How to hack any computer remotely using command promote

         ,      No comments
Hi friends today I teach you how to hack your friends(target) some easy step and some exploit lets start


step 1:-information gathering
      use ping command lets image it was target online/offline and information to target ip add


ster2:-port scanning
  Use to many port scanner software like nmap,superscane like this

Step3:-Os Fingerprinting
  target use opreting system use like windows ,mac os x,linux,ubuntu,redhat,
you can find out target use oprating system using some tool nmap ,net scan tool,pof sowfter tool

step4:-Banner grabbing
   Banner grabbing is an attack designed to deduce the brand and/or version of an operating system
or application. Mean after port scanning we found open port 80 (apache) and target os is Linux,
but we don’t know what is version of apache for remote hacking. Like apache 2.0, 2.2, or 2.6 .

step5:-vulnerability assessment
A vulnerability assessment is the process of identifying, quantifying, and prioritizing (or
ranking) the vulnerabilities in a system.
  step6:-search & build exploit
http://www.packetstormsecurity.org/
you can find out exploit code free and easy downlode

step7:-attack
Launch attack on remote system and get reverse shell.
















 
Share:

how to hack any account use social engineering (security)

          No comments


Social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures.

Social engineering is a component of many, if not most, types of exploits. Virus writers use social engineering tactics to persuade people to run malware-laden email attachments, phishers use social engineering to convince people to divulge sensitive information, and scareware  vendors use social engineering to frighten people into running software that is useless at best and dangerous at worst.


I will tell you what stands out to me from all these attacks," says Rik Ferguson, a consultant at the security company Trend Micro, who has with long experience of countermanding hacking and malware. "They may use the most sophisticated malware which attacks computers in ways that haven't been seen before, but they always start with social engineering."

That, he explains, is the computer hacker's equivalent of a con trick: making people think someone or something is safe or familiar when it is not.

Thus, many of the attacks against the 72 targets identified by McAfee, another security company, began with "spear phishing" – an email sent to a particular person inside an organisation and tailored to appear as though it had come from a contractor or government source, and so trustworthy.

Instead, such emails would contain a link which, when clicked on, would lead to malware that would in turn be downloaded on to the user's machine. From there the remote access tool – or RAT – would be employed to hunt through the computer network or even infect other people's computers.

While social engineering was always the successful spy's stock-in-trade (in the old days they were always the gregarious ones at ambassadors' parties, charming indiscretion out of their opposite numbers), the internet has transformed espionage into something that can be done from the comfort of one's home, and home country.

As long as you can be sure that your target will be sitting in front of a computer somewhere, you have a good chance of getting some useful information out of them, ideally without their knowledge. The modern internet is in fact a blizzard of operation and counter-operation at every level: governments attack others (so the US and Israel almost certainly cooperated to build the Stuxnet worm which put Iran's nuclear ambitions two years behind schedule – much cleaner than a bombing raid), commercial hacker groups wage war with each other to control giant botnets of malware-infected PCs, while at the ground floor factions inside collectives, such as Anonymous, bait and taunt each other while defacing sites. If you think the internet is peaceful or safe, you are looking in the wrong direction.

But are we generally at risk from these attacks by the biggest players? Yes, says Dmitri Alperovitch, McAfee's vice-president of threat research, who collated the data about Shady RAT: "Having investigated intrusions such as Operation Aurora and Night Dragon (systemic long-term compromise of western oil and gas industries), as well as numerous others that have not been disclosed publicly, I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact. In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they've been compromised and those that don't yet know."

Security experts propose that as our culture becomes more dependent on information, social engineering will remain the greatest threat to any security system. Prevention includes educating people about the value of information, training them to protect it, and increasing people's awareness of how social engineers operate.

 Security experts propose that as our culture becomes more dependent on information, social engineering will remain the greatest threat to any security system. Prevention includes educating people about the value of information, training them to protect it, and increasing people's awareness of how social engineers operate.

 
Share:

Network Hacking command full description

          No comments

ping command:-Helps in determining TCP/IP Networks IP address as well as determine issues with the network and assists in resolving them. See the ping definition for a full description.

ping command syntax is :-

ping[-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] destination-list
Now we describe briefly one by one:-


-t Pings the specified host until stopped.
To see statistics and continue - type Control-Break;
To stop - press Ctrl + C.
-aResolve addresses to hostnames.
-n countNumber of echo requests to send.
-l sizeSend buffer size.
-fSet Don't Fragment flag in packet.
-i TTL Time To Live.
-v TOSType Of Service.
-r count   Record route for count hops.
-s countTimestamp for count hops.
-j host-listLoose source route along host-list.
-k host-list Strict source route along host-list.
-w timeoutTimeout in milliseconds to wait for each reply.                


Netstat command:-It display all the network connection and Protocol statistics(ex. local address,remote address,port etc).some useful applications for the average PC user are considered, including checking for malware connections.

Netstat command syntax is :-
netstat [-a] [-b] [-e] [-f] [-n] [-o] [-p proto] [-r] [-s] [-t] [-v] [interval].

Now we describe briefly one by one:-
 -a => Displays all connections and listening ports.
 -b => Displays the executable involved in creating each connection or listening port.
 -e => Displays Ethernet statistics.

 -f => Displays Fully Qualified Domain Names for foreign addresses (Windows Vista/7).
 -n => Displays addresses and port numbers in numerical form.
 -o => Displays the owning process ID associated with each connection.
-p proto => Shows connections for the protocol specified by proto; proto may be any of: TCP, UDP, TCPv6, or UDPv6.
-r => Displays the routing table.
-s => Displays per-protocol statistics.
-t => Displays the current connection offload state (Windows Vista/7).
-v => When used in conjunction with -b, will display sequence of components 

Telnet command:-
Enables a user  to another computer from the command prompt.
The availability of this command has only been listed as Windows 2000 and Windows XP because these are the only two versions of Microsoft Windows that support the telnet command from the command prompt (with additional switches). Additional information and help about using telnet from any version of Windows can be found on our 
Telnet command  syntax :-

telnet [host [port]]
host specifies the hostname or IP address of the remote
computer to connect to.
portSpecifies the port number or service name.

Now we describe briefly one by one:-
closeclose current connection
displaydisplay operating parameters
openconnect to a site
quitexit telnet
setset options (type 'set ?' for a list)
NTLMTurn ON NTLM Authentication.
LOCAL_ECHOTurn ON LOCAL_ECHO.
TERM x(where x is ANSI, VT100, VT52, or VTNT)
CRLFSend both CR and LF
statusprint status information
unsetunset options (type 'unset ?' for a list)

NTLMTurn OFF NTLM Authentication.
LOCAL_ECHOTurn OFF LOCAL_ECHO.
CRLFSend only CR (no LF is sent)
?/helpprint help information
Tracert command :-
The tracert command is used to visually see a network packet being sent and received and the amount of hops required for that packet to get to its destination.
Users with Microsoft Windows 2000 and Windows XP who need additional information network latency and network loss should also consider using the 


Tracert command syntax is :-
tracert[-d] [-h maximum_hops] [-j host-list] [-w timeout] target_name

Now we describe briefly one by one:-
-dDo not resolve addresses to hostnames.
-h maximum_hopsMaximum number of hops to search for target.
-j host-listLoose source route along host-list.
-w timeoutWait timeout milliseconds for each reply.


 
Share:

Hardware Keylogger

          No comments
f you can Physically access victims PC, then this could be the ideal keylogger. it is a device which can be quickly inserted in between the keyboard and the PC to capture all the data(keystrokes) entered by the victim. Keystrokes are collected in a temporary file and is stored in the flash memory of the keylogger.
hardware keylogger
The hacker behind it can now easily pick up the device containing all the information(passwords,credit card details) of victim anytime. Therefore, if desired, the keylogger can be moved to another computer to retrieve the data. Amazed?.. yes it is possible, check your keyboard slot now! Beware of this

Best USB Keylogger

 

New Keycobra USB Keyloggers are the world’s smallest & smartest USB keylogger that can store over a billion keystrokes and organizes everything into an advanced flash FAT file system. Switching into Flash Drive mode allows for super fast data retrieval and download. There is no software or drivers rerquired and is completely transparent from computer operation. KeyCobra USB keylogger works on USB keyboards for PC and MAC computers.

New WiFi Keylogger

 

KeyCobra Provides world’s smallest and smartest Wifi hardware keylogger! This wireless wifi keylogger is packed with state-of-the-art electronics: two powerful processors, a full TCP/IP stack, a WLAN transceiver, and 2 Gigabytes of memory. It features remote access over the Internet. This wireless keylogger will connect to a local Wi-Fi Access Point, and send E-mails containing recorded keystroke data. You can also connect to the keylogger at any time over TCP/IP and view the captured log. All this is a device less than 2 inches (5 cm) long and Supports All Types of Keyboards.

FOR MORE DETAILS VISITE  THIS SITE 


http://www.keycobra.com/usb-keylogger.html

http://www.refog.com/hardware-keylogger.html

http://www.wirelesskeylogger.com/

http://www.keydemon.com/

Share:

online port scener link

          No comments
Share:

ઓપરેટિંગ સિસ્ટમો વિકાસ - પરિચય translet engilsh to gujrati chapter -1

          No comments

આ શું છે?

Operating systems can be a very complex topic. ઓપરેટિંગ સિસ્ટમો ખૂબ જટિલ વિષય હોઈ શકે છે. Learning how operating systems work can be a great learning experience. શીખવી કેવી રીતે ઓપરેટિંગ સિસ્ટમો કામ મહાન શિક્ષણ અનુભવ કરી શકાય છે.
The purpose of this series is to teach the black art of Operating System (OS) Development, from the ground up. આ શ્રેણી હેતુ ઓપરેટીંગ સિસ્ટમ ની કાળા કલા (OS) વિકાસ જમીન છે, શીખવે છે. Whether you want to make your own OS, or simply to learn how they work, this series is for you. ક્યાં તો તમે તમારી પોતાની OS બનાવવા માટે, અથવા માત્ર શીખવા માટે તેઓ કેવી રીતે કામ કરે છે કરવા માંગો છો, તો આ શ્રેણી માટે છે.

What is an Operating System? ઓપરેટિંગ સિસ્ટમ એ શું છે?

An Operating System provides the basic functionality, look, and feel, for a computer. ઓપરેટિંગ સિસ્ટમ મૂળભૂત વિધેય પૂરી પાડે છે, જુઓ, અને કમ્પ્યૂટર માટે, લાગે છે. The primary purpose is to create a workable Operating Environment for the user. પ્રાથમિક હેતુ વપરાશકર્તા માટે એક વહેવારુ સંચાલન પર્યાવરણ બનાવે છે.
An example of an Operating System is Windows, Linux, and Macintosh. ઓપરેટિંગ સિસ્ટમ ઉદાહરણ Windows માટે, Linux, અને મેકિન્ટોશ છે.

If you have never programmed before જો તમે પહેલાં ક્યારેય પ્રોગ્રામ છે

Computer programming is designing and writing software, or programs, for the computer to load and execute. કોમ્પ્યુટર પ્રોગ્રામિંગ રચના છે અને લેખન સોફ્ટવેર, અથવા કાર્યક્રમો, કમ્પ્યુટર માટે લાવવા માટે અને ચલાવો. However, the Operating System needs to be designed with this functionality. જો કે, ઓપરેટિંગ સિસ્ટમ માટે આ વિધેય સાથે રચાયેલ જરૂર છે.
An Operating System is not a single program, but a collection of software that work and communicate with each other. ઓપરેટિંગ સિસ્ટમ એક કાર્યક્રમ નથી, પરંતુ સોફ્ટવેર સંગ્રહ છે કે જે એકબીજા સાથે કામ વાતચીત. This is what I mean by "Operating Environment". આ હું શું "સંચાલન પર્યાવરણ" દ્વારા થાય છે.
Because Operating Systems are a collection of software, in order to develop an Operating System, one must know how to develop software. કારણ કે ઓપરેટિંગ સિસ્ટમો સોફ્ટવેર સંગ્રહ છે, ક્રમમાં ઓપરેટિંગ સિસ્ટમ વિકસાવવા માટે, એક ખબર જ જોઈએ કેવી રીતે સોફ્ટવેર વિકસાવી છે. That is, one must know computer programming. એટલે કે, એક કોમ્પ્યુટર પ્રોગ્રામિંગ ખબર જ જોઈએ.
If you have never programmed before, take a look at the Requirements section below, and look no further. જો તમે પહેલાં ક્યારેય પ્રોગ્રામ છે, જરૂરીયાતો વિભાગ નીચે એક જુઓ, અને વધુ જુઓ. This section will have links to good tutorials and articles that could help you to learn computer programming with C++ and 80x86 Assembly Language. આ વિભાગ સારી ટ્યુટોરિયલ્સ અને લેખો છે કે જે તમે C + + અને 80x86 એસેમ્બલી ભાષા સાથે કોમ્પ્યુટર પ્રોગ્રામિંગ શીખવા માટે મદદ કરી શકે કડીઓ હોય છે.

Requirements જરૂરીયાતો

Knowledge of the C Programming Language સી પ્રોગ્રામિંગ ભાષા જ્ઞાન

Using a high level language, such as C, can make OS development much easier. સી જેવી હાઇ લેવલ ભાષા, મદદથી ઓએસ વિકાસ વધુ સરળ બનાવી શકે છે. The most common languages that are used in OS development are C, C++, and Perl. સૌથી સામાન્ય ભાષાઓ તે OS વિકાસ ઉપયોગમાં છે C, C + +, અને પર્લ. Do not think these are the only languages that may be used; It is possible in other languages. લાગે છે કે આ માત્ર ભાષાઓ ઉપયોગ કરી શકાય છે નહિં; તે અન્ય ભાષાઓમાં શક્ય છે. I have even seen one with FreeBASIC! હું પણ એક ફ્રીબેઝિક Language જોઇ છે! Getting higher level languages to work properly can also make it harder to work within the long run, however. ઉચ્ચ કક્ષાની ભાષાઓ યોગ્ય રીતે કામ કરવા માટે મેળવવી પણ લાંબા ગાળે અંદર મુશ્કેલ કામ કરવા માટે, જોકે કરી શકો છો.
C and C++ are the most common, with C being the most used. C અને C + + સૌથી સામાન્ય સી સૌથી વધુ ઉપયોગ થાય છે, આવે છે. C, as being a middle level language, provides high level constructs while still providing low level details that are closer to assembly language, and hence, the system. C, A મધ્યમ સ્તરની ભાષા છે, ઊંચા સ્તર રચના પૂરી પાડે છે જ્યારે હજુ પણ નીચા સ્તર વિગતો કે જે એસેમ્બલી ભાષા નજીક છે, અને તેથી, સિસ્ટમ પૂરી પાડે છે. Because of this, using C is fairly easy in OS development. આ કારણે, સી મદદથી ઓએસ વિકાસ એકદમ સરળ છે. This is one of the primary reasons why it is the most commonly used: Because the C programming language was originally designed for system level and embedded software development. આ એક પ્રાથમિક કારણો તે સૌથી વધુ સામાન્ય રીતે વપરાય છે છે: કારણ કે સી પ્રોગ્રામીંગ ભાષા મૂળભૂત સિસ્ટમ સ્તર માટે રચના કરવામાં આવી હતી અને સોફ્ટવેર ડેવલપમેન્ટ જડિત.
Because of this, we are going to be using C for most of the OS. આ કારણે, અમે OS ની સૌથી માટે સી મદદથી શકાય જતાં હોય છે.
C is a complex programming language, that can take a book to cover. સી જટિલ પ્રોગ્રામીંગ ભાષા છે, કે જે એક કવર પુસ્તક લઈ શકે છે. If you do not know C, the following may help: જો તમે C ખબર નહિં હોય, તો નીચેના મદદ કરી શકો છો:
I personally learned from the original "The C++ Programming language", which is now obsolete, though. હું વ્યક્તિગત મૂળ "આ C + + પ્રોગ્રામીંગ ભાષા +" છે, કે જે હવે કાલગ્રસ્ત માંથી છતાં શીખી.

