Jumat, 22 Februari 2013

2013 : The Years of Cyberwar !



Cyberwarfare refers to politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare although this analogy is controversial for both its accuracy and its political motivation.

U.S. government security expert Richard A. Clarke, in his book Cyber War (May 2010), defines "cyberwarfare" as "actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption." The Economist describes cyberspace as "the fifth domain of warfare," and William J. Lynn, U.S. Deputy Secretary of Defense, states that "as a doctrinal matter, the Pentagon has formally recognized cyberspace as a new domain in warfare . . . [which] has become just as critical to military operations as land, sea, air, and space."

In 2009, President Barack Obama declared America's digital infrastructure to be a "strategic national asset," and in May 2010 the Pentagon set up its new U.S. Cyber Command (USCYBERCOM), headed by General Keith B. Alexander, director of the National Security Agency (NSA), to defend American military networks and attack other countries' systems. The EU has set up ENISA (European Network and Information Security Agency) which is headed by Prof. Udo Helmbrecht and there are now further plans to significantly expand ENISA's capabilities. The United Kingdom has also set up a cyber-security and "operations centre" based in Government Communications Headquarters (GCHQ), the British equivalent of the NSA. In the U.S. however, Cyber Command is only set up to protect the military, whereas the government and corporate infrastructures are primarily the responsibility respectively of the Department of Homeland Security and private companies.

In February 2010, top American lawmakers warned that the "threat of a crippling attack on telecommunications and computer networks was sharply on the rise." According to The Lipman Report, numerous key sectors of the U.S. economy along with that of other nations, are currently at risk, including cyber threats to public and private facilities, banking and finance, transportation, manufacturing, medical, education and government, all of which are now dependent on computers for daily operations. In 2009, President Obama stated that "cyber intruders have probed our electrical grids."

The Economist writes that China has plans of "winning informationised wars by the mid-21st century". They note that other countries are likewise organizing for cyberwar, among them Russia, Israel and North Korea. Iran boasts of having the world's second-largest cyber-army. James Gosler, a government cybersecurity specialist, worries that the U.S. has a severe shortage of computer security specialists, estimating that there are only about 1,000 qualified people in the country today, but needs a force of 20,000 to 30,000 skilled experts. At the July 2010 Black Hat computer security conference, Michael Hayden, former deputy director of national intelligence, challenged thousands of attendees to help devise ways to "reshape the Internet's security architecture", explaining, "You guys made the cyberworld look like the north German plain.



Methods of attack


Cyberwarfare consists of many different threats:
  • Espionage and national security breaches

Cyber espionage is the act or practice of obtaining secrets (sensitive, proprietary or classified information) from individuals, competitors, rivals, groups, governments and enemies also for military, political, or economic advantage using illegal exploitation methods on internet, networks, software and or computers. Classified information that is not handled securely can be intercepted and even modified, making espionage possible from the other side of the world. Specific attacks on the United States have been given codenames like Titan Rain and Moonlight Maze. General Alexander notes that the recently established Cyber Command is currently trying to determine whether such activities as commercial espionage or theft of intellectual property are criminal activities or actual "breaches of national security."[10]

  • Sabotage

Computers and satellites that coordinate other activities are vulnerable components of a system and could lead to the disruption of equipment. Compromisation of military systems, such as C4ISTAR components that are responsible for orders and communications could lead to their interception or malicious replacement. Power, water, fuel, communications, and transportation infrastructure all may be vulnerable to disruption. According to Clarke, the civilian realm is also at risk, noting that the security breaches have already gone beyond stolen credit card numbers, and that potential targets can also include the electric power grid, trains, or the stock market.

In mid July 2010, security experts discovered a malicious software program called Stuxnet that had infiltrated factory computers and had spread to plants around the world. It is considered "the first attack on critical industrial infrastructure that sits at the foundation of modern economies," notes The New York Times.

  • Denial-of-service attack

Main article: DoS
In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers.

  • Electrical power grid

The federal government of the United States admits that the electric power transmission is susceptible to cyberwarfare. The United States Department of Homeland Security works with industry to identify vulnerabilities and to help industry enhance the security of control system networks, the federal government is also working to ensure that security is built in as the next generation of "smart grid" networks are developed. In April 2009, reports surfaced that China and Russia had infiltrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national security officials. The North American Electric Reliability Corporation (NERC) has issued a public notice that warns that the electrical grid is not adequately protected from cyber attack. China denies intruding into the U.S. electrical grid. One countermeasure would be to disconnect the power grid from the Internet and run the net with droop speed control only. Massive power outages caused by a cyber attack, could disrupt the economy, distract from a simultaneous military attack, or create a national trauma.

Howard Schmidt, Cyber-Security Coordinator of the US, commented on those possibilities:
It’s possible that hackers have gotten into administrative computer systems of utility companies, but says those aren’t linked to the equipment controlling the grid, at least not in developed countries. [Schmidt] has never heard that the grid itself has been hacked.


Motivations
  • Military

In the U.S., General Keith B. Alexander, first head of the recently formed USCYBERCOM, told the Senate Armed Services Committee that computer network warfare is evolving so rapidly that there is a "mismatch between our technical capabilities to conduct operations and the governing laws and policies. Cyber Command is the newest global combatant and its sole mission is cyberspace, outside the traditional battlefields of land, sea, air and space." It will attempt to find and, when necessary, neutralize cyberattacks and to defend military computer networks.

Alexander sketched out the broad battlefield envisioned for the computer warfare command, listing the kind of targets that his new headquarters could be ordered to attack, including "traditional battlefield prizes – command-and-control systems at military headquarters, air defense networks and weapons systems that require computers to operate."

One cyber warfare scenario, Cyber ShockWave, which was wargamed on the cabinet level by former administration officials, raised issues ranging from the National Guard to the power grid to the limits of statutory authority.

The distributed nature of internet based attacks means that it is difficult to determine motivation and attacking party, meaning that it is unclear when a specific act should be considered an act of war.

Other cyberwarfares caused from political motivations can be found worldwide. In 2008, Russia began a cyber attack to Georgian government website, which was carried out along with military operation in South Ossetia. In 2008, Chinese 'nationalist hackers' attacked CNN as CNN announced on Chinese repression on Tibet.

  • Civil

Potential targets in internet sabotage include all aspects of the Internet from the backbones of the web, to the Internet Service Providers, to the varying types of data communication mediums and network equipment. This would include: web servers, enterprise information systems, client server systems, communication links, network equipment, and the desktops and laptops in businesses and homes. Electrical grids and telecommunication systems are also deemed vulnerable, especially due to current trends in automation.[citation needed]

  • Private sector


Computer hacking represents a modern threat in ongoing industrial espionage and as such is presumed to widely occur. It is typical that this type of crime is underreported. According to McAfee's George Kurtz, corporations around the world face millions of cyberattacks a day. "Most of these attacks don’t gain any media attention or lead to strong political statements by victims." This type of crime is usually financially motivated.


Cyberwarfare by country


The Internet security company McAfee stated in their 2007 annual report that approximately 120 countries have been developing ways to use the Internet as a weapon and target financial markets, government computer systems and utilities.


Cyber counterintelligence

Cyber counter-intelligence are measures to identify, penetrate, or neutralize foreign operations that use cyber means as the primary tradecraft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions.

  1. On 7 April 2009, The Pentagon announced they spent more than $100 million in the last six months responding to and repairing damage from cyber attacks and other computer network problems.
  2. On 1 April 2009, U.S. lawmakers pushed for the appointment of a White House cyber security "czar" to dramatically escalate U.S. defenses against cyber attacks, crafting proposals that would empower the government to set and enforce security standards for private industry for the first time.
  3. On 9 February 2009, the White House announced that it will conduct a review of the nation's cyber security to ensure that the Federal government of the United States cyber security initiatives are appropriately integrated, resourced and coordinated with the United States Congress and the private sector.

In the wake of the cyberwar of 2007 waged against Estonia, NATO established the Cooperative Cyber Defence Centre of Excellence (CCD CoE) in Tallinn, Estonia, in order to enhance the organization’s cyber defence capability. The center was formally established on 14 May 2008, and it received full accreditation by NATO and attained the status of International Military Organization on 28 October 2008.[68] Since Estonia has led international efforts to fight cybercrime, the United States Federal Bureau of Investigation says it will permanently base a computer crime expert in Estonia in 2009 to help fight international threats against computer systems.

One of the hardest issues in cyber counterintelligence is the problem of "Attribution". Unlike conventional warfare, figuring out who is behind an attack can be very difficult.[70] However Defense Secretary Leon Panetta has claimed that the United States has the capability to trace attacks back to their sources and hold the attackers "accountable".




Controversy over terms.


There is debate on whether the term "cyberwarfare" is accurate. In October 2011, for instance, the Journal of Strategic Studies, a leading journal in that field, published an article by Thomas Rid, "Cyber War Will Not Take Place." An act of cyber war would have to be potentially lethal, instrumental, and political. Then not one single cyber offense on record constitutes an act of war on its own. Instead, all politically motivated cyber attacks, Rid argued, are merely sophisticated versions of three activities that are as old as warfare itself: sabotage, espionage, and subversion.

Howard Schmidt, an American cybersecurity expert, argued in March 2010 that "there is no cyberwar... I think that is a terrible metaphor and I think that is a terrible concept. There are no winners in that environment." Other experts, however, believe that this type of activity already constitutes a war. The warfare analogy is often seen intended to motivate a militaristic response when that is not necessarily appropriate. Ron Deibert, of Canada's Citizen Lab, has warned of a "militarization of cyberspace."

The European cybersecurity expert Sandro Gaycken argued for a middle position. He considers cyberwar from a legal perspective an unlikely scenario, due to the reasons lined out by Rid (and, before him, Sommer), but the situation looks different from a strategic point of view. States have to consider military-led cyber operations an attractive activity, within and without war, as they offer a large variety of cheap and risk-free options to weaken other countries and strengthen their own positions. Considered from a long-term, geostrategic perspective, cyber offensive operations can cripple whole economies, change political views, agitate conflicts within or among states, reduce their military efficiency and equalize the capacities of high-tech nations to that of low-tech nations, and use access to their critical infrastructures to blackmail them.


