StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Malware. PMDump and Holodeck - Essay Example

Cite this document
Summary
Hostile code, worms and viruses, also known as Malware, are threats to virtually every system in the world that is connected to another system. Microsoft, by virtue of creating the most popular operating systems and application software, is by far the most attacked…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93.3% of users find it useful
Malware. PMDump and Holodeck
Read Text Preview

Extract of sample "Malware. PMDump and Holodeck"

WEEK 8 INIDIVIDUAL PROJECT Hostile worms and viruses, also known as Malware, are threats to virtually every system in the world that is connected to another system. Microsoft, by virtue of creating the most popular operating systems and application software, is by far the most attacked. So it stands to reason that their WinWord and the Notepad programs would be subject to attacks. For example, Data Rescue, a company that specializes in helping customers recover their vital information after an attack or disaster, analyzed one customer’s computer.

They found that an executable program called MSMSGS.EXE was loaded on the customer network that played havoc with the WinWord application. With diligent research Data Rescue was able to determine the URL that had loaded the malware and noticed that by attaching itself to the Application Data folder the hostile code was actually able to disguise itself as Windows Media Player, a legitimate Windows program that would be otherwise incongruous in a WinWord application (Landuyt 2008). In their favor, Microsoft has been trying to close gaps in its software for many years.

As early as 2001, before the introduction, the computer giant announced a virtual war against those entities intent on introducing hostile code. Yet almost twelve years later, less than two days after the roll out of Windows 8, MS is still fighting the battle and it was a main topic of discussion at the recent RSA conference, sponsored in part by the security firm of the same name. Also, MS developed Sysinternals as early as 1996 to allow developers and users alike the ability to find convenient tools to diagnose problems in their software in one single location.

Further, the website is broken down into various levels for whatever the user needs. For the purpose of this paper we will be using the Security Tools (Russinovich 2012). Using the Security Suite of Sysinternals, one can find very detailed information about a computer, highly useful in determining if hostile invaders have attached themselves to the system. For example, PSFile.exe shows a list of files opened remotely, interesting if there are no remote users. Also there are commands such as PSKill or PSSuspend to do as their name suggests, kill or suspend programs or files that are open, and there is even a command to reboot the computer.

The one tool in this Suite we will need is PSList.exe, which will give us detailed information about the WinWord process and determine whether there are any external resources being utilized by the program. The computer used was an older XP model with the Office 2003 suite and all current MS updates. The PSList, executed through the DOS command prompt, shows various information about the WinWord program and is shown as Enclosure 1, although the image is not very good. The priority is 8, and is using 24,880 KB of virtual memory.

In addition, there is a thread count of 8 and a handle count of 355. These two figures tell you what processes Word is using at a given time. To quote MS, “Monitoring threads is also costly”. It can be done by editing in the system registry but unless one is well schooled in the registry that is an area to steer clear from (Microsoft 2012). A check using other Sysinternals tools and Symantec shows this particular Word program is safe with no external threats. Another software to check for external processes is Holodeck, made by the independent firm Security Innovation.

According to their website, it helps debuggers by “allowing testers to work in a controlled, repeatable environment to analyze and debug Error-handling code”. It also claims that its software is used by such technology giants such as Microsoft and Adobe and is safe for use on the test XP machine (Holodeck 2012). Yet I can’t testify to the security of Holodeck, for my Symantec would not allow the beta program to be downloaded to the computer, calling the software “untrustworthy”. Still another program to be considered is PMDump.

According to James M. Aquilina in his book Malware Forensics: Investigating and Analyzing Malicious Code (2008), basically PMDump is a useful tool for the investigator to determine what processes are used by a program. This is accomplished by “dumping” the memory of a specific program such as Word into another file, so the integrity of the original program is not compromised. The separate file can then be viewed using ASCII strings or binary text. Again it appears that this executable is a useful tool for the professional but one should be very comfortable with computer processes, as well as knowing code strings, in order to attempt to use this program References: Aquilina James M. (2008), Malware Forensics: Investigating and Analyzing Malicious Code, Burlington, MA: Syngress Publishing.

Landuyt, Eric (2008), Real Life Hostile Code Analysis, Available at: http://www.datarescue.com/laboratory/trojan2008/index.html. Microsoft (2012), Monitoring Threads, Available at: http://technet.microsoft.com/en-us/library/cc776966%28v=ws.10%29.aspx. Russinovich, Mark (2012), Windows Sysinternals, Available at: http://technet.microsoft.com/en-US/sysinternals. Security Innovation (2012), Holodeck, Available at: https://www.securityinnovation.com/security-lab/holodeck/.

