AFSANA HOSSAIN NETWORK ESSENTIAL 07 https://www.bing.com/search?q=what+is+trojan+horse+attack&qs=AS&pq=what+is+… they want data and to get paid







social engineering is the easiest one to apply. you just have to be a great actor, hackers understand our biases and will use them against us. why is this dangerous? for example you wouldn't question someone wearing a UPS uniform , coming into your workplace listening in on your office conversations spearphishing and spamphishing Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business. Although often intended to steal data for malicious purposes, cybercriminals may also intend to install malware on a targeted user’s computer. This is how it works: An email arrives, apparently from a trustworthy source, but instead it leads the unknowing recipient to a bogus website full of malware. These emails often use clever tactics to get victims' attention. For example, the FBI has warned of spear phishing scams where the emails appeared to be from the National Center for Missing and Exploited Children. Spam is the electronic equivalent of junk mail. The term refers to unsolicited, bulk – and often unwanted – email.





A virus spreads, the minute you click a link or attachment your downloading a file. it needs human interaction some of these files actually have an autostart. if they have an autostart your machine will immediately be infected and is looking to spread so it can use your own contacts to spread. worm -doesn't need any interaction from user. you can use a protocol to spread it.say you download a 3rd party app that uses a protocol, which isn't safe. it allows you to transmit without any type of security.it will be easy for the worm to exploit that it can spread through ports. how worms spread is drastic.a few 100 one week, few 1000 next week , few million after. A Trojan hors e parades itself as a usable app but has a payload.say you download a free app, while you are playing the game there can be a second payload keylogging,having access to your pics, location, data. and transmitting back into a server.A Trojan horse, or Trojan, is a type of malicious code or software that looks legitimate but can take control of your computer . A Trojan is designed to damage, disrupt, steal, or in general inflict some other harmful action on your data or network. A Trojan acts like a bona fide application or file to trick you.





there are different types of brute force attacks. dictionary attack difference between ddos and DOS both is the same thing.one is more direct The DOS attack is usually launched from a single machine, as opposed to a DDOS attack which is launched from multiple machines. Here’s a good metaphor. Picture a shopping center where a recent incident has animal activists up in arms. These animal activists (illegitimate traffic) crowd the entrance to block shoppers (legitimate traffic) from entering the premises. The shoppers can’t get to the stores and the stores lose money. This is pretty much what a DOS attack is like, metaphorically speaking. DDOS Attacks





DDOS attacks are normally worse than DOS attacks. They are launched from multiple computers.The machines involved could number hundreds of thousands or more. These machines aren’t all owned by the attacker, naturally. These machines are usually added to the hacker’s network by means of malware. This group of machines is also known as a botnet. A DDOS attack is particularly frustrating to defend against, because it’s very difficult to tell legitimate traffic from attacker traffic. ddos many to one keylogging- they see every key stroke you hit and is getting transmitted somewhere else. Keyloggers come in at least two broad flavors—hardware devices and the more familiar software variety. Hardware devices can be embedded in the internal PC hardware itself, or be an inconspicuous plugin that’s secretly inserted into the keyboard port between the CPU box and the keyboard cable so that it intercepts all the signals as you type. But that means that the cybercriminal has to have physical access to the PC while you’re not present in order to plant the hardware keyloggers. Software keyloggers are much easier to introduce to and install on victims’ devices, which is why that variety is much more common. Unlike other kinds of malware, software keyloggers are not a threat to the systems they infect themselves. In fact, the whole point of keyloggers is to work behind the scenes, sniffing out the keystrokes while the computer continues to operate normally. But even if they don’t harm the hardware, keyloggers are definitely a threat to users, especially when they steal data pertinent to any number of online payment systems.





make sure whatever website your on is secure.there are tools you have that mitigate some of these. you have to look for them on your system and turn them on security patches need to be consistently installed. software update not so much some companies have a procedure where they test a patch to see how it affects the network in a positive or negative way agent based antivirus comes with computer network based antivirus everyone in the network will be protected.



antivirus suite your go to place to have everything you need for your security purposes for a company having everything in one suite is easier.





spyware can hide anywhere. look at your startup folder if your a windows user. just because you have antivirus doesn't mean you have capabilities to remove them

adware remover.spybot search and destroy





firewalls allow and deny connections you can use firewall to deny applications from starting up. if you have a child you can restrict their access.at the end of the day with firewalls you are just allowing and denying traffic.

DMZ zone demilitarized zone where we put services that will face the public . In computer security, a DMZ Network (sometimes referred to as a “demilitarized zone”) functions as a subnetwork containing an organization's exposed, outward-facing services. It acts as the exposed point to an untrusted networks, commonly the Internet. The goal of a DMZ is to add an extra layer of security to an organization's local area network. A protected and monitored network node that faces outside the internal network can access what is exposed in the DMZ, while the rest of the organization's network is safe behind a firewall.When implemented properly, a DMZ Network gives organizations extra protection in detecting and mitigating security breaches before they reach the internal network, where valuable assets are stored.



with this you can granulate how specific you want it to be . windows if you downloaded windows 10 update it in order to use certain features change your background to be able to tell your windows part pull up the lab task manager-helps you understand why computer is running slow.





your looking at all the processes running on your system. applications running etc.look at the background processes . you wont always close out some of these applications and dont need all of them to run.anytime you have to do any type of troubleshooting, take a look at the startup folder.

you can disable and see what happens. if it disrupts workflow turn it back on if it doesn't need to run keep it off .if your computer is running slow it could be because your running to many apps in startup.processes tells you exactly whats running, ram, disk, cpu storage a specific app is taking up.these are live stats on the processes go into performance, gives you live stats with graphs and what your processes are handling





go into memory,screen graph of info asking you info about system,the little corner tells us how much ram we have on the system,given info on the bottom we should be able to determine how much ram we have





event viewer The Windows Event Viewer shows a log of application and system messages, including errors, information messages,and warnings. It’s a useful tool for troubleshooting all kinds of different Windows problems. Note that even a properly functioning system will show various warnings and errors in the logs you can comb through with Event Viewer. About Windows Events When you are using Windows, the operating system keeps a record of important and useful information about what is happening on the computer.This information is stored in a series of logs known collectively as the Windows Event Log.There are five types of events that are logged:

Information: Lets you know that a application, service,or driver completed an operation. Warning: Informs you of a situation that is probably significant, but not yet a serious problem. For example, low disk space will trigger a warning event.

Error : Indicates a serious problem that may cause a loss of functionality or loss of data.

Success Audit: Records a successful event that is audited for security purposes. For example, when a user successfully logs on to the system,a Success Audit event is recorded.

Failure Audit: Records an unsuccessful event that is audited for security purposes. For example, when a user unsuccessfully tries to log on to the system, a Failure Audit event is recorded.

The Event Viewer allows you to view this information by category.



resource monitor

will show you how certain applications affect the system hit advanced settings





why are there inbound and outbound rules.to show what your letting in and out your system.If the Windows Firewall is turned off then it will have no effect, and the Inbound and Outbound rules will mean nothing. Inbound rules : These are to do with other things accessing your computer. If you are running a Web Server on your computer then you will have to tell the Firewall that outsiders are allowed to connect to it. Outbound rules: These are so that you can let some programs use the Internet, and Block others. You will want to let your Web Browser (Internet Explorer, Firefox, Safari, Chrome, Opera...) have access to the Internet, so you will tell Windows Firewall that it's allowed.

lets create some rules

















we just created an outbound rule







