You are on page 1of 5

NAME: MOMODU ABDULKAREEM USER NAME: WAZHIA SOLUTION 1 What are Trojan Horses?

A Trojan horse or Trojan is a file or e-mail attachment disguised as a friendly, legitimate file. When executed though, the file corrupts data and can even install a backdoor that hackers can utilize to access the network. A Trojan horse differs from a virus or worm in the following ways: Trojan horses disguise themselves as friendly programs. Viruses and worms are much more obvious in their actions. Trojan horses do not replicate like worms and viruses do. A few different types of Trojan horses are listed here: Keystroke loggers monitor the keystrokes that a user types and then e-mails the information to the network attacker. Password stealers are disguised as legitimate login screens that wait for users to provide their passwords so that hackers can steal them. Password stealers are aimed at discovering and stealing system passwords for hackers. Hackers use Remote administration tools (RATs) to gain control over the network from some remote location. Zombies are typically used to initiate distributed denial of service (DDoS) attacks on the hosts within a network.

What are Worms?


As mentioned previously, a virus is a malicious code that infects files on the system. A worm on the other hand is an autonomous code that spreads over a network, targeting hard drive space and processor cycles. Worms not only infect files on one system, but spread to other systems on the network. The purpose of a worm is to deplete available system resources. Hence the reason for a worm repeatedly making copies of itself. Worms basically make copies of themselves or replicate until available memory is used, bandwidth is unavailable, and legitimate network users are no longer able to access network resources or services.

There are a few worms that are sophisticated enough to corrupt files, render systems un-operational, and even steal data. These worms usually have one or numerous viral codes. A few previously encountered worms are: Te ADMw0rm worm took advantage of a buffer overflow in Berkeley Internet Name Domain (BIND). The Code Red worm utilized a buffer overflow vulnerability in Microsoft Internet Information Services (IIS) version 4 and IIS version 5. The LifeChanges worm exploited a Microsoft Windows weakness, which allowed scrap shell files to be utilized for running arbitrary code. The LoveLetter worm used a Visual Basic Script to replicate or mass mail itself to all individuals in the Windows address book. The Melissa worm utilized a Microsoft Outlook and Outlook Express vulnerability to mass mail itself to all individuals in the Windows address book. The Morris worm exploited a Sendmail debug mode vulnerability. The Nimda worm managed to run e-mail attachments in Hypertext Markup Language (HTML) messages through the exploitation of HTML IFRAME tag. The Slapper worm exploited an Apache Web server platform buffer overflow vulnerability. The Slammer worm exploited a buffer overflow vulnerability on unpatched machines running Microsoft SQL Server.

What are Viruses?


A virus is a malicious code that affects and infects system files. Numerous instances of the files are then recreated. Viruses usually lead to some sort of data loss and/or system failure. There are numerous methods by which a virus can get into a system: Through infected floppy disks Through an e-mail attachment infected with the virus Through downloading software infected with the virus A few common types of viruses are:

Boot sector viruses: These are viruses that infect a hard drives master boot record. The virus is then loaded into memory whenever the system starts or is rebooted. File viruses or program viruses or parasitic viruses: These are viruses that are attached to executable programs. Whenever the particular program is executed, the viruses are loaded into memory. Multipartite viruses: These are viruses that are a combination of a boot sector virus and a file virus. Macro viruses: These are viruses that are written in macro languages that applications use, of which Microsoft Word is one. Macro viruses usually infect systems through e-mail. Polymorphic viruses: These viruses can be considered the more difficult viruses to defend against because they can modify their code. Virus protection software often find polymorphic viruses harder to detect and remove. If a virus infects a system, use the recommendations listed here: Scan each system to gauge how infected the infrastructure is. To prevent the virus from spreading any further, immediately disconnect all infected systems. All infected systems should be installed from a clean backup copy, that is, a back up taken when the system was clean from virus infections. Inform the anti-virus vendor so that the vendors virus signature database is updated accordingly. A few methods of protecting network infrastructure against viruses are: Install virus protection software on systems Regularly update all installed virus protection software Regularly back up systems after they have been scanned for viruses and are considered clean from virus infection. Users should be educated to not open any e-mail attachments that were sent from individuals they do not recognize.

SOLUTION 2
An Internet service provider (ISP) is a company that provides access to the Internet. Access ISPs directly connect customers to the Internet using copper wires, wireless or fiber-optic connections. Hosting ISPs lease server space for smaller

businesses and host other people servers (colocation). Transit ISPs provide large tubes for connecting hosting ISPs to access ISPs. I have a small project that I think MT is best suited for and I would like input from others with experience to lend their insight. I am certain that there are better ways to accomplish the following, than what I am hacking together on my own. So here is what I am trying to accomplish: 1) Provide Internet Access to Mobile Locations. (Limousines, Taxi's and Rental Vehicles) --a) Use Cellular Technology for areas outside Wireless Range 2) Monitor the Devices; Uptime, Data Usage and possibly location. 3) Manage the Devices; Configuration, Updates, Access. 4) Maintain a Quality of Service; Keep the end user connected with minimal hassle, complexity and cost. Network Management and Monitoring: I currently have the RB411U pptp'ing back to the Wrap1e-1 and Dude Monitors the device using ChangeIP.com and a script found in the forums. I wish: I could somehow get the RB411U to use an Open Air Wifi/Wireless Network (not currently built) and then swap over to the Cellular USB when WiFi/Wireless signal is unavailable. Current Unresolved issues: 1) Ping Failing using Dude to the Mobile RB411U 2) Monitor Mobile RB411U for anything more than telnet service running 3) Geo location of the device. 4) Proper filtering to disallow/throttle data intensive usage when on the cellular device (damn limits) 5) The hotspot, if there is no www/internet access the local login.html times out and is not displayed So please post what you have done that works, what you have tried that doesn't work and what you think might work. I would love to put together a small group of people interested in making this a working reality.

SOLUTION 3 What are the differences between Differential and Incremental backups ?
Solution Before explaining the differences between Differential and Incremental backups, it is necessary to understand how Backup Exec (tm) knows what files have changed since the full backup.

New and Changed File Backup Schemes: Rather than performing a full backup each time, only those files which are new and changed can be backed up. This can save backup time and reduce the media required. There are two different kinds of new and changed file backups: Incremental and Differential. To explain the difference between the two, it is necessary to understand a basic on-off file attribute called the archive bit. Incremental and Differential backups are dependent upon the archive bit/flag of the files being backed up. If you were to view the properties of a file, you would be able to see whether the archive bit is checked. The archive bit/flag is either checked or unchecked. When checked, the operating system is indicating that the file needs to be backed up. If the archive bit is unchecked, the OS will automatically check the archive bit of any file that is modified by any application. A Full/Normal backup, also known as an "all selected files" backup, backs up all of the selected files and sets the archive bit to OFF (unchecked), thus indicating that these files have been backed up. A Full backup will back up all the selected files, regardless whether the archive bit is ON or OFF. An Incremental backup backs up only the selected files that have their archive bit set to ON, setting them back to OFF. This results in a backup of all files that are new or changed since the last backup, whether it was a full or an incremental. The advantage of an Incremental is that it takes the least amount of time and media of all the backup methods. A Differential backup backs up only the selected files that have their archive bit set to ON but does not set the archive bit back to OFF. A Differential backup will back up all selected files that are new and changed since the last full backup. The advantage of a Differential comes at restore time; you'll need only the last full backup and the last differential to get a complete restore. In the case of restoring with Incremental backups, all the Incremental backups since the last full backup plus the last full backup would be necessary.

You might also like