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Malware. PMDump and Holodeck Essay Example | Topics and Well Written Essays - 750 words”, n.d.)
Malware. PMDump and Holodeck Essay Example | Topics and Well Written Essays - 750 words. Retrieved from https://studentshare.org/information-technology/1459650-week
(Malware. PMDump and Holodeck Essay Example | Topics and Well Written Essays - 750 Words)
Malware. PMDump and Holodeck Essay Example | Topics and Well Written Essays - 750 Words. https://studentshare.org/information-technology/1459650-week.
“Malware. PMDump and Holodeck Essay Example | Topics and Well Written Essays - 750 Words”, n.d. https://studentshare.org/information-technology/1459650-week.
  • Cited: 0 times

CHECK THESE SAMPLES OF Malware. PMDump and Holodeck

Malware in Operating Systems

malware in Operating Systems: The computer is a set of various components out of which the most important one is the operating system.... The history of malware is an ancient one; a large number of malwares gets enrolled into the world of computer and creates problems of various kinds everyday (Weverka, 2006).... In short, no individual or organization that is being run via online medium is safe from the malware.... With broadband technology available to almost every user around the globe, the challenges so faced in regard to the safety of users are more severe now since full time chances of malware entering into the network....
3 Pages (750 words) Essay

Malware and computer system

Computer malware can be sometime very disturbing not only to the proper operation of a computer system but also to the computer user.... Being that most of this malware are intentional crafted in order to have some fishy benefits to those involved.... hellip; This is a report about malware that specifically reflects on the problems that was faced due to the malware that attacked our computer system.... This report closely looks at the malware one by one concentrating specifically on the problems that they caused in a time frame of twenty four hours....
6 Pages (1500 words) Essay

Business: Information Technology Malware

One of the prominent technological concerns that small businesses must become cognizant of is malware infecting Internet systems.... When examining this issue one of the overarching concerns is the intention of the technicians involved in the creation of the malware.... Indeed, one group, Anonymous, have even implemented malware in an organized and concerted effort to attempt to enact political change.... Business: Information Technology malware One of the prominent technological concerns that small businesses must become cognizant of is malware infecting Internet systems....
1 Pages (250 words) Research Paper

Computer Security - Preventing Malware Attacks

The paper "Computer Security - Preventing malware Attacks" states that the rate of production of malicious programs exceeds that of legitimate applications; and the most common malware transmission method is through email and the internet.... hellip; malware refers to malicious ware; and it involves software used in disrupting computer functions or operations, gets sensitive computer information, and gain access to private computer networks.... malware generally refers to types of hostile and intrusive software....
6 Pages (1500 words) Essay

How Malware Infects a Computer

The author of the present essay "How malware Infects a Computer" points out that malware refers to malicious software that is used to disrupt the normal functioning and operations of a computer.... hellip; malware can appear as scripts, codes or active content.... Some of the most common malware include computer viruses, spyware, ransomware, scareware, and adware.... Most of the active malware threats are Trojans and worms (Bayuk, 2010)....
1 Pages (250 words) Essay

Investigating Dynamic Malware Analysis Tool

The paper "Investigating Dynamic malware Analysis Tool" describes certain possible ways through which such malicious programs can be terminated.... hellip; malware is a type of malicious software, which has been major software through which intruders steal crucial information out of organizations.... The continuous evolutionary patterns of the malware designs have raised difficult for the analysts in terms of identifying and terminating such programs from slipping into systems in an undetected manner....
27 Pages (6750 words) Case Study

Engineering Disaster: Piper Alpha Disaster in the North Sea

"Engineering Disaster: Piper Alpha Disaster in the North Sea" paper focuses on the Piper Alpha incident, the worst accident in the history of the oil and gas industry.... This study encompasses the details of the incident.... It includes the causes and effects of such accidents on engineering practices....
11 Pages (2750 words) Case Study

Malware Analysis Plan

This paper ''malware Analysis Plan'' looks into the possible methods, techniques, skills, and knowledge through which the malware are handled and computing experiences are made safe.... The malware is a designated computer program in its own created for the sole purpose of negatively impacting the program, network, system, firewall, or other security encrypted sources.... nbsp;… As a result of the attacks of malware, large amount of losses are incurred every year....
10 Pages (2500 words) Research Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us