BIOS is a low level program used by your system to interface to computer devices such as your video card, keyboard, mouse, hard drive, and other devices. What BIOS programs provide in the computer are very simple function calls or small subprograms which can be used by higher level programs to perform simple operations on computer devices. For example a BIOS program would provide the ability to write a character to memory on a video card.BIOS is normally written in a low level computer language and is permanently or semi-permanently written into the computer system. This type of computer program is commonly referred to as firmware since it was historically written permanently into computer systems. Although BIOS is a program, because of its permanent state, it was not quite considered to be software so the term firmware is used to describe it.
Historically BIOS programs were written into a type of memory called ROM (read only memory). This type of memory would not lose its data when the computer lost power thus ensuring these BIOS programs would always be available. There were different variants of ROM memory some of which could be written multiple times but this memory could not normally be changed or re-programmed once the computer system was sold to the customer. Once ROM memory was written to, it could not be written to again and could only be read when in the possession of the customer. In more recent years a more flexible form of memory was developed called flash ROM which allows ROM memory to be written to after the computer system is in possession of the customer.
What is a Network
The word network can be used to describe a very large and complicated set of equipment. In its most accurate and simplest definition a network refers to the cables and electronic components that amplify the signals going through the cables. The amplifying equipment is necessary to ensure accurate communication and make the signal stronger if it needs to go long distances.
Broader Definition
When many people talk about a network, they are talking about a network using a very broad concept. For instance if someone cannot get to their email, they may say "the network is down". Likewise they may say this if they cannot surf the internet or get to their files. They may not stop to think that in each specific instance there is a single piece of equipment that may provide the capability which they are trying to use.Most people who work on a corporate or organizational network think about the network in component parts. The three main parts are:
The cabling and amplifiers mentioned in the first paragraph.
The workstations which most members of the organization use to access resources.
Higher powered computers called servers - These are the machines that provide what network administrators call services. Services include the functions that most people try to use such as email, reading and writing files, printing, and getting to the internet. Whenever a user is trying to do something on the network, there is a service or machine providing the capability to do so. This even includes times when someone is trying to get to network resources from their home.
Services
Services include:
Email service
File service - Allows users to use and share file space on a computer with a lot of file space.
Print service - Allows printing to printers connected on the network.
Web surfing - Allowing someone to open web pages and see web sites on the internet.
Filtering out undesired sites on the internet.
Allowing someone to access the network from the outside (from home).
Updating virus definitions on workstations.
Allowing someone to log onto the network.Even giving a workstation an address on the network is a service. If your computer does not have an address, it cannot access the internet or any other resource on the network.
A Typical Network
A typical corporate or organizational network is shown below:
Other Operating System Functions
The operating system provides for several other functions including:
System tools (programs) used to monitor computer performance, debug problems, or maintain parts of the system.
A set of libraries or functions which programs may use to perform specific tasks especially relating to interfacing with computer system components.
The operating system makes these interfacing functions along with its other functions operate smoothly and these functions are mostly transparent to the user.
Operating System Concerns
As mentioned previously, an operating system is a computer program. Operating systems are written by human programmers who make mistakes. Therefore there can be errors in the code even though there may be some testing before the product is released. Some companies have better software quality control and testing than others so you may notice varying levels of quality from operating system to operating system. Errors in operating systems cause three main types of problems:
System crashes and instabilities - These can happen due to a software bug typically in the operating system, although computer programs being run on the operating system can make the system more unstable or may even crash the system by themselves. This varies depending on the type of operating system. A system crash is the act of a system freezing and becoming unresponsive which would cause the user to need to reboot.
Security flaws - Some software errors leave a door open for the system to be broken into by unauthorized intruders. As these flaws are discovered, unauthorized intruders may try to use these to gain illegal access to your system. Patching these flaws often will help keep your computer system secure. How this is done will be explained later.
Sometimes errors in the operating system will cause the computer not to work correctly with some peripheral devices such as printers.
Operating System Types
There are many types of operating systems. The most common is the Microsoft suite of operating systems. They include from most recent to the oldest:
Windows XP Professional Edition - A version used by many businesses on workstations. It has the ability to become a member of a corporate domain.
Windows XP Home Edition - A lower cost version of Windows XP which is for home use only and should not be used at a business.
Windows 2000 - A better version of the Windows NT operating system which works well both at home and as a workstation at a business. It includes technologies which allow hardware to be automatically detected and other enhancements over Windows NT.
Windows ME - A upgraded version from windows 98 but it has been historically plagued with programming errors which may be frustrating for home users.
Windows 98 - This was produced in two main versions. The first Windows 98 version was plagued with programming errors but the Windows 98 Second Edition which came out later was much better with many errors resolved.
Windows NT - A version of Windows made specifically for businesses offering better control over workstation capabilities to help network administrators.
Windows 95 - The first version of Windows after the older Windows 3.x versions offering a better interface and better library functions for programs.
There are other worthwhile types of operating systems not made by Microsoft. The greatest problem with these operating systems lies in the fact that not as many application programs are written for them. However if you can get the type of application programs you are looking for, one of the systems listed below may be a good choice.
Unix - A system that has been around for many years and it is very stable. It is primary used to be a server rather than a workstation and should not be used by anyone who does not understand the system. It can be difficult to learn. Unix must normally run an a computer made by the same company that produces the software.
Linux - Linux is similar to Unix in operation but it is free. It also should not be used by anyone who does not understand the system and can be difficult to learn.
Apple MacIntosh - Most recent versions are based on Unix but it has a good graphical interface so it is both stable (does not crash often or have as many software problems as other systems may have) and easy to learn. One drawback to this system is that it can only be run on Apple produced hardware.
Applications
What is an application
Applications are programs that are installed. on computers to give users the ability to do specific tasks. For example, Microsoft Word® is a program that gives the user the ability to write documents. Some program packages come in a set with multiple programs included to provide multiple capabilities such as the Microsoft Office® suite of programs. This suite of programs also includes Microsoft Outlook® which is used to send and receive e-mail. It also includes other programs with more capabilities.
How Application Programs Work
Application programs are written in a text based computer language as mentioned in the section about hardware and software. Once written, they are compiled into a binary language the computer understands. The application programs use function calls (as described in the section about operating systems) to interface to the various computer peripherals such as your keyboard, mouse, screen, printers, and other devices. Most of these function calls are provided by the operating system so the application programs are usually compiled for a specific operating system such as Microsoft Windows 2000®, Microsoft Windows XP®, or Microsoft Windows 98®.
Application Problems
An application program is a computer program. It is written by human programmers who make mistakes. Therefore there can be errors in the code even though there may be some testing before the product is released. Application programs vary widely in the quality of the code. Errors in code are referred to as "bugs". Bugs can cause unpredictable results including system crashes, inability to perform expected functions, or providing an exploit for an attacker who wants to gain control of your system.
Application Acquisition and Installation
You get applications several ways. The most common way is to purchase it in a store and you will brind a CD home and install it on your computer system. The ways you may get applications include:
Purchase of a program from a store.
Download a purchased program on the internet.
Download a shareware program on the internet.
Download a free program on the internet.
Whether purchasing a program or downloading one for free on tHe internet, you should be aware of the quality of the product you are placing on your computer system. Ask yourself the following:
Do I know who made this product and are they a trustworthy source?
If the product is free, do I know why it is free?
Is there some hidden purpose for the product?
What is the reputation of the maker of the product?
What problems do users of the product have?
Before downloading a product or purchasing a product you should always spend at least a few minutes researching it. You should at least do a quick search on the Gigablast search engine using the product name and the name of the product producer. You should perform a Gigablast internet search and possibly Google groups search to find out where discussions about the product have taken place. There are also many product evaluation sites that can be used to obtain reviewers and users ratings of the product before you buy or install it. Downloading and install the wrong products can not only seriously impede the performance of your computer system, it can also cause your privacy to be invaded.
Bad Applications
There are many types of applications that can cause problems on your computer system.
Applications with serious bugs.