Incidents

  1. On 21 November 2011, it was widely reported in the U.S. media that a hacker had destroyed a water pump at the Curran-Gardner Township Public Water District in Illinois. However, it later turned out that this information was not only false, but had been inappropriately leaked from the Illinois Statewide Terrorism and Intelligence Center.
  2. On 6 October 2011, it was announced that Creech AFB's drone and Predator fleet's command and control data stream has been keylogged, resisting all attempts to reverse the exploit, for the past two weeks. The Air Force issued a statement that the virus had "posed no threat to our operational mission".
  3. In July 2011, the South Korean company SK Communications was hacked, resulting in the theft of the personal details (including names, phone numbers, home and email addresses and resident registration numbers) of up to 35 million people. A trojaned software update was used to gain access to the SK Communications network. Links exist between this hack and other malicious activity and it is believed to be part of a broader, concerted hacking effort.
  4. Operation Shady RAT is an ongoing series of cyber attacks starting mid-2006, reported by Internet security company McAfee in August 2011. The attacks have hit at least 72 organizations including governments and defense contractors.
  5. On 4 December 2010, a group calling itself the Pakistan Cyber Army hacked the website of India's top investigating agency, the Central Bureau of Investigation (CBI). The National Informatics Center (NIC) has begun an inquiry.
  6. On 26 November 2010, a group calling itself the Indian Cyber Army hacked the websites belonging to the Pakistan Army and the others belong to different ministries, including the Ministry of Foreign Affairs, Ministry of Education, Ministry of Finance, Pakistan Computer Bureau, Council of Islamic Ideology, etc. The attack was done as a revenge for the Mumbai terrorist attacks.
  7. In October 2010, Iain Lobban, the director of the Government Communications Headquarters (GCHQ), said Britain faces a "real and credible" threat from cyber attacks by hostile states and criminals and government systems are targeted 1,000 times each month, such attacks threatened Britain’s economic future, and some countries were already using cyber assaults to put pressure on other nations.
  8. In September 2010, Iran was attacked by the Stuxnet worm, thought to specifically target its Natanz nuclear enrichment facility. The worm is said to be the most advanced piece of malware ever discovered and significantly increases the profile of cyberwarfare.
  9. In May 2010, In response to Indian Cyber Army defacing Pakistani websites, 1000+ Indian websites were defaced by PakHaxors, TeaMp0isoN, UrduHack & ZCompany Hacking Crew, among those were the Indian CID website, local government of Kerala, Box Office of Indian, Brahmos missile website, Indian HP helpdesk, Indian Institute of Science, and The Indian Directorate General of Shipping.[citation needed]
  10. In July 2009, there were a series of coordinated denial of service attacks against major government, news media, and financial websites in South Korea and the United States.[87] While many thought the attack was directed by North Korea, one researcher traced the attacks to the United Kingdom.
  11. Russian, South Ossetian, Georgian and Azerbaijani sites were attacked by hackers during the 2008 South Ossetia War.
  12. In 2007 the website of the Kyrgyz Central Election Commission was defaced during its election. The message left on the website read "This site has been hacked by Dream of Estonian organization". During the election campaigns and riots preceding the election, there were cases of Denial-of-service attacks against the Kyrgyz ISPs.
  13. In September 2007, Israel carried out an airstrike on Syria dubbed Operation Orchard. U.S. industry and military sources speculated that the Israelis may have used cyberwarfare to allow their planes to pass undetected by radar into Syria.
  14. In April 2007, Estonia came under cyber attack in the wake of relocation of the Bronze Soldier of Tallinn. The largest part of the attacks were coming from Russia and from official servers of the authorities of Russia.[94] In the attack, ministries, banks, and media were targeted.
  15. In the 2006 war against Hezbollah, Israel alleges that cyber-warfare was part of the conflict, where the Israel Defense Forces (IDF) intelligence estimates several countries in the Middle East used Russian hackers and scientists to operate on their behalf. As a result, Israel attached growing importance to cyber-tactics, and became, along with the U.S., France and a couple of other nations, involved in cyber-war planning. Many international high-tech companies are now locating research and development operations in Israel, where local hires are often veterans of the IDF's elite computer units. Richard A. Clarke adds that "our Israeli friends have learned a thing or two from the programs we have been working on for more than two decades."




Efforts at prohibition

The Shanghai Cooperation Organisation (members include China and Russia) defines cyberwar to include dissemination of information "harmful to the spiritual, moral and cultural spheres of other states". In September 2011, these countries proposed to the UN Secretary General a document called "International code of conduct for information security". The approach was not endorsed by western countries as it entailed too many hints on political censorship of the internet.

In contrast, the United States' approach focuses on physical and economic damage and injury, putting political concerns under freedom of speech. This difference of opinion has led to reluctance in the West to pursue global cyber arms control agreements. However, American General Keith B. Alexander did endorse talks with Russia over a proposal to limit military attacks in cyberspace.

A Ukrainian professor of International Law, Alexander Merezhko, has developed a project called the International Convention on Prohibition of Cyberwar in Internet. According to this project, cyberwar is defined as the use of Internet and related technological means by one state against political, economic, technological and information sovereignty and independence of any other state. Professor Merezhko's project suggests that the Internet ought to remain free from warfare tactics and be treated as an international landmark. He states that the Internet (cyberspace) is a "common heritage of mankind."


Source : http://en.wikipedia.org/wiki/Cyberwarfare

Kamis, 21 Februari 2013

14 Hacker's World, Most Wanted !



Hackers are people who study, analyze, and then if want, can create, modify, or even exploit the system contained in a device such as computer software and computer hardware such as computer programs, administrative and other matters, particularly security.


Here are some profile 14 Hacker's World for now:

1. Kevin Mitnick


Kevin was the first hacker who face plastered in poster "FBI Most Wanted". Kevin is also a "Master of Deception" and has written a book entitled "The Art of Deception". This book describes a variety of social engineering techniques to gain access to the system.


2. Linus Torvalds


A true hacker, developing the Linux operating system which is a combination of "LINUS MINIX". The Linux operating system has become the operating system "standard" hacker. Together with Richard Stallman's GNU Linux to build its early versions and collaborate with a programmer, developper and hackers around the world to develop the Linux kernel.


3. John Draper


Herz Inventor 2600 using a single tone plastic whistle which was a gift of a box of cereal. Is a pioneer of the use of 2600 Hz tone and known as the Phone Phreakers (Phreakers, see: frieker) 2600 Hz tone is used as a tool to make free phone calls. In its development, the tone of 2600 Hz are no longer made with a plastic whistle, but uses a tool called the "Blue Box".


4. Mark Abene


As one of the "Master of Deception" phiber optics, inspiring thousands of teenagers to learn the phone's internal system state. Optical Phiber also been named as one of the 100 people whiz by New York Magazine. Using Apple computers, Timex Sinclair and Commodore 64. His first computer was a Radio Shack TRS-80 (trash-80).


5. Robert Morris


A child of the scientists the National Computer Security Center, which is part of the National Security Agencies (NSA). First time writing such a momentous Internet Worm in 1988. Meng-infected thousands of computers connected in a network.


6. Richard Stallman


One of the "Old School Hackers", working on the MIT Artificial Intelligence Lab. Being distracted by commercial software and copyright and privacy. Finally set up GNU (read: guhNew) which stands for GNU NOT UNIX. Using the very first computer in 1969 at the IBM New York Scintific Center at the age of 16 years.


7. Kevin Poulsen


Digital fraud on KIIS-FM radio station, make sure that it is a caller to 102 and win a Porsche 944 S2.


8. Ian Murphy


Ian Muphy with three of his colleagues, hacking into AT & T computers and composing its internal clock settings. This resulted in the telephone users get a discount "midnight" during the afternoon, and had to wait until midnight to pay the high bills.


9. Vladimir Levin


Graduates St. Tekhnologichesky Petersburg University. Deceptive computer CitiBank and profit of 10 million dollars. Interpol arrested at Heathrow Airport in 1995


10. Steve Wozniak


Build Apple computers and use the "blue box" untukkepentingan own.


11. Tsutomu Shimomura


Kevin Mitnick captured trace.


12. Dennis Ritchie and Ken Thomson


Dennis Ritchie is the author of the C language, with Ken Thompson wrote the UNIX operating system is elegant.


13. Eric Steven Raymond


Mr hackers. A pioneer hacktivist and opensource movement. Written many hacking guides, one of which is: "How To Become A Hacker" and "The new hacker's Dictionary". So phenomenal and is known by all the people hacking world. According to Eric, "the world has a lot of interesting issues and waiting to be solved".


14. Johan Helsingius


Operating the most popular anonymous remailer world.

Source : http://faktaduniaunik.blogspot.com/, translate by Yohanes Gitoyo.

Senin, 18 Februari 2013

SmadAV 2013 Rev. 9.2 : The Best Anti Virus Made In Indonesia

http://3.bp.blogspot.com/-IVR6X9lRwz4/UQ1DWYVrGtI/AAAAAAAAArI/thOMT4yfYTk/s1600/smadav.jpg

SmadAV is a local Antivirus unpaid devoted to overcome viruses are widespread local and foreign tourists in Indonesia.

To date Antivirus SMADAV can run the operating system: Windows 2000, Windows XP, Windows XP x64, Windows Vista, Windows Vista x64, Windows 7, Windows 7 x64.


SmadAV works in conjunction with almost all international antivirus. When combined, SmadAV will protect your computer from the local and international anti-virus that will protect your computer from virus locally (Indonesia) and the whole international virus.


Development History SmadAV

SmadAV name is taken from the name of the school stands Nafarin Zainuddin, SMADA (SMA 2) in Palangkaraya in Central Kalimantan, while AV stands for antivirus.


STC Nafarin alias Zainuddin aka Zai, is the inventor of the local anti SmadAV Medium Public School students 2 Pahandut Palangkaraya, Central Kalimantan class XI IA 1 SmadAV created in 2006, not because he created Smadav love alma mater, but since the beginning (incidentally ) he knows Visual Basic in computer labs SMAN-2 Palangkaraya in about mid-2006. Then Zainuddin Nafarin start trying to learn, and a few months after it was born SmadAV v1.0. But because of his work in the following math Olympics, eventually developing SmadAV postponed until completed in 2008. Smadav first created in Palangkaraya, but the location is a lot more development takes place in the Jogjakarta area due to busy studying at the Faculty of Computer Science Universitas Gadjah Mada.

Zainuddin himself did not come from Java, Zainuddin own original of Amuntai, South Kalimantan, and he speaks fluent row. Zainuddin living in a suburb of Palangkaraya, precisely in the area of ​​swamp forest. But now the forest has been destroyed in large part by fires that might accidental fires by humans, shady forests that used to now look no further.

SmadAV started Zainuddin developed since October 2006 (when it was still in class XI Zainuddin Nafarin or 2 SMA). Since there are some friends who asked Zainuddin to clean computer from local viruses are annoying, but Zainuddin itself is still quite common on local virus that time. There are 2 that was irritating here, the first local virus itself. Second, Zainuddin Nafarin should come to their homes Nafarin Zainuddin friends to "help" clean up local viruses on their computers manually. Because of this would have to be willing to be friends Zainuddin fixed Nafarin helped and Zainuddin Nafarin do not bother anymore, since SmadAV Zainuddin start developing applications.

smadav antivirus indonesia

Zainuddin Nafarin named Zainuddin Nafarin SmadAV because SMA is SMAN-2 Palangkaraya, commonly called SMADA. So, SmadAV = SMADA + AV (Antivirus SMADA). Why should SMADA? Because Zainuddin Nafarin just starting to learn programming since the beginning of class XI (since Zainuddin Nafarin find Visual Basic in the lab SMADA) and even got a new Nafarin Zainuddin computer while mid-grade X.

Zainuddin Nafarin develop SmadAV since October 2006, and finally stopped in the month of May 2007 and just started again now. Zainuddin due in May 2007 will follow the Provincial Mathematics Olympiad time. And he thought for a while he had to concentrate first Olympics. But because Zainuddin (accidental) escape again to the national level, would not want Zainuddin fixed concentration at the Olympics until the end of October 2007.

After the Olympics ended, again Zainuddin still think has not been possible to re-develop SmadAV, because at that time Zainuddin return must be prepared to face the national exam (because he was sitting in class XII). Zainuddin think early on, he must be prepared to learn the bitter end, because it not only to face the UN (the number 6 subjects) but also the University Entrance Test. After it was all over, and (thankfully) Zainuddin acceptable at GMU in the Department of Mathematics, Zainuddin Nafarin think when it is time to develop more SmadAV. Although now Zainuddin Nafarin is a student and only child boarding, Zainuddin Nafarin will try to develop the maximum possible SmadAV.


License of Use.

SmadAV Antivirus is a free software licensed to SmadAV Free, and to a limited circle belisensi paid for SmadAV Pro.


What are the advantages compared SmadAV Pro Smadav Free?
SmadAV Pro has many additional features that do not exist in SmadAV Free, the following are additional features that you would get at SmadAV Pro: Automatic Update Online, Faster Scanning, Exception List, Maximize / Resize, Change Color Theme, Admin Password, and License Use of Profit. You must be a donor to get SmadAV Pro. Note: SmadAV Free & Pro has the same detection capabilities. The difference is only on the auto-update feature and other additional features.


SmadAV indeed require operational costs, research, hosting, and many other costs. So it is not possible to rely only Smadav Smadav Free to grow. SmadAV Pro is also the difference is not too much to ask Smadav Free Zainuddin Nafarin Benediction and a little donation (If you find it so SmadAV move forward.


SmadAV created with Visual Basic

SmadAV created using Visual Basic, not using Delphi, C / C + + or even assemby. Why? From the beginning Zainuddin Nafarin already focused on Visual Basic and will also take a long time if you have to convert Source Code SmadAV (more than 10000 lines) of the Visual Basic programming language to another. In addition to its re Zainuddin Nafarin must learn new programming languages, Zainuddin Nafarin also here just alone and do not have much time to develop SmadAV, because Zainuddin Nafarin must also fulfill Zainuddin Nafarin to college and get a high IP.

Excess use Visual Basic, SmadAV becomes easier and faster to develop than other programming language that is more complicated and much less Assembly SmadAV Exe File size smaller than Delphi.

The drawback using Visual Basic, SmadAV MSVBVM60.DLL actual need is always there in the Windows Platform system. "If the file is deleted by virus", automatic SmadAV and all the other Visual Basic applications can not be run on that computer. But this can be overcome by downloading MSVBVM60.DLL and put a folder with SmadAV. So no problem. SmadAV never used a database for VBS Virus detection, all total with heuristics alone.


Logo SmadAV


Zainuddin Nafarin time just looking for the most amazing objects ever found, especially in the field of mathematics. Zainuddin Nafarin impossible and decided this object as an icon because the icon is awesome SmadAV although very simple. While the green color symbolizes peace, which is why Smadav use green for all the components including this icon. SmadAV always use green because we are Indonesia, the world's lungs.


Release SmadAV


SmadAV use the thousands of API functions, little VB functions, making it much faster scanning. The average speed of scanning is 100 files per second. SmadAV only open-source for version 1.7 and 2.3.

Release SmadAV division, namely:
  •     Small Revision: rev.X.0.0 so rev 8.0.1 (revised periodically in a matter of days)
  •     Ordinary Revision: rev. X.0 so rev. 8.1 (typically 2 weeks)
  •     Major Revision: rev.X.5 so rev. 9.0 (usually 2 months)


Overall the release is as follows SMADAV extent that I know of:

  1.     SmadAV v1.0
  2.     SmadAV v1.7
  3.     SmadAV v2.3
  4.     Smadav 2008 Rev 3.2
  5.     Smadav 2008 Rev 3.4
  6.     Smadav 2008 Rev 3.5
  7.     Smadav 2008 Rev 3.6
  8.     Smadav 2008 Rev 3.8
  9.     SmadAV 2009 Rev 1.0
  10.     Smadav 2009 Rev 3.8
  11.     Smadav 2009 Rev 4.1
  12.     Smadav 2009 Rev 4.3
  13.     Smadav 2009 Rev 5.1
  14.     Smadav 2009 Rev 5.2
  15.     Smadav 2009 Rev 6.0
  16.     Smadav 2009 Rev 6.2
  17.     Smadav 2009 Rev 6.4
  18.     Smadav 2009 Rev 7.0
  19.     Smadav 2009 Rev 7.1
  20.     Smadav 2009 Rev 7.2
  21.     Smadav 2009 Rev 7.3
  22.     Smadav 2009 Rev 7.4
  23.     Smadav 2009 Rev 7.5
  24.     Smadav 2010 Rev 8.0
  25.     Smadav 2010 Rev 8.1
  26.     Smadav 2010 Rev 8.2
  27.     Smadav 2010 Rev 8.3
  28.     Smadav 2011 Rev 8.4
  29.     Smadav 2011 Rev 8.5
  30.     Smadav 2011 Rev 8.6
  31.     Smadav 2011 Rev 8.7
  32.     Smadav 2011 Rev 8.8
  33.     Smadav 2012 Rev 8.9
  34.     Smadav 2012 Rev 9.0
  35.     Smadav 2012 Rev 9.1
  36.     SmadAV 2013 Rev 9.2


We usually test the beta version of the first in the Forum SmadAV, so if there are user forums that find bugs or disagree with a particular feature, of course SmadAV be repaired again. So it does not really end-user that we made in place SmadAV test. Sure we may not find all the bugs currently in beta testing Smadav forum, so do not rule out that there are still bugs in the release version SmadAV.

