This is the era of information technology. All matters are dealt digitally and communications are almost fully digitalized. Data and files including secret files are flowing from one end of world to other openly !! So to trouble a nation it is very easy now. Just disturb their communication line !!! The best method for this is putting computer viruses to the system through various methods.

Computer Viruses are simple  computer programs that spreads rapidly across computers by attaching a copy of itself to the files on your computer. When you run the infected files the virus get into action and began its destructive activities. When some one attach their removable devices like external HDD or pen drive it is transferred to them also.

Usually a Computer Virus is very harmful and can corrupt data , over write or modify files or use up many system resources and slow down the system. Some Computer Viruses  may be merely disturbing like asking to key in certain messages to continue or popping up some messages on the screen. Computer Viruses are usually written by expert programmers just to make trouble to others.

Computer Viruses of different types. They are broadly classifies into three as below.

1. Viruses that attack certain area or locations in computers. These viruses attack some specified locations only. The main among them are
   1. Boot Sector Virus that destroy the Master Boot Record ( MBR )
   2. File  Viruses that affect files
   3. Cluster Viruses
2. Viruses that attack computers in peculiar manner. They include
   1. Stealth Viruses
   2. Polymorphic Viruses
   3. Multi partite Viruses and
   4. Fast , slow and sparse infecting Viruses
3. Other types of Virus like disturbance are…
   1. Malwares
   2. Adware
   3. Spyware
   4. Spam
   5. Phising etc.

Many anti virus softwares are available in market to counter the Computer Viruses .

 

 

 

 

 

Once you make your home personal computer from the store or receive in the mail, there is nobody around to maintain basic tips computers to cleaning and improving the performance of your computer. Maintenance and cleaning of your computer must be part of the regular routine to ensure that you have long-term problems with the computer. Unfortunately, users of the most basic computers can not understand the mechanisms feel intimidated by computers or maintenance. There are simple steps anyone can ensure that your computer is running them will get when first moved out of the box to continue.

 

One of the first files on your computer with System Tools, located under the Start menu, Programs, and accessories. Tools maintenance system tools home base, such as Disk Defragmenter, Disk Cleanup, Backup, Scheduled Tasks and Information and Scan Disk on some computers Microsoft Windows. Surprising that these files are located in Accessories because they really the key to your system properly and support to improve the age group of computer performance.

 

Go regularly on my computer and right click on Local Disk (drive C) and open the properties. So you can see how much space you use and how much you have left to use your computer. According to the tools in this area, you can usually scan a page to disk. If you are considering a drive from here, Microsoft will launch a drive through analysis of system programs. It is important to run this file to determine if there are errors or problems running on your computer and the disk scan will repair potential problems. Some experts recommend performing a full scan disk and then a basic disk scan up to once a week on your computer to keep the first set of conditions.

 

After that, it is important to perform a Disk Cleanup regularly, either under Properties under the drive C: or under System Tools. Be aware that as Scan Disk and Disk Cleanup can take a long time and is best before these maintenance tools when not using the computer. Establish a routine with yourself, clean up the implementation of the disk and disk scan on Saturday evening, watching a movie with your family. After Disk Cleanup tool, also contributes regularly to perform a reconstruction. The hard disk is very fragmented over time, which means that the programs have worked together once separated in time from each other and not the right place, too, work on your computer. This delayed the implementation of procedures or use certain programs difficult. The Disk Defragmenter can pull the pieces to work again, and things return.

 

Basic maintenance routines that will ensure your computer is running at peak performance start with simply get rid of files that do not. If you have an earlier document in Word, you have a program not in a long time, or images and music used, do not use, delete it from your computer. Note that once you delete them, do not disappear automatically, but rather in the garbage, and it is also important to empty the garbage, as it is, delete the old files.

 

Old files on the Internet can slow down your computer. Often with Disk Cleanup is an opportunity to get rid of temporary files Internet, but you also get rid of them on your own, using your temporary Internet files in Microsoft Internet Explorer. Click the  Tools  then  Options Internet, General tab, Temporary Internet Files and delete files. Also, take a moment to clear all temporary files that you purchased in May, downloads from the Internet. More about the model temporary files on your computer in different places can be, but usually when the Disk Cleanup and scan there will be an option for temporary files and releasing them.

 

Get one other resources useful and easy to achieve the performance of your computer to run programs that protect you use a firewall to access the computer, installing software and always up to date available for Microsoft and protection programs. Keep a regular maintenance and establishment of a routine updates on your computer to ensure that the purpose of your computer the way, was the first to wear when they go home.

 

 

 

Public Keys

Public-key cryptography makes it possible for people who do not share a common key to communicate securely. It also makes signing messages possible without the presence of a trusted third party. Finally, signed message digests make it possible to verify the integrity of received messages easily.

However, there is one problem that we have glossed over a bit too quickly: if Alice and Bob do not know each other, how do they get each other's public keys to start the communication process? The obvious solution—put your public key on your Web site—does not work for the following reason. Suppose that Alice wants to look up Bob's public key on his Web site. How does she do it? She starts by typing in Bob's URL. Her browser then looks up the DNS address of Bob's home page and sends it a GET request, as shown in Fig. 1. Unfortunately, Trudy intercepts the request and replies with a fake home page, probably a copy of Bob's home page except for the replacement of Bob's public key with Trudy's public key. When Alice now encrypts her first message with ET, Trudy decrypts it, reads it, reencrypts it with Bob's public key, and sends it to Bob, who is none the wiser that Trudy is reading his incoming messages. Worse yet, Trudy could modify the messages before reencrypting them for Bob. Clearly, some mechanism is needed to make sure that public keys can be exchanged securely.

Figure 1. A way for Trudy to subvert public-key encryption.

Certificates

As a first attempt at distributing public keys securely, we could imagine a key distribution center available on-line 24 hours a day to provide public keys on demand. One of the many problems with this solution is that it is not scalable, and the key distribution center would rapidly become a bottleneck. Also, if it ever went down, Internet security would suddenly grind to a halt.

For these reasons, people have developed a different solution, one that does not require the key distribution center to be on-line all the time. In fact, it does not have to be on-line at all. Instead, what it does is certify the public keys belonging to people, companies, and other organizations. An organization that certifies public keys is now called a CA (Certification Authority).

As an example, suppose that Bob wants to allow Alice and other people to communicate with him securely. He can go to the CA with his public key along with his passport or driver's license and ask to be certified. The CA then issues a certificate similar to the one in Fig. 2 and signs its SHA-1 hash with the CA's private key. Bob then pays the CA's fee and gets a floppy disk containing the certificate and its signed hash.

Figure 2. A possible certificate and its signed hash.

The fundamental job of a certificate is to bind a public key to the name of a principal (individual, company, etc.). Certificates themselves are not secret or protected. Bob might, for example, decide to put his new certificate on his Web site, with a link on the main page saying: Click here for my public-key certificate. The resulting click would return both the certificate and the signature block (the signed SHA-1 hash of the certificate).

Now let us run through the scenario of Fig. 1 again. When Trudy intercepts Alice's request for Bob's home page, what can she do? She can put her own certificate and signature block on the fake page, but when Alice reads the certificate she will immediately see that she is not talking to Bob because Bob's name is not in it. Trudy can modify Bob's home page on-the-fly, replacing Bob's public key with her own. However, when Alice runs the SHA-1 algorithm on the certificate, she will get a hash that does not agree with the one she gets when she applies the CA's well-known public key to the signature block. Since Trudy does not have the CA's private key, she has no way of generating a signature block that contains the hash of the modified Web page with her public key on it. In this way, Alice can be sure she has Bob's public key and not Trudy's or someone else's. And as we promised, this scheme does not require the CA to be on-line for verification, thus eliminating a potential bottleneck.

While the standard function of a certificate is to bind a public key to a principal, a certificate can also be used to bind a public key to an attribute. For example, a certificate could say: This public key belongs to someone over 18. It could be used to prove that the owner of the private key was not a minor and thus allowed to access material not suitable for children, and so on, but without disclosing the owner's identity. Typically, the person holding the certificate would send it to the Web site, principal, or process that cared about age. That site, principal, or process would then generate a random number and encrypt it with the public key in the certificate. If the owner were able to decrypt it and send it back, that would be proof that the owner indeed had the attribute stated in the certificate. Alternatively, the random number could be used to generate a session key for the ensuing conversation.

