Web Security Trends

Cyber-criminals are developing a new genre of highly sophisticated and evasive attacks designed to bypass signature-based and database-reliant security technology.

The latest Web Security Trends Report (Q2 2007) from security firm Finjan warns of a proliferation of "affiliation networks" based on a "hosted model" for malicious code.

The networks use off-the-shelf malicious code packages to compromise highly popular websites and even government domains.

Finjan's study points to the growing presence of malicious code in online advertising on legitimate websites.

"Recent findings reveal that hackers have created a new class of highly evasive attacks which represent a quantum leap in terms of technological sophistication, going far beyond drive-by downloads and code obfuscation," the report states.

"In order to minimise the malicious code's window of exposure, evasive attacks keep track of the actual IP addresses of visitors to a particular website or web page."

Using this information, the attackers restrict exposure to the malicious code to a single view from each unique IP address.

This means that the second time a given IP address tries to access the malicious page, a benign page will be automatically displayed in its place. All traces of the initial malicious page completely disappear.

"Evasive attack techniques, where malicious code is controlled per IP address, country of origin or number of visits, provide hackers with the ability to minimise the malicious code's exposure, thereby reducing the likelihood of detection," said Yuval Ben-Itzhak, chief technology officer at Finjan.

"Moreover, evasive attacks can identify the IP addresses of crawlers used by URL filtering, reputation services and search engines, replying to these engines with legitimate content and increasing the chances of mistakenly being classified as a legitimate category.

"The combination of these evasive attacks with code obfuscation techniques significantly enhances the capability of sophisticated hackers to go undetected. "

A follow-up study conducted by Finjan's Malicious Code Research Centre warns of the growing presence of malicious code in online advertising.

As websites depend more on ad revenues, they often display ads from third-party advertising networks over which they may have little or no control.

While legitimate website owners trust advertisers to display non-malicious content, advertisers sometimes "sublet" space to others.

This hierarchy can often comprise several layers, seriously compromising the level of control the website owner has over advertising content.

The report includes an analysis of an innocent blog site that deploys keyword-based advertisements placed automatically from an ad server.

Finjan found that the ad content also included obfuscated references to malicious code on a third site that uses multiple infection techniques to download a Trojan key-logger to the user's machine.

Another recent example was a banner ad hiding code with the ANI exploit that was being hosted unknowingly on one of the most popular techie websites.

Trojan hits Google's text ads

A new Trojan that hijacks Google text ads and replaces them with ads from a different provider has been picked up by BitDefender.

The antivirus company has identified the threat as Trojan.Qhost.WU which modifies the infected computer's host file, a local storage for domain name/IP address mappings.

The infected machine's browser then reads advertisements from a server at the replacement address rather than from Google.

This damages users and webmasters because it takes away viewers and thus a possible money source from their websites.

Users are advised to let antivirus software delete the Trojan.

Orkut hit by Portuguese Worm

fast-moving worm has infected more than 700,000 users on Google's Orkut social network in just 24 hours.

The Portuguese language attack exploited a vulnerability in Orkut's scrapbook feature to post malicious JavaScript code on a user's page.

On viewing the scrapbook post, the code performed the exploit and downloaded a .js file to the user's machine.

The worm then took control of the user's account, sending out copies of itself to all of the user's friends and joining a group called 'Infectados pelo Vírus do Orkut', which translates as 'Infected by Orkut virus'.

The worm does not appear to download any other malicious programs. The malicious code has been removed from users' pages and the worm has been taken offline.

Java Programming Language

Have you ever wondered how computer programs work? Have you ever wanted to learn how to write your own computer programs? Whether you are 14 years old and hoping to learn how to write your first game, or you are 70 years old and have been curious about computer programming for 20 years, this article is for you.

Here are several vocabulary terms that will make things understandable:

• Computer program - A computer program is a set of instructions that tell a computer exactly what to do. The instructions might tell the computer to add up a set of numbers, or compare two numbers and make a decision based on the result, or whatever. But a computer program is simply a set of instructions for the computer, like a recipe is a set of instructions for a cook or musical notes are a set of instructions for a musician. The computer follows your instructions exactly and in the process does something useful -- like balancing a checkbook or displaying a game on the screen or implementing a word processor.

