AntiSpyware - PowerPoint PPT Presentation

1 / 25
About This Presentation
Title:

AntiSpyware

Description:

Free Utility Software offers. Written specifically as a delivery mechanism for spyware ... Online greeting cards. Interesting to know... Bundled software ... – PowerPoint PPT presentation

Number of Views:791
Avg rating:3.0/5.0
Slides: 26
Provided by: martina1
Category:

less

Transcript and Presenter's Notes

Title: AntiSpyware


1
Anti-Spyware
  • Joe Gast, MCSE

2
Agenda
  • Define the types of Spyware
  • Watch out for these
  • Know the risks
  • Arming yourself

3
Definition
  • Spyware
  • Term originally referred to a category of
    surveillance software the law enforcement and
    others used to monitor a computer users activity
  • More recently the term has taken a broader
    meaning that includes any software that monitors
    or controls a computer without the clear consent
    of the user

4
Types of Spyware
  • The Types of Spyware
  • Adware
  • Snoopware
  • Malware

5
Adware
  • Adware
  • Used to deliver advertisements to users
  • To collect information for use by advertisers
  • It is the most common type
  • Its main objectives
  • Monitor user activity
  • Keep it installed and updated
  • Display advertisements to the user
  • Nearly impossible to uninstall

6
Adware
  • Familiar adware programs
  • BarginBuddy
  • CoolSavings
  • DashBar
  • n-CASE
  • Once its installed
  • Can either run stand alone process launches at
    startup or as a dll attached to an existing
    process
  • Can monitor just about any user activity

7
Adware
  • To try confuse removal software or content
    filtering programs the publisher will.
  • Use multiple redundant servers
  • Impossible to know the name or address of the
    next one they will use.
  • Use encrypted http data to mask the details of
    the operation
  • Monitoring programs will not be able to read the
    information, so it will just pass through

8
Adware
  • The adware process
  • Either spawned by a user activity or a time
    process
  • Typical exchange
  • You go to a site for information
  • That information is sent to the adware publisher
    via the background adware software
  • The publisher then send information about a
    similar site or server back to the adware on your
    machine
  • Another browser window in open displaying
    that site or a browser will open
    automatically.

9
Snoopware
  • Stealthily monitors users activity
  • Two main objectives
  • Monitor user activity
  • Ensure the user remains unaware of the monitoring
  • Most commonly associated with identity theft

10
Snoopware
  • Common Snoopware products
  • Catch Cheat Spy
  • SpectorSoft
  • EBlaster
  • Spector
  • WinWhatWhere

11
Snoopware
  • Integrates with the system by
  • Installing key loggers
  • Browser plugins
  • Standalone monitoring processes
  • Can even replace system software

12
Snoopware
  • Monitors variety of product to product
  • Typical products monitor
  • Screenshots
  • Keystrokes
  • Application activity
  • Web surfing
  • IM Communications
  • E-mail

13
Snoopware
  • Either stores the information locally or sends it
    to a centralized server
  • The local store will use encryption or hidden
    folders to avoid discovery
  • Monitoring entity often have access to the
    information by way of hot keys that are installed
    when the Snoopware is installed
  • When centralized the Snoopware will send the
    collected information to the server via https, so
    the collecting entity can view it via a browser

14
Malware
  • Short for malicious software
  • Designed to disrupt normal system operations
  • Types
  • Browser hijackers
  • Parasites
  • Dialers

15
Malware
  • Brower hijackers
  • Change default home page
  • Redirect all Web requests to remote sites
  • Parasites
  • Alter existing tracking links so that the Malware
    publisher can get referral credits for online
    purchases
  • Dialers
  • Take control over your modem to make remote calls

16
Malware
  • Well known Malware
  • CoolWebSearch
  • MarketScore
  • New.Net
  • Mail Wiper
  • Spy Wiper
  • Virtual Bouncer

17
What to watch for
  • Free Utility Software offers
  • Written specifically as a delivery mechanism for
    spyware
  • Common sources
  • Pop-up blockers
  • Manage calander
  • Sync clocks
  • Find bargains
  • Weather updates
  • Online greeting cards

18
Interesting to know
  • Bundled software
  • Sometime a software company will partner with a
    spyware company to distribute the spyware
    software with their product to generate
    additional revenue
  • Licensed software
  • Snoopware is often installed through standard
    licensed software

19
Easy ways to trick users
  • Drive-by download
  • Spyware that exploits low browser settings or
    application security settings
  • Can affects a system when visiting a site, pop-up
    ad or reading an HTML e-mail
  • Silent download
  • Some spyware will download other spyware and
    updates to itself without the user knowing

20
Know the risks
  • Would you like youre A/P clerk to establish a
    VPN connection to a remote network that you know
    nothing about?

21
Of course not!
  • But if your company has no policies or
    infrastructure in place you might be surprised by
    the real risks to which youre open
  • Two of the most misunderstood risks
  • Reduces security posture
  • Every time a machine is infected, it could spread
    all over your network or proprietary company data
    can be stolen
  • Increased network traffic
  • Can bring your network to a halt causing work
    stoppage and lose of revenue!

22
Take up arms
  • No one product or technology can completely
    protect your machines.
  • Three things you need
  • Use Policy
  • User Training
  • Technology

23
Policies and Training
  • Use Policies
  • Define what users can and cannot do on their
    system and establish penalties for not adhering
    to the policies.
  • User Training
  • Dont visit questionable websites
  • Dont install ActiveX controls or software from
    unknown sources

24
Technology
  • Tools to use
  • Content Filters
  • Antivirus Software
  • Anti-Spyware Software
  • Desktop Firewalls
  • Patch Management
  • Browser Security

25
More Info and Tools
  • www.microsoft.com/athome/security/spyware/software
    /default.mspx
  • www.spywareguide.com
  • www.spywareinfo.com
Write a Comment
User Comments (0)
About PowerShow.com