Another example of where a certificate might contain an attribute is in an object-oriented distributed system. Each object normally has multiple methods. The owner of the object could provide each customer with a certificate giving a bit map of which methods the customer is allowed to invoke and binding the bit map to a public key using a signed certificate. Again here, if the certificate holder can prove possession of the corresponding private key, he will be allowed to perform the methods in the bit map. It has the property that the owner's identity need not be known, a property useful in situations where privacy is important.

X.509

If everybody who wanted something signed went to the CA with a different kind of certificate, managing all the different formats would soon become a problem. To solve this problem, a standard for certificates has been devised and approved by ITU. The standard is called X.509 and is in widespread use on the Internet. It has gone through three versions since the initial standardization in 1988. We will discuss V3.

X.509 has been heavily influenced by the OSI world, borrowing some of its worst features (e.g., naming and encoding). Surprisingly, IETF went along with X.509, even though in nearly every other area, from machine addresses to transport protocols to e-mail formats, IETF generally ignored OSI and tried to do it right. The IETF version of X.509 is described in RFC 3280.

At its core, X.509 is a way to describe certificates. The primary fields in a certificate are listed in Fig. 3. The descriptions given there should provide a general idea of what the fields do. For additional information, please consult the standard itself or RFC 2459.

Figure 3. The basic fields of an X.509 certificate.

For example, if Bob works in the loan department of the Money Bank, his X.500 address might be:

 

/C=US/O=MoneyBank/OU=Loan/CN=Bob/

where C is for country, O is for organization, OU is for organizational unit, and CN is for common name. CAs and other entities are named in a similar way. A substantial problem with X.500 names is that if Alice is trying to contact This email address is being protected from spambots. You need JavaScript enabled to view it. and is given a certificate with an X.500 name, it may not be obvious to her that the certificate refers to the Bob she wants. Fortunately, starting with version 3, DNS names are now permitted instead of X.500 names, so this problem may eventually vanish.

Certificates are encoded using the OSI ASN.1 (Abstract Syntax Notation 1), which can be thought of as being like a struct in C, except with a very peculiar and verbose notation. More information about X.509 can be found in (Ford and Baum, 2000).

Public Key Infrastructures

Having a single CA to issue all the world's certificates obviously would not work. It would collapse under the load and be a central point of failure as well. A possible solution might be to have multiple CAs, all run by the same organization and all using the same private key to sign certificates. While this would solve the load and failure problems, it introduces a new problem: key leakage. If there were dozens of servers spread around the world, all holding the CA's private key, the chance of the private key being stolen or otherwise leaking out would be greatly increased. Since the compromise of this key would ruin the world's electronic security infrastructure, having a single central CA is very risky.

In addition, which organization would operate the CA? It is hard to imagine any authority that would be accepted worldwide as legitimate and trustworthy. In some countries people would insist that it be a government, while in other countries they would insist that it not be a government.

For these reasons, a different way for certifying public keys has evolved. It goes under the general name of PKI (Public Key Infrastructure). In this section we will summarize how it works in general, although there have been many proposals so the details will probably evolve in time.

A PKI has multiple components, including users, CAs, certificates, and directories. What the PKI does is provide a way of structuring these components and define standards for the various documents and protocols. A particularly simple form of PKI is a hierarchy of CAs, as depicted in Fig. 4. In this example we have shown three levels, but in practice there might be fewer or more. The top-level CA, the root, certifies second-level CAs, which we call RAs (Regional Authorities) because they might cover some geographic region, such as a country or continent. This term is not standard, though; in fact, no term is really standard for the different levels of the tree. These in turn certify the real CAs, which issue the X.509 certificates to organizations and individuals. When the root authorizes a new RA, it generates an X.509 certificate stating that it has approved the RA, includes the new RA's public key in it, signs it, and hands it to the RA. Similarly, when an RA approves a new CA, it produces and signs a certificate stating its approval and containing the CA's public key.