Knowledge of x86 Assembly Language X86 એસેમ્બલી ભાષા જ્ઞાન

80x86 Assembly Language is a low level programming language. 80x86 એસેમ્બલી ભાષા ઓછી લેવલ પ્રોગ્રામીંગ ભાષા છે. Assembly Language provides a direct one to one relation with the processor machine instructions, which make assembly language suitable for hardware programming. એસેમ્બલી ભાષા પ્રોસેસર મશીન સૂચનો છે, કે જે એસેમ્બલી ભાષા હાર્ડવેર પ્રોગ્રામિંગ માટે યોગ્ય બનાવે છે સાથે સીધો એક એક સંબંધ પૂરો પાડે છે.
Assembly Language, as being low level, tend to be more complex and harder to develop in, then high level languages like C. Because of this, and to aid in simplicity, We are only going to use assembly language when required, and no more. એસેમ્બલી ભાષા, ઓછી સ્તર છે, વધુ જટિલ અને મુશ્કેલ વિકાસ કરવા માટે, પછી હાઇ લેવલ ભાષાઓ આ કારણે સી જેવી શકાય વલણ ધરાવે છે, અને સરળતા સહાય, અમે માત્ર એસેમ્બલી ભાષા વાપરો જ્યારે જરૂરી જતાં હોય છે, અને કોઈ વધુ .
Assembly Language is another complex language that can take a book to fill. એસેમ્બલી ભાષા અન્ય જટિલ ભાષા કે ભરવા માટે પુસ્તક લઈ શકે છે. If you do not know x86 Assembly Language, the following may help: જો તમે x86 એસેમ્બલી ભાષા ખબર નહિં હોય, તો નીચેના મદદ કરી શકો છો:
I personally learned from Assembly Language Step by Step (Excellent beginning book) and the Art of Assembly Language. હું વ્યક્તિગત (શ્રેષ્ઠ શરૂઆત પુસ્તક) પગલાં અને વિધાનસભા ભાષા ઓફ આર્ટ દ્વારા એસેમ્બલી ભાષા પગલાં પાસેથી શીખે છે. Both are very great books. બંને ખૂબ મહાન પુસ્તકો હોય છે.

Getting ready તૈયાર મેળવવી

That is all you need to know--Everything else I'll teach along the way. બાકીનું બધું હું રીતે સાથે શીખવે પડશે - તે બધા માટે જાણવાની જરૂર છે. Be forewarned: From here on out, I will not be explaining C or x86 Assembly Language concepts. Forewarned છે: અહીં બહાર પ્રતિ, હું C અથવા X86 એસેમ્બલી ભાષા ખ્યાલ આવશે નહીં સમજાવતી છે. I will still explain new instructions that you may not be familiar with, such as lgdt , and the use of sti, cli, bt, cpuid and some others, however. હું હજુ પણ નવી સૂચનાઓ કે તમારી સાથે છે, જેમ કે lgdt તરીકે પરિચિત હોઈ શકે નહિં, અને એસટીઆઇ, CLI, BT, cpuid અને કેટલાક અન્ય વાપરવા માટે, જોકે સમજાવશે.

Tools of the trade આ વેપાર સાધનો

In developing low level code, we will need specialized low level software to help us out. નીચા સ્તર કોડ વિકાસ, અમે ખાસ નીચા સ્તર સોફ્ટવેર જરૂર અમને મદદ બહાર આવશે. Some of these tools are not needed, however, they are highly recommended as they can significantly aid in development. આ સાધનો કેટલાક જરૂરી નથી, આમ છતાં, તેઓ ખૂબ કારણ કે તેઓ નોંધપાત્ર રીતે વિકાસ સહાય કરી શકો છો આગ્રહણીય છે.

NASM - The Assembler આ એસેમ્બલર - NASM

The Netwide Assembler (NASM) can generate flat binary 16bit programs, while most other assemblers (Turbo Assembler (TASM), Microsoft's Macro Assembler (MASM)) cannot. આ Netwide એસેમ્બલર (NASM) સપાટ બાઈનરી 16bit કાર્યક્રમો પેદા કરે છે, જ્યારે મોટા ભાગના અન્ય assemblers (ટર્બો (TASM) એસેમ્બલર છે, માઇક્રોસોફ્ટ મેક્રો એસેમ્બલર (MASM)) કરી શકતું નથી.
During the development of the OS, some programs must be pure binary executables. OS ની વિકાસ દરમ્યાન, કેટલાક કાર્યક્રમો શુદ્ધ બાઈનરી ચલાવી હોવા જ જોઈએ. Because of this, NASM is a great choice to use. આ કારણે, NASM મહાન ઉપયોગ પસંદગી છે.
You can download NASM from here . તમે NASM ડાઉનલોડ કરી શકો છો અહીં .

Microsoft Visual C++ 2005 or 2008 માઇક્રોસોફ્ટ વિઝ્યુઅલ C + + અથવા 2005 2008

Because portability is a concern, most of the code for our operating system will be developed in C. કારણ કે પોર્ટેબીલીટી એક ચિંતા છે, અમારા ઓપરેટિંગ સિસ્ટમ માટે કોડ મોટા ભાગના સી વિકસાવવામાં આવશે During OS Development, there are some things that we must have control over that not all compilers may support, however. ઓએસ વિકાસ દરમ્યાન, ત્યાં અમુક વસ્તુઓ છે કે જે અમે કમ્પાઇલરોનો બધા આધાર નહિં આપે પર નિયંત્રણ હોય છે, જોકે જ જોઈએ છે. For example, say good bye to all runtime compiler support (templates, exceptions) and the good old standard library! ઉદાહરણ તરીકે, બધી રનટાઈમ કમ્પાઈલર (ટેમ્પલેટો, અપવાદો) આધાર અને સારા જૂના સ્ટાન્ડર્ડ લાઇબ્રેરી સારી બાય કહી! Depending on the design of your system, you may also need to support or change more detailed properties: Such as loading at a specific address, adding your own internal sections in your programs' binary, etc..) The basic idea is that not all compilers out there are capable of developing operating system code. તમારી સિસ્ટમની ડિઝાઇન પર આધાર રાખીને, તમને પણ આધાર અથવા વધુ વિગતવાર ગુણધર્મો બદલવા માટે જરૂર પડી શકે છે. ચોક્કસ સરનામે લોડ જેવા તમારા કાર્યક્રમો બાઈનરી, વગેરે તમારા પોતાના આંતરિક વિભાગો ઉમેરીને) મૂળભૂત વિચાર છે કે જે બધા ત્યાં બહાર કમ્પાઇલરોનો ઓપરેટિંગ સિસ્ટમ કોડ વિકસાવવા માટે સક્ષમ હોય છે.
I will be using Microsoft Visual C++ for developing the system. હું C + + સિસ્ટમ વિકાસ માટે + માઇક્રોસોફ્ટ વિઝ્યુઅલ ઉપયોગ કરીને કરશે. However, it is also possible to develop in other compilers such as DJGPP, GCC or even Cygwin. જોકે, તે પણ શક્ય છે DJGPP, GCC એ કે Cygwin જેવા અન્ય કમ્પાઇલરોનો માં છે. Cygwin is a command shell program that is designed to emulate Linux command shell. Cygwin આદેશ શેલ કાર્યક્રમ છે કે જે Linux આદેશ શેલ અનુકરણ કરવા માટે રચાયેલ છે. There is a GCC port for Cygwin. ત્યાં Cygwin માટે GCC ને પોર્ટ છે.
You can get Visual C++ 2008 from here તમે વિઝ્યુઅલ C + + થી 2008 મેળવી શકો છો અહીં
You can also still get Visual C++ 2005 from here . પણ તમે હજુ પણ મેળવી શકો છો વિઝ્યુઅલ C + + 2005 અહીં .

Support for other compilers અન્ય કમ્પાઇલરોનો માટે આધાર

As previously stated, it is possible to develop an operating system using other compilers. જેમ અગાઉ જણાવ્યું હતું કે, તે શક્ય છે ઓપરેટિંગ અન્ય કમ્પાઇલરોનો મદદથી સિસ્ટમ છે. While my primary compiler of use will be Visual C++, I will explain on how to setup the working environments so that you will be able to use your favorite compiler. જ્યારે મારી ઉપયોગ પ્રાથમિક કમ્પાઈલર વિઝ્યુઅલ આવશે C + +, હું કેવી રીતે કામ પર્યાવરણોમાં સુયોજન માટે કે જેથી તમે તમારા મનગમતા કમ્પાઈલર વાપરવા માટે સમર્થ હશો પર સમજાવશે.
Currently, I plan on describing on setting up the environments for: હાલમાં, હું સુયોજિત માટે પર્યાવરણોમાં પર વર્ણન યોજના:
  • DJGPP DJGPP
  • Microsoft Visual Studio 2005 માઇક્રોસોફ્ટ વિઝ્યુઅલ સ્ટુડિયો 2005
  • GCC GCC
    • I will also try to support the following compilers, if possible: હું પણ નીચેના કમ્પાઇલરોનો આધાર પ્રયાસ કરશે, જો શક્ય હોય:
  • Mingw Mingw
  • Pelles C Pelles સી
If you would like to add more to this list, please contact me . જો તમે આ યાદીમાં વધુ ઉમેરવા માંગો છો, તો કૃપા કરીને મને સંપર્ક .

Copying the Boot Loader બુટ લોડર કૉપિ

The bootloader is a pure binary program that is stored in a single 512 byte sector. બુટલોડર શુદ્ધ બાઈનરી કાર્યક્રમ છે કે જે એક 512 બાઈટ ક્ષેત્રમાં સંગ્રહ છે. It is a very important program as it is impossible to create an OS without it. તે ખૂબ મહત્વનું કાર્યક્રમ છે, કારણ કે તે અશક્ય છે તે વગર ઓએસ બનાવો. It is the very first program of your OS that is loaded directly by the BIOS, and executed directly by the processor. તે તમારા ઓએસ ખૂબ જ પ્રથમ કાર્યક્રમ છે કે જે સીધા BIOS દ્વારા લાવવામાં આવે છે, અને પ્રોસેસર દ્વારા સીધી ચલાવવામાં આવે છે. We can use NASM to assemble the program, but how do we get it on a floppy disk? અમે NASM વાપરવા માટે કાર્યક્રમ assemble કરી શકો છો, પરંતુ અમે ફ્લોપી ડિસ્ક પર કેવી રીતે કરવું તે મળી શકે? We cannot just copy the file. અમે હમણાં જ ફાઈલ નથી નકલ કરી શકો છો. Instead, we have to overwrite the boot record that Windows places (after formatting the disk) with our bootloader. તેના બદલે, અમે બુટ રેકોર્ડ પર ફરીથી લખી છે કે અમારા બુટલોડર સાથે Windows સ્થળોએ (ડિસ્ક બંધારણ પછી). Why do we need to do this? અમે આ નથી જરૂર શા માટે છે? Remember that the BIOS only looks at the bootsector when finding a bootable disk. યાદ રાખો કે જે BIOS એ માત્ર bootsector પર દેખાય છે જ્યારે બુટ કરી શકાય તેવી ડિસ્ક શોધવામાં. The bootsector, and the "boot record" are both in the same sector! આ bootsector, અને "બુટ રેકોર્ડ" એક જ ક્ષેત્રમાં બંને હોય છે! Hence, we have to overwrite it. તેથી, અમે તેને ફરીથી લખી છે.
There are alot of ways we can do this. ત્યાં રીતે અમે આ કરી શકો છો ઘણા છે. Here, I will present two. અહીં, હું બે રજૂ કરશે. If you are unable to get one method working on your system, our readers may try the other method. જો તમે તમારી સિસ્ટમ પર કામ પદ્ધતિ મળી અસમર્થ હોય છે, અમારા વાચકોને અન્ય પદ્ધતિ પ્રયાસ કરી શકે છે.
Warning: Do Not attempt to play with the following software until I explain how to use it. ચેતવણી: નીચેના સોફ્ટવેર સાથે રમવા ત્યાં સુધી હું કેવી રીતે તેનો ઉપયોગ કરવાનો પ્રયાસ કરશો નહિં. Using this oftware incorrectly can corrupt the data on your disk or make your PC unable to boot. આ oftware મદદથી અયોગ્ય રીતે તમારા ડિસ્ક પર માહિતી ભ્રષ્ટ અથવા તમારા પીસી બુટ કરવા માટે અસમર્થ બનાવી શકે છે.

PartCopy - Low Level Disk Copier નિમ્ન સ્તર ડિસ્ક નકલ બનાવનાર - PartCopy

PartCopy allows the copying of sectors from one drive to another. PartCopy એક ડ્રાઈવ બીજી ક્ષેત્રોમાં થયેલા નકલ પરવાનગી આપે છે. PartCopy stands for "Partial copy". PartCopy "આંશિક નકલ" માટે રહે છે. Its function is to copy a certain number of sectors from one location to another, to and from a specific address. તેની કામ કરવા માટે એક સ્થાન બીજી ક્ષેત્રોમાં ચોક્કસ નંબર, અને ચોક્કસ સરનામું માંથી નકલ હોય છે.
You can download it from here . તમે તે ડાઉનલોડ કરી શકો છો અહીં .

Windows DEBUG Command Windows ડિબગ આદેશ

Windows provides a small command line debugger that may be used through the command line. Windows નાના આદેશ વાક્ય ડીબગર કે આદેશ વાક્ય મારફતે વાપરી શકાશે પૂરી પાડે છે. There are quite a bit of different things that we can do with this software, but all we need it to do is copy our boot loader to the first 512 bytes on disk. ત્યાં તદ્દન અલગ વસ્તુઓ છે કે જે આપણે આ સોફ્ટવેર સાથે કરી શકો છો એક બીટ હોય છે, પરંતુ બધા અમે તેને જરૂર છે ડિસ્ક પર પ્રથમ 512 બાઇટ્સ અમારા બુટ લોડર નકલ કરો. Go to the command prompt, and type debug . પ્રોમ્પ્ટ આદેશ પર જાઓ, અને પ્રકાર ડિબગ. You will be greeted by a little prompt (-): (-) તમે થોડી પ્રોમ્પ્ટ દ્વારા અભિવાદન કરવામાં આવશે: 
C:\Documents and Settings\Michael>debug C: દસ્તાવેજો \ અને સેટિંગ્સ \ માઈકલ> ડિબગ
- -
Here is where you enter your commands. h is the help command, q is the quit command. અંહિ છે કે જ્યાં તમે તમારા આદેશો દાખલ કરો h. મદદ આદેશ, q છોડો આદેશ છે. The w (write) command is the most important for us.વાઇડ આદેશ (લખવા) એ સૌથી અમારા માટે મહત્વની છે. You can have debug load a file into memory such as, say, our boot loader: તમે જેમ કહે છે, અમારા બુટ લોડર તરીકે મેમરીમાં ફાઈલ લોડ ડિબગ કરી શકાય છે: 
C:\Documents and Settings\Michael>debug boot_loader.bin C: દસ્તાવેજો \ અને સેટિંગ્સ \ માઈકલ> ડિબગ boot_loader.bin
- -
This allows us to perform operations on it. આ અમને તેની પર કામગીરી કરવા માટે પરવાનગી આપે છે. (We can also use debugs L (Load) command to load the file is we wanted to). (અમે પણ debugs (લોડ) એલ આદેશ વાપરો ફાઈલ લોડ કરી શકો છો અમે ઇચ્છતા હોય છે). In the above example, boot_loader.bin will be loaded at address 0x100. ઉપરના ઉદાહરણમાં, boot_loader.bin સરનામું 0x100 પર લોડ કરવામાં આવશે. To write the file to the first sector of our disk, we need to use the W (Write) command which takes the following form: અમારી ડિસ્ક પ્રથમ સેક્ટર માટે ફાઈલ લખો, અમે ડબલ્યુ (લખો) આદેશ કે જે નીચેનો ફોર્મ લે ઉપયોગ જરૂર પડશે: 
W [address] [drive] [firstsector] [number] ડબલ્યુ સરનામું [] [ડ્રાઈવ] [firstsector] [નંબર]
Okay... ઠીક છે ... so let's see: The file is at address 0x100. ચાલો જુઓ: ફાઈલ સરનામું 0x100 છે. We want the floppy drive (Drive 0). અમે ફ્લોપી ડ્રાઈવ (0 ડ્રાઈવ) કરવા માંગો છો. The first sector is the first sector on the disk (sector 0) and the number of sectors is ehm... પ્રથમ સેક્ટર ડિસ્ક પર પ્રથમ સેક્ટર (0 સેક્ટર) છે અને સેક્ટરોની સંખ્યા ehm છે ... 1. 1. Putting this together, this is our command to write boot_loader.bin to the boot sector of a floppy: આ સાથે પુટિંગ, આ અમારી ફ્લોપી, બુટ સેક્ટર માટે boot_loader.bin લખવા આદેશ છે: 
C:\Documents and Settings\Michael>debug boot_loader.bin C: દસ્તાવેજો \ અને સેટિંગ્સ \ માઈકલ> ડિબગ boot_loader.bin
-w 100 0 0 1 100 0 1 0-વાઇડ
-q -Q
If you would like to learn more about this command, take a look at this tutorial . જો તમે આ આદેશ વિશે વધુ જાણવા ઈચ્છો, તો એક જુઓ આ ટ્યુટોરીયલ .

VFD - Virtual Floppy Drive વર્ચ્યુઅલ ફ્લોપી ડ્રાઇવ - VFD

Weather you have a floppy drive or not, this program is very useful. હવામાન તમે ફ્લોપી ડ્રાઇવ અથવા નહિં હોય, તો આ કાર્યક્રમ ખૂબ ઉપયોગી છે. It can simulate a real floppy drive from a stored floppy image, or even in RAM. તે સંગ્રહાયેલ ફ્લોપી ઇમેજ માંથી, અથવા RAM એ વાસ્તવિક ફ્લોપી ડ્રાઇવ બનાવટી કરી શકો છો. This program creates a virtual floppy image, allows formatting, and copying files (Such as, your kernel perhaps?) directly using Windows Explorer. આ કાર્યક્રમ વર્ચ્યુઅલ ફ્લોપી ઈમેજ બનાવે છે, બંધારણ માટે પરવાનગી આપે છે, અને તેની નકલ કરવાનું (જેમ કે, તમારી કર્નલ કદાચ?) ફાઈલો સીધી Windows Explorer વાપરી રહ્યા છે.
You can download it from here . તમે તે ડાઉનલોડ કરી શકો છો અહીં .

Bochs Emulator - PC Emulator and Debugger Bochs ઈમ્યુલેટર - પીસી ઈમ્યુલેટર અને ડિબગર

You pop in a floppy disk into a computer, in hopes that it works. તમે કોમ્પ્યુટર એક ફ્લોપી ડિસ્ક માં આશા છે કે તે કામ કરે છે, પૉપ. You boot your computer and look in aw at your greatest creation! તમે તમારા કમ્પ્યુટર બુટ કરો અને તમારી સૌથી વધુ બનાવટ પર કંઇક ભુલ થઇ જુઓ! ...Until your floppy motor dies out because you forgot to send the command to the controller in your bootloader. ... ત્યાં સુધી તમારા ફ્લોપી મોટર આઉટ મૃત્યુ પામે છે કારણ કે તમે તમારા બુટલોડર માં નિયંત્રક આદેશ મોકલવા ભૂલી ગયા છો.
When working with low level code, it is possible to destroy hardware if you are not careful. જ્યારે ઓછી સ્તર કોડ સાથે કામ કરવાનું શક્ય છે હાર્ડવેર નાશ જો તમે કાળજી નથી. Also, to test your OS, you will need to reboot your computers hundreds of times during development. ઉપરાંત, તમારી OS પરીક્ષણ, તો તમે વિકાસ દરમ્યાન તમારા વખત કમ્પ્યુટર સેંકડો રીબુટ કરવાની જરૂર રહેશે.
Also, what do you do if the computer just reboots? ઉપરાંત, તમે શું કમ્પ્યૂટર માત્ર રિબુટ જો કરવું? What do you do if your Kernel crashes? તમે શું તમારી કર્નલ ક્રેશ તો શું કરવું? Because there is no debugger for your OS, it is virtually impossible to debug. કારણ કે ત્યાં તમારા OS માટે કોઈ ડીબગર છે, તે વર્ચ્યુઅલ અશક્ય છે ડિબગ.
The solution? ઉકેલ? A PC Emulator. એક પીસી અનુકરણ. There are plenty available, two of them being VMWare and Bochs Emulator. ત્યાં પુષ્કળ ઉપલબ્ધ છે, બે તેમને VMware અને Bochs ઈમ્યુલેટર રહી છે. I will be using Bochs and Microsoft Virtual PC for testing. હું ચકાસણી માટે Bochs અને Microsoft વર્ચ્યુઅલ પીસી ઉપયોગ કરીને કરશે.
You can download Bochs from here . તમે Bochs ડાઉનલોડ કરી શકો છો અહીં .

