tecnology

What is DDoS(denial of service) attack

In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.

In a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.

A DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, thus disrupting trade.

Criminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and can motivate these attacks.

Attack techniques

Attack tools

In cases such as MyDoom and Slowloris the tools are embedded in malware and launch their attacks without the knowledge of the system owner. Stacheldraht is a classic example of a DDoS tool. It uses a layered structure where the attacker uses a client program to connect to handlers which are compromised systems that issue commands to the zombie agents which in turn facilitate the DDoS attack. Agents are compromised via the handlers by the attacker using automated routines to exploit vulnerabilities in programs that accept remote connections running on the targeted remote hosts. Each handler can control up to a thousand agents.

Application-layer attacks

Application-layer attacks employ DoS-causing exploits and can cause server-running software to fill the disk space or consume all available memory or CPU time. Attacks may use specific packet types or connection requests to saturate finite resources by, for example, occupying the maximum number of open connections or filling the victim’s disk space with logs. An attacker with shell-level access to a victim’s computer may slow it until it is unusable or crash it by using a fork bomb. Another kind of application-level DoS attack is XDoS (or XML DoS) which can be controlled by modern web application firewalls (WAFs).

Degradation-of-service attacks

Pulsing zombies are compromised computers that are directed to launch intermittent and short-lived floodings of victim websites with the intent of merely slowing it rather than crashing it. This type of attack, referred to as degradation-of-service, can be more difficult to detect and can disrupt and hamper connection to websites for prolonged periods of time, potentially causing more overall disruption than a denial-of-service attack. Exposure of degradation-of-service attacks is complicated further by the matter of discerning whether the server is really being attacked or is experincing higher than normal legitimate traffic loads.

Denial-of-service Level II

The goal of DoS L2 (possibly DDoS) attack is to cause a launching of a defense mechanism which blocks the network segment from which the attack originated. In case of distributed attack or IP header modification (that depends on the kind of security behavior) it will fully block the attacked network from the Internet, but without system crash.

Distributed DoS attack

A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic. A botnet is a network of zombie computers programmed to receive commands without the owners’ knowledge. When a server is overloaded with connections, new connections can no longer be accepted. The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine, and that the behavior of each attack machine can be stealthier, making it harder to track and shut down. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines. This, after all, will end up completely crashing a website for periods of time.

DDoS extortion

In 2015, DDoS botnets such as DD4BC grew in prominence, taking aim at financial institutions. Cyber-extortionists typically begin with a low-level attack and a warning that a larger attack will be carried out if a ransom is not paid in Bitcoin. Security experts recommend targeted websites to not pay the ransom. The attackers tend to get into an extended extortion scheme once they recognize that the target is ready to pay.

HTTP slow POST DoS attack

First discovered in 2009, the HTTP slow POST attack sends a complete, legitimate HTTP POST header, which includes a ‘Content-Length’ field to specify the size of the message body to follow. However, the attacker then proceeds to send the actual message body at an extremely slow rate. Due to the entire message being correct and complete, the target server will attempt to obey the ‘Content-Length’ field in the header, and wait for the entire body of the message to be transmitted, which can take a very long time. The attacker establishes hundreds or even thousands of such connections until all resources for incoming connections on the server (the victim) are used up, hence making any further (including legitimate) connections impossible until all data has been sent. It is notable that unlike many other (D)DoS attacks, which try to subdue the server by overloading its network or CPU, an HTTP slow POST attack targets the logical resources of the victim, which means the victim would still have enough network bandwidth and processing power to operate. Further combined with the fact that will, by default, accept requests up to 2GB in size, this attack can be particularly powerful. HTTP slow POST attacks are difficult to differentiate from legitimate connections and are therefore able to bypass some protection systems. OWASP, an open source web application security project, released a tool to test the security of servers against this type of attacks.

Challenge Collapsar (CC) attack

A Challenge Collapsar (CC) attack is an attack that standard HTTP requests are sent to a targeted web server frequently, in which the Uniform Resource Identifiers (URIs) require complicated time-consuming algorithms or database operations, in order to exhaust the resources of the targeted web server.

In 2004, a Chinese hacker nicknamed KiKi invented a hacking tool to send these kinds of requests to attack a NSFOCUS firewall named “Collapsar”, and thus the hacking tool was known as “Challenge Collapsar”, or CC for short. Consequently, this type of attack got the name “CC attack”.

Internet Control Message Protocol (ICMP) flood

A smurf attack relies on misconfigured network devices that allow packets to be sent to all computer hosts on a particular network via the broadcast address of the network, rather than a specific machine. The attacker will send large numbers of IP packets with the source address faked to appear to be the address of the victim. Most devices on a network will, by default, respond to this by sending a reply to the source IP address. If the number of machines on the network that receive and respond to these packets is very large, the victim’s computer will be flooded with traffic. This overloads the victim computer and can even make it unusable during such attack.

Ping flood is based on sending the victim an overwhelming number of ping packets, usually using the “ping” command from Unix-like hosts (the -t flag on Windows systems is much less capable of overwhelming a target, also the -l (size) flag does not allow sent packet size greater than 65500 in Windows). It is very simple to launch, the primary requirement being access to greater bandwidth than the victim.

Ping of death is based on sending the victim a malformed ping packet, which will lead to a system crash on a vulnerable system.

The BlackNurse attack is an example of an attack taking advantage of the required Destination Port Unreachable ICMP packets.

Nuke

A Nuke is an old denial-of-service attack against computer networks consisting of fragmented or otherwise invalid ICMP packets sent to the target, achieved by using a modified ping utility to repeatedly send this corrupt data, thus slowing down the affected computer until it comes to a complete stop.^[52]

A specific example of a nuke attack that gained some prominence is the WinNuke, which exploited the vulnerability in the NetBIOS handler in Windows 95. A string of out-of-band data was sent to TCP port 139 of the victim’s machine, causing it to lock up and display a Blue Screen of Death (BSOD).

Peer-to-peer attacks

Attackers have found a way to exploit a number of bugs in peer-to-peer servers to initiate DDoS attacks. The most aggressive of these peer-to-peer-DDoS attacks exploits DC++. With peer-to-peer there is no botnet and the attacker does not have to communicate with the clients it subverts. Instead, the attacker acts as a “puppet master,” instructing clients of large peer-to-peer file sharing hubs to disconnect from their peer-to-peer network and to connect to the victim’s website instead.

Permanent denial-of-service attacks

Permanent denial-of-service (PDoS), also known loosely as phlashing, is an attack that damages a system so badly that it requires replacement or reinstallation of hardware. Unlike the distributed denial-of-service attack, a PDoS attack exploits security flaws which allow remote administration on the management interfaces of the victim’s hardware, such as routers, printers, or other networking hardware. The attacker uses these vulnerabilities to replace a device’s firmware with a modified, corrupt, or defective firmware image—a process which when done legitimately is known as flashing. This therefore “bricks” the device, rendering it unusable for its original purpose until it can be repaired or replaced.

The PDoS is a pure hardware targeted attack which can be much faster and requires fewer resources than using a botnet or a root/vserver in a DDoS attack. Because of these features, and the potential and high probability of security exploits on Network Enabled Embedded Devices (NEEDs), this technique has come to the attention of numerous hacking communities. BrickerBot, a piece of malware that targeted IoT devices, used PDoS attacks to disable its targets.

PhlashDance is a tool created by Rich Smith (an employee of Hewlett-Packard’s Systems Security Lab) used to detect and demonstrate PDoS vulnerabilities at the 2008 EUSecWest Applied Security Conference in London.

Reflected / spoofed attack

A distributed denial-of-service attack may involve sending forged requests of some type to a very large number of computers that will reply to the requests. Using Internet Protocol address spoofing, the source address is set to that of the targeted victim, which means all the replies will go to (and flood) the target. (This reflected attack form is sometimes called a “DRDOS”.)

ICMP Echo Request attacks (Smurf attack) can be considered one form of reflected attack, as the flooding host(s) send Echo Requests to the broadcast addresses of mis-configured networks, thereby enticing hosts to send Echo Reply packets to the victim. Some early DDoS programs implemented a distributed form of this attack.

Mirai botnet

This attack works by using a worm to infect hundreds of thousands of IoT devices across the internet. The worm propagates through networks and systems taking control of poorly protected IoT devices such as thermostats, Wi-Fi enabled clocks and washing machines.W the device becomes enslaved usually the owner or user will have no immediate indication. The IoT device itself is not the direct target of the attack, it is used as a part of a larger attack. These newly enslaved devices are called slaves or bots. Once the hacker has acquired the desired number of bots, they instruct the bots to try to contact an ISP. In October 2016, a Mirai botnet attacked Dyn which is the ISP for sites such as Twitter, Netflix, etc. Assoon as this occurred, these websites were all unreachable for several hours. This type of attack is not physically damaging, but it will certainly be costly for any large internet companies that get attacked.

R-U-Dead-Yet? (RUDY)

RUDY attack targets web applications by starvation of available sessions on the web server. Much like Slowloris, RUDY keeps sessions at halt using never-ending POST transmissions and sending an arbitrarily large content-length header value.

SACK Panic

Manipulating maximum segment size and selective acknowledgement (SACK) it may be used by a remote peer to cause a denial of service by an integer overflow in the Linux kernel, causing even a Kernel panic. Jonathan Looney discovered CVE-2019-11477, CVE-2019-11478, CVE-2019-11479 on June 17, 2019.

Shrew attack

The shrew attack is a denial-of-service attack on the Transmission Control Protocol where the attacker employs man-in-the-middle techniques. It uses short synchronized bursts of traffic to disrupt TCP connections on the same link, by exploiting a weakness in TCP’s re-transmission timeout mechanism.^[73]

Slow Read attack

A slow read attack sends legitimate application layer requests, but reads responses very slowly, thus trying to exhaust the server’s connection pool. It is achieved by advertising a very small number for the TCP Receive Window size, and at the same time emptying clients’ TCP receive buffer slowly, which causes a very low data flow rate.

Sophisticated low-bandwidth Distributed Denial-of-Service Attack

A sophisticated low-bandwidth DDoS attack is a form of DoS that uses less traffic and increases their effectiveness by aiming at a weak point in the victim’s system design, i.e., the attacker sends traffic consisting of complicated requests to the system. Essentially, a sophisticated DDoS attack is lower in cost due to its use of less traffic, is smaller in size making it more difficult to identify, and it has the ability to hurt systems which are protected by flow control mechanisms.

(S)SYN flood

A SYN flood occurs when a host sends a flood of TCP/SYN packets, often with a forged sender address. Each of these packets are handled like a connection request, causing the server to spawn a half-open connection, by sending back a TCP/SYN-ACK packet (Acknowledge), and waiting for a packet in response from the sender address (response to the ACK Packet). However, because the sender address is forged, the response never comes. These half-open connections saturate the number of available connections the server can make, keeping it from responding to legitimate requests until after the attack ends.

Teardrop attacks

A teardrop attack involves sending mangled IP fragments with overlapping, oversized payloads to the target machine. This can crash various operating systems because of a bug in their TCP/IP fragmentation re-assembly code. Windows 3.1x, Windows 95 and Windows NT operating systems, as well as versions of Linux prior to versions 2.0.32 and 2.1.63 are vulnerable to this attack.

(Although in September 2009, a vulnerability in Windows Vista was referred to as a “teardrop attack”, this targeted SMB2 which is a higher layer than the TCP packets that teardrop used).

One of the fields in an IP header is the “fragment offset” field, indicating the starting position, or offset, of the data contained in a fragmented packet relative to the data in the original packet. If the sum of the offset and size of one fragmented packet differs from that of the next fragmented packet, the packets overlap. When this happens, a server vulnerable to teardrop attacks is unable to reassemble the packets – resulting in a denial-of-service condition.

Telephony denial-of-service (TDoS)

Voice over IP has made abusive origination of large numbers of telephone voice calls inexpensive and readily automated while permitting call origins to be misrepresented through caller ID spoofing.

TTL expiry attack

It takes more router resources to drop a packet with a TTL value of 1 or less than it does to forward a packet with higher TTL value. When a packet is dropped due to TTL expiry, the router CPU must generate and send an ICMP time exceeded response. Generating many of these responses can overload the router’s CPU.

UPnP attack

This attack uses an existing vulnerability in Universal Plug and Play (UPnP) protocol to get around a considerable amount of the present defense methods and flood a target’s network and servers. The attack is based on a DNS amplification technique, but the attack mechanism is a UPnP router which forwards requests from one outer source to another disregarding UPnP behavior rules. Using the UPnP router returns the data on an unexpected UDP port from a bogus IP address, making it harder to take simple action to shut down the traffic flood. According to the Imperva researchers, the most effective way to stop this attack is for companies to lock down UPnP routers.

tecnology

Quantum field theory

Quantum field theory, body of physical principles combining the elements of quantum mechanics with those of relativity to explain the behaviour of subatomic particles and their interactions via a variety of force fields.

Two examples of modern quantum field theories are quantum electrodynamics, describing the interaction of electrically charged particles and the electromagnetic force, and quantum chromo dynamics, representing the interactions of quarks and the strong force.

Designed to account for particle physics phenomena such as high energy collisions in which subatomic particles may be created or destroyed, quantum field theories have also found applications in other branches of physics.

The prototype of quantum field theories is quantum electrodynamics (QED), which provides a comprehensive mathematical framework for predicting and understanding the effects of electromagnetism on electrically charged matter at all energy levels. Electric and magnetic forces are regarded as arising from the emission and absorption of exchange particles called photons.

These can be represented as disturbances of electromagnetic fields, much as ripples on a lake are disturbances of the water. Under suitable conditions, photons may become entirely free of charged particles; they are then detectable as light and as other forms of electromagnetic radiation.

Similarly, particles such as electrons are themselves regarded as disturbances of their own quantized fields. Numerical predictions based on QED agree with experimental data to within one part in 10 million in some cases.

Shell atomic modelIn the shell atomic model, electrons occupy different energy levels, or shells. The K and L shells are shown for a neon atom.

READ MORE ON THIS TOPICatom: Quantum field theory and the standard modelDiract not only proposed the relativistic equation for the electron but also initiated the relativistic…

There is a widespread conviction among physicists that other forces in naturn the weak force responsible for radioactive beta decay; the strong force, which binds together the constituents of atomic nuclei; and perhaps also the gravitational force can be described by theories similar to QED. These theories are known collectively as gauge theories.

Each of the forces is mediated by its own set of exchange particles, and differences between the forces are reflected in the properties of these particles. For example, electromagnetic and gravitational forces operate over long distances, and their exchange particles the well studied and the as-yet-undetected graviton, respectively haven mass null

In contrast, the strong and weak forces operate only over distances shorter than the size of an atomic nucleus. Quantum chromo dynamics (QCD), the modern quantum field theory describing the effects of the strong force among quarks, predicts the existence of exchange particles called gluons, which are also massless as with QED but whose interactions occur in a way that essentially confines quarks to bound particles such as the proton and the neutron. T

weak force is carried by massive exchange particles the W and Z particles and is thus limited to an extremely short range, approximately 1 percent of the diameter of a typical atomic nucleus. Get exclusive access to content from our 1768 First Edition with your subscription.

The current theoretical understanding of the fundamental interactions of matter is based on quantum field theories of these forces. Research continues, however, to develop a single unified field theory that encompasses all the forces. In such a unified theory, all the forces would have a common origin and would be related by mathematical symmetries. T

simplest result would be that all the forces would have identical properties and that a mechanism called spontaneous symmetry breaking would account for the observed differences. A unified theory of electromagnetic and weak forces, the electroweak theory, has been developed and has received considerable experimental support. It is likely that this theory can be extended to include the strong force. There also exist theories that include the gravitational force, but these are more speculative.

tecnology

What is .onion domain?

The Tor browser is a powerful free tool for browsing the internet anonymously that also unlocks a portion of the deep web in the form of .onion addresses. If you own or are looking to create a website, you may want to learn how to create a .onion site to protect yourself and your visitors.

What is a .onion domain and how does it work?

A .onion domain is the address of a website that can only be accessed through the Tor anonymity browser. Regular browsers won’t be able to navigate the relay of proxy servers that will take users to your website.

How is it different from an ordinary domain?

Ordinary web domains, like .com, .org, .biz, and others are issued by the Internet Corporation for Assigned Names and Numbers (ICANN). There are thousands of different domains out there, but not all of them can be used by everyone (like .apple, for example). Users have to submit proposals to ICANN to register a domain and sub-domain (the part before the period). There are usually costs associated with registering and maintaining the domain of your choice.

Why would I want a .onion address?

A .onion domain has a few key advantages over an ordinary domain (but a few drawbacks as well). Its key feature – that it can only be accessed using a Tor browser – is both a drawback and an advantage. Tor is far from the most popular browser, and many people don’t even know it exists, so you shouldn’t expect massive traffic on your .onion site. However, the Tor browser affords numerous layers of anonymity that are not available on more popular browsers. If you want to ensure near-total anonymity for both you and your visitors, you can’t do much better than a Tor address.

When you create a .onion site, a domain name will automatically be generated for you. It will be a string of 16 random lowercase letters and numbers (from 2 to 7) that the Tor browser can use to navigate to your server. Unfortunately, these random strings cannot be any longer or shorter than 16 characters and are often hard to remember, making it difficult for users to memorize your website and easy for malicious users to create a similar but different domain to potentially confuse visitors.

However, this also means that you do not need to register with ICANN to create your own domain. You won’t need to hide your details from “whois” searches, and your ICANN account won’t be vulnerable to malicious takeovers. You will be completely in control of your privacy and your domain.

Creating a vanity domain – one featuring a recognizable word of your choice – is possible but computationally expensive. Facebook devoted considerable resources to achieving its .onion domain – facebookcorewwwi.onion – and they only needed 8 characters. Getting the exact 16 characters you want could take a single computer billions years to achieve.

How do I create a .onion domain?

1. Create a web server

Tor’s .onion service can give your existing web server a .onion domain if it’s configured correctly. However, the powerful anonymity provided by Tor isn’t worth much if your server leaks personal data or information that advanced users could use to identify you. Tor suggests binding your server to localhost. When you set up your .onion services later, you’ll create a virtual port that visitors can connect through so you don’t reveal your real IP address.

Make sure you also scrub your server of any other information that might identify you, your IP, or your location. Remove any reference to your server’s information from any error messages that might be sent to visitors.

2. Configure your server’s .onion services

To do this, you’ll have to open your “torrc” file, which is a text file you received when you set up your Tor browser. For more detailed information on how to modify this file to create a .onion server, follow the instructions on the Tor project’s website.

Once your setup is complete, turn on your Tor browser to generate a public key, or domain, for your website. After that, it’s up to you to distribute it and get people to visit your site. Just be sure not to share the private key with anyone!

tecnology

what is cyber security ?

Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It’s also known as information technology security or electronic information security. The term applies in a variety of contexts, from business to mobile computing, and can be divided into a few common categories.

· Network security is the practice of securing a computer network from intruders, whether targeted attackers or opportunistic malware.

· Application security focuses on keeping software and devices free of threats. A compromised application could provide access to the data its designed to protect. Successful security begins in the design stage, well before a program or device is deployed.

· Information security protects the integrity and privacy of data, both in storage and in transit.

· Operational security includes the processes and decisions for handling and protecting data assets. The permissions users have when accessing a network and the procedures that determine how and where data may be stored or shared all fall under this umbrella.

· Disaster recovery and business continuity define how an organization responds to a cyber-security incident or any other event that causes the loss of operations or data. Disaster recovery policies dictate how the organization restores its operations and information to return to the same operating capacity as before the event. Business continuity is the plan the organization falls back on while trying to operate without certain resources.

· End-user education addresses the most unpredictable cyber-security factor: people. Anyone can accidentally introduce a virus to an otherwise secure system by failing to follow good security practices. Teaching users to delete suspicious email attachments, not plug in unidentified USB drives, and various other important lessons is vital for the security of any organization.

The scale of the cyber threat

The global cyber threat continues to evolve at a rapid pace, with a rising number of data breaches each year. A report by RiskBased Security revealed that a shocking 7.9 billion records have been exposed by data breaches in the first nine months of 2019 alone. This figure is more than double (112%) the number of records exposed in the same period in 2018.

Medical services, retailers and public entities experienced the most breaches, with malicious criminals responsible for most incidents. Some of these sectors are more appealing to cyber criminals because they collect financial and medical data, but all businesses that use networks can be targeted for customer data, corporate espionage, or customer attacks.

With the scale of the cyber threat set to continue to rise, the International Data Corporation predicts that worldwide spending on cyber-security solutions will reach a massive $133.7 billion by 2022. Governments across the globe have responded to the rising cyber threat with guidance to help organizations implement effective cyber-security practices.

In the U.S., the National Institute of Standards and Technology (NIST) has created a cyber-security framework. To combat the proliferation of malicious code and aid in early detection, the framework recommends continuous, real-time monitoring of all electronic resources.

The importance of system monitoring is echoed in the “10 steps to cyber security”, guidance provided by the U.K. government’s National Cyber Security Centre. In Australia, The Australian Cyber Security Centre (ACSC) regularly publishes guidance on how organizations can counter the latest cyber-security threats.

Types of cyber threats

The threats countered by cyber-security are three-fold:

1. Cybercrime includes single actors or groups targeting systems for financial gain or to cause disruption.

2. Cyber-attack often involves politically motivated information gathering.

3. Cyberterrorism is intended to undermine electronic systems to cause panic or fear.

So, how do malicious actors gain control of computer systems? Here are some common methods used to threaten cyber-security:

Malware

Malware means malicious software. One of the most common cyber threats, malware is software that a cybercriminal or hacker has created to disrupt or damage a legitimate user’s computer. Often spread via an unsolicited email attachment or legitimate-looking download, malware may be used by cybercriminals to make money or in politically motivated cyber-attacks.

There are a number of different types of malware, including:

· Virus: A self-replicating program that attaches itself to clean file and spreads throughout a computer system, infecting files with malicious code.

· Trojans: A type of malware that is disguised as legitimate software. Cybercriminals trick users into uploading Trojans onto their computer where they cause damage or collect data.

· Spyware: A program that secretly records what a user does, so that cybercriminals can make use of this information. For example, spyware could capture credit card details.

· Ransomware: Malware which locks down a user’s files and data, with the threat of erasing it unless a ransom is paid.

· Adware: Advertising software which can be used to spread malware.

· Botnets: Networks of malware infected computers which cybercriminals use to perform tasks online without the user’s permission.

SQL injection

An SQL (structured language query) injection is a type of cyber-attack used to take control of and steal data from a database. Cybercriminals exploit vulnerabilities in data-driven applications to insert malicious code into a databased via a malicious SQL statement. This gives them access to the sensitive information contained in the database.

Phishing

Phishing is when cyber criminals target victims with emails that appear to be from a legitimate company asking for sensitive information. Phishing attacks are often used to dupe people into handing over credit card data and other personal information.

Man-in-the-middle attack

A man-in-the-middle attack is a type of cyber threat where a cybercriminal intercepts communication between two individuals in order to steal data. For example, on an unsecure WiFi network, an attacker could intercept data being passed from the victim’s device and the network.

Denial-of-service attack

A denial-of-service attack is where cybercriminals prevent a computer system from fulfilling legitimate requests by overwhelming the networks and servers with traffic. This renders the system unusable, preventing an organization from carrying out vital functions.

Latest cyber threats

What are the latest cyber threats that individuals and organizations need to guard against? Here are some of the most recent cyber threats that the U.K., U.S., and Australian governments have reported on.

Dridex malware

In December 2019, the U.S. Department of Justice (DoJ) charged the leader of an organized cyber-criminal group for their part in a global Dridex malware attack. This malicious campaign affected the public, government, infrastructure and business worldwide.

Dridex is a financial trojan with a range of capabilities. Affecting victims since 2014, it infects computers though phishing emails or existing malware. Capable of stealing passwords, banking details and personal data which can be used in fraudulent transactions, it has caused massive financial losses amounting to hundreds of millions.

In response to the Dridex attacks, the U.K.’s National Cyber Security Centre advises the public to “ensure devices are patched, anti-virus is turned on and up to date and files are backed up”.

Romance scams

In February 2020, the FBI warned U.S. citizens to be aware of confidence fraud that cyber criminals commit using dating sites, chat rooms and apps. Perpetrators take advantage of people seeking new partners, duping victims into giving away personal data.

The FBI reports that romance cyber threats affected 114 victims in New Mexico in 2019, with financial losses amounting to $1.6 million.

Emotet malware

In late 2019, The Australian Cyber Security Centre warned national organizations about a widespread global cyber threat from Emotet malware.

Emotet is a sophisticated trojan that can steal data and also load other malware. Emotet thrives on unsophisticated password: a reminder of the importance of creating a secure password to guard against cyber threats.

End-user protection

End-user protection or endpoint security is a crucial aspect of cyber security. After all, it is often an individual (the end-user) who accidentally uploads malware or another form of cyber threat to their desktop, laptop or mobile device.

So, how do cyber-security measures protect end users and systems? First, cyber-security relies on cryptographic protocols to encrypt emails, files, and other critical data. This not only protects information in transit, but also guards against loss or theft.

In addition, end-user security software scans computers for pieces of malicious code, quarantines this code, and then removes it from the machine. Security programs can even detect and remove malicious code hidden in Master Boot Record (MBR) and are designed to encrypt or wipe data from computer’s hard drive.

Electronic security protocols also focus on real-time malware detection. Many use heuristic and behavioral analysis to monitor the behavior of a program and its code to defend against viruses or Trojans that change their shape with each execution (polymorphic and metamorphic malware). Security programs can confine potentially malicious programs to a virtual bubble separate from a user’s network to analyze their behavior and learn how to better detect new infections.

Security programs continue to evolve new defenses as cyber-security professionals identify new threats and new ways to combat them. To make the most of end-user security software, employees need to be educated about how to use it. Crucially, keeping it running and updating it frequently ensures that it can protect users against the latest cyber threats.

Cyber safety tips – protect yourself against cyberattacks

How can businesses and individuals guard against cyber threats? Here are our top cyber safety tips:

1. Update your software and operating system: This means you benefit from the latest security patches.

2. Use anti-virus software: Security solutions like Kaspersky Total Security will detect and removes threats. Keep your software updated for the best level of protection.

3. Use strong passwords: Ensure your passwords are not easily guessable.

4. Do not open email attachments from unknown senders: These could be infected with malware.

5. Do not click on links in emails from unknown senders or unfamiliar websites:This is a common way that malware is spread.

6. Avoid using unsecure WiFi networks in public places: Unsecure networks leave you vulnerable to man-in-the-middle attacks

tecnology

what is network security?

Network security is the practice of preventing and protecting against unauthorized intrusion into corporate networks. As a philosophy, it complements endpoint security, which focuses on individual devices; network security instead focuses on how those devices interact, and on the connective tissue between them.

The venerable SANS Institute takes the definition of network security a bit farther:

Network security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users, and programs to perform their permitted critical functions within a secure environment.

But the overall thrust is the same: network security is implemented by the tasks and tools you use to prevent unauthorized people or programs from accessing your networks and the devices connected to them. In essence, your computer can’t be hacked if hackers can’t get to it over the network.

Network security basics

Definitions are fine as top-level statements of intent. But how do you lay out a plan for implementing that vision? Stephen Northcutt wrote a primer on the basics of network security for over a decade ago, but we feel strongly that his vision of the three phases of network security is still relevant and should be the underlying framework for your strategy. In his telling, network security consists of:

Protection: You should configure your systems and networks as correctly as possible
Detection: You must be able to identify when the configuration has changed or when some network traffic indicates a problem
Reaction: After identifying problems quickly, you must respond to them and return to a safe state as rapidly as possible

This, in short, is a defense in depth strategy. If there’s one common theme among security experts, it’s that relying on one single line of defense is dangerous, because any single defensive tool can be defeated by a determined adversary. Your network isn’t a line or a point: it’s a territory, and even if an attacker has invaded part of it, you still have the resources to regroup and expel them, if you’ve organized your defense properly.

Network security methods

To implement this kind of defense in depth, there are a variety of specialized techniques and types of network security you will want to roll out. Cisco, a networking infrastructure company, uses the following schema to break down the different types of network security, and while some of it is informed by their product categories, it’s a useful way to think about the different ways to secure a network.

Access control: You should be able to block unauthorized users and devices from accessing your network. Users that are permitted network access should only be able to work with the limited set of resources for which they’ve been authorized.
Anti-malware: Viruses, worms, and trojans by definition attempt to spread across a network, and can lurk dormant on infected machines for days or weeks. Your security effort should do its best to prevent initial infection and also root out malware that does make its way onto your network.
Application security: Insecure applications are often the vectors by which attackers get access to your network. You need to employ hardware, software, and security processes to lock those apps down.
Behavioral analytics: You should know what normal network behavior looks like so that you can spot anomalies or breaches as they happen.
Data loss prevention: Human beings are inevitably the weakest security link. You need to implement technologies and processes to ensure that staffers don’t deliberately or inadvertently send sensitive data outside the network.
Email security: Phishing is one of the most common ways attackers gain access to a network. Email security tools can block both incoming attacks and outbound messages with sensitive data.
Firewalls: Perhaps the granddaddy of the network security world, they follow the rules you define to permit or deny traffic at the border between your network and the internet, establishing a barrier between your trusted zone and the wild west outside. They don’t preclude the need for a defense-in-depth strategy, but they’re still a must-have.
Intrusion detection and prevention: These systems scan network traffic to identify and block attacks, often by correlating network activity signatures with databases of known attack techniques.
Mobile device and wireless security: Wireless devices have all the potential security flaws of any other networked gadget — but also can connect to just about any wireless network anywhere, requiring extra scrutiny.
Network segmentation: Software-defined segmentation puts network traffic into different classifications and makes enforcing security policies easier.
Security information and event management (SIEM): These products aim to automatically pull together information from a variety of network tools to provide data you need to identify and respond to threats.
VPN: A tool (typically based on IPsec or SSL) that authenticates the communication between a device and a secure network, creating a secure, encrypted “tunnel” across the open internet.
Web security: You need to be able to control internal staff’s web use in order to block web-based threats from using browsers as a vector to infect your network.

Network security and the cloud

More and more enterprises are offloading some of their computing needs to cloud service providers, creating hybrid infrastructures where their own internal network has to interoperate seamlessly — and securely — with servers hosted by third parties. Sometimes this infrastructure itself is a self-contained network, which can be either physical (several cloud servers working together) or virtual (multiple VM instances running together and “networking” with each other on a single physical server).

To handle the security aspects, many cloud vendors establish centralized security control policies on their own platform. However, the trick here is that those security systems won’t always match up with your policies and procedures for your internal networks, and this mismatch can add to the workload for network security pros. There are a variety of tools and techniques available to you that can help ease some of this worry, but the truth is that this area is still in flux and the convenience of the cloud can mean network security headaches for you.

Network security software

To cover all those bases, you’ll need a variety of software and hardware tools in your toolkit. Most venerable, as we’ve noted, is the firewall. The drumbeat has been to say that the days when a firewall was the sum total of your network security is long gone, with defense in depth needed to fight threats behind (and even in front of) the firewall. Indeed, it seems that one of the nicest things you can say about a firewall product in a review is that calling it a firewall is selling it short.

But firewalls can’t be jettisoned entirely. They’re properly one element in your hybrid defense-in-depth strategy. And as eSecurity Planet explains, there are a number of different firewall types, many of which map onto the different types of network security we covered earlier:

Network firewalls
Next-generation firewalls
Web application firewalls
Database firewalls
Unified threat management
Cloud firewalls
Container firewalls
Network segmentation firewalls

Beyond the firewall, a network security pro will deploy a number of tools to keep track of what’s happening on their networks. Some of these tools are corporate products from big vendors, while others come in the form of free, open source utilities that sysadmins have been using since the early days of Unix. A great resource is SecTools.org, which maintains a charmingly Web 1.0 website that keeps constant track of the most popular network security tools, as voted on by users. Top categories include:

Packet sniffers, which give deep insight into data traffic
Vulnerability scanners like Nessus
Intrusion detection and prevention software, like the legendary Snort
Penetration testing software

That last category might raise some eyebrows — after all, what’s penetration testing if not an attempt to hack into a network? But part of making sure you’re locked down involves seeing how hard or easy it is to break in, and pros know it; ethical hacking is an important part of network security. That’s why you’ll see tools like Aircrack — which exists to sniff out wireless network security keys — alongside staid corporate offerings that cost tens of thousands of dollars on the SecTools.org list.

In an environment where you need to get many tools to work together, you might also want to deploy SIEM software, which we touched on above. SIEM products evolved from logging software, and analyze network data collected by a number of different tools to detect suspicious behavior on your network.

tecnology

what is cryptography ?/technology

Cryptography is a method of protecting information and communications through the use of codes, so that only those for whom the information is intended can read and process it. The prefix “crypt-” means “hidden” or “vault” — and the suffix “-graphy” stands for “writing.

In computer science, cryptography refers to secure information and communication techniques derived from mathematical concepts and a set of rule-based calculations called algorithms, to transform messages in ways that are hard to decipher. These deterministic algorithms are used for cryptographic key generation, digital signing, verification to protect data privacy, web browsing on the internet, and confidential communications such as credit card transactions and email.

Cryptography techniques

Cryptography is closely related to the disciplines of cryptology and cryptanalysis. It includes techniques such as microdots, merging words with images, and other ways to hide information in storage or transit. However, in today’s computer-centric world, cryptography is most often associated with scrambling plaintext (ordinary text, sometimes referred to as cleartext) into ciphertext (a process called encryption), then back again (known as decryption). Individuals who practice this field are known as cryptographers

Modern cryptography concerns itself with the following four objectives:

Confidentiality: the information cannot be understood by anyone for whom it was unintended
Integrity: the information cannot be altered in storage or transit between sender and intended receiver without the alteration being detected
Non-repudiation: the creator/sender of the information cannot deny at a later stage his or her intentions in the creation or transmission of the information
Authentication: the sender and receiver can confirm each other’s identity and the origin/destination of the information

Procedures and protocols that meet some or all of the above criteria are known as cryptosystems. Cryptosystems are often thought to refer only to mathematical procedures and computer programs; however, they also include the regulation of human behavior, such as choosing hard-to-guess passwords, logging off unused systems, and not discussing sensitive procedures with outsiders.

Cryptographic algorithms

Cryptosystems use a set of procedures known as cryptographic algorithms, or ciphers, to encrypt and decrypt messages to secure communications among computer systems, devices such as smartphones, and applications. A cipher suite uses one algorithm for encryption, another algorithm for message authentication, and another for key exchange. This process, embedded in protocols and written in software that runs on operating systems and networked computer systems, involves public and private key generation for data encryption/decryption, digital signing and verification for message authentication, and key exchange.

Types of cryptography

Single-key or symmetric-key encryption algorithms create a fixed length of bits known as a block cipher with a secret key that the creator/sender uses to encipher data (encryption) and the receiver uses to decipher it. Types of symmetric-key cryptography include the Advanced Encryption Standard (AES), a specification established in November 2001 by the National Institute of Standards and Technology as a Federal Information Processing Standard (FIPS 197), to protect sensitive information. The standard is mandated by the U.S. government and widely used in the private sector.

In June 2003, AES was approved by the U.S. government for classified information. It is a royalty-free specification implemented in software and hardware worldwide. AES is the successor to the Data Encryption Standard (DES) and DES3. It uses longer key lengths (128-bit, 192-bit, 256-bit) to prevent brute force and other attacks.

Public-key or asymmetric-key encryption algorithms use a pair of keys, a public key associated with the creator/sender for encrypting messages and a private key that only the originator knows (unless it is exposed or they decide to share it) for decrypting that information. The types of public-key cryptography include RSA, used widely on the internet; Elliptic Curve Digital Signature Algorithm (ECDSA) used by Bitcoin; Digital Signature Algorithm (DSA) adopted as a Federal Information Processing Standard for digital signatures by NIST in FIPS 186-4; and Diffie-Hellman key exchange.

To maintain data integrity in cryptography, hash functions, which return a deterministic output from an input value, are used to map data to a fixed data size. Types of cryptographic hash functions include SHA-1 (Secure Hash Algorithm 1), SHA-2 and SHA-3.

Cryptography concerns

Attackers can bypass cryptography, hack into computers that are responsible for data encryption and decryption, and exploit weak implementations, such as the use of default keys. However, cryptography makes it harder for attackers to access messages and data protected by encryption algorithms.

Growing concerns about the processing power of quantum computing to break current cryptography encryption standards led the National Institute of Standards and Technology (NIST) to put out a call for papers among the mathematical and science community in 2016 for new public key cryptography standards. Unlike today’s computer systems, quantum computing uses quantum bits (qubits) that can represent both 0s and 1s, and therefore perform two calculations at once.

While a large-scale quantum computer may not be built in the next decade, the existing infrastructure requires standardization of publicly known and understood algorithms that offer a secure approach, according to NIST. The deadline for submissions was in November 2017, analysis of the proposals is expected to take three to five years.

History of cryptography

The word “cryptography” is derived from the Greek kryptos, meaning hidden. The origin of cryptography is usually dated from about 2000 B.C., with the Egyptian practice of hieroglyphics. These consisted of complex pictograms, the full meaning of which was only known to an elite few. The first known use of a modern cipher was by Julius Caesar (100 B.C. to 44 B.C.), who did not trust his messengers when communicating with his governors and officers. For this reason, he created a system in which each character in his messages was replaced by a character three positions ahead of it in the Roman alphabet.

Margaret Rouse asks:Cryptography is used almost everywhere on the internet and in the enterprise. What is the most surprising cryptographic use case you’ve encountered?Join the Discussion

In recent times, cryptography has turned into a battleground of some of the world’s best mathematicians and computer scientists. The ability to securely store and transfer sensitive information has proved a critical factor in success in war and business.

Because governments do not wish certain entities in and out of their countries to have access to ways to receive and send hidden information that may be a threat to national interests, cryptography has been subject to various restrictions in many countries, ranging from limitations of the usage and export of software to the public dissemination of mathematical concepts that could be used to develop cryptosystems. However, the internet has allowed the spread of powerful programs and, more importantly, the underlying techniques of cryptography, so that today many of the most advanced cryptosystems and ideas are now in the public domain.

tecnology

What is computer virus ?

A computer virus, much like a flu virus, is designed to spread from host to host and has the ability to replicate itself. Similarly, in the same way that flu viruses cannot reproduce without a host cell, computer viruses cannot reproduce and spread without programming such as a file or document.

In more technical terms, a computer virus is a type of malicious code or program written to alter the way a computer operates and is designed to spread from one computer to another. A virus operates by inserting or attaching itself to a legitimate program or document that supports macros in order to execute its code. In the process, a virus has the potential to cause unexpected or damaging effects, such as harming the system software by corrupting or destroying data.

How does a computer virus attack?

Once a virus has successfully attached to a program, file, or document, the virus will lie dormant until circumstances cause the computer or device to execute its code. In order for a virus to infect your computer, you have to run the infected program, which in turn causes the virus code to be executed.

This means that a virus can remain dormant on your computer, without showing major signs or symptoms. However, once the virus infects your computer, the virus can infect other computers on the same network. Stealing passwords or data, logging keystrokes, corrupting files, spamming your email contacts, and even taking over your machine are just some of the devastating and irritating things a virus can do.

While some viruses can be playful in intent and effect, others can have profound and damaging effects. This includes erasing data or causing permanent damage to your hard disk. Worse yet, some viruses are designed with financial gains in mind.

How do computer viruses spread?

In a constantly connected world, you can contract a computer virus in many ways, some more obvious than others. Viruses can be spread through email and text message attachments, Internet file downloads, and social media scam links. Your mobile devices and smartphones can become infected with mobile viruses through shady app downloads. Viruses can hide disguised as attachments of socially shareable content such as funny images, greeting cards, or audio and video files.

To avoid contact with a virus, it’s important to exercise caution when surfing the web, downloading files, and opening links or attachments. To help stay safe, never download text or email attachments that you’re not expecting, or files from websites you don’t trust.

What are the signs of a computer virus?

A computer virus attack can produce a variety of symptoms. Here are some of them:

Frequent pop-up windows. Pop-ups might encourage you to visit unusual sites. Or they might prod you to download antivirus or other software programs.
Changes to your homepage. Your usual homepage may change to another website, for instance. Plus, you may be unable to reset it.
Mass emails being sent from your email account. A criminal may take control of your account or send emails in your name from another infected computer.
Frequent crashes. A virus can inflict major damage on your hard drive. This may cause your device to freeze or crash. It may also prevent your device from coming back on.
Unusually slow computer performance. A sudden change of processing speed could signal that your computer has a virus.
Unknown programs that start up when you turn on your computer. You may become aware of the unfamiliar program when you start your computer. Or you might notice it by checking your computer’s list of active applications.
Unusual activities like password changes. This could prevent you from logging into your computer.

How to help protect against computer viruses?

How can you help protect your devices against computer viruses? Here are some of the things you can do to help keep your computer safe.

Use a trusted antivirus product, such as Norton AntiVirus Basic, and keep it updated with the latest virus definitions. Norton Security Premium offers additional protection for even more devices, plus backup.
Avoid clicking on any pop-up advertisements.
Always scan your email attachments before opening them.
Always scan the files that you download using file sharing programs.

tecnology

What is hacking ?

A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network. Hackers may be motivated by a multitude of reasons, such as profit, protest, information gathering, challenge, recreation, or to evaluate system weaknesses to assist in formulating defenses against potential hackers. The subculture that has evolved around hackers is often referred to as the “computer underground”.

*Longstanding controversy surrounds the meaning of the term “hacker“. In this controversy, computer programmers reclaim the term hacker, arguing that it refers simply to someone with an advanced understanding of computers and computer networks and that cracker is the more appropriate term for those who break into computers, whether computer criminals (black hats) or computer security experts (white hats). A 2014 article noted that “… the black-hat meaning still prevails among the general public

Different types of attack

A typical approach in an attack on Internet-connected system is:

Network enumeration: Discovering information about the intended target.
Vulnerability analysis: Identifying potential ways of attack.
Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis.

In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.

Security exploits

A security exploit is a prepared application that takes advantage of a known weakness. Common examples of security exploits are SQL injection, cross-site scripting and cross-site request forgery which abuse security holes that may result from substandard programming practice. Other exploits would be able to be used through File Transfer Protocol (FTP), Hypertext Transfer Protocol (HTTP), PHP, SSH, Telnet and some Web pages. These are very common in Web site and Web domain hacking.

Techniques

Vulnerability scanner

A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are “open” or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. (Firewalls defend computers from intruders by limiting access to ports and machines, but they can still be circumvented.)

Finding vulnerabilities

Hackers may also attempt to find vulnerabilities manually. A common approach is to search for possible vulnerabilities in the code of the computer system then test them, sometimes reverse engineering the software if the code is not provided. Experienced hackers can easily find patterns in code to find common vulnerabilities.

Brute-force attack

NoPassword guessing. This method is very fast when used to check all short passwords, but for longer passwords other methods such as the dictionary attack are used, because of the time a brute-force search takes.

Password cracking

Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. Common approaches include repeatedly trying guesses for the password, trying the most common passwords by hand, and repeatedly trying passwords from a “dictionary”, or a text file with many passwords.

Packet analyzer

A packet analyzer (“packet sniffer”) is an application that captures data packets, which can be used to capture passwords and other data in transit over the network.

Spoofing attack (phishing)

A spoofing attack involves one program, system or website that successfully masquerades as another by falsifying data and is thereby treated as a trusted system by a user or another program — usually to fool programs, systems or users into revealing confidential information, such as user names and passwords.

Rootkit

A rootkit is a program that uses low-level, hard-to-detect methods to subvert control of an operating system from its legitimate operators. Rootkits usually obscure their installation and attempt to prevent their removal through a subversion of standard system security. They may include replacements for system binaries, making it virtually impossible for them to be detected by checking process tables.

Social engineering

In the second stage of the targeting process, hackers often use social engineering tactics to get enough information to access the network. They may contact the system administrator and pose as a user who cannot get access to his or her system. This technique is portrayed in the 1995 film Hackers, when protagonist Dade “Zero Cool” Murphy calls a somewhat clueless employee in charge of security at a television network. Posing as an accountant working for the same company, Dade tricks the employee into giving him the phone number of a modem so he can gain access to the company’s computer system.

MyTrojan horses

A Trojan horse is a program that seems to be doing one thing but is actually doing another. It can be used to set up a back door in a computer system, enabling the intruder to gain access later. (The name refers to the horse from the Trojan War, with the conceptually similar function of deceiving defenders into bringing an intruder into a protected area.)

Computer virus

A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. By doing this, it behaves similarly to a biological virus, which spreads by inserting itself into living cells. While some viruses are harmless or mere hoaxes, most are considered malicious.

Computer worm

Like a virus, a worm is also a self-replicating program. It differs from a virus in that (a.) it propagates through computer networks without user intervention; and (b.) does not need to attach itself to an existing program. Nonetheless, many people use the terms “virus” and “worm” interchangeably to describe any self-propagating program.

Keystroke logging

A keylogger is a tool designed to record (“log”) every keystroke on an affected machine for later retrieval, usually to allow the user of this tool to gain access to confidential information typed on the affected machine. Some keyloggers use virus-, trojan-, and rootkit-like methods to conceal themselves. However, some of them are used for legitimate purposes, even to enhance computer security. For example, a business may maintain a keylogger on a computer used at a point of sale to detect evidence of employee fraud.

Attack patterns

Attack patterns are defined as series of repeatable steps that can be applied to simulate an attack against the security of a system. They can be used for testing purposes or locating potential vulnerabilities. They also provide, either physically or in reference, a common solution pattern for preventing a given attack.

Types of Hackers around the Globe

White, black, and grey refer to the relationship between the hacker and the systems they are attacking.

‘Black Hat’ Hackers

The term “black hat” originated from Western movies, where the bad guys wore black hats and the good guys wore white hats.^[1]

A black-hat hacker is an individual who attempts to gain unauthorized entry into a system or network to exploit them for malicious reasons. The black-hat hacker does not have any permission or authority to compromise their targets. They try to inflict damage by compromising security systems, altering functions of websites and networks, or shutting down systems. They often do so to steal or gain access to passwords, financial information, and other personal data.

‘White Hat’ Hackers

White-hat hackers, on the other hand, are deemed to be the good guys, working with organizations to strengthen the security of a system. A white hat has permission to engage the targets and to compromise them within the prescribed rules of engagement.

White-hat hackers are often referred to as ethical hackers. This individual specializes in ethical hacking tools, techniques, and methodologies to secure an organization’s information systems.

Unlike black-hat hackers, ethical hackers exploit security networks and look for backdoors when they are legally permitted to do so. White-hat hackers always disclose every vulnerability they find in the company’s security system so that it can be fixed before they are being exploited by malicious actors.

Some Fortune 50 companies like Facebook, Microsoft, and Google also use white-hat hackers.

‘Grey Hat’ Hackers

Grey hats exploit networks and computer systems in the way that black hats do, but do so without any malicious intent, disclosing all loopholes and vulnerabilities to law enforcement agencies or intelligence agencies.

Usually, grey-hat hackers surf the net and hack into computer systems to notify the administrator or the owner that their system/network contains one or more vulnerabilities that must be fixed immediately. Grey hats may also extort the hacked, offering to correct the defect for a nominal fee.

tecnology

What is Amazon Web services (AWS)?

