INFORMÁTICA: Amenazas

A firewall is a part of a computer system or network that is designed to block

unauthorized access while permitting authorized communications. It is a device or
set of devices configured to permit, deny, encrypts, decrypt all (in and out)
computer traffic between different security domains based upon a set of rules and
other criteria.

Firewalls can be implemented in either hardware or software, or a combination of

both. Firewalls are frequently used to prevent unauthorized Internet users from
accessing private networks connected to the Internet, especially intranets. All
messages entering or leaving the intranet pass through the firewall, which
examines each message and blocks those that do not meet the specified security
criteria.

Antivirus (or anti-virus) software is used to prevent, detect, and remove

malware, including computer viruses, worms, and trojan horses. Such programs
may also prevent and remove adware, spyware, and other forms of malware.

A variety of strategies are typically employed. Signature-based detection involves

searching for known malicious patterns in executable code. However, it is possible
for a user to be infected with new malware in which no signature exists yet.

Some antivirus software can also predict what a file will do if opened/run by
emulating it in a sandbox and analyzing what it does to see if it performs any
malicious actions. If it does, this could mean the file is malicious.

However, no matter how useful antivirus software is, it can sometimes have
drawbacks. Antivirus software can degrade computer performance if it is not
designed efficiently. Inexperienced users may have trouble understanding the
prompts and decisions that antivirus software presents them with. An incorrect
decision may lead to a security breach.

Virus hoaxes are messages, usually sent by email, that amount to little more than
chain letters. They pretend to alert you to the latest "undetectable" virus and simply
waste your time and Internet bandwidth. The best course of action is to delete
these hoaxes - they can cause genuine fear and alarm in the disabled, elderly and
other vulnerable groups.

Signature based detection is the most common method. To identify viruses and
other malware, antivirus software compares the contents of a file to a dictionary of
virus signatures. Because viruses can embed themselves in existing files, the entire
file is searched, not just as a whole, but also in pieces.

Malicious activity detection is another approach used to identify malware. In this

approach, antivirus software monitors the system for suspicious program behavior.

Colegio Escolapias Gandia. Departamento de Nuevas Tecnologías. Dani Díaz Página 1

 INFORMÁTICA: Amenazas

If suspicious behavior is detected, the suspect program may be further investigated,

using signature based detection or another method listed in this section. This type
of detection can be used to identify unknown viruses or variants on existing viruses.

Heuristic-based detection, like malicious activity detection, can be used to identify

unknown viruses. This can be accomplished in one of two ways: file analysis and file
emulation.

File analysis is the process of searching a suspect file for virus-like instructions. For
example, if a program has instructions to reformat the C drive, the antivirus
software might further investigate the file. One downside of this feature is the large
amount of computer resources needed to analyse every file, resulting in slow
operation.

File emulation is another heuristic approach. File emulation involves executing a

program in a virtual environment and logging what actions the program performs.
Depending on the actions logged, the antivirus software can determine if the
program is malicious or not and then carry out the appropriate disinfection actions.

Symptoms of a virus on your system:

• Slow PC performance
• Erratic computer behavior
• Unexplained data loss
• Frequent computer crashes

Anti-Spam: E-mail spam, also known as junk e-mail, is a subset of spam that
involves nearly identical messages sent to numerous recipients by e-mail.

To prevent e-mail spam, both end users and administrators of e-mail systems use
various anti-spam techniques. Some of these techniques have been embedded in
products, services and software.

Anti-Spyware: Spyware is a type of malware that is installed on computer and

collects information about users without their knowledge. The presence of spyware
is typically hidden from the user. Typically, spyware is secretly installed on the user's
personal computer. Sometimes, however, spywares such as keyloggers are installed
by the owner of a shared, corporate, or public computer on purpose in order to
secretly monitor other users.

Colegio Escolapias Gandia. Departamento de Nuevas Tecnologías. Dani Díaz Página 2

 INFORMÁTICA: Amenazas

Programs such as Lavasoft's Ad-Aware SE y Spybot - Search & Destroy rapidly gained
popularity as effective tools to remove, and in some cases intercept, spyware
programs.

Anti-spyware programs can combat spyware in two ways:

1. They can provide real time protection against the installation of spyware
software on your computer. This type of spyware protection works the same
way as that of anti-virus protection in that the anti-spyware software scans
all incoming network data for spyware software and blocks any threats it
comes across.
2. Anti-spyware software programs can be used solely for detection and
removal of spyware software that has already been installed onto your
computer.

Such programs inspect the contents of the Windows registry, the operating system
files, and installed programs, and remove files and entries which match a list of
known spyware components. Real-time protection from spyware works identically
to real-time anti-virus protection: the software scans disk files at download time,
and blocks the activity of components known to represent spyware.

Phising: Masquerading as a trustworthy person or business, phishers attempt to

steal sensitive financial or personal information through fraudulent email or instant
messages. How can you tell the difference between a legitimate message and a
phishing scam? Educate yourself on the latest tricks and scams.

What can phishing do to me?

After you’ve responded to a phishing scam, the attacker can:

• Hijack your usernames and passwords

• Steal your money and open credit card and bank accounts in your name
• Request new account Personal Identification Numbers (PINs) or additional
credit cards
• Make purchases
• Add themselves or an alias that they control as an authorized user so it’s
easier to use your credit
• Obtain cash advances
• Use and abuse your Social Security number
• Sell your information to other parties who will use it for illicit or illegal
purposes

Colegio Escolapias Gandia. Departamento de Nuevas Tecnologías. Dani Díaz Página 3

 INFORMÁTICA: Amenazas

How will I know?

Phishers often pretend to be legitimate companies. Their messages may sound

genuine and their sites can look remarkably like the real thing. It can be hard to tell
the difference, but you may be dealing with a phishing scam if you see the
following:

• Requests for confidential information via email or instant message

• Emotional language using scare tactics or urgent requests to respond
• Misspelled URLs, spelling mistakes or the use of sub-domains
• Links within the body of a message
• Lack of a personal greeting or customized information within a message.
Legitimate emails from banks and credit card companies will often include
partial account numbers, user name or password.

Hackers & Predators: People, not computers, create computer security threats
and malware. Hackers and predators are programmers who victimize others for
their own gain by breaking into computer systems to steal, change or destroy
information as a form of cyber-terrorism. What scams are they using lately? Learn
how to combat dangerous malware and stay safe online.

What can hackers and predators do to me?

While your computer is connected to the Internet, the malware a hacker has
installed on your PC quietly transmits your personal and financial information
without your knowledge or consent. Or, a predator may pounce on the private
information you unwittingly revealed. In either case, they can do the same as a
Phising attack.

Colegio Escolapias Gandia. Departamento de Nuevas Tecnologías. Dani Díaz Página 4