Google searches web’s dark side

 

Men look at laptop

Malicious programs are installed by visits to a booby-trapped site

One in 10 web pages scrutinised by search giant Google contained malicious code that could infect a user’s PC.Researchers from the firm surveyed billions of sites, subjecting 4.5 million pages to “in-depth analysis”.

About 450,000 were capable of launching so-called “drive-by downloads”, sites that install malicious code, such as spyware, without a user’s knowledge.

A further 700,000 pages were thought to contain code that could compromise a user’s computer, the team report.

To address the problem, the researchers say the company has “started an effort to identify all web pages on the internet that could be malicious”.

Phantom sites

Drive-by downloads are an increasingly common way to infect a computer or steal sensitive information.

They usually consist of malicious programs that automatically install when a potential victim visits a booby-trapped website.

“To entice users to install malware, adversaries employ social engineering,” wrote Google researcher Niels Provos and his colleagues in a paper titled The Ghost In The Browser.

Finding all the web-based infection vectors is a significant challenge and requires almost complete knowledge of the web

Google researchers

Hi-tech crime

Avoiding attacks

“The user is presented with links that promise access to ‘interesting’ pages with explicit pornographic content, copyrighted software or media. A common example are sites that display thumbnails to adult videos.”

The vast majority exploit vulnerabilities in Microsoft’s Internet Explorer browser to install themselves.

Some downloads, such as those that alter bookmarks, install unwanted toolbars or change the start page of a browser, are an annoyance. But increasingly, criminals are using drive-bys to install keyloggers that steal login and password information.

Other pieces of malicious code hijack a computer turning it into a “bot”, a remotely controlled PC.

Drive-by downloads represent a shift away from traditional methods of infecting a computer, such as spam and email attachments.

Attack plan

As well as characterising the scale of the problem on the net, the Google study analysed the main methods by which criminals inject malicious code on to innocent web pages.

Spam email

Spam e-mails are a common way to infect a computer

It found that the code was often contained in those parts of the website not designed or controlled by the website owner, such as banner adverts and widgets.

Widgets are small programs that may, for example, display a calendar on a webpage or a web traffic counter. These are often downloaded from third-party sites.

The rise of web 2.0 and user-generated content gave criminals other channels, or vectors, of attack, it found.

For example, postings in blogs and forums that contain links to images or other content could unwittingly infect a user.

The study also found that gangs were able to hijack web servers, effectively taking over and infecting all of the web pages hosted on the computer.

In a test, the researchers’ computer was infected with 50 different pieces of malware by visiting a web page hosted on a hijacked server.

The firm is now in the process of mapping the malware threat.

Google, part of the StopBadware coalition, already warns users if they are about to visit a potentially harmful website, displaying a message that reads “this site may harm your computer” next to the search results.

“Marking pages with a label allows users to avoid exposure to such sites and results in fewer users being infected,” the researchers wrote.

However, the task will not be easy, they say.

“Finding all the web-based infection vectors is a significant challenge and requires almost complete knowledge of the web as a whole,” they wrote.


http://news.bbc.co.uk/2/hi/technology/6645895.stm

ASP.Net 2005 – How to close the opened webpages in the solution with KeyBoard

Here is the command to closed all the opened webpages with the keyboard.

This is really helpful

 Ctrl + F4

Note: dont use Alt + F4 because this is to close the complete solution.

 If you wanted to close your webpages by using mouse.

here are the steps to closed them. Click on window of menu bar and select windows

step1.jpgstep2.jpg

Thanks to Shani who asked me this question.

Rana

SQL SERVER 2005- How to call nested stored procedure and save the output in Temporary Table

Well, I have to create a procedure which calls nested procedures to reduce the work again and store the output of the nested stored procedure in the temporary table.
Here are the few steps taken by me to achieve this task
Suppose you have stored procedure named sp_FirstProcedure and sp_SecondProcedure

As I have move my blog from here please visit for detail.

http://blog.joggee.com/?p=24

for future reference

http://blog.joggee.com

sorry for any inconvenience

Rana

SQL SERVER 2005 , How to Partition the table.

All we know SQL Server 2005 has new features are going to discuss in this article is the Row Number function and Partitioning.
Normally developers used temporary tables and co-related sub-queries to generate calculated row numbers in a query. Now SQL Server 2005 provides a function, which replaces all of the additional resources we used to generate row numbers.
In a few word this means that you can horizontally partition the data in your table, thus deciding in which file group each rows must be placed.
This allows you to operate on a partition even with performance critical operation, such as reindexing, without affecting the others. In addition, during restore, as soon a partition is available; all the data in that partition are available for querying, even if the restore is not yet fully completed.
For reference:
http://weblogs.sqlteam.com/dmauri/archive/2005/07/18/7147.aspx

In this article I am going to create a query which will return a selective data from a particular city

Scenario is; I wanted to display the only three records from each city.

Here is the example below.

Create Table #tempTable
( City varchar(255),
EmployeeName varchar(255)
)

Insert into #tempTable Values (’Alabama’,’Rana’)
go
Insert into #tempTable Values (’Alabama’,’John’)
go
Insert into #tempTable Values (’Alabama’,’Richard’)
go
Insert into #tempTable Values (’Alabama’,’Kash’)
go
Insert into #tempTable Values (’Alabama’,’Michele’)
go
Insert into #tempTable Values (’Alabama’,’Nicole’)
go
Insert into #tempTable Values (’Alaska’,’Nadia’)
go
Insert into #tempTable Values (’Alaska’,’Parker’)
go
Insert into #tempTable Values (’Alaska’,’Peter’)
go
Insert into #tempTable Values (’Alaska’,’Nash’)
go
Insert into #tempTable Values (’Alaska’,’Birds’)
go
Insert into #tempTable Values (’Missouri’,’Shani’)
go
Insert into #tempTable Values (’Missouri’,’Zeekh’)
go
Insert into #tempTable Values (’Missouri’,’Rashi’)
go
Insert into #tempTable Values (’Missouri’,’Sharon’)
go
Insert into #tempTable Values (’Missouri’,’Jack’)
go
Insert into #tempTable Values (’Missouri’,’Jerry’)
go

SELECT City,
EmployeeName,
Row,
FROM
(
SELECT City,
ROW_NUMBER() OVER (PARTITION BY City ORDER BY City asc) AS Row,
EmployeeName
From #tempTable
)
AS RowNumbers
WHERE Row > = 1 and Row