SpyWare - PowerPoint PPT Presentation

1 / 25
About This Presentation
Title:

SpyWare

Description:

Sometimes consists of an apparent core functionality and a hidden functionality ... Spybot S&D. SpySweeper. Tools of a Feather ... – PowerPoint PPT presentation

Number of Views:406
Avg rating:3.0/5.0
Slides: 26
Provided by: jhac6
Category:
Tags: spyware | spybot

less

Transcript and Presenter's Notes

Title: SpyWare


1
SpyWare
  • Jim Hackett
  • Yale University
  • Information Security Office
  • February 3, 2005

2
SpyWare Basics
  • Applications that send information from your
    computer to the creator of the spyware
  • Sometimes consists of an apparent core
    functionality and a hidden functionality of
    information gathering (Trojan)
  • Can be used by web sites for marketing
    information, to determine their stance with
    regard to competitors and market trends
  • Can also be used to log keystrokes and send those
    to whomever

3
Spyware Symptoms
  • Pop-up Ads appear, even when you are not on-line
  • Settings have changed, and/or will not stay as
    you set them - Home Page, Search Page
  • Web Browser altered - Strange Tool Bars or
    Buttons
  • Sluggish performance
  • Increase in system crashes

4
SpyWare Prevalence
  • April 16, 2004 BBC News (UK) - PCs 'infested'
    with spy programs. Internet provider EarthLink
    says it uncovered 29.5 million examples of
    spyware on over one million computers scanned
    between January and March. These parasite
    programs sometimes come attached to software
    downloaded from the Web. The details are often
    included in the license agreement small print
    that most users click through without reading.
    But sometimes they do not even need your
    permission to download, but just bury themselves
    on a hard drive as you browse the Internet.

5
What We areSeeing These Days
  • Browser Hijacking
  • Hosts File
  • Home Page
  • Search Page
  • Error Pages
  • Tracking Cookies
  • Start-Up Items
  • SpyWare Installers
  • Microsoft Messenger Service

6
Browser Hijacking
  • Hosts File
  • Redefine the addresses of trusted sources, i.e.
    anti-virus tools, software patches and upgrades
  • Home Page
  • Redefine the page that opens up when you start
    your browser

7
Browser Hijacking
  • Search Page
  • Redefine the page that opens up when you enter an
    undefined URL
  • Redefine the page that opens up when you click
    your Search button
  • Error Pages
  • Redefine the pages that open when an error
    occurs, i.e. 404 - Not Found, etc.

8
Tracking Cookies
  • Cookies that can track your Web activities
  • May include cookies that contain
  • user names
  • passwords
  • other private information that you enter on web
    sites (SSN, banking info, credit cards)

9
Start-Up Items
  • Some spyware will add startup items, so that the
    spyware will always start
  • May be found in Startup Folders
  • May be found in Run and Run Once Registry Keys

10
SpyWare Installers
  • Some SpyWare will plant installers so that it can
    re-infect your machine after removal processes
  • Often create multiple copies of installers with
    different names to make removal more difficult

11
MS Messenger Service
  • Turn off this service unless you must have it
  • The service is not instant messaging, and does
    not affect your use of 3rd party instant
    messaging software
  • The Microsoft Messenger Service is often used by
    spam and pop-up ad engines

12
Preventive Measures
  • Use common sense when surfing and handling html
    e-mail messages
  • Utilize browsers security settings
  • Software and OS upgrades
  • Security patches and service packs
  • Personal firewalls (XP or 3rd party)
  • Free tools
  • Ad-Aware
  • Microsoft Windows AntiSpyware
  • Spybot SD
  • SpySweeper

13
Tools of a Feather
  • While most of the tools currently available do a
    decent job, they do not all find the same spyware
    infections
  • Anti-Virus vendors are legally bound to publicize
    the details of the new infections they find
  • They all get in synch with each other, within a
    day or two of a new outbreak
  • The Anti-SpyWare game is fairly new and the
    players are not obligated by the above legislation

14
Microsoft Windows AntiSpyware
  • http//www.microsoft.com/spyware
  • Works on Windows 2000, XP, and Server 2003
  • Currently a beta version of the product
  • Free to anyone who wants it
  • Has two modes of operation novice and expert
  • Formal support is not offered, visit the Windows
    AntiSpyware (Beta) newsgroup for support.

15
(No Transcript)
16
(No Transcript)
17
(No Transcript)
18
SpySweeper
  • Works on Windows 98, 98 SE, Me, 2000, XP, NT 4.0,
    or Server 2003
  • Personal version available on the web for 29.95
    for a one year subscription
  • Enterprise version available to Yale Network
    community free of charge
  • Available soon through the Software Library
  • http//www.yale.edu/software/
  • Updates delivered automatically
  • Pre-configured install, user editable (or locked
    at admins discretion)

19
(No Transcript)
20
(No Transcript)
21
(No Transcript)
22
(No Transcript)
23
(No Transcript)
24
(No Transcript)
25
Its Q A Time!
  • Visit our gift shop, located at
  • www.yale.edu/its/security
  • Become a subscriber
  • www.yale.edu/its/security/mailinglists
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "SpyWare" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!