We do not prevent anyone who wants to criticize Smadav, because Smadav very open and still needs a lot of improvement. Also note that the program is not Smadav commercial / profit, SmadAV made for research and application of science Computer Science. So there is no reason to put the interests of our more self / group rather than the application of the science of Computer Science itself. We are more dedicated to the application Smadav Computer Science and scientific research in Indonesia.



Office SmadAV


SmadAV has no official office. SmadAV fruit is the result of the work of the hands of Gajah Mada University students residing in Yogyakarta. While all team members are volunteers who gathered online.


Forum SmadAV

Forum SmadAV made by mas kambeeng dated March 23, 2009. So, on March 23, 2012 forum Smadav even 3 years old. The initial purpose of the establishment of this forum is to provide users and asked questions through the forum. Forum SmadAV also available for users who want to report bugs, suggestions / criticism for SmadAV. In August 2011, the forum smadaver.com SmadAV recorded 69,923 registered users. Data source: Statistics Center SmadAV Forum.


External server (International) tend to be cheaper than a local server (IIX). Especially for a very cheap Shared Hosting abroad. Smadaver.com not wear Shared Hosting, but using VPS (Virtual Private Server) which is much more expensive and more stable for a sufficiently large forum. Currently there Daxa Server Smadav.net 2,500,000, -/bulan and Server Smadaver.com and viruslokal.com using Virtual Private Server at DreamHost, pay him between $ 50 - $ 100 per month or 500,000, - / month ( Rp6.000.000 - Rp12.000.000 per year). So can serve Smadaver the maximum possible speed.


Focus Development SmadAV.

SmadAV currently focused on the following four main functions:

1) additional protection for your computer, 100% compatible with other antivirus!

Most of the antivirus can not be installed together with other antivirus, it is because the antivirus is designed for primary protection on your computer. Unlike SmadAV, Smadav antivirus is a type that are designed as an additional protection, so 100% compatible and can work well although there has been another antivirus on your computer, in this case serves as a layer of defense SmadAV second. SmadAV has its own way (behavior, heuristic, and whitelisting) in detecting and cleaning viruses that will further enhance the security of the computer. Because the resource usage is very small SmadAV, SmadAV will not increase your computer's performance under heavy use. So, with a mix between SmadAV and antivirus protection that is installed on your computer will further strengthen the defense of your computer from virus infection.

2) Best USB Antivirus (Total Protection USB stick)

USB flash drive is one of the largest medium for spreading viruses in Indonesia. SmadAV have special technology for total prevention of virus that spreads via USB stick. Mission SmadAV is 100% no longer infectious virus from the flash. SmadAV have enough signatures of viruses that infect the flash, and has a special ability to detect new viruses in the flash though not in the database SmadAV. Not only is prevention, Smadav also able to clean up a virus that infects and restore virus hidden files in USB Flashdisk

3) Best for offline use (no need to update very often)

SmadAV very well be used for computers that rarely or even not connected to the internet. SmadAV do not need to update as often as any other antivirus that usually do updates per week and even per day. SmadAV usually only update once a month (monthly). SmadAV not overly dependent on the signature / virus database, but rather depends on the behavior detection techniques, heuristic, and whitelisting.

4) Cleaner and tools to clean the virus

SmadAV also able to clean the virus that has infected your computer and fix registry is modified by a virus. Other antivirals are usually not done cleaning the registry so that the computer has not returned to normal after cleaning the antivirus. Many supporting tools that are included in SmadAV as a weapon for cleaning viruses.

Note: Not all types of viruses can be cleaned Smadav, Smadav is still not able to clear the virus type penginfeksi programs or rootkit type (eg: virus Ramnit, Sality, Alman, Virut, etc..) Because this strain has blown most of your program files .

Our focus now is to thoroughly cleaning the virus types other than these two types (eg: virus WormShortcut, Cervical, MSO, Brontok, etc..)



Computer Security Key Features:

1. Process SmadAV


At Smadav clicked surreptitiously checking first (that is not to kill the virus) the state of your computer, if there is a virus going direct-kill SmadAV before the GUI (view) Smadav it appears. And this should be less than 3 seconds

2. File Cleaning


If it fails to do the cleaning Smadav, actual documents will not be deleted but quarantined, so they can restore (undelete) on the Quarantine tab.

There are several possible causes for cleaning files document fails (so it must be quarantined):
  •     File documents possessed (join) the body of the virus
  •     File documents hidden in a place that can not be reached smadav
If you are sure all data is secure, just delete all the virus in quarantine

3. Autorun.inf


Folder autorun.inf SmadAV serves to fend off the virus that makes autorun.inf file. Autorun.inf is only detected if any stick / Removable disk, not on the CD / DVD Drive. Zainuddin Nafarin computer itself is very often infected with Conficker because Zainuddin Nafarin often lax in researching in Lab SmadAV, Conficker infected computers often loose and Zainuddin Nafarin own, but still failed Conficker infects the flash by creating an autorun.inf file, because it is already locked by Smad -Lock.

autorun.inf virus is likely to be only duplicate themselves so similar to all the folders on the drive, including autorun.inf folder, so the virus will exe extension named autorun.inf.exe Recycler Folder in flash is 100% Virus Conficker. It should be noted that autorun.inf folder that has the attribute system + hidden so it will not confuse a novice user because most ordinary computer users do not display the file system + hidden. Only advanced computer users only from mostly hidden + file system, and they are mostly already know uses autorun.inf folder.

Keep in mind, Windows 7 was not using and ignoring the autorun.inf file on a removable disk. Actually autorun.inf on removable disk feature has been widely criticized by users of Windows XP because it is very dangerous and a very nice gap for the virus, Smadav just want to break the chain of virus, mostly in Indonesia spread via autorun.inf. So it is not recommended to remove autorun.inf folder SmadAV made.

Until now, almost all the virus (99%) are not able to remove autorun.inf folder SmadAV.

Zainuddin Nafarin realized there was a counter with Smad-Lock though only a small fraction. But please understand that the mission is actually just Smadav to significantly reduce the spread of the virus in Indonesia, and eventually we will get a high security on computers in Indonesia, both for users online and offline, mostly in Indonesia. Folder Autorun.inf automatic stay but no confirmation before will be added shortly after the flash is not installed there will be users who are confused, you should note that when it is removed the autorun.inf folder there will be a notification from windows: "This autorun.inf is LOCKED by SMADAV to protect your Flash-Disk from virus infection. "

So, the mission is really just SmadAV to significantly reduce the spread of the virus in Indonesia, and eventually we will get a high security on computers in Indonesia, both for users online and offline, mostly in Indonesia.

4. Smad-Lock


Folder Smad-Lock Δ Δ can not be d-scan by SmadAV Rev. 4 and previous versions. This is because the path has Unicode character that is Δ. Similarly, the virus can not scan and infect files in it, because to make a program may enter this folder programmer must create code that supports Unicode characters so it must overhaul reset all the codes that do not support Unicode. SmadAV 2009 Rev. 5 has been re Rombak Nafarin Zainuddin and supports Unicode. Smad-Lock virtually impossible to be modified by a virus. Virus penginfeksi folder is duplicating themselves like all the folders it finds including autorun.inf folder owned by Smad-Lock. But the virus can not be penginfeksi folder into the folder "Smad-Lock Δ Δ" Smad-Lock Folder is reserved only for files opened with microsoft made programs, such as office, explorer, notepad, etc.. Only a few non-Microsoft program that can open the file in a folder Smad-Lock. SmadAV already provide adequate notification and records in the folder Smad-Lock in the Read Me file. Indeed, there are approximately 5% local virus can enter the folder Smad-Lock, but almost no one could infect documents in it

Very strong reasons to make Smad-Lock feature:
90% of the virus (the virus either locally or outside the virus) in Indonesia are now spreading through autorun.inf, so please say you use the features in the autorun.inf file but get ready because your autorun.inf file will be replace by the viral and Removable Disk will be infected. If you are more concerned with security, switch Smad-Lock (Autorun.inf), until now most viruses (99%) are not able to remove autorun.inf folder SmadAV.

As you know, Windows 7 is not using and ignoring the autorun.inf file on a removable disk. Actually autorun.inf on removable disk feature has been widely criticized by users of Windows XP because it is very dangerous and a very nice gap for the virus, Smadav just want to break the chain of virus, mostly in Indonesia spread via autorun.inf. So it is not recommended to remove autorun.inf folder SmadAV made.
SmadAV already provide adequate notification and records in the folder Smad-Lock in the Read Me file. More detailed technical notes may be added in the next revision in the Read Me file

The trick to ensure safe flash-disk (almost 100%) of the virus
  • First Activate Smad-Lock in flash disk and insert all the files / folders into the folder "Smad-Lock Δ Δ"
  • Folder Smad-Lock (Safe Smadav) it will have to be made manually via Tools-> Smad-Lock.
  • Remember, do not ever change the name "Smad-Lock Δ Δ".


Is it possible that Smad-Lock penetrated virus?

Smad-Lock is still possible penetrated by a small virus. Viruses that (1) as a whole or (2) only some functions that support UNICODE path.

  • For the first type, the virus which overall supports UNICODE, can even infect documents / files in a folder Smad-Lock, but until now I have not been there found a virus like this, especially in Indonesia which could infect documents (not executable), there is only alien virus that can infect the exe.
  • For the second type of virus, only a partial function that supports UNICODE path, just be able to copy the file to the folder Smad-Lock, and most do not modify the other files that already exist in the folder Smad-Lock. Viruses of this type may be estimated less than 5% of the entire local virus spread in Indonesia.
Thus, Smad-Lock folders clear gap still exists and it is not possible 100% safe.


5.    Smad-RTP


Smad-RTP only prevent the execution of virus Explorer and flash. So there will be no registry if execution viral infections have been prevented. SmadAV not automatic scanning of all file activity on your computer, because this is a very light Smadav protection. So SmadAV will prevent you execute the virus file a moment when you open the folder through Explorer.


6. Registry


Smadav can always clean the registry it detects, if the difference is Forbidden String and string can not automatically correct and detected again despite being cleared, there may be a viral infection that constantly change to their original values.


7. Flashdisk

For example SmadAV in flash and infected and the user opens Smadav of the media, it Smadav warned that the file has been corrupted. There is no 100% security, but we have to try the best security possible.


