Of course the world itself have changed, and its also causing different development of technology. And as we all know technology these days are more familiar with computer as its basic power and brain. At the first development computer was use as scientific investigation, but lately its used as military advanced technology during world war II.

Before we go deep with the history lets classified computer by its type.
1. Manual equipment
This might be the most simple equipment using computer as its basis, why because data processing are using man power directly.

2. Mechanical equipment
which are mechanical equipment that being used by people and generated manually by people them self.

3. Mechanical Electronic
This would be more advance technology which using mechanical equipment that generated automatically by electronic or motor.

4. Electronic Equipment.
This equipment fully control and generated by electronic and using electric as its power.

Before the usage of computer some manual counting equipment such as abacus, numerical wheel calculator, and mechanical calculator being use for daily operation those days.

Then after 1940, the rise of technology began to strike the earth, starting from ENIAC (Electronic Numerical Integrator And Calculator), EDVAC Computer (Electronic Discrete Variable Automatic Computer), EDSAC COMPUTER ( Electonic Delay Storage Automatic Calculator). This first generation are pretty big of course it could be seen from the size and the usage of vacuum tube.

Influence from the first generation, transistor are being use to change the usage of vacuum tube, in these second generation, IBM name are became popular for its invention call LARC. Programming language as software development are quite popular during these year, such as COBOL, and FORTRAN.

The next generation of course the simplify transistor into smaller component, which is call as integrated circuit (IC). Here computer size are much more smaller. At these generation operating system also introduced.

As you could guest the fourth generation is the advanced of the latest. Ultra-Large Scale Integration (ULSI) being introduced to replace IC, it could store numbers of IC into one simple device or also famous as microprocessor.

These history of computer technology are a good thesis statement example, its a material that would last, and of course looking at its impact on human life and its purposes.

And now as we all could see the size of computer have evolved into smaller device with high speed connection and accessibility. Lets hope these technology would evolving for better tomorrow.

The largest challenge facing the use of black hole monitoring is the discrimination of regular probes and attacks from activity from worms. This can generally be done by looking for an exponential rise in the number of sources that parallels a rise in activity sent toward the dark network space. However, this typically yields a larger picture of network activity than other monitoring methods do due to the large scale of coverage possible. The intentions of the client computer can be assessed on the basis of the intended network destination.

When the third type of black hole monitor described earlier in this chapter is set up (which responds to connection requests to receive the first data packet), worm activity can be measured. In this scenario, the payloads of the captured packets are stored and compared to look for worm activity. This gives deep insight into worm activity, along with a large degree of coverage without the requirement of known signatures, as would be needed for a NIDS monitor.

the biggest weakness in black hole network monitoring is the growing presence of worms that use lists of allocated addresses to target. These threaten to minimize the utility of global-scale dark network monitoring for worm activity. While some worms, such as Code Red and Nimda, will indiscriminately attack any valid IPv4 class A, B, or C address (which does include unallocated space), newer worms such as Slapper and SQL Snake have incorporated lists of allocated network blocks to target. The increased use of this approach will gradually diminish the utility of dark network space monitoring. Protected both software and hardware could minimize the attack, and made your monitoring easier. For software you might knows that there are plenty software that could deflect these attack, while for hardware, usb drive password protected could help you minimize the attack.

Lastly, changes in network allocation will require updates to the dark network space monitors. For example, if a local subnet becomes used, its utility as a dark space monitor becomes impossible. Similarly, when new networks are allocated in the global IPv4 space, changes must be propagated to the dark network space monitors.

Secondly, signature detection fails for worms that use any variety of dynamic methods. These can include modules that can be updated to accommodate new attack methods or scan engines, or worms that behave in a manner similar to polymorphic viruses.

The analysis of network traffic to identify the presence of a network worm has several drawbacks. The first is that it is labor intensive, requiring a reasonably lengthy time period to develop an understanding of the normal traffic on a network. This time frame is usually 1 to 2 weeks for a LAN of several thousand hosts and requires a monitoring infrastructure. Coverage is also a significant challenge for a network with a hierarchical structure. For larger networks that only want a gross measurement of their traffic, it will suffice to monitor only a border router or major switches. Dell laptop part.

The next major weakness of the traffic analysis method to understanding worm behavior is due to the speed of the worm’s propagation. A worm that moves sufficiently slowly or only infects a handful of nodes per round will be more difficult to track using traffic analysis than other means (such as honeypot, black hole, or signature-based analysis). The difficulty in this scenario stems from the amount of data when compared to the background traffic on the network.

Consider a worm that uses passive mechanisms to identify and attack targets. For example, a worm that attacks Web servers and, rather than hopping from Web server to Web server, now attacks clients that connect to that server. The traffic characteristics remain much the same for the server, such as connections from random clients to the server and then from the server back to clients. This would be difficult to identify, based solely on the patterns of traffic, because little change is observable.

