Internet Explorer 8.1 code name eagle eyes (Breaking news)

Even with the successful recent release of Internet Explorer 8, in some underground circles there is already talk going around about the next version of Internet Explorer: IE 8.1, codenamed Eagle Eyes. Loaded with exclusive features such as a new JavaScript engine and support of Firefox extensions. Overall the browser is faster, more flexible, more stable and also more secure and performs already much better than a recently released IE 8. One word sums up our experience with IE 8.1: Eagle Eyes is the browser that Internet Explorer should have brought on the market a long time ago - and now it’s finally here.

Notable Features and Updates

Improved Security
Microsoft has improved security measures in IE 8.1. The SmartScreen Filter and XSS Filter now catches 96% of known Malware and Phishing sites as opposed to the 75% success rate in the current version of IE 8.

Firefox Extensions Support
Now you can work with all plugins of firefox 3.0 in IE 8.1

Acid 3 test
Our test with IE 8.1 shows that it performs very well against the Acid3 Test, a test that checks how well a web browser follows web standards.

Fast JavaScript Engine
Microsoft has introduced new java script engine named JSE(java script speedy engine. Microsoft’s Development Team has worked with the Google Chrome Development Team to create JSE. Speed improvements of the Javascript engine are visible and clearly outperforms other browsers.

Multiple Browser Rendering Engines
In our exclusive interview with Mike Chelly, one of the senior developers of the IE development Team, we found out that Internet Explorer’s main priority during the development of the new browser was to make it much easier for developers to code and debug their sites:

Mike Chelly:
“One of our primary goals is to give developers an easier way to test and debug how their sites and web apps work in different browsers, from within one browser. We know in the past that we’ve gotten a bad rap for IE’s layout engine so we’re making up for this by not only releasing a web browser that outperforms every browser currently out there in terms of web standards support, but also gives you the chance to use another open source browser rendering engine in case you find ours isn’t good enough or if you want to make testing convenient and do it all from within the Eagle Eyes.“


Server-side decompiler
IE 8.1 will let you view the server-side source code of a web page.

Website Skins
IE 8.1 allows you to keep a list of websites that you’d like to re-skin. When you visit the site, it renders it into a prettier version by switching its style sheets. This will allow IE 8.1 users to replace the design of an unreadable website to a template that is more viewable.

Treating Conficker just in time

Security analysis and penetration testing has made another break through by winning a partial battle against conficker worm. For the first time, we can get signatures for at least dozen network scanning software. Security experts discovered that malware leave a fingerprint on infected machine and these fingerprints can be discovered by off-the-shelf network scanners. This method is very inexpensive and efficient.

On the other hand, Discovery is still in progress as there are certain pieces of software which are not easy to find but security experts are quite hopeful in finding out the whole solution.

In past, confickers can only be tracked by monitoring out bound connections for each computer on a network or by scanning infected machine one by one. Both methods require lot of resources and none of both were easy.

Kaminsky, Director Penetration testing said
“The availability of the new Conficker definitions is the result of the sleuthing and quick response of an industry-wide cast of characters. Once I heard that Conficker had code running on the anonymous surface, I said 'Wait, we can fingerprint that and if we can get packets to a box, we can find out fairly reliably whether it's infected with Conficker or not.”

We really commend our security experts but don’t underestimate skills of the challenging side. Let’s see what our evil geniuses at the other end of the world have in their mind.

Let’s wait for their next strategy.

IBM open cloud manifesto: Microsoft, Amazon, Salesforce.com and Google dodging "The Boss Factor"

The Open Cloud Manifesto headed by IBM landed without big names. Microsoft, Amazon, Google and Salesforce.com were not there to support a document that claims to be a “call to action for the worldwide cloud community”. However, It was backed by names like VMware, Sun Microsystems, Red Hat, Cisco and Novell.

Steven Martin leaked details about the project last week, and complained about being “disappointed by the lack of openness in the development of the Cloud Manifesto”.

Amazon has issued a similar negative statements like.
“Like other ideas on standards and practices, we’ll review this one, too. Ideas on openness and standards have been talked about for years in web services. And, we do believe standards will continue to evolve in the cloud computing space”

In reality, IBM is vigorously trying to beat Microsoft by asking the software giant to sign up a document of dedicated belief that the cloud should be open. Similarly, Amazon, Google and Salesforce.com seem reluctant in accepting IBM’s believes and ideas.

Many of the manifesto's supporters are expected to be there to talk about shaping cloud standards for the future. And, interestingly, even though Microsoft has made the loudest noises about why it has no intention of signing on the dotted line, the company still plans to attend the event.

Melissa virus : Outlook address books in threat

Worms another threat to computer industry gave the macros a real bad name. Melissa is again gaining status. At first sight, it seems as harmless and expression of pure love – Indeed a hacker love tool. The host Word file allegedly contained information for an assortment of adult-entertainment sites, but the payload is a macro. The poisonous macro looked into Outlook's address book and sends itself to names and email addresses it found there. It usually comes from e-mail from familiar person or email address.

Microsoft is offering $250,000 for the arrest of whoever's responsible for Conficker.