What is Cloud Computing?

Cloud computing is a term referred to storing and accessing data over the internet. It doesn’t store any data on the hard disk of your personal computer. In cloud computing, you can access data from a remote server.

What is AWS?

Amazon web service is a platform that offers flexible, reliable, scalable, easy-to-use and cost-effective cloud computing solutions.

AWS is a comprehensive, easy to use computing platform offered Amazon. The platform is developed with a combination of infrastructure as a service (IaaS), platform as a service (PaaS) and packaged software as a service (SaaS) offerings.

In this tutorial, you will learn,

History of AWS

2002- AWS services launched
2006- Launched its cloud products
2012- Holds first customer event
2015- Reveals revenues achieved of $4.6 billion
2016- Surpassed $10 billon revenue target
2016- Release snowball and snowmobile
2019- Offers nearly 100 cloud services

Important AWS Services

Amazon Web Services offers a wide range of different business purpose global cloud-based products. The products include storage, databases, analytics, networking, mobile, development tools, enterprise applications, with a pay-as-you-go pricing model.

ustomer Engagement

Amazon Connect — Amazon Connect allows you to create your customer care centerin the cloud.
Pinpoint — Pinpoint helps you to understand your users and engage with them.
SES (Simple Email Service) — Helps you to send bulkemails to your customers at a relatively cost-effective price.

Game Development

GameLift– It is a service which is managed by AWS. You can use this service to host dedicated game servers. It allows you to scale seamlessly without taking your game offline.

Applications of AWS services

Amazon Web services are widely used for various computing purposes like:

Web site hosting
Application hosting/SaaS hosting
Media Sharing (Image/ Video)
Mobile and Social Applications
Content delivery and Media Distribution
Storage, backup, and disaster recovery
Development and test environments
Academic Computing
Search Engines
Social Networking

Companies using AWS

Instagram
Zoopla
Smugmug
Pinterest
Netflix
Dropbox
Etsy
Talkbox
Playfish
Ftopia

Advantages of AWS

Following are the pros of using AWS services:

AWS allows organizations to use the already familiar programming models, operating systems, databases, and architectures.
It is a cost-effective service that allows you to pay only for what you use, without any up-front or long-term commitments.
You will not require to spend money on running and maintaining data centers.
Offers fast deployments
You can easily add or remove capacity.
You are allowed cloud access quickly with limitless capacity.
Total Cost of Ownership is very low compared to any private/dedicated servers.
Offers Centralized Billing and management
Offers Hybrid Capabilities
Allows you to deploy your application in multiple regions around the world with just a few clicks

Disadvantages of AWS

If you need more immediate or intensive assistance, you’ll have to opt for paid support packages.
Amazon Web Services may have some common cloud computing issues when you move to a cloud. For example, downtime, limited control, and backup protection.
AWS sets default limits on resources which differ from region to region. These resources consist of images, volumes, and snapshots.
Hardware-level changes happen to your application which may not offer the best performance and usage of your applications.

Best practices of AWS

*You need to design for failure, but nothing will fail.
It’s important to decouple all your components before using AWS services.
You need to keep dynamic data closer to compute and static data closer to the user.
It’s important to know security and performance tradeoffs.
Pay for computing capacity by the hourly payment method.
Make a habit of a one-time payment for each instance you want to reserve and to receive a significant discount on the hourly charge

tecnology

What is Laser weapon ?

A laser weapon is a directed-energy weapon based on lasers. After decades of R&D, as of January 2020 directed-energy weapons including lasers are still at the experimental stage and it remains to be seen if or when they will be deployed as practical, high-performance military weapons. Atmospheric thermal blooming has been a major problem, still mostly unsolved and worsened if there is fog, smoke, dust, rain, snow, smog, foam, or purposely dispersed obscurant chemicals in the air. Essentially, laser generates a beam of light which needs clear air, or a vacuum to work without thermal blooming. Laser and other directed-energy weapons have been a staple in science fiction since their inception however.

Many types of laser can potentially be used as incapacitating weapons, through their ability to produce temporary or permanent vision loss when aimed at the eyes. The degree, character, and duration of vision impairment caused by eye exposure to laser light varies with the power of the laser, the wavelength(s), the collimation of the beam, the exact orientation of the beam, and the duration of exposure. Lasers of even a fraction of a watt in power can produce immediate, permanent vision loss under certain conditions, making such lasers potential non-lethal but incapacitating weapons. The extreme handicap that laser-induced blindness represents makes the use of lasers even as non-lethal weapons morally controversial, and weapons designed to cause permanent blindness have been banned by the Protocol on Blinding Laser Weapons.

Weapons designed to cause temporary blindness, known as dazzlers, are used by military and sometimes law enforcement organizations. Incidents of pilots being exposed to lasers while flying have prompted aviation authorities to implement special procedures to deal with such hazards. See Lasers and aviation safety for more on this topic.

Laser weapons capable of directly damaging or destroying a target in combat are still in the experimental stage. The general idea of laser-beam weaponry is to hit a target with a train of brief pulses of light. The rapid evaporation and expansion of the surface causes shockwaves that damage the target.^{[citation needed]} The power needed to project a high-powered laser beam of this kind is beyond the limit of current mobile power technology, thus favoring chemically powered gas dynamic lasers. Example experimental systems included MIRACL and the Tactical High Energy Laser, which are now discontinued.

The United States Navy has tested the very short range (1 mile), 30-kW Laser Weapon System or LaWS to be used against targets like small UAVs, rocket-propelled grenades, and visible motorboat or helicopter engines. It has been defined as “six welding lasers strapped together.” A 60 kW system, HELIOS, is being developed as of 2020^[8]

Overview

Laser-based directed-energy weapons are being developed, such as Boeing’s Airborne Laser which was constructed inside a Boeing 747. Designated the YAL-1, it was intended to kill short- and intermediate-range ballistic missiles in their boost phase.

Another example of direct use of a laser as a defensive weapon was researched for the Strategic Defense Initiative (SDI, nicknamed “Star Wars“), and its successor programs. This project would use ground-based or space-based laser systems to destroy incoming intercontinental ballistic missiles (ICBMs). The practical problems of using and aiming these systems were many; particularly the problem of destroying ICBMs at the most opportune moment, the boost phase just after launch. This would involve directing a laser through a large distance in the atmosphere, which, due to optical scattering and refraction, would bend and distort the laser beam, complicating the aiming of the laser and reducing its efficiency.

Electrolaser

An electrolaser first ionizes its target path, and then sends a powerful electric current down the conducting track of ionized plasma, somewhat like lightning. It functions as a giant, high-energy, long-distance version of the Taser or stun gun.

Pulse energy

Pulsed Energy Projectile or PEP systems emit an infrared laser pulse which creates rapidly expanding plasma at the target. The resulting sound, shock and electromagnetic waves stun the target and cause pain and temporary paralysis. The weapon is under development and is intended as a non-lethal weapon in crowd control though it can also be used as a lethal weapon.