Applications that come with unwanted programs. Some applications come with additional software that you may not really want but is installed by default. Normally this is only annoying and may slightly slow your system down when it boots because some ot these items will load every time you start your computer.
Adware - Most adware comes with programs that may be purchased or downloaded for free on the internet. Adware will cause advertising popups to appear nn your computer. Besides being annoying, they will slow your ability to access the internet. Many times these programs will download other ad programs. These programs are very difficult to remove from your system because they are usually hidden on your system very well. Many times it requires an expert to remove these programs but later I will give you some tips on how you can either remove them or render them ineffective, but to be able to do this you must have reasonable knowledge aboutyour system. There are some programs written to remove adware programs which I will discuss later.
Spyware - This usually comes with some free programs and it will monitor your internet activity and send information to some corporation. This type of program is not normally seriously harmful but most people do not want to have their activities monitored. There are also programs to remove spyware but it is best to not install it in the first place.
If you do your research before installing applications you will avoid most problem applications. It is best to ask your IT support personnel about an application before you install it. In fact many corporate IT policies are set so users cannot install programs on their systems. This is because installation of the wrong programs on corporate systems can jeopardize computer security for the entire organization.
Application Files
Applications have a variety of files they use for three basic purposes.
Executable files
Configuration files
Data files used by the user such as Microsoft Word® document files.
What Files Are
Files are a collection of data onto a permanent storage structure. They are stored on a permanent storage media such as a computer hard drive, CD ROM drive, floppy disk drive or sometimes even a tape drive. Files take a certain amount of room to store. For example if you have two text files and one file has one sentence in it while the other file has 200 sentences in it, the file with 200 sentences will use more room on the storage media.
File Functions
Different files have different purposes. Files are used to do one or more of the following functions:
Provide machine executable code which is used to run application programs and the operating system.
Store application program or operating system configuration information.
Store data used by the user such as Microsoft Word document files.
Therefore there are three types of information that files contain:
Executable code.
System or program configuration information.
User data.
These files are read by an application program or the operating system.
File Characteristics
Files have the below characteristics:
Name Optional extension name - Part of the name, it is used by Windows operating systems to identify an associated program that can be used to read it
Size - Shows the space the file requires for storage normally showed in kilobytes (Kb) which is 1000 bytes
Type - Indicates the program used to access the file. The next section will talk more about file types.
Date Modified - Shows the last date the file was created or changed.
File structure - This characteristic is not viewable by the computer user but some programs can examine file structure to determine the type of file it is even when the file extension is changed.
The main items to remember include the facts that all files take a certain amount of room on their storage media and all files have a type which indicates whether they can be run by your computer. The file extension is one indication of the file type but not the only way to determine type.
If you are browsing your files using "My Computer" and click on "View" and "Details" you will see a window showing the file characteristics like the one below. Folders only take a little room on the hard drive and do not normally take as much room as files.
File Types
Because files can have different purposes, they have different types. The file type is best identified by its file structure. For example a text file would have a very different structure than a file than can be executed. An executable file must have a specific structure to be able to be run. The file structure is used to determine its MIME type. The word MIME stands for multipurpose internet mail extension and is used as a standard to identify various file types.
File Extensions
In operating systems such as Microsoft Window systems, Linux, and Unix, a file extension is used to help identify the type of file. On Microsoft Windows systems, many file types are associated with a particular program which can read the file. For example a file with a .pdf extension can be read by the Adobe Acrobat application program.
Files are actually identified by what is called a MIME type. This can be done because files that are executable have a different structure than a data structure. Therefore file extensions are not the only way to identify a file type nor are they the most accurate. Apple MacIntosh computer systems do not use a file extension to identify file types.
Executable File Types
The most important file type to be aware of are executable file types. This is because if you accidentally run an executable file on your system, it may install a virus or some other unwanted software program. Executable file types include:
.com
.exe
File Organization
Files can be placed in folders similar to the way single sheets of paper can be placed into folders in a file cabinet. Folders can be created on the hard drive or nested inside each other any way the computer user desires.
Browsing Your files using Windows
If using a Windows operating system double click on the "My Computer" icon on your desktop.
The first drive in the window shown is a floppy drive. It is labeled as drive A. The second disk is the system hard drive labeled as drive C. The third disk shown is a data disk shown as drive D. This is not a normal setup on most systems but I like to use a hard drive to hold my data that is different than the hard drive that holds the operating system. Drives E and F are compact disks (CD ROM drives) of which one is a read/write drive.
The drive letters will vary depending on how your system is configured and depending on whether you have any network drives. If you do have network drives, you should use them for the mail place you store your files. This is because files on network drives are usually backed up nightly in most organizations. If your files are not backed up and your hard drive fails, you will lose your data.
Copying Files
There are several ways Windows operating systems allow files to be copied or moved. They include:
Drag and drop - In the window above it is easy to drag one of the files into one of the folders. This will move the file into the folder. This can also be done by opening two windows using the "My Computer" icon and dragging the file from one window to another.
Copy and paste - You can open a "My Computer" window, and do the following:
On the "My Computer" menu select "Edit", then "Copy".
Navigate to the location where you want to put the file. You can navigate by using the "Up" folder to go up one level into the folder structure or by double clicking on folders to enter them. If the "Up" folder does not exist in your "My Computer" window, on your menu, select "View", then "toolbars", then select "Standard Buttons".
On the "My Computer" menu select "Edit", then "Paste". The file will be copied to the location you have navigated to.
Copying Multiple Files
There are several tricks that can be used to make copying or moving multiple files easier. They involve the selection of the files to be copied or moved. You can hold down theShift key and select one file by clicking on it with the left mouse button (called left clicking). While still holding the Shift key down left click on another file several files down on the list. This will cause all files from the first one through the last one selected to be highlighted and selected. Release the Shift key. After this, you can hold down the Ctrl key and by left clicking on any other files, they can be either selected or de-selected. Release the Ctrl key. Once you have selected the files you can move them by dragging and dropping them (after releasing both the shift and control keys) into another folder. This is done as follows:
Put the mouse cursor over one of the selected files.
Left clicking the mouse and hold it down
Drag the file to the desired location such as a folder icon.
Release the left mouse button.
If you want to copy the files:
On the "My Computer" menu select "Edit", then "Copy".
Navigate to the location where you want to put the file.
On the "My Computer" menu select "Edit", then "Paste". The file will be copied to the location you have navigated to.
View Settings
The Default Windows Setting is Dangerous
Windows systems come with default file view settings. The default is to "Hide file extensions for known file types". This setting can be used to decieve a computer user into believing that a file is safe to open when it is not. Files containing viruses can be sent to a computer with the name "document.txt.exe" which is a file that the computer will run. The file will appear to the computer user as "document.txt" making the user believe that it is safe to open, but if the user clicks on it the file will be run and be able to infect the computer.
Changing the View Settings
This section will tell you hw to change your settings so you will always see file extensions. It will also tell you how to beable to see file details.
Open "My Computer" by clicking on the "My Computer" icon on your desktop. Click on the menu item "View" and select "Details" from the drop down menu. This will change the current settings for the folder or location you are in, but the change is not permanent yet.
To change the file view settings, if you are using Windows 2000 or XP click on the menu item "Tools" and "Folder options" selection. If you are using Windows 98, click on "View", and "Folder options".
Viruses and Worms
In general terms a virus is a program that runs on a system against the owner's or user's wishes and knowledge. Viruses have one or more methods they use to spread. Most commonly they will attach a file to an e-mail message and attempt to trick victims into running the attachment.
Virus Damage
In most cases, viruses can do any amount of damage the creator intends them to do. They can send your data to a third party and then delete your data from your computer. They can also ruin your system and render it unusable without a re-installation of the operating system. Most have not done this much damage in the past, but could easily do this in the future. Usually the virus will install files on your system then will change your system so the virus is run every time you start your system. It will then attempt to replicate itself by sending itself to other potential victims.
The normal effect a virus will have on your system is that over time your system will run slower. Also when you are using the internet your connection may seem to run slower. Eventually you may have trouble running programs on your system, your system may freeze, and in the worst case you may not be able to get it to boot up when you turn your computer on.
How Viruses or Worms Spread
Most commonly viruses today use e-mail to spread however they have used one or more of the following methods to spread in the past.
Some viruses will load themselves onto any part of a writable removable drive as possible and spread from computer to computer as people use the removable drive.
A worm is a program similar to a virus that will exploit a vulnerability in an operating system or application that a computer user is running. The best defense against a worm is to have either a personal firewall on your system or be behind a corporate firewall. Another good defense is to update your system regularly. All you need to do to get a worm is to connect an unpatched computer to the internet or infected network when your computer does not have firewall protection.
Most viruses will spread themselves using e-mail attachments. They may tell the user that they neet to open the attachment to get the rest of the information that is being sent to them. Many times the virus may claim it is an administrator and the user needs to either read the data or install a program on their system. Viruses have even claimed to be Microsoft sending a system patch as an attachment to the e-mail. Microsoft would never send a system patch through e-mail.
Worms and Prevention
Since worms spread by taking advantage of vulnerabilities in operating systems or application programs (remember from earlier discussion, vulnerabilities are software errors that allow some kind of unauthorized access when they are used or exploited). You do not need to do anthing special to get a worm except to connect to the internet or an infected network with a system that has vulnerabilities. There are several good defenses against worms.
What is a Firewall?
A firewall is a device that limits access to your system from the outside. A firewall may be a software program running on your computer or it may be a piece of hardware outside your computer. The firewall screens any attempts to access your system and only allows access that you decide to allow. In this way many vulnerabilities that could be used to gain unauthorized access to your system are eliminated.
Worm Prevention
There are three defenses against worms. They are as follows:
A personal firewall should be run on any system that is not behind a corporate firewall. This should be done on any computer that connects to the internet even if the connection it uses is a slow dial up connection.
Patching your system with updates to fix the vulnerabilities. Patching is the act of downloading updates to the vulnerable operating system or application and applying the update to the program.
Continually running anti-virus software which may detect worms. This is not the best defense against worms however because sometimes the worm can infect the system before the anti-virus software can detect it.
Securing Your System
There are several measures which you can take to secure your system. The first and most important is to become informed about how your system works and what the threats are. Reading this guide and acting on the tips contained here is a good start.
Personal firewall - If you are not behind a corporate firewall, purchase and install a personal firewall on your computer. This will help protect your system from many vulnerabilities that some worms will try to exploit.
Updates - Perform system updates often. You can go to the Windows Update site to download updates for your system. Another way to get updates if your system is running Windows 2000 or Windows XP is to configure your system to download automatic updates. This can be done by opening your control panel (Click on "Start", then select "Settings", and click on "Control Panel". To configure updates double click the "Automatic Updates" icon and choose one of three configurations.
Use anti-virus software with regular updates. Be sure to run anti-virus software and download updates at least twice per week. There are many brands of anti-virus software which may be purchased at your local computer, office supply store, or on the internet. I will not be recommending any name brands in this tutorial.
Be aware of how viruses spread and don't open attachments unless you are SURE they are legitimate. Call the sender if necessary to be sure they sent the email. Be sure your system settings are set so you can recognize potential virus files that may have multiple extensions such as filename.txt.exe. If the extension ends in .exe, .com, or .bat don't double click on it or run it unless you are SURE it is from a legitimate source.
Avoid installing bad applications. As mentioned in the section about application programs, some computer programs may come with spyware or adware. Avoiding these can be important in both securing your system and keeping your system performance from being degraded. Keep in mind that adware programs may download and install other programs from the internet. A personal firewall is one defense against this happening because it will normally notify you when a program accesses the internet.
Configure your system so you will see all file extensions as described on the page called "Windows File View Settings".
The Internet Email System
The email system that is currently used on the internet was not designed to curb the abuses presented by viruses and SPAM as they are occurring today. The email system today allows:
Anyone can set the "From" field in the email to any value they want. This means that you can send an email message and make it look like the President of the United States sent the message. There are ways to tell that this is not the case, but on the surface it will appear like the President of the United States sent the message. This is called faking the sending address.
If an email cannot be delivered, the email standard provides for the sender to receive a notification indicating that the message could not be delivered. Some email servers are also set up to notify the sender when a virus is found in an email they sent.
There are several things that the email system in use today does not provide for:
The system does not provide for positive identification of the sender.
There is no method to prevent a sender from sending unwanted emails.
Email Problems
Given the above conditions, several problems can occur.
If the sending address of the email is faked, any messages indicating the message could not be delivered will go to the person who appears to have sent the email rather than the person who actually sent it. This can cause people to receive non deliverable notifications for emails that they did not send which can be very confusing.
If a virus sends an email with a faked sender address, a mail server may detect the virus in the message and send a reply to the faked address notifying someone that they sent an email with a virus in it when in fact they did not. This can cause confusion and waste administrators time since users may call administrators and want their systems checked for viruses when they are not acutally infected with a virus. This is why administrators of mail servers should turn off notifications to addresses that appear to have sent a virus.
Someone can fake the sender of an email and send embarrassing or annoying messages and possibly jeopardize the reputation of the party they are sending the email as. They can make it appear as though a reputable party is sending smut on the internet. I do not know if there are any laws against this, but there should be. This would be called fraud along with some possible other charges such as libel and slander. There are ways to tell that the sender did not actually send the email but this could still unjustly hurt someone's reputation.
Recipients of virus or SPAM emails are unwilling recipients. These emails tie up their time and computer resources. When someone pays for a connection to the internet, and this connection is used to send them unwanted emails, this is the same as a denial of service attack and is essentially stealing. Everyone who connects to the internet has the right to use their connection haw they want and not how someone else wants. I will talk more about this in the section about SPAM.
E-mail Viruses
Viruses that spread through e-mail have a common method of spreading. This page will discuss how common e-mail viruses currently spread.
The Virus Lifecycle
Viruses begin their life when someone releases them on the internet. They begin to spread. At this early stage of their lifecycle, no one is aware of their presence. As the virus becomes more widely spread, someone will recognize an abnormal problem with their system and investigate. Eventually a computer expert will conclude that a virus exists and notify companies that write anti virus software. The companies will research the virus and come out with an update to their database of viruses that includes information about the new virus and has information about how to recognize it. They may also release a tool that can be used to automatically remove that virus from computer systems.
Therefore the cycle is:
Release - The virus is released.
Recognition - Someone recognizes the virus.
Virus recognition database update - Antivirus programs will now recognize the virus.
Antiivirus update and removal tools
The time between step one and step three above can be significant. During this time you are vulnerable to getting the virus because your anti-virus software will not recognize it as a virus. This is why you should be careful about the e-mail attachments that you open, even if you are actively running anti-virus software.
How Viruses Work
When a victim of a virus double clicks on an infected attachment, the virus will run.
The virus will modify the victim's system so it will always be active when the system is turned on.
The virus will scan the victim's address book in their e-mail client program such as Outlook or Outlook Express.
In the past, viruses would then mail themselves to addresses found in the victim's address book. But today many viruses choose random recipients and senders from the victim's address book. This means that although the e-mail is sent from the victim's machine, the e-mail sender address is faked to appear as though someone else in the victim's address book sent the message.
What to Do
Always run anti-virus software and be sure it gets updated at least twice per week.
If you get a virus in an e-mail attachment and you are sure it is a virus, delete the e-mail message.
If you get an attachment from someone you know, consider whether there is enough personal information in the e-mail which a virus program would not know. If you are not sure your acquaintance sent the e-mail call them and be sure before opening the attachment. Do not count on your anti-virus software being able to stop you from getting infected if you open the e-mail attachment. Remember, viruses are not recognized right away by your anti-virus software and you could get a new unrecognized virus before your virus definition updates are released.
If you get an e-mail saying a message you sent was undeliverable and you did not send the message, consider whether your system is behaving abnormally. You probably do not have a virus, but if you are not sure, use your anti-virus software to perform a system scan for viruses and remove any viruses found using the procedure in the section about "Removing Viruses", then delete the e-mail.
If you get an e-mail saying a message you sent contained a virus, consider whether your system is behaving abnormally. You probably do not have a virus, but if you are not sure, use your anti-virus software to perform a system scan for viruses and remove any viruses found using the procedure in the section about "Removing Viruses", then delete the e-mail.
Spam
Spam is unsolited junk e-mail sent to large numbers of e-mail addresses. It is used to promote some product or service and many spam e-mails are pornographic in nature.
Spam Prevention
Unfortunately there are not very many good ways of preventing spam other than keeping your e-mail address secret. It should be kept at a level of security somewhere between your phone number and your social security number. You should be careful about who you give your email address to. Many companies will sell your email address to spam lists, thus making it available to spammers.
I currently use three email accounts as follows.
The first account is the one I give to personal acquaintances.
The second account I give to companies that have a privacy policy that I am fairly certain won't sell my e-mail address.
The third account, I give to companies that I believe I cannot trust to sell my information. I don't worry if these companies can contact me.
I expect to change the third account pretty often, but hopefully the first two will last several years without much spam. The third account may be through a free internet email account service such as hotmail or yahoo.
Managing Spam
Besides keeping your e-mail address secret, the next best spam relief are programs that help you manage spam. Spam can be filtered at the mail server with some programs or they can be a program that plugs into your e-mail client program such as Outlook or Outlook Express. Basically these types of programs filter spam based on several characteristics such as:
The subject line
The address of the sender
Some programs scan the message content and consider length or wording.
Unfortunately none of these scanning methods are 100% accurate although some claim to achieve success rates into the upper 90 percentile. What most of these programs do is to create folders for "friendly" mail or "unfriendly" mail. The friendly mail is put into one folder, unfriendly mail is put into a second folder and there may be a third folder for unknown mail. Unfriendly mail is automatically deleted after some period of time. The capabilities and handling of the mail will vary from program to program. Some that I have considered using include:
Qurb
I Hate Spam
Spam Assassin
There are various opinions about what works when fighting spam. For more information and articles about how to fight spam you can find links to articles at Computer Technical Tutorials Spam .
Spam for Webmasters
If you are a webmaster, spammers will send spam to your domain by sending it to general possible accounts such as administration@yourdomain.com. One way to prevent this is to configure your account with your hosting provider not to respond to undeliverable emails and just automatically delete them. This is called a "::blackhole" setting. The only problem with this is that spammers will still use your bandwidth that you pay for to send you their junk, even though your server deletes them. As spam gets more excessive, it may increase bandwidth costs for webmasters thus discouraging some sites from operating.
Why Spam Should be Illegal
When you connect to the internet, you are paying for a specific service for your use. This service costs a specific amount of money and provides a certan connection speed to the internet. This connection speed indicates your bandwidth. The greater the connection speed, the higher the bandwidth. The higher speed connections cost more money. At this poiint you have paid for the privilege of surfing the internet with your web browser, sending and receiving e-mail, and other activities. The speed at which you can do this is limited by your bandwidth and how fast you can click pages or send or receive e-mail.
Each person has a connection to the internet. If the person on the right chooses to use their connection to send e-mail or junk e-mail (spam), that is their choice. They are paying for their connection and they are willing to use it in that manner.
If the person on the left does not want to receive spam, but wants to read personal e-mail and surf the internet, they are willing to receive only personal e-mail. If someone is sending them a lot of spam, they will need to wait for the junk e-mail to be delivered before they can read much of their personal e-mail. They are an unwilling participant regarding the unsolicited e-mail they are receiving. Not only is their connection being used by someone else, but it will take them additional time to sort the mix of e-mail out to get to the mail they want to read. If the receiver had willingly stated that they were interested in receiving the advertisements, it would be another matter.
Of course the sender of the spam is not using all the spam receiver's internet connection, but the spam receiver does not get the opportunity to use their connection in the way they fully intended even though they were the one paying for it. This is the same as stealing even though the effective amount may be small. Imagine, how rich you could be if you could only steal a fraction of a cent per day or week from everyone who uses the internet. That's why spam should be illegal.
