Computer Security 101: Lesson 4

[tonybradley]

Since one of our compatriots already shared Lesson 1 of my Computer Security 101 series I thought I would officially add the lessons to the Tutorials forum here on AO. However, due to copyright and legal restrictions I can't simply cut and paste the whole thing. I am going to post a big chunk of each lesson and then link back to the original article on About.com for those who wish to read the entire lesson.

The Computer Security 101 series is a 10-part series of articles intended to provide the security novice with a basic understanding of the terminology, acronyms and technology involved. The hope is that if you understand how and why things work in the first place you will be able to protect and secure those things better.
In our third lesson of Computer Security 101 we covered Ports, TCP, UDP and firewalls.
Advertisement

This lesson we will discuss various security issues associated with using email including email borne viruses, hidden file extensions and email spoofing.

One of the main attack vectors for a virus is through your email. While it is possible to get a virus by using an infected floppy disk or compact disc one of the main methods of propagation is through email. From the standpoint of trying to do the most damage it makes sense for a virus author to use email as a means for spreading the virus.

The authors of Trojans, worms and viruses are sometimes exceptionally clever and ingenious in finding and exploiting weaknesses in both the computer system and in human nature in order to make their attack successful. Unfortunately, sometimes even viruses that aren’t so clever manage to spread quickly and do lots of damage due to uneducated and naïve users.

To get you to open the email in the first place viruses try to use Subject Lines for the email messages that will get your attention. Some will come disguised as important alerts from major companies like Microsoft. Recent viruses will also reply to existing emails in the infected computer. When you receive a message in response to a message you know you sent someone you have no reason to suspect it would be harmful so you are more likely to open it.

Typically, the email itself is not the problem. The Subject Line and the Message Body are worded with the intent and goal of getting you to double-click on the attached file to execute the actual virus. With HTML-based email it is possible to embed the virus directly in the message. Major viruses and worms in the past couple of years like CodeRed and Nimda have exploited this flaw to cause the virus to execute as soon as someone opened the email message, rather than waiting for them to click on the attachment. In 2001 Microsoft released a Security Bulletin, MS01-020, including a patch to protect users from this happening.

As users became educated (although it can be debated what percentage of the users are really educated) about clicking on file attachments the malicious code writers had to change their strategy. It became known that executable files like EXE (Executable), COM (Command), BAT (Batch) and other file types like these would run a program once they were clicked on and that you should not open those types of attachments if you didn’t know who they were from and why.

Being quite clever, the virus writers figured out that they could hide the true file extension to trick the user. Microsoft Windows is set automatically to hide known file extensions. So, extensions like EXE and VBS (Visual Basic Script) don’t show up by default. Even if a user elects to Show Hidden Files and Folders there are some that will not show up.

Computer Security 101: Lesson 4

[noODle]

Do you really need to post them all serperatly ?
Look to me like you are looking for a cheap way to get on the front page.
With all due respect wth you are tony bradly.

[tonybradley]

Maybe not.

If I posted the articles in their entirety (without having to link back to the original) as separate tutorials and gave them more original names I am not sure anyone would notice or complain that I posted them separately.

Someone else had already plagiarized Lesson 1 and posted it and I got good feedback on it and appreciation once it was learned that I actually wrote it, so I thought I would officially add them.

I have gotten feedback that perhaps General Chit-Chat would be a better forum. One statement was that because it is a quote & link rather than an "original" tutorial (they are originally from me, but are not original to AO) it does not belong in Tutorials.

It was not my intent to simply make the front page. At the rate new posts are added I don't even think that would be an effective strategy. If nobody posted a reply to a post it would be off the front page in a matter of hours and most people would never see it unless they happen to go look at Tutorials.

I will defer to the Moderators to decide if we should move these 4 posts to General Chit-Chat rather than Tutorials. I don't mean to ruffle anyone's feathers.

[noODle]

Well I dont mind you posted in tutorials. They are your work right and it is sorta tutorilish.
But you should not have posted them all seperate.
Like if it is really a ten part collection you could have posted it in two or tuts orso.
J mho.

cheers

btw plagarism sux0rs

[Trust_Not_123]

also, if all this info is from another site. all you need to do is post a link and people can find it for yourself. i think this is just a cheap way of getting a large amount of tutorials posted under your name. the tutorial forums is there only for tuts that you have made, not found on someone elses site.

[tonybradley]

Its not someone else's site- its my site. I am the original author of this material.

As I stated in the opening paragraph of each post, I would have simply posted the whole thing without a quote & link but I would need reprint permission from my legal department.

Because it is my own original work it would seem to qualify for the Tutorials forum, but because it is not original to AO and is instead a link to the original source it perhaps should have been posted to a different forum. I am not sure there is any glory in having "large amounts of tutorials posted under your name" so that certainly wasn't a motivation. I have already deferred to the Moderators to decide if the posts should be moved.

I also could have done as noODle suggested and correlated all 4 posts into one mega-tutorial post instead of posting 4 separate times. Not saying if I agree or disagree that its a good idea, but it just didn't occur to me to do so.

[Juridian]

I would say, as long as it is his own work and he wishes to share, people should quit their bitching about whether it is from another site or not.

tonybradley is not posting the articles in their entirety, is pointing you at their origional birthplace, and he even warns you of where they came from in the first place. He is trying to help. Besides, jockeying for position on a message board system is pathetic.

[UpperCell]

for real!! who cares about how many tut's you've written! I say, thank you tony for posting you tutorials.

[RiOtEr]

oh good god not this again

they are ****ing numbers people they do not make your penis bigger instead of antipoints its posts you people have no idea wtf you want do you? bitch about lack of security content then when someone posts security content you bitch because its taking up your presious general chit chat time. its ****ing lame let me tell you antipoints post counts will not get you a job ****ing grow up
he did nuthing wrong what about all those people who wrote networking 101 102 103 etc dont see flames there hes doing this community a favor props to him for that
to all those that i have offended please take it out with antipoint alliances kthnx
rioter

[souleman]

I agree with rioter and Juridian. I mean for once we finally get someone on this site that knows something about security and is willing to post. A lot of the security info I have seen here lately has been complete bs, which is why I don't even come here much any more. So we get someone that knows what he is talking about, and is willing to share and be a part of the community, and all you people do is bitch about it. How typical is that????

you all say that he is just trying to get his post count up or whatever... how many of your stupid freaking posts have been in general chit chat or cosmos or some other non-computer related thread? I would bet money that its probably close to 75 percent or more. And how many of your antipoints were earned for being a valuable member of this site. I would bet most of them are for posts in GCC or cosmos. So instead of bitching that he broke his tutorial into 4 sections, why don't you say thanks and keep him around. Its about time this site had someone that actually knew what they were talking about and was willing to share that information.