[AI] (Tech Dose of the day) Trojan, Continuous Data Protection, Micro-Blogging, Web Scraping and much much more!

vishnu ramchandani vishnuhappy at yahoo.com
Wed Jan 30 23:49:07 EST 2008


Tech Dose of the day

Trojan, Continuous Data Protection, Micro-Blogging,
Web Scraping, etc.

Contributed by M&E (Media & Entertainment) Delivery
Group (MphasiS Software Services)

Trojan 
What is a Trojan? 
In the context of computing and software, a Trojan
horse, or simply trojan, is a piece of software which
appears to perform a certain action but in fact
performs another such as a computer virus. Contrary to
popular belief, this action, usually encoded in a
hidden payload, may or may not be actually malicious,
but Trojan horses are notorious today for their use in
the installation of backdoor programs. Simply put, a
Trojan horse is not a computer virus in most cases.
Unlike such badware, it does not propagate by
self-replication but relies heavily on the
exploitation of an end-user. It is instead a
categorical attribute which can encompass many
different forms of codes. Therefore, a computer worm
or virus may be a Trojan horse. The term is derived
from the classical myth of the Trojan Horse.
A simple example of a Trojan horse would be a program
named "waterfalls.scr" where its author claims it is a
free waterfall screensaver. When run, it instead
unloads hidden programs, commands, scripts, or any
number of commands with or without the user's
knowledge or consent. Malicious Trojan Horse programs
are often used to circumvent protection systems in
effect creating a vulnerable system to allow
unauthorized access to the user's computer.
Non-malicious Trojan Horse programs are used for
managing systems, deploying software, surveillance,
and forensics.
What are the types of Trojan Horse Payloads?
Trojan horse payloads are almost always designed to do
various harmful things, but can also be harmless. They
are broken down in classification based on how they
breach and damage systems.
The nine main types of Trojan horse payloads are :
1. Remote Access 
2. Email Sending 
3. Data Destruction 
4. Downloader 
5. Proxy Trojan (disguising others as the infected
computer) 
6. FTP Trojan (adding or copying data from the
infected computer) 
7. Security software disabler 
8. Denial-of-service attack (DoS) 
9. URL trojan (directing the infected computer to only
connect to the internet via an expensive dial-up
connection)
Some examples of damage are :
• erasing or overwriting data on a computer.
• encrypting files in a cryptoviral extortion attack.
• corrupting files in a subtle way.
• upload and download files.
• allowing remote access to the victim's computer.
This is called a RAT (Remote Administration Tool).
• spreading other malware, such as viruses: this type
of Trojan horse is called a 'dropper' or 'vector'.
• setting up networks of zombie computers in order to
launch DoS attacks or send spam.
• spying on the user of a computer and covertly
reporting data like browsing habits to other people.
• making screenshots.
• logging keystrokes to steal information such as
passwords and credit card numbers.
• phishing for bank or other account details, which
can be used for criminal activities.
• installing a backdoor on a computer system.
• opening and closing CD-ROM tray.
• harvesting e-mail addresses and using them for spam.
• restarting the computer whenever the infected
program is started.
• deactivating or interfering with anti-virus and
firewall programs.
• deactivating or interfering with other competing
forms of malware.
• randomly shutting off your computer. 
Methods of Infection:-
The majority of Trojan horse infections occur because
the user was tricked into running an infected program.
This is why it is advised not to open unexpected
attachments on emails -- the program is often a cute
animation or an image, but behind the scenes it
infects the computer with a Trojan or worm. The
infected program doesn't have to arrive via email; it
can be sent in an Instant Message, downloaded from a
Web site or by FTP, or even delivered on a CD or
floppy disk.
Road Apple:-
A road apple is a real-world variation of a Trojan
Horse that uses physical media and relies on the
curiosity of the victim. The attacker leaves a
malware-infected floppy disc, CD ROM or USB flash
drive in a location sure to be found or that is
commonly visited, gives it a legitimate looking label
and then waits in the hopes that someone will
eventually use it. An example of this would be to get
the corporate logo from the web site of the software
that is infected and affixing a legitimate-looking
label (e.g. "Employee Salaries Summary FY06") for the
infected physical media.
Methods of Deletion:-
Since Trojan horses have a variety of forms, there is
no single method to delete them.The simplest responses
involve clearing the temporary internet files on a
computer, or finding the file and deleting it
manually. Normally, anti-virus software is able to
detect and remove the trojan automatically. If the
antivirus cannot find it, Rebooting the computer in
Safemode (with or without networking) and running an
antivirus scan may find the Rat and then the Trojan
could be deleted.    
Further References 
http://en.wikipedia.org/wiki/Trojan_horse_(computing)
http://www.webopedia.com/TERM/T/Trojan_horse.html  

Continuous Data Protection 
What is CDP? 
In computing, a Continuous data protection (CDP), also
called continuous backup, refers to backup of computer
data by automatically saving a copy of every change
made to that data, essentially capturing every version
of the data that the user saves. It allows the user or
administrator to restore data to any point in time.
CDP is a service that captures changes to data to a
separate storage location. There are multiple methods
for capturing the continuous changes involving
different technologies that serve different needs.
CDP-based solutions can provide fine granularities of
restorable objects ranging from crash-consistent
images to logical objects such as files, mail boxes,
messages, and database files and logs.
Differences from traditional backup:-
Continuous data protection is different from
traditional backup in that you don't have to specify
the point in time to which you would like to recover
until you are ready to perform a restore. Traditional
backups can only restore data to the point at which
the backup was taken. With continuous data protection,
there are no backup schedules. When data is written to
disk, it is also asynchronously written to a second
location, usually another computer over the network.
This introduces some overhead to disk-write operations
but eliminates the need for nightly scheduled backups.
Some solutions may be marketed as continuous data
protection, but they may only let you restore to fixed
intervals such as 1 hour ago, or 24 hours ago. Some do
not consider this to be true continuous data
protection, as you do not have the ability to restore
to any point in time. Such solutions are often termed
"Snapshot based". There is some debate in the industry
as to whether the granularity of backup needs to be
"every write" in order to be considered CDP or whether
a solution which captures the data every few seconds
is good enough. The debate hinges on the use of the
term "continuous:" whether only the backup process
needs to be continuous, which is sufficient to achieve
the benefits cited above, or whether the ability to
restore from the backup also has to be continuous. The
Storage Networking Industry Association (SNIA) uses
the "every write" definition.
Differences from traditional backup:-
Continuous data protection differs from RAID,
replication, or mirroring in that these technologies
only protect against a storage hardware failure by
protecting the most recent copy of the data. If a
software problem corrupts the data, these technologies
will simply protect the corrupt data. Continuous data
protection will protect against some effects of data
corruption by allowing an installation to restore a
previous, uncorrupted version of the data.
(Transactions that took place between the corrupting
event and the restoration will be lost, however. They
must be recovered through other means, such as
journaling.)
Backup Disk Size:-
In some situations, continuous data protection will
require less space on backup media (usually disk) than
traditional backup. Most continuous data protection
solutions save byte or block-level differences rather
than file-level differences. This means that if you
change one byte of a 100 GB file, only the changed
byte or block is backed up. Traditional incremental
and differential backups make copies of entire
files.  
Further References 
http://searchstorage.techtarget.com/sDefinition/0,,sid5_gci1015407,00.html  

Micro-Blogging
What is Micro-blogging?
Micro-blogging is a form of blogging that allows users
to write brief text updates (usually less than 200
characters) and publish them, either to be viewed by
anyone or by a restricted group which can be chosen by
the user. These messages can be submitted by a variety
of means, including text messaging, instant messaging,
email, MP3 or the web.
The most popular service is called Twitter, which was
launched in July 2006 and won the Web Award in the
blog category at the 2007 South by Southwest
Conference in Austin, Texas. The main two competitors
to Twitter are Jaiku and Cromple.
Twitter is a free social networking and micro-blogging
service that allows users to send "updates" (or
"tweets"; text-based posts, up to 140 characters long)
to the Twitter website, via short message service,
instant messaging, or a third-party application such
as Twitterrific.
Users can receive updates via the Twitter website,
instant messaging, SMS, RSS, email or through an
application. For SMS, four gateway numbers are
currently available: short codes for the USA, Canada,
and India, as well as a UK number for international
use. Several third parties offer posting and receiving
updates via email.
Media companies such as the BBC, The New York Times
and Al Jazeera are trying out Twitter as a way to send
headlines and links to stories.
Further info:
Origin:-
Twitter began as a research and development project
inside San Francisco start-up company Obvious, LLC in
March 2006. It was initially used internally by the
company, and officially launched in October 2006.
Prominent users:-
Many organizations have embraced the technology and
put it to use in life or death situations such as the
October 2007 California wildfires. The Los Angeles
Fire Department makes Twitter a means of
communications. 
Other Softwares:-
Due to Twitter's success, a large number of sites
imitating its concept have sprung up around the world,
offering country-specific services (e.g., frazr) or
combining the micro-blogging facilities with other
ideas, such as filesharing (e.g., Pownce).
Further References 
EDS' Next Big Thing Blog : 
http://www.eds.com/sites/cs/blogs/eds_next_big_thing_blog/archive/2007/03/30/microblogging.aspx
Your Giude to Micro-Blogging and Twitter : 
http://www.pbs.org/mediashift/2007/05/for_the_uberconnectedyour_guid.html  

Web Scraping
What is Web Scraping?
Web Scraping or Harvesting refers to an application
that processes the HTML of a Web page to extract data
for manipulation such as converting the Web page to
another format (i.e. HTML to WML). Web Scraping
scripts and applications will simulate a person
viewing a Web site with a browser. With these scripts
you can connect to a Web page and request a page,
exactly as a browser would do. The Web server will
send back the page which you can then manipulate or
extract specific information from.
Further Info
A typical example application for web scraping is a
web crawler that copies content from one or more
existing websites in order to generate a scraper site.
The result can range from fair use excerpts or
reproduction of text and content, to plagiarized
content. In some instances, plagiarized content may be
used as an illicit means to increase traffic and
advertising revenue. The typical scraper website
generates revenue using Google AdSense, hence the term
'Made for AdSense' or MFA website.
There are legal web scraping sites that provide free
content and are commonly used by webmasters looking to
populate a hastily made site with web content, often
to profit by some means from the traffic the article
hopefully brings. This content does not help the
ranking of the site in search engine results because
the content is not original to that page.  
Further References 
Wikipedia : 
http://en.wikipedia.org/wiki/Web_scraping
Web 3.0 - When websites become Web Services : 
http://www.readwriteweb.com/archives/web_30_when_web_sites_become_web_services.php  


      Get the freedom to save as many mails as you wish. To know how, go to http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html




More information about the AccessIndia mailing list