Figure 4. (a) A hierarchical PKI. (b) A chain of certificates.

Our PKI works like this. Suppose that Alice needs Bob's public key in order to communicate with him, so she looks for and finds a certificate containing it, signed by CA 5. But Alice has never heard of CA 5. For all she knows, CA 5 might be Bob's 10-year-old daughter. She could go to CA 5 and say: Prove your legitimacy. CA 5 responds with the certificate it got from RA 2, which contains CA 5's public key. Now armed with CA 5's public key, she can verify that Bob's certificate was indeed signed by CA 5 and is thus legal.

Unless RA 2 is Bob's 12-year-old son. So the next step is for her to ask RA 2 to prove it is legitimate. The response to her query is a certificate signed by the root and containing RA 2's public key. Now Alice is sure she has Bob's public key.

But how does Alice find the root's public key? Magic. It is assumed that everyone knows the root's public key. For example, her browser might have been shipped with the root's public key built in.

Bob is a friendly sort of guy and does not want to cause Alice a lot of work. He knows that she is going to have to check out CA 5 and RA 2, so to save her some trouble, he collects the two needed certificates and gives her the two certificates along with his. Now she can use her own knowledge of the root's public key to verify the top-level certificate and the public key contained therein to verify the second one. In this way, Alice does not need to contact anyone to do the verification. Because the certificates are all signed, she can easily detect any attempts to tamper with their contents. A chain of certificates going back to the root like this is sometimes called a chain of trust or a certification path. The technique is widely used in practice.

Of course, we still have the problem of who is going to run the root. The solution is not to have a single root, but to have many roots, each with its own RAs and CAs. In fact, modern browsers come preloaded with the public keys for over 100 roots, sometimes referred to as trust anchors. In this way, having a single worldwide trusted authority can be avoided.

But there is now the issue of how the browser vendor decides which purported trust anchors are reliable and which are sleazy. It all comes down to the user trusting the browser vendor to make wise choices and not simply approve all trust anchors willing to pay its inclusion fee. Most browsers allow users to inspect the root keys (usually in the form of certificates signed by the root) and delete any that seem shady.

Directories

Another issue for any PKI is where certificates (and their chains back to some known trust anchor) are stored. One possibility is to have each user store his or her own certificates. While doing this is safe (i.e., there is no way for users to tamper with signed certificates without detection), it is also inconvenient. One alternative that has been proposed is to use DNS as a certificate directory. Before contacting Bob, Alice probably has to look up his IP address using DNS, so why not have DNS return Bob's entire certificate chain along with his IP address?

Some people think this is the way to go, but others would prefer dedicated directory servers whose only job is managing X.509 certificates. Such directories could provide lookup services by using properties of the X.500 names. For example, in theory such a directory service could answer a query such as: ''Give me a list of all people named Alice who work in sales departments anywhere in the U.S. or Canada.'' LDAP might be a candidate for holding such information.

Revocation

The real world is full of certificates, too, such as passports and drivers' licenses. Sometimes these certificates can be revoked, for example, drivers' licenses can be revoked for drunken driving and other driving offenses. The same problem occurs in the digital world: the grantor of a certificate may decide to revoke it because the person or organization holding it has abused it in some way. It can also be revoked if the subject's private key has been exposed, or worse yet, the CA's private key has been compromised. Thus, a PKI needs to deal with the issue of revocation.

A first step in this direction is to have each CA periodically issue a CRL (Certificate Revocation List) giving the serial numbers of all certificates that it has revoked. Since certificates contain expiry times, the CRL need only contain the serial numbers of certificates that have not yet expired. Once its expiry time has passed, a certificate is automatically invalid, so no distinction is needed between those that just timed out and those that were actually revoked. In both cases, they cannot be used any more.

Unfortunately, introducing CRLs means that a user who is about to use a certificate must now acquire the CRL to see if the certificate has been revoked. If it has been, it should not be used. However, even if the certificate is not on the list, it might have been revoked just after the list was published. Thus, the only way to really be sure is to ask the CA. And on the next use of the same certificate, the CA has to be asked again, since the certificate might have been revoked a few seconds ago.

Another complication is that a revoked certificate could conceivably be reinstated, for example, if it was revoked for nonpayment of some fee that has since been paid. Having to deal with revocation (and possibly reinstatement) eliminates one of the best properties of certificates, namely, that they can be used without having to contact a CA.

Where should CRLs be stored? A good place would be the same place the certificates themselves are stored. One strategy is for the CA to actively push out CRLs periodically and have the directories process them by simply removing the revoked certificates. If directories are not used for storing certificates, the CRLs can be cached at various convenient places around the network. Since a CRL is itself a signed document, if it is tampered with, that tampering can be easily detected.

If certificates have long lifetimes, the CRLs will be long, too. For example, if credit cards are valid for 5 years, the number of revocations outstanding will be much longer than if new cards are issued every 3 months. A standard way to deal with long CRLs is to issue a master list infrequently, but issue updates to it more often. Doing this reduces the bandwidth needed for distributing the CRLs.

 

 

How to Protect Your Computer from a Virus

• Virus can do great damage to your computer or none at all.
• A Trojan does not travel from one computer to another, like the virus and worm can.
• Viruses are spread by email, downloads, floppies of any kind, new hard drives, or network computers.

A virus will place itself into other program files and when the infected program runs, the virus code looks for other program files to infect. If that infected file is sent to another computer user, the virus may spread quickly. A virus can do great damage to your computer or none at all. Some are simply annoying, while others will destroy your hard drive. There are two basic types of viruses. Those that infect files and those that infect the areas on your disk that are used to start up your hard disk or boot sector.

 

While most anti virus companies are now using the term "virus" to include Trojans, worms, and viruses, there are differences. A Trojan does not travel from one computer to another, like the virus and worm can. A trojan can seem to do something useful while concealing it's actual destructive purpose, such as destroy files. A worm's a self-replicating program that does not alter files, but stays in active the memory and duplicates itself. Worms use the features of the operating system to remain undected by the user. Quite often they will carry a malicious payload.

 

How can you protect yourself from such attacks? How can you safeguard your computer? Some simple steps will help to greatly diminish your chances of getting a virus, trojan, or worm. While these are simple steps, they are also routine steps.

Viruses are spread by email, downloads, floppies of any kind, new hard drives, or network computers. You can therefore get a virus from your email, but not AOL email, downloads from the internet, or any floppy disc.

 

You should always scan every floppy and any new download regardless of who you received it from. Floppies can carry boot sector viruses which can disable your computer from starting up, and you can never be sure that the one who sent you that file scanned their own system

 

The best way to protect yourself is to NEVER download anything for someone you do not know. Even if you do know who sent you something, you might still want to scan it to be safe. If the person sending the file does not know they are infected, you stand a good chance of getting infected also. Some virus programs send out email using the person’s address book, and something that might appear to be from a friend, was not actually sent by them at all, but rather the virus.

 

You do not want to EVER click on hyperlinks sent to you by strangers. There is a good chance that you might end up someplace online that you do not want to be, if you click it. Many web sites today have them set up, so that when you go to that page, it starts an automatic download. To safeguard against an unknown and unwanted download, beware of clicking on hyperlinks from those you do not know.

 

Never give out your password for get online to anyone. Beware of email or instant messages asking for your password. An internet newcomer might easily be fooled if the email appears to be from an official source. Remember that your Internet Service Provider will NEVER ask for your password, nor you’re billing information. Never give out your billing information or password.

 

Everyone that uses a computer should have virus protection, and have it enabled. While having this protection is good, it serves little purpose if the virus protection is not updated on a regular basic, and often. The virus protection, if kept updated, in most cases will catch a virus that is trying to infect your computer.

 

There are several levels of virus protection, and various companies offering it. The best thing to do is decide what is best for your particular needs. If you start out with just basic protection, you can always upgrade to more lately if the need arises. The important thing is to get protected now.

Two virus protection companies are Norton and McAfee.