Malware, short for malicious software, is software designed to secretly access a

computer system without the owner's informed consent. The expression is a gener
al term used by computer professionals to mean a variety of forms of hostile, in
trusive, or annoying software or program code.[1]
Software is considered to be malware based on the perceived intent of the creato
r rather than any particular features. Malware includes computer viruses, worms,
trojan horses, spyware, dishonest adware, scareware, crimeware, most rootkits,
and other malicious and unwanted software or program. In law, malware is sometim
es known as a computer contaminant, for instance in the legal codes of several U
. S. states, including California and West Virginia.[2][3]
Preliminary results from Symantec published in 2008 suggested that "the release
rate of malicious code and other unwanted programs may be exceeding that of legi
timate software applications."[4] According to F-Secure, "As much malware [was]
produced in 2007 as in the previous 20 years altogether."[5] Malware's most comm
on pathway from criminals to users is through the Internet: primarily by e-mail
and the World Wide Web.[6]

Antivirus or anti-virus software is used to prevent, detect, and remove computer

viruses, worms, and trojan horses. It may also prevent and remove adware, spywa
re, and other forms of malware. This page talks about the software used for the
prevention and removal of such threats, rather than computer security implemente
d by software methods.
A variety of strategies are typically employed. Signature-based detection involv
es searching for known patterns of data within executable code. However, it is p
ossible for a computer to be infected with new malware for which no signature is
yet known. To counter such so-called zero-day threats, heuristics can be used.
One type of heuristic approach, generic signatures, can identify new viruses or
variants of existing viruses by looking for known malicious code, or slight vari
ations of such code, in files. Some antivirus software can also predict what a f
ile will do by running it in a sandbox and analyzing what it does to see if it p
erforms any malicious actions.
No matter how useful antivirus software can be, it can sometimes have drawbacks.
Antivirus software can impair a computer's performance. Inexperienced users may
also have trouble understanding the prompts and decisions that antivirus softwa
re presents them with. An incorrect decision may lead to a security breach. If t
he antivirus software employs heuristic detection, success depends on achieving
the right balance between false positives and false negatives. False positives c
an be as destructive as false negatives. Finally, antivirus software generally r
uns at the highly trusted kernel level of the operating system, creating a poten
tial avenue of attack.[1]

A computer virus is a computer program that can copy itself[1] and infect a comp
uter. The term "virus" is also commonly but erroneously used to refer to other t
ypes of malware, including but not limited to adware and spyware programs that d
o not have the reproductive ability. A true virus can spread from one computer t
o another (in some form of executable code) when its host is taken to the target
computer; for instance because a user sent it over a network or the Internet, o
r carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.
[2]
Viruses can increase their chances of spreading to other computers by infecting
files on a network file system or a file system that is accessed by another comp
uter.[3][4]
As stated above, the term "computer virus" is sometimes used as a catch-all phra
se to include all types of malware, even those that do not have the reproductive
ability. Malware includes computer viruses, computer worms, Trojan horses, most
rootkits, spyware, dishonest adware and other malicious and unwanted software,
including true viruses. Viruses are sometimes confused with worms and Trojan hor
ses, which are technically different. A worm can exploit security vulnerabilitie
s to spread itself automatically to other computers through networks, while a Tr
ojan horse is a program that appears harmless but hides malicious functions. Wor
ms and Trojan horses, like viruses, may harm a computer system's data or perform
ance. Some viruses and other malware have symptoms noticeable to the computer us
er, but many are surreptitious or simply do nothing to call attention to themsel
ves. Some viruses do nothing beyond reproducing themselves.

What Is a Trojan horse?

A Trojan Horse is full of as much trickery as the mythological Trojan Horse it w
as named after. The Trojan Horse, at first glance will appear to be useful softw
are but will actually do damage once installed or run on your computer. Those o
n the receiving end of a Trojan Horse are usually tricked into opening them beca
use they appear to be receiving legitimate software or files from a legitimate s
ource. When a Trojan is activated on your computer, the results can vary. Some
Trojans are designed to be more annoying than malicious (like changing your desk
top, adding silly active desktop icons) or they can cause serious damage by dele
ting files and destroying information on your system. Trojans are also known to
create a backdoor on your computer that gives malicious users access to your sys
tem, possibly allowing confidential or personal information to be compromised. U
nlike viruses and worms, Trojans do not reproduce by infecting other files nor d
o they self-replicate.