• Programming language - In order for a computer to recognize the instructions you give it, those instructions need to be written in a language the computer understands -- a programming language. There are many computer programming languages -- Fortran, Cobol, Basic, Pascal, C, C++, Java, Perl -- just like there are many spoken languages. They all express approximately the same concepts in different ways.

• Compiler - A compiler translates a computer program written in a human-readable computer language (like Java) into a form that a computer can execute. You have probably seen EXE files on your computer. These EXE files are the output of compilers. They contain executables -- machine-readable programs translated from human-readable programs.

In order for you to start writing computer programs in a programming language called Java, you need a compiler for the Java language. The next section guides you through the process of downloading and installing a compiler. Once you have a compiler, we can get started. This process is going to take several hours, much of that time being download time for several large files. You are also going to need about 40 megabytes of free disk space (make sure you have the space available before you get started).


Downloading the Java Compiler

In order to get a Java development environment set up on your machine -- you "develop" (write) computer programs using a "development environment" -- you will have to complete the following steps:

1. Download a large file containing the Java development environment (the compiler and other tools).
2. Download a large file containing the Java documentation.
3. If you do not already have WinZip (or an equivalent) on your machine, you will need to download a large file containing WinZip and install it.
4. Install the Java development environment.
5. Install the documentation.
6. Adjust several environment variables.
7. Test everything out.
   

Before getting started, it would make things easier if you create a new directory in your temp directory to hold the files we are about to download. We will call this the download directory.

Step 1 - Download the Java development environment

Go to the page http://java.sun.com/j2se/1.4.2/download.html. Download the SDK software by clicking on the "Download J2SE SDK" link. You will be shown a licensing agreement. Click Accept. Select your operating system and download the file to your download directory. This is a huge file, and it will take several hours to download over a normal phone-line modem. The next two files are also large.

Step 2 - Download the Java documentation

Download the documentation by selecting your operating system and clicking the SDK 1.4.1 documentation link.

Step 3 - Download and install WinZip

If you do not have a version of WinZip or an equivalent on your machine, go to the page http://www.winzip.com/ and download an evaluation copy of WinZip. Run the EXE you get to install it. We will use it in a moment to install the documentation.

Step 4 - Install the development kit

Run the j2sdk-1_4_1-*.exe file that you downloaded in step 1. It will unpack and install the development kit automatically.

Step 5 - Install the documentation

Read the installation instructions for the documentation. They will instruct you to move the documentation file to same directory as that containing the development kit you just installed. Unzip the documentation and it will drop into the proper place.

Step 6 - Adjust your environment

As instructed on this page, you need to change your path variable. This is most easily done by opening an MS-DOS prompt and typing PATH to see what the path is set to currently. Then open autoexec.bat in Notepad and make the changes to PATH specified in the instructions.

Step 7 - Test

Now you should be able to open another MS-DOS window and type javac. If everything is set up properly, then you should see a two-line blob of text come out that tells you how to use javac. That means you are ready to go. If you see the message "Bad Command or File Name" it means you are not ready to go. Figure out what you did wrong by rereading the installation instructions. Make sure the PATH is set properly and working. Go back and reread the Programmer's Creed above and be persistent until the problem is resolved.

You are now the proud owner of a machine that can compile Java programs. You are ready to start writing software!

By the way, one of the things you just unpacked is a demo directory full of neat examples. All of the examples are ready to run, so you might want to find the directory and play with some of the samples. Many of them make sounds, so be sure to turn on your speakers. To run the examples, find pages with names like example1.html and load them into your usual Web browser.

What Is Visual Basic?

What Is Visual Basic?
Visual Basic (VB) - A programming language developed by Microsoft for Microsoft Windows environment. The current version is Visual Basic 6.0.