Someone may argue that spam is the same as junk mail sent through the postal service so why would it be stealing. This is not true since the sender of mail through the postal service pays for the cost of both pickup and delivery. On the internet, the sender pays for the cost of pickup and the receiver pays for the cost of delivery.
The Real and Permanent Solution to Spam and Viruses
Unfortunately a permanent and good solution will take years to implement. A new mail protocol (method of sending e-mail) must be developed by the internet community and then e-mail servers must be modified to handle that protocol. The changing of the e-mail servers will take the most time.
I believe all e-mail should be digitally signed by the sender in order to be delivered. This way the sender cannot be faked and everyone must take responsibility for their own e-mails. However to get this to work right someone must find a way to keep viruses from being able to digitally sign your e-mails for you automatically. A bug in your e-mail client may allow a virus to digitally sign your e-mails causing this type of solution to be ineffective, however, in this case, there would be no doubt as to who has the virus.
Some Proposed Solutions that Won't Work
Paying for each e-mail sent - This solution will not work because it forces people to pay for services that they have already paid for. Additionally it will not prevent spammers from using poorly configured servers to send spam illegally. It will most likely force victims (those who get viruses and administrators who have spammers illegally relay mail through their mail servers) to pay for the additional e-mail. On the brighter side, it may force more administrators to lock their systems down better and force computer users to be more careful about getting viruses. If this were done, I would think it would make the most sense to allow a limited amount of email to be send on a monthly basis for free.
Reverse address to name lookup - Some ISP's want to use a check that looks at the address the mail came from and determine the name of the server. If the name does not match the name advertised by the sending mail server, then the e-mail is assumed to be spam and dropped with no notification to the sender. Not only does this violate the rules (protocol) governing the internet for sending e-mail, it will cut down or eliminate the ability for web based programs to automatically notifify users at some websites about events. For instance forum sites will notify when someone has posted an answer to a question. If the user's ISP uses reverse lookup, the user may never see the email from the forum website where they asked a question.
Removing Viruses
Removing viruses can be risky to your operating system and may cause you to need to re-install your operating system. If you do not feel comfortable with the instructions in this section, you should get a computer professional to do the job. For more information read Applying the latest patches to your Windows 2000 Operating system to prevent viruses and worms. It contains information about how to remove viruses along with other useful information.
Virus Removal Procedure
Be sure you have good backups of your data along with an emergency boot disk for your system.
Determine what viruses you have on your system.
Install a virus scanning program if you do not have one already installed. Use the product of your choice. It is wise to read product reviews.
Be sure your virus definitions are up to date. Connect to the internet and download the latest virus definitions from the company that created your anti-virus software.
Configure your virus scanner not to remove any viruses but only detect them. You do not want to remove the virus(es) immediately since some viruses may infect files that your system requires to run. If these files cannot be cleaned by the anti-virus program, they may be deleted or quaranteened. If this happens you may not be able to run your system again.
Scan for viruses but do not remove them. Note: Some viruses will stop your virus scanner from operating. If this is the case you will probably need the help of a computer professional. If you have a virus that stops your virus scanner then you will need to either share the drive across a network and scan it from another computer or remove your hard drive and place it into another computer as a second hard drive, then scan your hard drive.
Learn about the viruses you have and how to remove them. - Go to the web site of the organization that created your anti-virus software. TheSymantec security response site is a good site to find information about specific viruses and they provide virus removal tools.
Remove the viruses.
Many viruses have a removal tool which can be used to remove the virus. If there is a removal tool, download it and use it to remove the virus.
If there is no removal tool, you will need to follow the manual removal instructions. You may need to manually delete virus files and edit your system registry. The removal instructions will tell you how to do this, but some people may not feel comfortable doing this without the help of a computer professional.
If the manual instructions indicate that you should let your virus scanner remove the virus, then remove all viruses that you can with virus removal tools then run the virus scanner with it configured to remove all viruses.
Labels: Computer Science, Notes