What Is a Worm?
A worm is similar to a virus by design and is considered to be a sub-class of a
virus. Worms spread from computer to computer, but unlike a virus, it has the ca
pability to travel without any human action. A worm takes advantage of file or i
nformation transport features on your system, which is what allows it to travel
unaided.
The biggest danger with a worm is its capability to replicate itself on your sys
tem, so rather than your computer sending out a single worm, it could send out h
undreds or thousands of copies of itself, creating a huge devastating effect. On
e example would be for a worm to send a copy of itself to everyone listed in you
r e-mail address book. Then, the worm replicates and sends itself out to everyon
e listed in each of the receiver's address book, and the manifest continues on d
own the line.

What Is a Virus?
A computer virus attaches itself to a program or file enabling it to spread from
one computer to another, leaving infections as it travels. Like a human virus,
a computer virus can range in severity: some may cause only mildly annoying effe
cts while others can damage your hardware, software or files.
Sponsored
Java technology zone technical podcast series:: This new podcast series provide
s a new way to get information from the sources you trust most.
Almost all viruses are attached to an executable file, which means the virus may
exist on your computer but it actually cannot infect your computer unless you r
un or open the malicious program. It is important to note that a virus cannot be
spread without a human action, (such as running an infected program) to keep it
going.
People continue the spread of a computer virus, mostly unknowingly, by sharing i
nfecting files or sending e-mails with viruses as attachments in the e-mail.

Spyware is any technology that aids in gathering information about a person or

organization without their knowledge. On the Internet (where it is sometimes cal
led a spybot or tracking software), spyware is programming that is put in someon
e's computer to secretly gather information about the user and relay it to adver
tisers or other interested parties. Spyware can get in a computer as a software
virus or as the result of installing a new program.
Spyware is a type of malware that can be installed on computers, and which colle
cts small pieces of information about users without their knowledge. The presenc
e of spyware is typically hidden from the user, and can be difficult to detect.
Typically, spyware is secretly installed on the user's personal computer. Someti
mes, however, spywares such as keyloggers are installed by the owner of a shared
, corporate, or public computer on purpose in order to secretly monitor other us
ers.

What is spam?
Spam is flooding the Internet with many copies of the same message, in an attemp
t to force the message on people who would not otherwise choose to receive it. M
ost spam is commercial advertising, often for dubious products, get-rich-quick s
chemes, or quasi-legal services. Spam costs the sender very little to send -- mo
st of the costs are paid for by the recipient or the carriers rather than by the
sender.
There are two main types of spam, and they have different effects on Internet us
ers. Cancellable Usenet spam is a single message sent to 20 or more Usenet newsg
roups. (Through long experience, Usenet users have found that any message posted
to so many newsgroups is often not relevant to most or all of them.) Usenet spa
m is aimed at "lurkers", people who read newsgroups but rarely or never post and
give their address away. Usenet spam robs users of the utility of the newsgroup
s by overwhelming them with a barrage of advertising or other irrelevant posts.
Furthermore, Usenet spam subverts the ability of system administrators and owner
s to manage the topics they accept on their systems.

1. A person who enjoys exploring the details of programmable systems and how to
stretch their capabilities, as opposed to most users, who prefer to learn only t
he minimum necessary. RFC1392, the Internet Users' Glossary, usefully amplifies
this as: A person who delights in having an intimate understanding of the intern
al workings of a system, computers and computer networks in particular.
2. One who programs enthusiastically (even obsessively) or who enjoys programmin
g rather than just theorizing about programming.
3. A person capable of appreciating hack value.
4. A person who is good at programming quickly.
5. An expert at a particular program, or one who frequently does work using it o
r on it; as in a Unix hacker . (Definitions 1 through 5 are correlated, and people
who fit them congregate.)
6. An expert or enthusiast of any kind. One might be an astronomy hacker, for ex
ample.
7. One who enjoys the intellectual challenge of creatively overcoming or circumv
enting limitations.

One who breaks security on a system. Coined ca. 1985 by hackers in defense again
st journalistic misuse of hacker (q.v., sense 8). An earlier attempt to establis
h worm in this sense around 1981--82 on Usenet was largely a failure.
Use of both these neologisms reflects a strong revulsion against the theft and v
andalism perpetrated by cracking rings. The neologism cracker in this sense may ha
ve been influenced not so much by the term safe-cracker as by the non-jargon term c
racker , which in Middle English meant an obnoxious person (e.g., What cracker is t
his same that deafs our ears / With this abundance of superfluous breath? Shakesp
eare's King John, Act II, Scene I) and in modern colloquial American English sur
vives as a barely gentler synonym for white trash .
While it is expected that any real hacker will have done some playful cracking a
nd knows many of the basic techniques, anyone past larval stage is expected to h
ave outgrown the desire to do so except for immediate, benign, practical reasons
(for example, if it's necessary to get around some security in order to get som
e work done).
Thus, there is far less overlap between hackerdom and crackerdom than the mundan
e reader misled by sensationalistic journalism might expect. Crackers tend to ga
ther in small, tight-knit, very secretive groups that have little overlap with t
he huge, open poly-culture this lexicon describes; though crackers often like to
describe themselves as hackers, most true hackers consider them a separate and
lower form of life. An easy way for outsiders to spot the difference is that cra
ckers use grandiose screen names that conceal their identities. Hackers never do
this; they only rarely use noms de guerre at all, and when they do it is for di
splay rather than concealment.