Visual Basic can be used in two ways:
1. Writing stand alone applications on Microsoft Windows systems.
2. Writing add-on scripts within Microsoft applications.
To write stand alone applications in VB, you need the Microsoft Visual Basic software, which provides you a development environment for entering, debugging, and compiling your applications.
To write add-on scripts in VB within other Microsoft applications, you need to follow the specifications of the hosting application. Usually, the hosting application will:

Provide you a specific syntax to enter and store your VB scripts.
Provide you an interface to let your scripts to interact with the host application.
Restrict your scripts to access certain operating system resources for security reasons.

Examples of Microsoft applications that supports VB scripts:
Internet Explorer (IE) - Allows you to include VB scripts in HTML documents to be executed while IE rendering HTML documents on the screen. This is also called client side scripting.

Internet Information Services (IIS) - Allows you to include VB scripts in HTML documents to be executed while IIS fetching HTML documents to deliver to the requesting clients. This is also called server side scripting.

Microsoft Access - Allows you to add VB codes to customize forms and reports.

Using Visual Basic within Internet Explorer
Internet Explorer (IE) is a Microsoft application that can be used to view HTML documents. IE is one of the Microsoft applications that allows you to write add-on scripts in Visual Basic language in HTML documents.
To add Visual Basic (VB) scripts into your HTML documents, you need to use the "script" tag with the "language=vbscript" attribute. Inside the "script" tag, you can place any number of VB statements. Here is the syntax of adding VB scripts in HTML documents:

The Visual Studio Environment

The Visual Studio Environment
Before using Visual Studio you must understand the VS environment. The environment refers to how VS manages programs and what support tools are found with VS.
When creating a Visual Studio application you will be working with Projects. A Project consists of a collection of files that are contained in a folder that has the project name. For example, if you want to create a Visual Basic application you must first create and name a Project. Within the Project will be contained the files that make up the application. Each file may have it's own name.
When you first start Visual Studio you will see the window like Figure 1.You can create a new project or select an existing project. Some of the previously saved projects are listed and can be directly selected.
When you create a new project you will be asked to assign a project name:
Before selecting a project name and location you should choose the kind of project you want to create. The Project Types area of this dialog box lists the various kinds of Visual Studio projects that can be created and the Templates area list, for each project type, the specific kinds of projects. For example, if you select Visual Basic Projects on the left side of the screen you can then choose the kind of Visual Basic program you want to create in the list on the right hand side of the screen. The most common type selected with be Windows Application.
Select the location of the project (where you want the project folder created) and type a name. When you click OK a folder with the project name is created at the specified location.
If you selected a Windows Application you will see a basic GUI screen:
The screen is divided into three areas. The main area to the left is the GUI design area and is where you design the program GUI elements and write the code. This area will contain a set of tabbed pages with titles across the top. The right side of the screen is divided into two smaller blocks. The top block is the Project Explorer area and lists all the files that makeup the project. When you create new forms or modules they will be created in this area and edited in the main part of the screen. The upper right area can also display help information. The lower block on the right side of the screen displays property information about elements as they are created.
In the far right section of the menu bar at the top of the screen you see five small icons that, when clicked, display the various windows elements. If a window element is closed it can be redisplayed by clicking one of these icons. Moving the mouse over the icon displays what it does.
As you work in the main window, you may have multiple tabbed windows open. If the title bar of a tabbed window contains a * character, this indicates that it needs to be saved. You can select the window and choose File/Save or press Ctrl S to save the window. You can save all the windows at once by choosing File/Save All or pressing Ctrl Shift S.
To the left of the main window you may see the toolbox. If you don't see the toolbox, move the mouse over the toolbox tab and it will pop into the screen. Click the pushpin icon at the top of the toolbox to keep it displayed on the window.
You can choose other toolbox elements by clicking the toolbox name at the top of this window.

Visual Studio NET 2003

What is Visual Studio NET 2003?
Visual Studio is the integrated development environment (IDE) developed by Microsoft to support software development using one of the NET languages. Visual Studio 2003 contains a number of very useful development tools that makes it easy to write and debug programs in Visual Basic, Visual C#, C++, and other related Microsoft supported languages.
The various NET compilers (VB, C#, and C++) can all be run from the command prompt. This allows developers to use their own favorite editor to create programs. However, Visual Studio includes a number of very powerful tools that allow programmers to view and control databases (SQL Server), to connect to online resources, and to manage their programming projects. Visual Studio will automatically build code based on selections by the user.
Visual Studio uses a Project based environment where programs are saved inside a folder that has the name of the opened project. When you create a new project, Visual Studio creates a folder with the project name and creates some basic template files. As you create various elements in your application, such as forms or classes, additional files are added to the project.
Visual Studio will compile your program into an EXE file so it can be executed. However, most of the Microsoft Visual languages use NET and so any executable created can only be run in the NET environment.
Visual Studio can be used to manage projects that have modules written in different languages.

Windows Vista

Windows Vista, Microsoft's new OS, brought out in six versions, from Starter to Enterprise editions. All versions are available in both 32 bit (x86) and 64 bit (x86-64) architectures, except Windows Vista Starter (only in 32 bit architecture).

Windows Vista Starter Severely limited for example only allowing a user to launch at most three applications with a user interface at once, will not accept incoming network connections and physical memory is limited to 2 GB. Additionally, only Celeron and Pentium III processors from Intel, and AMD's Duron, Sempron and Geode processors are supported.

Windows Vista Home Basic: Advanced media support is not available, for home use only. Supports up to 8GB of physical memory.


Windows Vista Home Premium: contains all features from Home Basic, this edition will additionally support more advanced features aimed for the home market segment, such as HDTV support and DVD authoring. Extra games, mobile and tablet computer support, file system encryption, and a photo management application are also included and will support up to 16GB of physical memory.

Windows Vista Business: Aimed at business market and does not include the Media Centre features of Home Premium, but does include the IIS Web Server, Fax support, Offline Files, Dual Physical Processor Support capabilities and support for 128GB of memory.

Windows Vista Enterprise: As the name suggests, an Enterprise segment of the market, and is a superset of the Business edition. Single session Version of Virtual PC, Multi-Lingual User Interface support, BitLocker Drive Encryption and UNIX application support. This edition will not be available through retail or OEM channels, but through Microsoft Software Assurance.

Windows Vista Ultimate: This edition combines all the features of Home Premium and Enterprise editions and additionally comes with podcast creation support - which Microsoft has dubbed "blogcasting" - a game performance tweaker (WinSAT), DVD ripping capabilities and special online services for downloadable media, as well as additional customer service options. The Ultimate edition is aimed to be the most impressive edition of Vista, aimed at high-end PC users, gamers, multimedia professionals and PC enthusiasts.

Linux

Linux is a scaled-down UNIX operating system originally developed by Linus Torvalds, then a University student in Finland, now used in everything from PDAs, watches, PCs, Consumer Electronics, Servers and Super Computers.

Beginning: Linux was originally Minix, an educational version of UNIX developed by Andrew Tannenbaum. As an interesting aside, we might be talking about Minix today if not for the licensing that Minix required. Few people have heard about Minix today, far less than have heard about Linux.

Early on, Linux grew as a cheap UNIX that ran on Intel-based PC equipment. At the time, you could purchase UNIX for PCs, but at a high cost (as much as $1500 for a developer's version of interactive UNIX).

Linux Distributions: Technically, Linux is really just an OS Kernel, produced under the direction of Linus Torvalds. But, Linux usually comes with a set of utility, desktop, and Server programs, including networking suites, Web Servers, file systems, compilers and a whole lot more. For example, Linux includes the XFree86 version of the X Window System, the GNU C compiler GCC, and code from quite a lot of other sources. But to make things confusing, there's more than one version of Linux.

A number of organizations, commercial and some volunteer, collect together versions of all these programs with the Linux Kernel, test that everything works together, and then release what is called a distribution of Linux.

The main Linux distributions include: RedHat, Kondara MNU/Linux, SUSE (Self CD loading), Linux Mandrake, Knnopix, Slackware.

The best Linux disttribution to try is the one that is handy or readily available from friends, computer magazines or books etc.

For further reference http://Sourceforge.net