Although traffic analysis has its strengths and weaknesses, when combined with other detection methods, it provides valuable insight into the behavior of the network and an early detection system for worm activity.

Traffic analysis, which focuses on general aspects of the network and the trends therein, has several advantages over specific detection methods and black hole and honeypot monitors. The first is that it works for almost all worm types, specifically for worms that use active target identification methods and exponential growth models. Scans can be measured and tracked as a general phenomenon, and the exponential growth of the overall volume of the network can also be observed.

Secondly, signature detection fails for worms that use any variety of dynamic methods. These can include modules that can be updated to accommodate new attack methods or scan engines, or worms that behave in a manner similar to polymorphic viruses. Furthermore, signature detection at the network level will fail for worms that use either encoded or polymorphic attack vectors. virus and spyware removal in Dallas TX.

The Internet is a collection of networks with the backbone consisting of autonomous systems. These autonomous systems are routed to each other, with this routing data typically contained in the border gateway protocol.
The damage to the global BGP routing infrastructure brought about by Code Red and Nimda results from several factors. First, the volume of traffic is enough to disrupt the communication networks between routers, effectively choking some routers off of the Internet. When this occurs, the routes to the networks serviced by these routers are withdrawn. Route flap, the rapid announcement and withdrawal of routes, can occur when these routers recover from the load and reintroduce themselves to the outside world and then are quickly overwhelmed again.

Routing flap can propagate
through the Internet unless dampening measures are in effect, affecting global routing stability. Route flap was made significantly more prominent due to the activity of Code Red and, even more so, by Nimda, which acts far more aggressively and sends higher traffic rates.

The second source of routing instability is also caused by the volume of traffic generated by Internet worms and directly affects routers as well. The traffic volume increases several fold over the normal traffic on a link, leading to high CPU and memory usage on the routers.

The third source of routing instability is a result of attacks on routers themselves. Some modern routers contain HTTP-based console management ports, facilitating their administration. Because the worms are indiscriminate about the hosts they attack, attempting to attack every host to which they can connect to port 80/TCP, they will invariably attack routers listening on this port. The sustained connection from many worm sources is enough to raise the load on the routers to high levels, causing the routers to crash in many instances. The impact of worm attack might cause data lost, so you might need mac data recovery for your precaution.

The consequences of this increased instability on the Internet were felt for several days, in proportion to the size of the instability introduced by the worm. While the Internet has been modeled and shown to be resilient to directed attacks at most of its core components, the magnitude of the load on the Internet, in addition to the directed attacks at core routers, led to instability. However, the Internet was still functional overall.

The crucial element in Zalewski’s design for a robot army is the use of the spiders and crawlers that continually scour the Web. Relying on the need for search engines to have a continually up-to-date and complete index of the Web’s content, this worm deployment system expects that spiders and search engines will aggressively scour the Web.

This particular request is an attempt to use a Web-based mail script to send mail from an unauthorized user, but demonstrates the construction of a malicious URL. This provides the first component in the recipe for building a robot army.

The second element is the use of malicious requests as the attack against a Web site. Commands to execute on the server lie within requests. These can include database commands, networking operations such as ICMP echo requests (“ping”), and shell commands. These occur as a result of vulnerable Web applications, typically found in the CGI (common gateway interface) scripts on a Web site.

In his paper, Zalewski discusses several possible defenses. Chief among them is the use of the file “robots.txt.” This file is a directive to the bots and crawlers for directories or files not to index. This is not a fully effective solution because not all bots and spiders respect the directives in this file, due to the dynamic content, but these directories should not be indexed by search engines. As a backup measure, restricted access to those directories could be instituted, blocking known spiders and agents from accessing that directory. Leroy Merlin

The second line of defense is to keep up to date with current software and bug fixes. However, this is not always possible, and using popular search engines can reveal the prevalence of insecure Web applications.

The first prediction he made was the use of zero-day exploits and multiple vector attacks. Zero-day attacks typically exploit vulnerabilities that are not widely known and have no remedies, such as patches. They are especially devastating for fast moving attackers as the community works to identify the attack method and then produce (and test) a patch. When used in a worm, which automates the cycles of target identification and attacks, the rate of spread will far outpace the speed with which defenses can be mustered.

The second of Skoudis’s predictions is the use of intrusion detection evasion techniques by worms. Several methods exist which dynamically alter the signatures of the attacks. These include the tool ADM mutate, developed by the hacker K2, that produces functionally equivalent attack code with randomized signatures.

Polymorphic traffic is used to evade signature matching intrusion detection engines. Because the main strategy of these products is to perform naive string comparisons between the rule sets and the payload of captured packets, by modifying the encoding of the packet data, that comparison will fail. Media Markt catalogo.

Already, multiple attack vector worms have been seen (such as Nimda and Ramen), and the Slapper worm utilized an exploit that had been kept private until the worm’s release. This caught many off guard in the community, forcing updates to software and a realization of the severity of the vulnerability that had previously been downplayed.