SmadAV Link Download Antivirus Free Edition:

Download SmadAV Rev 2013. 9.2
Download Smadav 2013 Rev. 9.2


SmadAV Link Download Antivirus Pro Edition:

Key Smadav Pro


Source link for those of you who want to know more about Antivirus SmadAV:
  1.     http://www.smadav.net/
  2.     http://www.viruslokal.com/
  3.     http://smadaver.com/
  4.     http://www.facebook.com/smadav
  5.     http://id.wikipedia.org/wiki/Smadav
  6.     http://smadaver.com/bug-kritik-saran/smadav-colection/
  7.     http://www.nafarin.com/

For those of you who want to participate to contribute the development of Antivirus SmadAV visit this link:

Senin, 11 Februari 2013

Hazardous sites in Indonesia 22 January 2013, Sun Go Kong lose as Pegasus !

http://parkirgratis.com/wp-content/uploads/2012/06/reported-attack-page.jpg

Software or the software's like a pistol. In the hands of bad people, let alone real pistol, toy gun or pistol assemblies though widely used to commit crimes and be the gun involved in the crime. In contrast, in the hands of Black Steel Knight, gun used to protect the good. Similarly, malware, actually its software essentially neutral and does whatever is designed and instructed by the manufacturer. He will execute any command regardless of any target creators. In the evaluation of Online Malware in Indonesia in January 2013 was Vaksincom provide 20-page site containing malware detected Indonesia to watch the site visitors that do not have protection from malware threats browser. Most malware is embedded by criminals to exploit vulnerabilities sites (implicit in the site administrator negligence in protecting the site) and several other sites are act of Ramnit malware like computer that is still active wara-Wiri in Indonesia. Victims of malware online varies, most come from academia, either SMP, Polytechnic or University known ones can be a victim. Followed by either government agencies or departments of the company and its subsidiaries owned many victims of malware online and actively carry out the action to the infected site visitors. Then the last group is a private group, both business and non-profit, large companies that go public, is owned by an international network of companies do not guarantee safe from malware attacks online. Similarly philanthropic organization that works to help people was not immune from malware infections. Moreover, companies with profit orientation as one company under the name liniment kerasakti frightening, but this time kerasakti less powerful because Javascript malware infected JS: Trojan.Script.AAL that will do a lot of things that hurt visitors, from simply displaying a specific message, divert traffic internet to deliver malware to the site visitor's computer to do if ordered by malware authors.


Java Script and Redirector

Types of malware champion the most common infecting internet sites in Indonesia is the type of Java Script and Trojan redirector like JS: Trojan.Script.AAL or also known as JS: ScriptIP-inf and Trojan Redirector. The few examples of malware actions are as follows:


Trojan Redirector if successful will infect directly access switch as shown in figure 1 and 2.


Figure 1, the initial process of transfer of infected sites Trojan Redirector

Depending on the wishes malware authors, if Redirector will redirect visitors to another site and the experiments conducted Vaksincom redirected visitors to a site that offers a slimming body. Still profit (profit continues: p) is not redirected to porn sites or sites that contain malware.


Figure 2, The access to government sites will then be transferred to the seller's site body slimming products.

The actions are encountered such as Javascript malware JS: ScriptIP-Inf higher risk because he can drive visitors to the site to download other malware techniques "drive by download" and JS: ScriptIP-Inf is also often faked himself as a good software to fool victim to activate him.


How to JS: ScriptIP-Inf can infect internet server, most likely because it exploits vulnerabilities web server to embed itself and automatically it will show itself in the sites visited by injecting himself in certain parts of the site. (See figure 3)

Figure 3, which inject Javascript and will direct access to sites advertising for the benefit of malware authors.

The malware Javascript not choose their victims indiscriminately. According watchlist Vaksincom, large corporate site already owned by the public and a large group of European companies become victims of the infection (see figure 4)

Figure 4, the world's publicly traded companies that are victims JS: ScriptIP-inf detected by G Data Total Protection 2013 as JS: Trojan.Script.AAL



How to prevent it

If you are a webmaster, one of the effective ways to prevent becoming a victim is to discipline Javascript injection patching / cover up your web server vulnerabilities. Security is a process and can not be enforced to punish others but we do not do introspection to analyze what security gaps / weaknesses and cover it so it gets harder to hacked / on malware infections.

Security is a process, and we could not buy safety / security. Proverbial padlock, you can buy a padlock art, but art that you should lock mounted on a strong fence to the correct method as the key should not be placed at random so that it can be taken / copied others. In addition, although the lock can not be tampered with, if the fence is weak thief could well result in from other parts of the fence / wall is weak.

In this case, Vaksincom advise webmasters to find a reliable hosting company on a regular basis and do maintain up webservernya. If you want to do yourself, make sure that all safety aspects are covered, both webservernya protection, DNS and others should also be a concern.


If your site visitors / users computer layman, Vaksincom recommend you to use antivirus program that has the ability to "Web Protection" (see Figure 5) because it proved capable of protecting you from malware threats that lurk in the browser (see Figure 6)


Figure 5, G Data Total Protection 2013's protection features to protect you from malware that lurks from browser


Figure 6, G Data Protection immediate action memblik Web site that contains malware and is compatible with Firefox, Chrome and Internet Explorer.


The list of 22 sites of Indonesia throughout the month of January 2013 were detected containing malware can be seen in figure 7 below. As at January 30, 2013, the majority of the site still contains malware and has not been cleaned. Some are calling the site administrator Vaksincom respond well and quickly anticipate malware infections on site management. This is important because it indirectly provide a site that contains malware threat to the visitors who could have been your customers (if you are a company), your people (if you are the government) or principal and your suppliers and this is definitely going to give a bad image to the image company / organization.

Figure 7, list several pages infected with malware in Indonesia January 2013

Souce : http://vaksin.com/, translate by Yohanes Gitoyo., S Pd. , January 30, 2013