Thats all, fokes બધા fokes, Thats

You do not need to know how to use the software I listed. તમે જાણવા સોફ્ટવેર હું યાદી વાપરવા માટે જરૂર નથી. I will explain how to use them as we start using them. હું સમજાવશે કેવી રીતે તેને વાપરવું તે આપણે તેઓની મદદથી શરૂ કરો.
If you would like to run your system on a real computer that does not have a floppy drive, it is still possible to boot from CD even though it is a floppy image. જો તમે વાસ્તવિક કોમ્પ્યુટર કે જે ફ્લોપી ડ્રાઇવ નથી પર તમારી સિસ્ટમ ચલાવવા ઈચ્છો, તે હજુ પણ શક્ય છે CD માંથી બુટ ભલે તે ફ્લોપી છબી હોય છે. This is done through Floppy Emulation that which most of BIOSs support.ફ્લોપી ઈમ્યુલેશન મારફતે થાય છે કે જે BIOSs આધાર મોટા ભાગના.
Simply get a CD burning software (I personally use MagicISO) that can create a bootable ISO from a floppy image. ખાલી એક CD બનાવનાર (હું વ્યક્તિગત MagicISO વાપરો) સોફ્ટવેર કે જે ફ્લોપી ઇમેજ માંથી બુટ કરી શકાય તેવી ISO બનાવી શકો છો. Then, simply burn the ISO image to a CD and it should work. પછી, ખાલી CD માટે ISO ઇમેજ બર્ન અને તે કામ કરવુ જોઇએ.

The Build Process બિલ્ડ પ્રક્રિયા

There are a lot of tools listed above. ત્યાં ઉપર યાદી થયેલ સાધનો ઘણું છે. To better understand how they can be useful, we should take a look at the entire build process of the OS. વધુ સારી રીતે સમજી તેઓ કેવી રીતે ઉપયોગી થઇ શકે છે, અમે OS ની સમગ્ર પ્રક્રિયા બિલ્ડ પર જોવા લેવી જોઈએ.
  • Setting everything up બધું સુયોજિત કરી રહ્યા છે ઉપર
    1. Use VFD to create and format a virtual floppy image to use. ઉપયોગ કરવા અને બનાવવા માટે વર્ચ્યુઅલ ફ્લોપી ઉપયોગ image બંધારણ VFD.
    2. Set up Bochs Emulator to boot from the floppy image. અપ Bochs ઈમ્યુલેટર સેટ કરવા માટે ફ્લોપી ઇમેજ માંથી બુટ કરો.
  • The bootloader બુટલોડર
    1. Assemble the bootloader with NASM to create a flat binary program. NASM સાથે બુટલોડર Assemble માટે ફ્લેટ બાઈનરી કાર્યક્રમ બનાવો.
    2. Use PartCopy or the DEBUG command to copy the bootloader to the bootsector of the virtual floppy image. PartCopy અથવા ડિબગ આદેશ વાપરો વર્ચ્યુઅલ ફ્લોપી ઇમેજ bootsector માટે બુટલોડર નકલ કરો.
  • The Kernel (And basically all other programs) આ કર્નલ (અને મૂળભૂત અન્ય બધી કાર્યક્રમો)
    1. Assembly and/or compile all sources into an object format (Such as ELF or PE) that can be loaded and executed by the boot loader. વિધાનસભા અને / અથવા ઓબ્જેક્ટ (આ પ્રકારના પિશાચ અથવા પીઈ તરીકે) બંધારણમાં છે કે જે લોડ કરી શકાય બુટ લોડર દ્વારા ચલાવવામાં માં તમામ સ્રોતો કમ્પાઇલ થાય છે.
    2. Copy kernel into floppy disk using Windows Explorer. ફ્લોપી Windows Explorer નો ઉપયોગ કરીને ડિસ્ક માં નકલ કરો કર્નલ.
  • Test it! તે ટેસ્ટ!
    1. Using Bochs emulator and debugger, using a real floppy disk, or by using MagicISO to create a bootable CD. Bochs ઈમ્યુલેટર અને ડિબગર મદદથી, વાસ્તવિક ફ્લોપી ડિસ્ક વાપરી રહ્યા હોય, અથવા MagicISO મદદથી બુટ કરી શકાય તેવી CD બનાવવા છે.

Until next time આગળના સમયે સુધી

Some of the terms and concepts listed here may be new to you. નિયમો અને વિભાવનાઓ અંહિ યાદી થયેલ કેટલાક તમે નવી હોઈ શકે છે. Do not worry--everything will be explained in the next few articles. ચિંતા ન કરો - બધું આગામી થોડા લેખો સમજાવી શકાય છે.
The purpose of this tutorial is to create a stepping stone for the rest of the series. આ ટ્યુટોરીયલ હેતુ માટે આ શ્રેણી બાકીના માટે stepping પથ્થર બનાવી છે. It provides a basic introduction, and a listing of the tools we will be using. આ મૂળભૂત પરિચય, અને સાધનો અમે મદદથી આવશે યાદી પૂરી પાડે છે. I will explain how to use these programs as we need to, so you do not need a tutorial on anything listed here besides what has been listed in the Requirements section. હું કેવી રીતે આ કાર્યક્રમો વાપરવા માટે આપણે જરૂર સમજાવે છે, તેથી તમે કાંઇ પર ટ્યુટોરીયલ શું જરૂરિયાતો વિભાગમાં કરવામાં આવી યાદી થયેલ છે ઉપરાંત અંહિ યાદી થયેલ કરવાની જરૂર નથી.
We also have taken a look at the building process for developing an operating system. અમે પણ ઓપરેટિંગ સિસ્ટમ વિકસાવવા માટે બિલ્ડિંગ પ્રક્રિયા પર જોવા લીધો છે. For the most part, its fairly simple, however it provides a way to see when the programs listed will be used. સૌથી વધુ ભાગ માટે, તેના એકદમ સરળ છે, જોકે તે જોવા માટે જ્યારે યાદી થયેલ કાર્યક્રમો માટે વાપરવામાં આવશે, માર્ગ પૂરો પાડે છે.
In the next tutorial we are going to go back in time from the first Disk Operating System (DOS) and take a little tour through history. આગામી ટ્યુટોરીયલ અમે સમય પાછા પ્રથમ ડિસ્ક ઓપરેટીંગ સિસ્ટમ (DOS) અને જાઓ ઇતિહાસ મારફતે ઓછી પ્રવાસ લઇ જવા છે. We will also look at some basic OS concepts. અમે પણ કેટલીક મૂળભૂત ઓએસ ખ્યાલ તપાસ કરશે.
We will not be using any of the tools listed above just yet, so you do not need to download them just yet. અમે માત્ર હજુ સુધી ઉપર યાદી થયેલ સાધનો કોઈપણ શકાતી નથી વાપરી રહ્યા હોય, તેથી તમે તેમને માત્ર હજુ સુધી ડાઉનલોડ કરવાની જરૂર નથી.
Until next time, આગળના સમયે સુધી,
~Mike ~ માઇક
BrokenThorn Entertainment. BrokenThorn મનોરંજન. Currently developing DoE and the Neptune Operating System હાલમાં ડો અને વિકાસ નેપ્ચ્યુન સંચાલન સિસ્ટમ

Questions or comments? પ્રશ્નો અથવા ટિપ્પણીઓ? Feel free to Contact me . મફત લાગે મને સંપર્ક .

Would you like to contribute and help improve the articles? તમે ફાળો અને લેખો સુધારવા મદદ માંગો છો? If so, please let me know! જો આમ હોય, તો મહેરબાની કરીને મને ખબર!

 
Share:

How Computer Viruses Work

          No comments



Computer viruses tend to grab our attention. On the one hand, viruses show us how vulnerable we are. A properly engineered virus can have an amazing effect on the worldwide Internet. On the other hand, they show how sophisticated and interconnected human beings have become.

For example, experts estimate that the Mydoom worm infected approximately a quarter-million computers in a single day in January 2004. (Times Online). Back in March 1999, the Melissa virus was so powerful that it forced Microsoft and a number of other very large companies to completely turn off their e-mail systems until the virus could be contained. The ILOVEYOU virus in 2000 had a similarly devastating effect. That's pretty impressive when you consider that the Melissa and ILOVEYOU viruses are incredibly simple.

In this article, we will discuss viruses -- both "traditional" viruses and the newer e-mail viruses -- so that you can learn how they work and also understand how to protect yourself. Viruses in general are on the wane, but occasionally a person finds a new way to create one, and that's when they make the news.

Types of Infection
When you listen to the news, you hear about many different forms of electronic infection. The most common are:

* Viruses - A virus is a small piece of software that piggybacks on real programs. For example, a virus might attach itself to a program such as a spreadsheet program. Each time the spreadsheet program runs, the virus runs, too, and it has the chance to reproduce (by attaching to other programs) or wreak havoc.

* E-mail viruses - An e-mail virus moves around in e-mail messages, and usually replicates itself by automatically mailing itself to dozens of people in the victim's e-mail address book.

* Worms - A worm is a small piece of software that uses computer networks and security holes to replicate itself. A copy of the worm scans the network for another machine that has a specific security hole. It copies itself to the new machine using the security hole, and then starts replicating from there, as well.

* Trojan horses - A Trojan horse is simply a computer program. The program claims to do one thing (it may claim to be a game) but instead does damage when you run it (it may erase your hard disk). Trojan horses have no way to replicate automatically.

What's a "Virus"?
Computer viruses are called viruses because they share some of the traits of biological viruses. A computer virus passes from computer to computer like a biological virus passes from person to person.

There are similarities at a deeper level, as well. A biological virus is not a living thing. A virus is a fragment of DNA inside a protective jacket. Unlike a cell, a virus has no way to do anything or to reproduce by itself -- it is not alive. Instead, a biological virus must inject its DNA into a cell. The viral DNA then uses the cell's existing machinery to reproduce itself. In some cases, the cell fills with new viral particles until it bursts, releasing the virus. In other cases, the new virus particles bud off the cell one at a time, and the cell remains alive.

A computer virus shares some of these traits. A computer virus must piggyback on top of some other program or document in order to get executed. Once it is running, it is then able to infect other programs or documents. Obviously, the analogy between computer and biological viruses stretches things a bit, but there are enough similarities that the name sticks.

What's a "Worm"?
A worm is a computer program that has the ability to copy itself from machine to machine. Worms normally move around and infect other machines through computer networks. Using a network, a worm can expand from a single copy incredibly quickly. For example, the Code Red worm replicated itself over 250,000 times in approximately nine hours on July 19, 2001.

A worm usually exploits some sort of security hole in a piece of software or the operating system. For example, the Slammer worm (which caused mayhem in January 2003) exploited a hole in Microsoft's SQL server. This article offers a fascinating look inside Slammer's tiny (376 byte) program.

Code Red
Worms use up computer time and network bandwidth when they are replicating, and they often have some sort of evil intent. A worm called Code Red made huge headlines in 2001. Experts predicted that this worm could clog the Internet so effectively that things would completely grind to a halt.

The Code Red worm slowed down Internet traffic when it began to replicate itself, but not nearly as badly as predicted. Each copy of the worm scanned the Internet for Windows NT or Windows 2000 servers that do not have the Microsoft security patch installed. Each time it found an unsecured server, the worm copied itself to that server. The new copy then scanned for other servers to infect. Depending on the number of unsecured servers, a worm could conceivably create hundreds of thousands of copies.

The Code Red worm was designed to do three things:

* Replicate itself for the first 20 days of each month
* Replace Web pages on infected servers with a page that declares "Hacked by Chinese"
* Launch a concerted attack on the White House Web server in an attempt to overwhelm it

The most common version of Code Red is a variation, typically referred to as a mutated strain, of the original Ida Code Red that replicated itself on July 19, 2001. According to the National Infrastructure Protection Center:

The Ida Code Red Worm, which was first reported by eEye Digital Security, is taking advantage of known vulnerabilities in the Microsoft IIS Internet Server Application Program Interface (ISAPI) service. Un-patched systems are susceptible to a "buffer overflow" in the Idq.dll, which permits the attacker to run embedded code on the affected system. This memory resident worm, once active on a system, first attempts to spread itself by creating a sequence of random IP addresses to infect unprotected web servers. Each worm thread will then inspect the infected computer's time clock. The NIPC has determined that the trigger time for the DOS execution of the Ida Code Red Worm is at 0:00 hours, GMT on July 20, 2001. This is 8:00 PM, EST.

Upon successful infection, the worm would wait for the appointed hour and connect to the www.whitehouse.gov domain. This attack would consist of the infected systems simultaneously sending 100 connections to port 80 of www.whitehouse.gov (198.137.240.91).

The U.S. government changed the IP address of www.whitehouse.gov to circumvent that particular threat from the worm and issued a general warning about the worm, advising users of Windows NT or Windows 2000 Web servers to make sure they have installed the security patch.

Early Cases: Executable Viruses
Early viruses were pieces of code attached to a common program like a popular game or a popular word processor. A person might download an infected game from a bulletin board and run it. A virus like this is a small piece of code embedded in a larger, legitimate program. Any virus is designed to run first when the legitimate program gets executed. The virus loads itself into memory and looks around to see if it can find any other programs on the disk. If it can find one, it modifies it to add the virus's code to the unsuspecting program. Then the virus launches the "real program." The user really has no way to know that the virus ever ran. Unfortunately, the virus has now reproduced itself, so two programs are infected. The next time either of those programs gets executed, they infect other programs, and the cycle continues.

If one of the infected programs is given to another person on a floppy disk, or if it is uploaded to a bulletin board, then other programs get infected. This is how the virus spreads.

The spreading part is the infection phase of the virus. Viruses wouldn't be so violently despised if all they did was replicate themselves. Unfortunately, most viruses also have some sort of destructive attack phase where they do some damage. Some sort of trigger will activate the attack phase, and the virus will then "do something" -- anything from printing a silly message on the screen to erasing all of your data. The trigger might be a specific date, or the number of times the virus has been replicated, or something similar.

Boot Sector Viruses
As virus creators got more sophisticated, they learned new tricks. One important trick was the ability to load viruses into memory so they could keep running in the background as long as the computer remained on. This gave viruses a much more effective way to replicate themselves. Another trick was the ability to infect the boot sector on floppy disks and hard disks. The boot sector is a small program that is the first part of the operating system that the computer loads. The boot sector contains a tiny program that tells the computer how to load the rest of the operating system. By putting its code in the boot sector, a virus can guarantee it gets executed. It can load itself into memory immediately, and it is able to run whenever the computer is on. Boot sector viruses can infect the boot sector of any floppy disk inserted in the machine, and on college campuses where lots of people share machines they spread like wildfire.

