ESET SMART SECURITY Betriebsanweisung Seite 44
- Seite / 46
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
44
to be safe than sorry.If there is a file detected as adware on your
computer, it is advisable to delete it, since there is a high probability
that it contains malicious code.
6.1.6 Spyware
This category covers all applications which send private information
without user consent/awareness. Spyware uses tracking functions to
send various statistical data such as a list of visited websites, email
addresses from the user‘s contact list, or a list of recorded keystrokes.
The authors of spyware claim that these techniques aim to find out
more about users’ needs and interests and allow better‑targeted
advertisement. The problem is that there is no clear distinction
between useful and malicious applications and no one can be sure
that the retrieved information will not be misused. The data obtained
by spyware applications may contain security codes, PINs, bank
account numbers, etc. Spyware is often bundled with free versions
of a program by its author in order to generate revenue or to oer an
incentive for purchasing the software. Often, users are informed of
the presence of spyware during a program‘s installation to give them
an incentive to upgrade to a paid version without it.
Examples of well‑known freeware products which come bundled
with spyware are client applications of P2P (peer‑to‑peer) networks.
Spyfalcon or Spy Sheri (and many more) belong to a specific spyware
subcategory – they appear to be antispyware programs, but in fact
they are spyware programs themselves.
If a file is detected as spyware on your computer, it is advisable to
delete it, since there is a high probability that it contains malicious
code.
6.1.7 Potentially unsafe applications
There are many legitimate programs whose function is to simplify
the administration of networked computers. However, in the wrong
hands, they may be misused for malicious purposes. ESET Smart
Security provides the option to detect such threats.
“Potentially unsafe applications” is the classification used for
commercial, legitimate software. This classification includes programs
such as remote access tools, password‑cracking applications, and
keyloggers (a program that records each keystroke a user types).
If you find that there is a potentially unsafe application present and
running on your computer (and you did not install it), please consult
your network administrator or remove the application.
6.1.8 Potentially unwanted applications
Potentially unwanted applications are not necessarily intended to
be malicious, but may aect the performance of your computer
in a negative way. Such applications usually require consent for
installation. If they are present on your computer, your system
behaves dierently (compared to the state before their installation).
The most significant changes are:
• New windows you haven’t seen previously are opened
• Activation and running of hidden processes
• Increased usage of system resources
• Changes in search results
• Application communicates with remote servers
6.2 Types of remote attacks
There are many special techniques which allow attackers to
compromise remote systems. These are divided into several categories.
6.2.1 DoS attacks
DoS, or Denial of Service, is an attempt to make a computer or
network unavailable for its intended users. The communication
between aicted users is obstructed and can no longer continue in a
functional way. Computers exposed to DoS attacks usually need to be
restarted in order to work properly.
In most cases, the targets are web servers and the aim is to make
them unavailable to users for a certain period of time.
6.2.2 DNS Poisoning
Using DNS (Domain Name Server) poisoning, hackers can trick the
DNS server of any computer into believing that the fake data they
supplied is legitimate and authentic. The fake information is cached
for a certain period of time, allowing attackers to rewrite DNS replies
of IP addresses. As a result, users trying to access Internet websites
will download computer viruses or worms instead of their original
content.
6.2.3 Worm attacks
A computer worm is a program containing malicious code that
attacks host computers and spreads via a network. The network
worms exploit security vulnerabilities in various applications. Due
to the availability of the Internet, they can spread all over the world
within a few hours of their release. In some cases, even in minutes.
Most worm attacks (Sasser, SqlSlammer) can be avoided by using
default security settings in the firewall, or by blocking unprotected
and unused ports. Also, it is essential that your operating system is
updated with the most recent security patches.
6.2.4 Port scanning
Port scanning is used to determine which computer ports are open on
a network host. A port scanner is software designed to find such ports.
A computer port is a virtual point which handles incoming and
outgoing data – this is crucial from a security point of view. In a large
network, the information gathered by port scanners may help to
identify potential vulnerabilities. Such use is legitimate.
Still, port scanning is often used by hackers attempting to
compromise security. Their first step is to send packets to each
port. Depending on the response type, it is possible to determine
which ports are in use. The scanning itself causes no damage, but be
aware that this activity can reveal potential vulnerabilities and allow
attackers to take control of remote computers.
Network administrators are advised to block all unused ports and
protect those that are in use from unauthorized access.
6.2.5 TCP desynchronization
TCP desynchronization is a technique used in TCP Hijacking attacks. It
is triggered by a process in which the sequential number in incoming
packets diers from the expected sequential number. Packets with an
unexpected sequential number are dismissed (or saved in the buer
storage, if they are present in the current communication window).
In desynchronization, both communication endpoints dismiss
received packets, at which point remote attackers are able to infiltrate
and supply packets with a correct sequential number. The attackers
can even manipulate or modify communication.
TCP Hijacking attacks aim to interrupt server‑client, or peer‑to‑peer
communications. Many attacks can be avoided by using
authentication for each TCP segment. It is also advised to use the
recommended configurations for your network devices.
Verwandte Produkte und Handbücher für Antivirus-Sicherheitssoftware ESET SMART SECURITY
Antivirus-Sicherheitssoftware ESET NOD32 ANTIVIRUS 4 - FOR WINDOWS VISTA-XP-2000 Bedienungsanleitung
(16 Seiten)
(16 Seiten)
Antivirus-Sicherheitssoftware ESET REMOTE ADMINISTRATOR - ANNEXE 636 Installationshandbuch
(24 Seiten)
(24 Seiten)
Antivirus-Sicherheitssoftware ESET CYBERSECURITY - QUICK START GUIDE FOR MAC Bedienungsanleitung
(12 Seiten)
(12 Seiten)
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.038 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern