1. http://www.foxnews.com/story/0,2933,236480,00.html
NEWARK, N.J. — A former UBS PaineWebber (UBS) systems administrator was sentenced Wednesday to eight years and one month in prison for attempting to profit by detonating a "logic bomb" program that prosecutors said caused millions of dollars in damage to the brokerage's computer network in 2002.Roger Duronio also was ordered to pay $3.1 million in restitution to his former employer, now known as UBS Financial Services Inc., part of the Swiss banking company UBS AG.Duronio, 64, of Bogota was put under house arrest by U.S. District Judge Joseph A. Greenaway Jr. until he is assigned to a prison. He had been free on $1 million bond.• Click here to visit FOXNews.com's Cybersecurity Center.The term was the maximum under sentencing guidelines, which pleased U.S. Attorney Christopher J. Christie."This was a fitting, appropriately long sentence," Christie said. "Duronio acted out of misplaced vengeance and greed. He sought to do financial harm to a company and to profit from that, but he failed on both counts."A message left for Duronio's lawyer, Christopher D. Adams, was not immediately returned.A federal jury in July convicted Duronio on one count of securities fraud and one count of computer fraud, and acquitted him on two counts of mail fraud.Prosecutors presented evidence that Duronio was angry with the company, where he had worked for nearly two years in Weehawken, because he expected an annual bonus of $50,000 but got $32,500.Evidence showed Duronio ultimately lost $23,000 he invested in a stock market bet against UBS because the ploy failed to reduce the company's share price.Duronio planted the logic bomb in some 1,000 of PaineWebber's approximately 1,500 networked computers in branch offices around the country and resigned from the company Feb. 22, 2002, prosecutors said.That day, Duronio went to a broker and bought what are called "put options" for UBS stock, prosecutors said.Those give the purchaser the right to sell shares for a fixed per-share price, so the lower a stock falls, the more valuable the option becomes.Duronio placed his last trade on March 1, 2002, and the logic bomb attack took place three days later, deleting files on 1,000 computers, prosecutors said.
2. http://www.answers.com/topic/logic-bombA program routine that destroys data when certain conditions are met; for example, it may reformat the hard disk or insert random bits into data files on a certain date or if a particular employee record is missing from the employee database. Most viruses are logic bombs because they deliver their payload after a specific latency or when a trigger event occurs. See virus, latency and payload.A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as the salary database), should he ever leave the company.[1]Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Many viruses attack their host systems on specific dates, such as Friday the 13th or April Fool's Day. Trojans that activate on certain dates are often called "time bombs".To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software. As an example, trial programs with code that disables certain functionality after a set time are not normally regarded as logic bombs.
3. http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci815177,00.htmlDefinition-In a computer program, a logic bomb, also called slag code, is programming code, inserted surreptitiously or intentionally, that is designed to execute (or "explode") under circumstances such as the lapse of a certain amount of time or the failure of a a program user to respond to a program command. It is in effect a delayed-action computer virus or Trojan horse. A logic bomb, when "exploded," may be designed to display or print a spurious message, delete or corrupt data, or have other undesirable effects. Some logic bombs can be detected and eliminated before they execute through a periodic scan of all computer files, including compressed files, with an up-to-date anti-virus program. For best results, the auto-protect and e-mail screening functions of the anti-virus program should be activated by the computer user whenever the machine is online. In a network, each computer should be individually protected, in addition to whatever protection is provided by the network adminstrator. Unfortunately, even this precaution does not guarantee 100-percent system immunity.
4. http://ref.web.cern.ch/ref/CERN/CNL/2001/003/computer_security/A computer worm is software which copies itself between networked computers, gradually infecting more and more of them. The "Code Red" worm which was launched on the Internet in July this year infected tens of thousands of computers, including 25 on the CERN site. It entered via security holes on computers which had not been regularly patched and seriously disrupted the CERN network with the massive traffic it generated.System administrators must ensure that their computers have the latest security patches installed, for both the operating system and any application services using the network. If your system is running application services which are not necessary (e.g. some may be running by default or for historical reasons) then disable them. Systems running CERN-certified operating systems can profit from IT Division's services which apply tested patches automatically or provide them for manual installation. Those who have installed their own operating systems or applications must themselves check for and install relevant security patches.
5. http://www.pcmag.com/encyclopedia_term/0,2542,t=worm&i=54874,00.aspDefinition of: worm
(1) A destructive program that replicates itself throughout a single computer or across a network, both wired and wireless. It can do damage by sheer reproduction, consuming internal disk and memory resources within a single computer or by exhausting network bandwidth. It can also deposit a Trojan that turns a computer into a zombie for spam and other malicious purposes. Very often, the terms "worm" and "virus" are used synonymously; however, worm implies an automatic method for reproducing itself in other computers. See virus, logic bomb, smartphone virus, Worm.ExploreZip virus and Morris worm.
(2) A program that moves through a network and deposits information at each node for diagnostic purposes or causes idle computers to share some of the processing workload. See ethical worm.
(3) (WORM) (Write Once Read Many) An optical disk that can be recorded only once. Updating requires destroying the existing data (all 0s made 1s), and writing new data to an unused part of the disk.
There are two kinds of WORM technologies. Ablative large-format (12-14") WORM is the traditional type, which makes a permanent change in the optical material. Continuous composite write (CCW) WORM is a mode in multifunction 5.25" optical (MO) drives that emulates a WORM drive. The data are not permanently changed, but the drive contains firmware that ensures that recorded areas are not rewritten. See optical disk.
6. http://antispamming.tw.st/Spammers collect and steal our personal information for their own sake. To protect our privacy and to be free from unwanted disturbance, we must send a strong message to these spammers that doing business through spamming is doom to fail, and they have to be responsible for whatever they did. Spammers acknowledge that what they are doing is illegal and violating people's privacy, they scare to death to reveal any piece of information about themselves. Therefore, to get in any contact with these people is not only dangerous to yourself but also encouraging illegal behaviors, just like helping criminals to rob. What we're doing here is to identify those criminals, the beneficiaries of spamming, and make them public. So, before you initiate any contact with anyone or business, please check the Spammer List sorted by phone # or Spammer List sorted by IP address , these business or people are confirmed to engage in initiating spamming or junk emails and are beneficiaries of such spamming. And we'll try to update the list as often as we can, maybe several times a day, so please check back often.
7. http://www.ciac.org/ciac/bulletins/i-005c.shtml
Mail filtering in the Mail Transfer Agent or Mail User Agent is the only practical solution today for removing spam messages, and it is less than perfect. There are three primary information sources used to filter incoming e-mail : - Header Information- Mailer Type (a special type of Header information)- IP Address (domain name).Header filtering is performed by scanning the header and/or envelope of a message, and comparing that information to a list of "filters." If the "From", "X-Sender", or "Sender" address is in the "filter" list, the message is dropped. Filtering by e-mail envelope and/or header information on the Mail User Agent or Mail Transfer Agent is the most effective way of limiting spam on your network. Filtering on the Mail Transfer Agent is accomplished by adding rules to the configuration for the specific mail system running on the server. Mail User Agent filtering is accomplished through filters set in a user's mail reader. The most logical location for filtering is your Mail Transfer Agent, since it can perform this service for a larger number of mail accounts and is a central point for administration. The down side to this is that users need to feed-back "SPAM" information to the e-mail administrators so that is can be incorporated into an organization-wide filtering list. This requires continuous maintenance to keep the spamming filters list up-to-date, since it is built in reaction to spamming activity. Predetermined "filtering" lists are usually available in the public domain, see the references at the end for starting locations. Also, if the spamming filter list is not made with care, valid e-mail messages may be discarded along with the spam.Mailer filtering using the specific Header information field: "X-mailer." This type of filtering enables you to eliminate an entire class of senders -those who use suspect Mail Delivery Agents. Some of the more popular Mail User Agent's with spammers are: Floodgate, Extractor, Fusion, Masse-mail,
8. http://spam.abuse.net/You have probably seen an increase in the amount of "junk mail" which shows up in your email box, or on your favorite newsgroup. The activities of a small number of people are becoming a bigger problem for the Internet. We have been actively engaged in fighting spam for years. Since we presented this site to the public in 1996, we have been pleased to be referenced as one of the best anti-spam sites on the net. Help fight spam to keep the Internet useful for everyone. Take advantage of the information we've gathered to make your own experience on the Internet better.
9. http://en.wikipedia.org/wiki/Spoofing_attackAn example from cryptography is the man-in-the-middle attack, in which an attacker spoofs Alice into believing he's Bob, and spoofs Bob into believing he's Alice, thus gaining access to all messages in both directions without the trouble of any cryptanalytic effort.The attacker must monitor the packets sent from Alice to Bob and then guess the sequence number of the packets. Then the attacker knocks out Alice with a SYN attack and injects his own packets, claiming to have the address of Alice. Alice's firewall can defend against some spoof attacks when it has been configured with knowledge of all the IP addresses connected to each of its interfaces. It can then detect a spoofed packet if it arrives at an interface that is not known to be connected to the IP address.Many carelessly designed protocols are subject to spoof attacks, including many of those used on the Internet. See Internet protocol spoofing
10. http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci840262,00.htmlE-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source. Distributors of spam often use spoofing in an attempt to get recipients to open, and possibly even respond to, their solicitations. Spoofing can be used legitimately. Classic examples of senders who might prefer to disguise the source of the e-mail include a sender reporting mistreatment by a spouse to a welfare agency or a "whistle-blower" who fears retaliation. However, spoofing anyone other than yourself is illegal in some jurisdictions. E-mail spoofing is possible because Simple Mail Transfer Protocol (SMTP), the main protocol used in sending e-mail, does not include an authentication mechanism. Although an SMTP service extension (specified in IETF RFC 2554) allows an SMTP client to negotiate a security level with a mail server, this precaution is not often taken. If the precaution is not taken, anyone with the requisite knowledge can connect to the server and use it to send messages. To send spoofed e-mail, senders insert commands in headers that will alter message information. It is possible to send a message that appears to be from anyone, anywhere, saying whatever the sender wants it to say. Thus, someone could send spoofed e-mail that appears to be from you with a message that you didn't write. Although most spoofed e-mail falls into the "nuisance" category and requires little action other than deletion, the more malicious varieties can cause serious problems and security risks. For example, spoofed e-mail may purport to be from someone in a position of authority, asking for sensitive data, such as passwords, credit card numbers, or other personal information -- any of which can be used for a variety of criminal purposes. The Bank of America, eBay, and Wells Fargo are among the companies recently spoofed in mass spam mailings. One type of e-mail spoofing, self-sending spam, involves messages that appear to be both to and from the recipient.
Thursday, May 10, 2007
Wednesday, February 28, 2007
About me
HELLO^^
Welcome to my blog.
My name is Lau Tsz Lun.
I am studying Higher Diploma in Accountancy and Information Systems in Hong Kong Institute of Vocational Education (Kwai Chung).
Welcome to my blog.
My name is Lau Tsz Lun.
I am studying Higher Diploma in Accountancy and Information Systems in Hong Kong Institute of Vocational Education (Kwai Chung).
Subscribe to:
Posts (Atom)