Disaster Recovery and Preparation

Backups are only one part of a comprehensive disaster recovery plan. You also ne
ed to have Emergency Repair disks and Boot disks on hand to ensure that you can
recover systems in a wide variety of situations. You may also need to install th
e Recovery Console.
When you set out to recover a system, you should follow these steps:
Try to start the system in Safe Mode, as described in the section of this chapte
r entitled "Starting a System in Safe Mode."
Try to recover the system using the Emergency Repair disk (if available). See th
e section of this chapter entitled "Using the Emergency Repair Disk to Recover a
System."
Try to recover the system using the Recovery Console. See the section of this ch
apter entitled "Working with the Recovery Console."
Restore the system from backup. Be sure to restore the system state data as well
as any essential files.

The Basic Types of Backup

There are many techniques for backing up files. The techniques you use will depe
nd on the type of data you're backing up, how convenient you want the recovery p
rocess to be, and more.
If you view the properties of a file or directory in Windows Explorer, you'll no
te an attribute called Archive. This attribute often is used to determine whethe
r a file or directory should be backed up. If the attribute is on, the file or d
irectory may need to be backed up. The basic types of backups you can perform in
clude
Normal/full backups All files that have been selected are backed up, regardless
of the setting of the archive attribute. When a file is backed up, the archive a
ttribute is cleared. If the file is later modified, this attribute is set, which
indicates that the file needs to be backed up.
Copy backups All files that have been selected are backed up, regardless of the
setting of the archive attribute. Unlike a normal backup, the archive attribute
on files isn't modified. This allows you to perform other types of backups on th
e files at a later date.
Differential backups Designed to create backup copies of files that have changed
since the last normal backup. The presence of the archive attribute indicates t
hat the file has been modified and only files with this attribute are backed up.
However, the archive attribute on files isn't modified. This allows you to perf
orm other types of backups on the files at a later date.
Incremental backups Designed to create backups of files that have changed since
the most recent normal or incremental backup. The presence of the archive attrib
ute indicates that the file has been modified and only files with this attribute
are backed up. When a file is backed up, the archive attribute is cleared. If t
he file is later modified, this attribute is set, which indicates that the file
needs to be backed up.
Daily backups Designed to back up files using the modification date on the file
itself. If a file has been modified on the same day as the backup, the file will
be backed up. This technique doesn't change the archive attributes of files.

Multilayer Firewall Security

A firewall can enhance security through various methods, including packet filter
ing, circuit-level filtering, and application filtering. Advanced enterprise fir
ewalls, such as that provided with ISA Server Enterprise Edition, combine all th
ree of these methods to provide protection at multiple network layers.
While security features do not guarantee a secure system, they are necessary to
build a secure system. Security features have four categories:
Authentication: Verifies who you say you are. It enforces that you are the only
one allowed to logon to your Internet banking account.
Authorization: Allows only you to manipulate your resources in specific ways. Th
is prevents you from increasing the balance of your account or deleting a bill.
Encryption: Deals with information hiding. It ensures you cannot spy on others d
uring Internet banking transactions.
Auditing: Keeps a record of operations. Merchants use auditing to prove that you
bought a specific merchandise.

Conclusion
This article outlined the key players and security attacks and defenses in an e-
Commerce system. Current technology allows for secure site design. It is up to t
he development team to be both proactive and reactive in handling security threa
ts, and up to the shopper to be vigilant when shopping online.

What is e-Commerce?
e-Commerce refers to the exchange of goods and services over the Internet. All m
ajor retail brands have an online presence, and many brands have no associated b
ricks and mortar presence. However, e-Commerce also applies to business to busin
ess transactions, for example, between manufacturers and suppliers or distributo
rs.
In the online retail space, there are a number of models that retailers can adop
t. Traditionally, the Web presence has been kept distinct from the bricks and mo
rtar presence, so transactions were limited to buying online and delivering the
goods or services. The online presence is also important for researching a produ
ct that a customer can purchase later in the store. Recently, there has been a t
rend towards multi-channel retail, allowing new models such as purchasing online
and picking up in store.