Opera Mobile 9.7: Comming

Norwegian browser company Opera announced that Opera Mobile 9.7 will be comming next week at CTIA Wireless. The cross-platform mobile browser will offer better standards support, and combine the Presto 2.2 rendering engine found in the Opera 10 desktop browser with a new server-side optimization technique the company calls Opera Turbo. Opera turbo is another amazing feature that uses “Opera Web Optimization Proxy” technology to compress and accelerate full web pages. It enhance browsing speed.

Opera says that Mobile 9.7 with Opera Turbo compresses data as much as 80%, and offloads page rendering enough to show marked speed improvements and performance even on devices with few resources to spare.

Microsoft gesture recognition methods in Windows 7

Do you want to know the difference between drag, a scroll, and a sweeping selection in Windows 7. Windows 7 design team is trying hard at standardizing its touch and gesture recognition methods.

Several updates revealed that scrolling a page is most likely a motion that begins off-surface, and went on-surface like plan's takeoff and land motion. On the other hand, drag starts with a landing of the finger on the surface itself, and a dead stop. Drag continues in the direction of hand; but what will happen when it happens to be up or down, the system will easily distinguish it as a drag because it began with a dead stop.

Mozilla to release urgent 'chemspill' Firefox update

The Mozilla organization has issued a "code freeze" for its next update to the Firefox 3.0 production Web browser series. The organization is saying that an announcement of the Firefox 3.0.8 official release may come as late as next Wednesday.

For this type of release, Mozilla is coining a fitting new term: chemspill, meaning a response to a potential negative event. Version 3.0.8's sole purpose, according to the organization's planning group, is to address serious vulnerabilities, All new features and enhancements planned for the original 3.0.8 release are now being delayed for 3.0.9, and a new schedule for that release has yet to be determined.

Another Scoop in a bowl – SUN into IBM

You might be amazed but I like to confirm you that IBM-SUN merger is going to happen soon. If this will happen, IBM certainly becomes clear leader of JAVA and a prime competitor of Microsoft too. MySQL and NetBeans/Eclipse can be unified to confront Microsoft Visual studio – A strong revenue base of Microsoft. This move is certainly another way to strengthen the foundation of IBM business but it also signifies IBM commitment toward better solution for customers.

I must say that if this is going to happen then it is better for developers to focus on IBM products from today as IBM might be your next choice.

Firewalls - Measuring Handsome Security

Are you a security guy? If your answer is yes, it sounds good to me but even if your answer is No, you can work on security by grasping much important and valuable information about security and protection. Believe in me security is a tough job and if you are carefree person then you must think again on your choice. I have started working on security from my home PC and did many experiments to protect my data. One thing I like to share with you all guys, security is something relative rather absolute. In simpler terms, perfect security is a myth. How many of you have decided to leave this job by reading this. If you have decided to leave then let me have some questions to you. Why you are living in this filthy world full of bad guys? Why we always concentrate on good police? Have you ever heard of perfect world? Dear, we must have to offer our good part and nothing else. Additionally I will supplement you with free advice, Hope is a good thing. I think we must proceed toward our core topic.

Our bosses are really funny; first they appoint best security guys and then pay premier wages to these hackers.

(Muhammad Irfan Basharat; Dec 15, 2006)

Firewall is a thing; I will explain why I have said it a thing, which will help us to filter incoming as well as outgoing traffic. So it’s a kind of boundary that makes sure not to allow anyone unknown to work freely with us. It’s a military police who will stop all sort of traffic, even a General’s vehicle, if ordered. We use different incoming and outgoing filters in it. If packet of information is flagged by the filter, it is not allowed through. Sound good, let’s move ahead.

There are two different types of firewalls

1. Software Firewalls
2. Hardware Firewalls
   

Software Firewalls

Have you ever used filter for cleaning your water? I think you have grasped an idea. Software firewalls are used to filter system as well as network traffic to entertain only authorized traffic. Unprofessional home users usually install this software and then think that now they are safe. Truth is, installing these softwares can protect you but never guard you as per your requirement. You know why? You have never set true configuration of your firewall.

There are many misconceptions attached to firewalls present even in the professional people. People usually believe that firewall can protect them from viruses, worms, Trojans etc but it is not true. Firewall just ease between your applications and the networking components of the operating system and decides what it will let through and what it will not. If you have got good concepts of OSI reference model, you can find two flavors of filtering in software firewalls.

• Packet Level filtering
• Process level filtering
  

Packet level filtering is happened at Network layer and Transport layer of OSI reference model. Without going into details, let me tell you how packet filtering occur. Actually it involves an intermediate driver known as NDIS (Network Driver Interface Specification). This driver sits between NIC driver and TCP/IP and behaves as a virtual adapter. Every packet, when reaches at network layer, must has to satisfy this intermediate adapter or driver. Packet are analyzed and validated by mapping original configuration before accepting or rejecting further communication.

Process level filtering is another useful way to filter traffic, yet more efficient but little security free as compared to above one. This type of filtering works on upper layers i.e. Transport layer and above of OSI reference model. Here we deal with processes rather to the packets. Some of my friends might get confused grasping these terms. So for beginners, a packet can be or cannot be a process or you may say that every single process can have many packets; at least I don’t know any process offering only one packet. In this, firewall look at the process and validate or invalidate that process by measuring configuration. I have already told you that a process may have many packets so here firewall always sits at higher layer of OSI reference model. Firewall intercepts applications and/or Dynamic link libraries (DLL) by helping friendly relations with kernel. Whenever windows sockets (WinSock) are used for communication process and transport protocols get their share in, firewall look for the process and then validate or validate that function according to configuration. The job is done by analyzing communication from specific applications. If no prior local or global configuration is found for specific application then firewall asks for some basic level configuration. It then assigns a process ID (PID) to that process. Now whenever that process will start again, firewall look for PID of the process attempting to send or receive data, and analyze its characteristics against the rule set.

If you ask me which firewall is best, I will reply ………. No Comments. Just joking, actually some firewalls work with one way filtering and some with other but there are some which can work with both way filtering. So my answer is now pretty clear but. We usually see this BUT, it irritates us all many times. Coming to the point, best firewall never guarantee best security. You must sit carefully because there are many problems attached to filtering processes too. Let’s have a look at some.

1. We have seen in movies that a good man can be compromised by some bad guys. Same is true for processes, suppose HUMBLE.exe process is configured as pious. Every time firewall look at the process just think it is a good one but what, if some SIN.dll attaches it self to my humble one. You got my point, so be careful even you have installed the best of the bests of industry.
2. Firewalls sometimes cannot help you, if HUMBLE.exe code is altered in a way that now it also work for bad processes.
   

Let’s look at some of industry’s best software firewalls.

1. Zone Alarm
2. Tiny Firewall
3. Kerio Firewall
4. McAfee Personal Firewall
5. Kaspersky Anti-Hacker
6. IPCop Firewall
7. Outpost Firewall Pro
   

Hardware Firewalls

A hardware firewall is a physical component resides between different networks to minimize intrusion and/or data corruption. Just like an ordinary router or any other network device, we can configure these to make sure our essence reliability. When any traffic needs to communicate to other network, firewall checks its selection access criteria to make decision. There filtering criteria is more or less same to the software firewall filtering criteria. There are two different approaches to ensure network integrity. One is by capitalizing such configuration which allows all traffic unless it meet certain criteria or one can configure to deny certain traffic. The processes used to allow or block traffic may include the following

• Simple packet-filtering
• Multifaceted application proxies
• Stateful inspection systems

In simple packet filtering, we control specified access to the defined network by configuring traffic access to optimized level. We usually use Access control lists (ACL’s) for filtering purposes. If you have any background of working with routers, you can easily grasp an idea as inspection is done on a same pattern of verifying source address, destination address, source pot, destination port and/or protocol.

Proxies are stand-in deputies of their higher orders. Just like, Proxy servers operate between different devices of private network and public network. Private networks are always assumed as more protected networks then public networks. Whenever protected network member need to communicate to unprotected network or some private network by using middle public network, we use proxy servers. These proxies let public network to see their existence instead actual user hiding behind proxy. This help in hiding network information from intruder.

Stateful inspection system is also called as dynamic inspection firewalls (SIF or DIF) as they authenticate sessions instead of applications, programs or hosts. Every time any program creates new session must be authenticated by preconfigured firewall. SIF maintain a table, which contain information regarding TCP and UDP active sessions. This information is in the form of tables having variety of entries like Session’s source IP, Session’s destination IP and Port number. Incase of TCP session, sequence numbers are also included. It must be noted that even all TCP and UDP sessions are not maintained by SIF but those satisfying preconfigured requirements. As we have talked of TCP, it’s obvious that these also work on same methodology of three way handshaking, which ultimately minimize hacking activities but what do you think of Denial of service (DOS). This topic is out of scope of current writing so let’s leave it and move around some popular hardware firewalls.

1. CISCO PIX
2. Nokia IP350
3. Checkpoint Firewall 1NG
4. Juniper Networks NetScreen hardware firewall
   

Step By Step Implementation

Following are the key steps to figure out a successful firewall implementation.

1. Design your network traffic.
2. Determining hostile traffic.
3. Determine inbound and outbound access methodologies.
4. Designing security and privacy level for each segment of network.
5. If for any reason security should be compromised but you cannot close your eyes from security then you must consider a con. Try to figure out less security but implement that node or segment in a way so that one cannot come across your entire network by compromising that insecure area.
   

It must be noted that a good design will always lead toward successful security. We know that designing is far more superior then implementation. If you have got any experience of software engineering, you will find that a bad design always lead toward worse code implementation and it is same for network design as well. You know why, because man can never run away from mistakes. The reason being we must need a good design. Believe in me, even the best design can only optimize leading results not best one.

The scariest part of security is to secure that security.

(Muhammad Irfan Basharat; Dec 15, 2006)

Data Disaster: Weeping Seldom Benefits

Abstract

This paper helps in Anticipating and planning correct measures of to minimize data disaster. It will explain most of the aspects attached to this unsolved baffled piece of threat. It also hinders out to concise data recovery matters.

Introduction

Today every industry which is keen about its business efficiency and cost evaluation matters know the importance of data and equally keen about its protection strategies. The threat associated with the disruption of data is sufficient enough to outshine business activities; on the other hand consolidation of data must be available to ensure true regional, national and international activities.

Loss of information is a great threat but its protection and of course revival needs high cost and expertise. The question is then how to consolidate data over networks with confidence. The one line answer is by ensuring highly integrated security features and commendable data protection and revival strategies.

According to the Gartner Group,

"Two out of every five enterprises that experience a disaster go out of business within five years."

(Gartner, Disaster Recovery Plans and Systems are Essential,

Robert Witty, Donna Scott, September 2001)

Anticipation of these events, planning corrective courses of action, preparing an organization for the unexpected disaster threat and disaster recovery planning is now a prerequisite to business success.

Media of Storage

Modern Information technology has not only progressed in software industry but also prepared most modern and efficient tools and devices. Storage Media are one of those most demanding computer essential parts which are based on established science and well acquired knowledge and expertise. Several different types of storage devices are available in the market. The development of these devices took very long time and the change of their size, shape, durability and efficiency has made different classes of these storage devices. Sharp and sound knowledge is well required to correctly handle different storage devices in different surroundings and environments. These storage mediums have different formats hence different reasons to choose one. Some are given below

1. CD-ROM
2. CD-RW
3. DVD
4. DVD-RAM
5. Hard Drive
6. Magnetic Optical Media
7. Tape-DAT
8. Tape-LTO

Many of us don't even know about the data loss issues attached to CDs, DVDs and other storage media. The main purpose of this paper is to ensure data recovery from hard disk that's why I will concentrate only on the topic.

Value of Data

It was felt recently after some serious damages in the industry that data should be stored and preserved very carefully because if mission critical data will be lost and fail to recover in a reliable condition, within a reasonable timeframe then top possibility is that data holder apprehends severe disaster. Suitable and applicable recovery plans are keenly desired with most developed means i.e. Procedural action and events, Disaster recovery software and hardware; to support adequate and reliable revival of data. Moreover, effects of environmental flux must be known to encourage data life.

Sources of Threat

Data can be lost due to one or more then one reason. Some reasons are given below.

Virus
Virus is a program which can enter into the system and can destroy the important data and is capable to raze system hardware. It is also observed that the percentage of data loss is greater in those systems which are more venerable to viruses. More virus attacks can also result into hard disk failure. It should be realized that all sorts of hardware or software failure are not due to virus infection. The question is how to know about virus attack on the system. Common symptoms are given below.

1. Continuous system boot failure
2. Invariable restarting
3. Ill execution of exe and com files
4. Problematic Antivirus
5. Memory outflow
6. Data corruption activities

Loss of Power
Data may exhibit serious damages due to uneven flow of current. The sudden power loss can bear frustrating results. This sort of damage sometimes results into more then one problem, which usually are resistant to experience recovery professionals too.

Bad Sectors
A bad sector is a flawed memory potion which makes it unusable. If the hard drive develop bad sector and is known in time then it's quite intelligent to have some backup plan because data present on bad sectors cannot be retrieved by ordinary means. It is also observed that bad sectors can spread by time and if image of a bad hard disk having bad sectors is placed on healthy hard disk; even healthy hard disk will show bad sectors in it however formatting well and repartitioning of the healthy drive can eliminate the problem.

Many tools present on internet can be used to find and scroll off bad sectors. Windows and Dos also offer these sorts of tools with their initial shipments i.e. CHKDSK and SCANDISK.

CHKDSK is a tool which checks the hard disk for any hard drive errors.

Scandisk is a utility designed to check significant issues related to system data. The usage of utility in DOS is same; one can use this utility while working in windows however some performance differences make DOS utility somehow more attributed.

Software Conflicts
The uneven nature and flawed design of software can corrupt data. This issue was observed many times in the past due to operating system failure; however one can even observe less critical disaster today.

Operating System Problem
Sometimes people usually think that some particular software failure mean problem in OS and they without knowing anything reinstall all the stuff along with operating system. The possibility of problematic operating system is only applicable when you are having problem with more then one software and this situation will be confirmed if different trouble making software belong to different vendors. Operating system problems result into complete crash or stoppage of activities of system.

Loose Cabling
Inactive work result into loose cabling which certainly effect proper transfer of data and sometime lead to total hard drive crash.

Improper Shutdown
I have seen many times that people shutdown their system by direct power cut off; some adventure loving champion restart system again and again without using restart utility provided by OS. This situation leads toward OS corruption, Data loss or Hard disk failure.

Overheating
Overheating happen due to two things. One is improper assembling of a system and second is system area; I mean where system is placed, if system is placed near some object which emits heat then you need high luck to favor you.

Hardware introduction into working system
Never try to connect or disconnect any hardware to in working system. It will also result into serious data or/and hardware disaster.

If you try to fun with electricity, it will end you with comic story
(Muhammad Irfan Basharat; May 10, 2006)

Magnetic device harm
Strong magnetic rays are harmful for hard drive, so it's advisable to work away from correlated environment.

Odd assembling position
Care is better then Cure. Never panic while assembling the hard drive or any other system part. Take your time, be relaxed and concentrate well on the process. Place the drive properly and fix it by screwing firm so that it will not vibrate, vibration can take things away from you.

Bad hard disk circuit board
For a better taste, I usually eat French fries along with fried fish; however I am sick from fried circuit boards. In older days I replace boards with the 100% same working board but today due to vast change in technology, it is almost impossible to find cent percent same board. Sometime partial or complete file structure goes down along with circuit board and the situation creates havoc. It is possible to repair file structure as many utilities like Norton disk doctor are available in market but sometimes repairing may happen in more disastrous results.

Bad RAM
Bad RAM will result into periodic system crash and corruption of supported applications. The working documents may also suffer from serious corruptions.

Immediate Safety Concerns

Negative things usually happen due to panic and careless attitude; sometime people don't know how to react. In case of system or data disaster, immediate reaction usually worth positive. Let's discuss some of the key immediate safety concerns.

1. If you smell find mysterious smell around you and you are even 10% sure that its coming from system then go for immediate shutdown and disconnect the power supply. Let it be very clear that smelling more require instantaneous disconnection of power supply without waiting for system shut down.
2. Nasty noise coming from hard disk mean system hard drive is working with difficulty and need to be verified for bad sectors. Shutdown you system, connect another hard drive with the system and boot from it then check for bad sectors in the noisy hard drive, if bad sectors are less then flag them and continue your work but more bad sectors demand immediate data transfer to other media. There are many tools available in market and they can be used to remove logical bad sectors. Working with physical bad sectors need more expertise and knowledge and I will recommend that in the case of physical bad sector; try some professional or contact to your vendor. If your hard drive is in warranty then don't wait and claim your warranty immediately.
3. Fire or sparking happen very less but need extra careful attitude. Disconnect power supply immediately.

Data Recovery

You have lost some important data; let me prepare you for recovery process. Recovery of data from different media is different and need sound knowledge, skill and care. If you have already lost data and need to recover it then don't use that hard drive any more, the more you use the hard drive; the more data you save and more data safety means less chances of recovery.

People sometime argue; OK we will not save any more data but I am unable to spare the hard drive. I like to answer those innocent folks that don't argue with the professionals. Moreover even if you work with hard drive without saving any data the I/O operations can even corrupt recoverable file. Now without boring you anymore I like to jump to different data recovery, data security and drive image software.

Data-Recovery Software

Some important recovery softwares are given below.

1. R-Studio
2. R-Undelete
3. GetDataBack - Data Recovery for NTFS/FAT
4. Ontrack Data Recovery
5. Stellar Phoenix FAT & NTFS
6. Recover My Files
7. Restorer2000
8. Active@ Partition Recovery
9. Active@ UNDELETE File
10. Tiramisu
11. RAID Reconstructor
12. ZAR

Step By Step Data Recovery from Hard Drive

Follow simple steps to recover your data back. I like to direct a logical situation before moving toward steps.

"Abu-Bakar is working in the office as System Administrator, during a lunch time he was listening religious lecture of a good scholar, suddenly electricity fluctuated and system went down. He tried to reboot the system but it fails. System is not recognizing hard drive"

Follow the procedure.

1. Take off hard drive (Disk A) and map some other drive (Disk B) in the system and check whether Disk B works or not (If Disk B work fine then go to step 3 else follow in sequence).
2. Troubleshoot entire system and try finding problem making part.
3. Boot from Disk B and try to make sector by sector image of Disk A by using some good image making software (If you fail to find a Disk A other then Disk B; then go to step 4 else ignore step 4).
4. Use hard disk regenerator or any other dos tool to recover any logical bad sectors of Disk A, it will regenerate your hard drive; after having success message go to step 3 again (After having step 3 and 4 again and again, if Disk A do not work then go to step 11).
5. Save the image to other media i.e. Disk B (You will work on this image to recover data because working on the Disk A means serious data kill).
6. Remove Disk A.
7. Install appropriate recovery software on Disk B.
8. Choose recovery drive (C, D, E, F etc) different i.e. if corrupted data is present in D drive then choose E or F as recovery drive.
9. Start recovering data. If you did something shabby then go back to step 3.
10. After recovery, choose appropriate data and save it.
11. If the process fail to help then check circuit board of Disk A. You may seek some professional help to check the board. If board is dead then arrange 100% same board ……….. I will repeat 100% same board, one may use magnifying glass to ensure 100% similarity. You might destroy all chances of recovery by using bad or dissimilar board. After having board, replace it softly and try to boot from Disk A, if it work then go for data backup strategies else go to step 3.
12. If you feel shaky or do not like to take risk then seek some professional help.

Conclusion

A wise person always plan for his bad time so plan today and bestow us an opportunity to call you wise. It's very intelligent to go for data backup plan and always exercise your expertise in peace time.

Seeking hope is a tough job but your hope sounds half success.

(Muhammad Irfan Basharat; May 14, 2006)

Virus vs. Antivirus – Combat on Fire

Abstract
The aim of this paper is to endeavor the right and accurate facts of virus and Antivirus software. It will sketch and concisely reveal various potential ways that viruses programmer use to exploit any Anti-Virus product. It will certainly eliminate misconception of the malicious codes.

1. Introduction
Any malicious code can be a danger or a source of the danger but many of the computer users are not aware of this. They usually think that installing and configuring best Antivirus software is risk free task or will help them full protection. An anti-virus product can help you to protect your personal computers and networks but expect some commonsense, awareness and vigilance from you as well. Just close your eyes and think for a while, What if an Antivirus is already corrupted? What if some unintentional innocent piece of code acts like virus? What about the cute baby virus born today? Today I like to share a story with you which will certainly help you to understand the subject.

"Once I met to infant virus, he looked at me and smiled. I told him that you are not secure here, Antiviruses are looking to hunt you down and they are present everywhere. You will loose your life in your starting age, may be on the first highway. He smiled again and replied, don't worry! I know how to deal with these innocent Antiviruses. Antiviruses are and will always on the defensive position and we respectable offenders are attackers. After a long time, today I met him again he was quite young and experience too; He looked at me, passed a strange smile and winged toward satellites and mobiles."

Antivirus are programs to minimize security risks rather to dissect all problems and provide infallible security. AV engines are designed in a way to give maximum level of security but are vulnerable to special techniques i.e. binder & packers and Codes Obfuscation etc which are used to hide the prevention of a code. We usually accept these malicious codes by our consent.

2. The intruder - virus
Virus is a piece of code that infects either the executable (exe) files or Object files (Com). It attaches itself to a program in a computer and then replicates itself in way that whenever a corrupted file execute; the virus execute. It can erase files or lock up a system.

The simplest virus which any programmer can develop can create copies of itself until system crash. Virus can spread across networks by dodging security measures. Internet can be the best, the biggest and the worst source of spoiling personal systems or a network. Viruses usually spread by deceiving the innocent customer by application installations, e-mail attachments, or by having illegal access to the system. Visiting illegal stuff over internet like sex, hacks and cracks can also bless you with virus. Instant messaging clients like yahoo messenger, MSN messenger and any other can be used for casting the threat.

2.1. Virus types
Virus is classified into five major categories.

1. Boot virus
2. File Infector Virus
3. Macro Virus
4. Polymorph Virus
5. Stealth Virus

2.1.1. Boot Virus
It infects the boot sector of memory and stays resident. It always executes itself when ever system boot. This will provide it full control of the system.

2.1.2. File Infector Virus
These viruses usually attack on execution (*.exe) or object (*.com) files. Whenever the infected program execute, the virus run and hunt for the next file to infect.

2.1.3. Macro Viruses

Macro viruses replicate them through any program that they attach themselves. Every macro virus cannot link to all sorts of programs but to a specific program like MS Word and MS Excel. These viruses basically exploit two features of these programs.

Auto Open Macros feature can help macro virus to execute without your consent and you won't even know what's happening.

A good programmer can exploit Global Macro feature for giving viruses a new look i.e. when you open Word or Excel, you could be executing harmful code.

2.1.4. Polymorph Virus

It is capable of encrypting every program and produces a unique decrypt code for them in a way that no two encryptions will be same. Every time they infect, they change their size.

2.1.5. Stealth Virus
It can be a file infector or Boot sector virus. It provides the forged report to the Antivirus solution about the infected file.

2.2. Helpless against Virus?
There are many reasons of feeling helpless against these threats, some are given below.

1. Antivirus software is not installed in the system.
2. Antivirus is working but its ill configured.
3. Virus definitions are not up to date.
4. Your computer is connected to a network and you are sharing files with anyone without having firewall.
5. Firewall is configured improperly.
6. Many viruses take advantage of vulnerabilities in operating systems so update your OS by having critical update feature on.

2.3. Misconceptions about virus
There are varieties of misconceptions about viruses. These myths are sometime responsible for havoc. Some are given below.

1. The connection to infected FTP or Website will infect my system.
2. Virus is a mysterious program; it is capable of hiding itself in a data file.
3. Viruses do not infect compressed files.
4. All sort of file damages are caused by virus.
5. All systems are equally vulnerable
6. All e-mail attachments are threats
7. No problem with all attachments but some dangerous attachments.
8. Anti-virus software will protect me
9. Viruses are prepared by alone isolated sick person rather then a group.
10. I am a security professional; Viruses can never damage me.
11. I am working behind personal firewall or corporate firewall
12. We are safe due to IDS.

3. Antivirus – An Eye on Intruder
Everyone desires to be protected from viruses and antivirus vendors always claim to provide the best software which will protect you completely.

"To me these claims sound as these vendors have close ties with cosmetics companies."

Antivirus is a program that hunts any known or potential viruses in the primary or secondary memory. Some popular Antivirus programs are as follows.

1. Norton Antivirus
2. AVG Antivirus
3. Panda Antivirus Platinum
4. McAfee Antivirus
5. Sophos Antivirus
6. Avast Antivirus

3.1. Discover and Defence
Various methodologies were deployed in the past to help protection; popular techniques are given below.

1. String Scanning
2. Wildcards
3. Mismatches
4. generic Detection
5. Hashing, Bookmarks
6. Top-and-Tail Scanning
7. Entry-Point and Fixed-Point Scanning
8. Hyperfast Disk Access, Smart Scanning
9. Skeleton Detection, Nearly Exact Identification
10. Exact Identification
11. Filtering
12. Static Decryptor Detection
13. The X-RAY Method
14. Encrypted and Polymorphic Virus Detection
15. Dynamic Decryptor Detection, Geometric Detection
16. Disassembling
17. Emulators for Tracing
18. Code Execution Start in the Last Section
19. Suspicious section Characteristics
20. Virtual Size Is Incorrect in PE Header
21. Possible "Gap" Between Sections
22. Suspicious Code Redirection
23. Suspicious Code Section Name
24. Possible Header Infection
25. Multiple PE Headers
26. Suspicious Imports from KERNEL32.DLL by Ordinal
27. Import Address Table Is Patched, Suspicious Relocations
28. Multiple Windows Headers and Suspicious KERNEL32.DLL Imports
29. Kernel Look-Up, Kernel Inconsistency
30. Loading a Section into the VMM Address Space
31. Incorrect Size of Code in Header
32. Suspicious Flag Combinations
33. Standard Disinfection
34. Generic Decryptors
35. Integrity Checking False Positives
36. Inoculation
37. Heuristic Analysis Using Neural Networks
38. Access Control Systems and Behavior Blocking and Sand-Boxing

These evolving methods are still used by Antivirus vendors to discover and defend the threat.

3.2. Anti-Virus Evasion Techniques
There are several techniques used to fool Antivirus software. Some are given below.

3.2.1. Use of binders and packers
Binders are capable to attach two or more applications in a way that entire binary become change and Antivirus cannot help to detect these sorts of funs due to the misplacement of the original signature of the malicious code. These binders are easily available to download from internet.

3.2.2. PackerPackers (Compressors)
Packers usually compress the malicious binary and then embed that into packer's binary. This dodging practice is fairly successful due to the change of signature.

3.2.3. Code Obfuscation
Code obfuscation occurs when malicious code is encrypted by embedding a small routine. After implementing the scheme, it's fairly impossible to detect the virus due to the change of binaries signature.

3.2.4. Code conversion from EXE to client side scripts
Create a virus and convert the executable file to your desired extension like PIF, SR or VBS etc by using special programs like exe2vbs or any other. On execution of the forged file, the hidden exe just run. Ahhhhh I have nothing to say more.

3.2.5. Fake File Type Extension
This fairly simple method is used by producing the fake file extension. Usually extensions are sex oriented.

3.3. Manual Virus Identification Method
Searching a header of any file is a fairly easy task because unique file extension means unique header information. First twenty-seven bytes search will explore the hidden truth of any executable application; this group of memory (27 bytes) contains complete header information. Right click at the file and open it in Notepad. You may drag and drop the execution file to Notepad or any document readable program. If you find 'MZ' in the first two bytes and file extension is other then exe, it means file is suspicious. Changing file extension never harms header properties.

3.4. Will any Antivirus detect all possible computer virus in the future?
Fred Cohen demonstrates that there is no algorithm that can detect the set of all possible computer viruses. This straight forward demonstration showed that every ELSE in the program will able to provide a loop hole to the smart coder. For technical aspects of the demonstration one can search and find the details on the internet.

CODE START HERE

{

IF (code is malicious or suspicious)

Set Alarm

Message "There is a malicious activity"

FUNCTION (Terminate that application)

FUNCTION (Kill that threat)

ELSE

Allow running that code

}

Conclusion
Expert security professionals use security applications to form a Security Layer to defend the threat not to eliminate the future possibility; it enables the enterprise to achieve a true defense-in-depth security architecture.

Bibligraphy

1. The art of computer virus research and defense by peter szor
2. Malicious Mobile Code: Virus Protection for Windows by Roger A. Grimes
3. Symantec Antivirus 8.0 Advanced Topics by Symantec
4. The giant black book of computer viruses by Mark Ludwig
5. Dangerous virus misconceptions by stephen canale
6. Anti-virus evasion techniques and countermeasures by debasis mohanty
7. Testing time for antivirus software by s a r a h gordon
8. Icsa labs 7th annual computer virus prevalence survey 2001 by lawrencem. Bridwell and peter tippett
9. Email content security management by trendmicro
10. Benefits and considerations for a single-vendor antivirus strategy bynatasha david and jane chesher

INTERNET – Splendid Dark View

We are living in twilight of communication; it is one of the most difficult intonations toward sensational achievements. Superior messages not only contain magical words but successfully convey the correspondent's emotions. This virtual computer aided globe – The Internet – is the most innovative style of communication highway, which linked all classes of people to each other. The age of exploited information is leaving us and blind communication era is cheering but still we have much to learn about communication technology and the impact of the internet on society.

Internet has its positive and negative roles. The Internet is a highly complex phenomenon and It's true that internet is not entirely responsible for upsetting the society and the list of positive reimbursements of the Internet for education, business, information, communication etc is vast but there are many problems for which internet is indeed responsible. People squandering their time on computer instead of talking, relieving, or helping each other consequently turn down their families and friends. These people also suffer from severe depression which resulted into partial or complete isolation from the society. Mind-numbing games, awful websites, pornography, nudity, eroticism etc is making our society subservient to the internet. Delicate personal Conversation knack is crying off due to the advent of the Internet. It has changed entire face of life – Thoughts, Sentiments and even Beliefs; we are leaving direct communication and entering in the world in which many of us might not like to enter.

It is high time that we need to get a better understanding of the role of the Internet in communication. Sketching laws to improve legality and proving illegal use of the Internet are two different issues. Today we are working on the first portion but presentation of laws and their thriving execution are really challenging. Illicit use of the Internet is simply trouble free and is really hard to position.

On the Internet there are no boundaries of contents, which make Internet communication highly risky, because loss of control over reliability, selection and authentication means loss of our future – Our Generation.

Cyber Crime: The Deception

We, Our Media and everyone around us are extremely concerned of the Network frauds, which indeed are the biggest threat to Business bests, Security experts and Law enforcing agencies. This paper typically divides the topic to two main parts. First the fraud and its shapes, Second will cover the problem engineered techniques and its elimination practices.

Network Fraud and its Shapes
Network fraud costs businesses billions of dollars per year. It is an intentional distortion which may result in personal or community fiscal and non fiscal damages. Internet Frauds can be classified as Cyber crime. These frauds are usually categorized as white collar crimes; so far done by intelligent, qualified and knowledgeable personals - white collar criminals. Let's investigate some established styles of most complex crimes of today's age.

Hacking
The first, the best and the most attractive style of Network frauds is hacking. Hacking is a process of gaining illegal access or having illegal rights to interpolate the system or a network. Most hackers act without any nasty intention, but to seek their knowledge and skills; some also act for delight and personal satisfaction but other are really dangerous. They are capable to destroy files and change the appearance of corporate networks and web sites. I will figure out hacking into Accessing, Defacing, Hijacking, cracking, Phreaking, phracking, Bombing, and Denial of service issues.

The hacking of personal computer is actually quite easy especially those which are using Windows, the software named as – Backdoor - grant the criminal access to system running Windows. Isolation of corporate network is usually more complex; hence need high expertise to hack because of firewalls; but Thanks to the corporate termites – The Insiders - which usually disclose the corporate secrets.

Pirating
The computer industry especially software industry is prune back by people serving to replicate the usage of software's and music without taking any favors. They illegally dispense not only the software but their keys and cracks. These people are the part of surreptitious communities, black markets and antiestablishment of the virtual globe; one can find many on chats. Other then software industry; Music industry also suffered huge loses due to this act. Although the act is not favorable but nominal fees for the software are usually little high and day by day updates are even bitter to grasp by an ordinary person.

Phishing
Phishing is a planned act of distributing forged spam from reputable organizations like banks to deceive clients and to collect some highly sensitive information like Account IDs, Pin codes, Credit card details, Username and passwords. People involved in this horrible activity usually work with their fake websites and are well capable of doing DNS poisoning.

Pornography
one of the most awful wicked and unsubstantiated thing internetworking bestowing us is Pornography. It is one of the most exquisite outlined cyber crimes. Ferals from families and outside often stick themselves to peri kids and further on exploit them for their illicit causes. Many girls reported that they were exploited and sexually molested seeing images and videos by their family members and friends. They also said that they are able to visualize complete pictures of those stimulating acts; which always scare them and disturb their entire lives. Despite cyber crime agencies efforts; pornography is developing day by day due to the increasing use of P2P software.

Salami Slicing
It's a kind of illegal transfer of money. The actor usually uses proprietor's system to transfer minute amount of money to his/her account. Usually the transferred amount is so small that it is considered as negligible by legitimate organizations but by time this negligible amount becomes million of dollars.

Identity annoyance
People usually met with us in our daily life with multi-shaded faces. In past we make pen friends but now people love to have chat friends. We never know exactly to whom we are chatting; either the person is innocent or a criminal. Some sick people surfing the net are smart enough to steal one's identity by having some information and some wild guesses. It's a high possibility that one can find sensitive information like personal phone numbers and will be very troublesome if the carrier is a criminal.

Scams
Scams are classified as unwanted prizes, sweepstakes and lotteries, gambling, Weight loss, share promotions, online auction, self-employment and Nigerian fraud etc.

Virus
Virus is a piece of code that infects either the executable (exe) files or Object files (Com). It attaches itself to a program in a computer and then replicates itself in way that whenever a corrupted file execute; the virus execute. It can erase files or lock up a system.

Worm
This is similar to a virus but they are able to replicate themselves on PCs and networks without any human intervention. These usually consume valuable system resources by duplicating themselves while residing in active memory. They can slow down system performance and even halt them.

Trojan horse
These are the programs which appear to be some useful software but perform malicious activities. Trojans are able to compromise your system by creating backdoors and transferring information to the malicious abuser.

Problem Engineering Measures
It is little difficult to prove frauds; so be careful and vigilant while making any deal with any person or organization on internet. There are some security-measures must be accomplished by every person.

1. Always have a record of all conversations.
2. Always publicize your net friends to your beloved family.
3. Don't forget you are talking to strangers even if you have huge chat relations.
4. Don't give out personal details, photographs, mobile phone numbers or any other information to any stranger or chat friend.
5. Never use webcams; you can be used without your consents for some ill matters.
6. Be cautious to your net friends.
7. Always control your emotions and never respond hastily.
8. Never try to meet anyone privately; even try to deny public appearance too.
9. Never chat privately to the unfamiliar person.
10. Talk less and think more.
11. Always sit behind moral, ethical, and virtual securities.
    

Bibliography

• Cyber Crime: The Wild West, Online By Bernie Alexander
• Crime and the Internet by David S Wall Hacker Culture by Douglas
• Piracy in the Motion Picture Industry by Kerry Segrave
• PORNOGRAPHY AND REGULATION by Shirley Walters, Senator for Tasmania Australian Parliament
• A PLAN FOR SPAM by Jonathan Zdziarski
• Know your Enemy Phishing: Behind the Scenes of Phishing Attacks by Honeynet Project & Research Alliance
• Pornography: Towards a Non-sexist Policy by Diana Russell
• Making Violence Sexy: Feminist Views on Pornography by Open University Press.
• The effects of exposure to filmed sexual violence on attitudes toward rape. Journal of Interpersonal Violence by Weisz, M. G., & Earls
• US Security and Exchange Commission: http://www.sec.gov
• Internet Fraud: How to Avoid Internet Investment Scams: http://www.sec.gov