In general, both executable and boot sector viruses are not very threatening any more. The first reason for the decline has been the huge size of today's programs. Nearly every program you buy today comes on a compact disc. Compact discs cannot be modified, and that makes viral infection of a CD impossible. The programs are so big that the only easy way to move them around is to buy the CD. People certainly can't carry applications around on a floppy disk like they did in the 1980s, when floppies full of programs were traded like baseball cards. Boot sector viruses have also declined because operating systems now protect the boot sector
 
Both boot sector viruses and executable viruses are still possible, but they are a lot harder now and they don't spread nearly as quickly as they once could. Call it "shrinking habitat," if you want to use a biological analogy. The environment of floppy disks, small programs and weak operating systems made these viruses possible in the 1980s, but that environmental niche has been largely eliminated by huge executables, unchangeable CDs and better operating system safeguards.

E-mail Viruses
The latest thing in the world of computer viruses is the e-mail virus, and the Melissa virus in March 1999 was spectacular. Melissa spread in Microsoft Word documents sent via e-mail, and it worked like this:

Someone created the virus as a Word document uploaded to an Internet newsgroup. Anyone who downloaded the document and opened it would trigger the virus. The virus would then send the document (and therefore itself) in an e-mail message to the first 50 people in the person's address book. The e-mail message contained a friendly note that included the person's name, so the recipient would open the document thinking it was harmless. The virus would then create 50 new messages from the recipient's machine. As a result, the Melissa virus was the fastest-spreading virus ever seen! As mentioned earlier, it forced a number of large companies to shut down their e-mail systems.

The ILOVEYOU virus, which appeared on May 4, 2000, was even simpler. It contained a piece of code as an attachment. People who double clicked on the attachment allowed the code to execute. The code sent copies of itself to everyone in the victim's address book and then started corrupting files on the victim's machine. This is as simple as a virus can get. It is really more of a Trojan horse distributed by e-mail than it is a virus.

The Melissa virus took advantage of the programming language built into Microsoft Word called VBA, or Visual Basic for Applications. It is a complete programming language and it can be programmed to do things like modify files and send e-mail messages. It also has a useful but dangerous auto-execute feature. A programmer can insert a program into a document that runs instantly whenever the document is opened. This is how the Melissa virus was programmed. Anyone who opened a document infected with Melissa would immediately activate the virus. It would send the 50 e-mails, and then infect a central file called NORMAL.DOT so that any file saved later would also contain the virus! It created a huge mess.

Microsoft applications have a feature called Macro Virus Protection built into them to prevent this sort of thing. With Macro Virus Protection turned on (the default option is ON), the auto-execute feature is disabled. So when a document tries to auto-execute viral code, a dialog pops up warning the user. Unfortunately, many people don't know what macros or macro viruses are, and when they see the dialog they ignore it, so the virus runs anyway. Many other people turn off the protection mechanism. So the Melissa virus spread despite the safeguards in place to prevent it.

In the case of the ILOVEYOU virus, the whole thing was human-powered. If a person double-clicked on the program that came as an attachment, then the program ran and did its thing. What fueled this virus was the human willingness to double-click on the executable.

An Ounce of Prevention
You can protect yourself against viruses with a few simple steps:

* If you are truly worried about traditional (as opposed to e-mail) viruses, you should be running a more secure operating system like UNIX. You never hear about viruses on these operating systems because the security features keep viruses (and unwanted human visitors) away from your hard disk.

* If you are using an unsecured operating system, then buying virus protection software is a nice safeguard.

* If you simply avoid programs from unknown sources (like the Internet), and instead stick with commercial software purchased on CDs, you eliminate almost all of the risk from traditional viruses. In addition, you should disable floppy disk booting -- most computers now allow you to do this, and that will eliminate the risk of a boot sector virus coming in from a floppy disk accidentally left in the drive.

* You should make sure that Macro Virus Protection is enabled in all Microsoft applications, and you should NEVER run macros in a document unless you know what they do. There is seldom a good reason to add macros to a document, so avoiding all macros is a great policy.


Open the Options dialog from the Tools menu in Microsoft Word and make sure that Macro Virus Protection is enabled, as shown.

* You should never double-click on an attachment that contains an executable that arrives as an e-mail attachment. Attachments that come in as Word files (.DOC), spreadsheets (.XLS), images (.GIF and .JPG), etc., are data files and they can do no damage (noting the macro virus problem in Word and Excel documents mentioned above). A file with an extension like EXE, COM or VBS is an executable, and an executable can do any sort of damage it wants. Once you run it, you have given it permission to do anything on your machine. The only defense is to never run executables that arrive via e-mail.

By following those simple steps, you can remain virus free.

Origins
People create viruses. A person has to write the code, test it to make sure it spreads properly and then release the virus. A person also designs the virus's attack phase, whether it's a silly message or destruction of a hard disk. So why do people do it?

There are at least three reasons. The first is the same psychology that drives vandals and arsonists. Why would someone want to bust the window on someone else's car, or spray-paint signs on buildings or burn down a beautiful forest? For some people that seems to be a thrill. If that sort of person happens to know computer programming, then he or she may funnel energy into the creation of destructive viruses.

The second reason has to do with the thrill of watching things blow up. Many people have a fascination with things like explosions and car wrecks. When you were growing up, there was probably a kid in your neighborhood who learned how to make gunpowder and then built bigger and bigger bombs until he either got bored or did some serious damage to himself. Creating a virus that spreads quickly is a little like that -- it creates a bomb inside a computer, and the more computers that get infected the more "fun" the explosion.

The third reason probably involves bragging rights, or the thrill of doing it. Sort of like Mount Everest. The mountain is there, so someone is compelled to climb it. If you are a certain type of programmer and you see a security hole that could be exploited, you might simply be compelled to exploit the hole yourself before someone else beats you to it. "Sure, I could TELL someone about the hole. But wouldn't it be better to SHOW them the hole???" That sort of logic leads to many viruses.

Of course, most virus creators seem to miss the point that they cause real damage to real people with their creations. Destroying everything on a person's hard disk is real damage. Forcing the people inside a large company to waste thousands of hours cleaning up after a virus is real damage. Even a silly message is real damage because a person then has to waste time getting rid of it. For this reason, the legal system is getting much harsher in punishing the people who create viruses.

History
Traditional computer viruses were first widely seen in the late 1980s, and they came about because of several factors. The first factor was the spread of personal computers (PCs). Prior to the 1980s, home computers were nearly non-existent or they were toys. Real computers were rare, and they were locked away for use by "experts." During the 1980s, real computers started to spread to businesses and homes because of the popularity of the IBM PC (released in 1982) and the Apple Macintosh (released in 1984). By the late 1980s, PCs were widespread in businesses, homes and college campuses.

The second factor was the use of computer bulletin boards. People could dial up a bulletin board with a modem and download programs of all types. Games were extremely popular, and so were simple word processors, spreadsheets, etc. Bulletin boards led to the precursor of the virus known as the Trojan horse. A Trojan horse is a program that sounds really cool when you read about it. So you download it. When you run the program, however, it does something uncool like erasing your disk. So you think you are getting a neat game but it wipes out your system. Trojan horses only hit a small number of people because they are discovered quickly. Either the bulletin board owner would erase the file from the system or people would send out messages to warn one another.

The third factor that led to the creation of viruses was the floppy disk. In the 1980s, programs were small, and you could fit the operating system, a word processor (plus several other programs) and some documents onto a floppy disk or two. Many computers did not have hard disks, so you would turn on your machine and it would load the operating system and everything else off of the floppy disk.

Viruses took advantage of these three facts to create the first self-replicating programs.
.
Share: