How anti viruses work

An antivirus software typically uses a variety of strategies in detecting and removing viruses, worms and other malware programs. The following are the two most widely employed identification methods:

1. Signature-based dectection (Dictionary approach)

This is the most commonly employed method which involves searching for known patterns of virus within a given file. Every antivirus software will have a dictionary of sample malware codes called signatures in it’s database. Whenever a file is examined, the antivirus refers to the dictionary of sample codes present within it’s database and compares the same with the current file. If the piece of code within the file matches with the one in it’s dictionary then it is flagged and proper action is taken immediately so as to stop the virus from further replicating. The antivirus may choose to repair the file, quarantine or delete it permanently based on it’s potential risk.

As new viruses and malwares are created and released every day, this method of detection cannot defend against new malwares unless their samples are collected and signatures are released by the antivirus software company. Some companies may also encourage the users to upload new viruses or variants, so that the virus can be analyzed and the signature can be added to the dictionary.

Signature based detection can be very effective, but requires frequent updates of the virus signature dictionary. Hence the users must update their antivirus software on a regular basis so as to defend against new threats that are released daily.

2. Heuristic-based detection (Suspicious behaviour approach)

Heuristic-based detection involves identifying suspicious behaviour from any given program which might indicate a potential risk. This approach is used by some of the sophisticated antivirus softwares to identify new malware and variants of known malware. Unlike the signature based approach, here the antivirus doesn’t attempt to identify known viruses, but instead monitors the behavior of all programs.

For example, malicious behaviours like a program trying to write data to an executable program is flagged and the user is alerted about this action. This method of detection gives an additional level of security from unidentified threats.

File emulation: This is another type of heuristic-based approach where a given program is executed in a virtual environment and the actions performed by it are logged. Based on the actions logged, the antivirus software can determine if the program is malicious or not and carry out necessary actions in order to clean the infection.

Most commercial antivirus softwares use a combination of both signature-based and heuristic-based approaches to combat malware.

Samsung to finally roll out flexible AMOLED displays for public consumption in 2012?

Samsung’s been a frequent source of frustration, teasing us with its fabulous flexible displays for years, while never giving us a date when we could buy one for our very own. However, word on the web suggests that Sammy is finally ready to unleash its pliant panels upon the world in Q2 of 2012. Apparently, the company’s mobile display division opened a new manufacturing plant with Ube (who produces the plastic substrate for the screens) last month to mass-produce bendy AMOLEDs for watches and phones. Let the countdown to the ductile display revolution begin.

Text Editor in Linux

  • The vi or vim editor can be used to create edit a file in Linux operating system. And it has three modes.
  • 1) cmd mode : File editing commands like copy, paste, search, replace, delete
  • 2)Insert mode: It can be used to insert text or delete text in a file.
  • 3)ex mode : Exit mode is used to save the text in a file and can be used to quit from a file.
  •        vi abc           ( can  create a file)

Press  I                     ( to insert text in a file)

Press  esc                (to come back to cmd mode)

Press  esc                (to ex mode)

Press  :w                  (to save text in a file)

Press  :q                  (to quit from a file)

Press  :wq              (to save & quit from a file)

Press  :q!                to forcefully quit without saving

Press  :wq!             To forcefully quit & save a file

Press  :u                  to undo last changes

Press  :abc             (to search abc from a file)

Press   yy               to copy a line

Press  p                   to paste

Press  dd                to delete a line

Press  5 dd            to delete 5 lines

Press  5yy             to copy 5 lines

Press  ctrl + r       to redo

Press   o                  to insert a line down

Press  shift + o     to insert a line at up

Press shift + g      to insert a cursor at end of the last line

Press shift + m    to put  cursor in middle of  screen

Press shift+h       to put cursor top of the screen

Press yw                to copy a word

Press yc                 to copy a character

Press  dw               to delete a particular word

Press 5+ dw          to delete no of words

  • cat > abc (create a file ctlr+d to save)
  • cat abc  (displays the contents of a file)
  • cp /abc  /root/abc (copy a file)
  • mv abc appin (rename a command)
  • mv appin /root (can move a file)
  • cat >> abc (append to a file)

4 EASY WAYS TO ACCESS THE BLOCKED SITE

In some places such as schools, offices or cafes there are sites like Facebook, Friendster, Youtube and others are deliberately blocked by the admin with a specific reason. But with a little trick, We can access or open the blocked sites. Here are some steps:

1. Using the IP address
Every time we browse the Internet almost all of them typing the URL (Uniform Resource Locator) such as google.com, youtube.com. URL used to distinguish a web address and of course all sites have a URL that is not the same, except that the URL can facilitate internet users to remember the web address on the internet. But the computer does not understand the format like a URL, the computer can only read the IP address to be able to access and communicate with each other website on the internet.

Sometimes sites are blocked sites are stored URL address or just block the URL address just so that if accessed through its IP address can still be open. To find the IP address of a website we can ping a website via command prompt, once known IP addresses, type the IP address into the browser.

2. Redirect URL via urlShortener service
Convert a site URL address in block with short URL services like SnipURL, goo.gl, or bit.ly. This trick can bypass the blocking admin setting.

3. Using the online Proxy
Some sites provide free proxy service which we can access the website through their servers, the most frequent site I use is hidemyass.com. Although it’s free but not disappointing.

4. Using a proxy in your browser
Lots of sites that released a list of proxies from various countries. To get the proxy list that can fit in looking at samair.ru, select one of the proxy. Open firefox-> click tools-> select options-> select advanced-> select the network-> click the settings button-> Connection Settings window will appear select Manual proxy configuration: -> enter the IP address of the proxy and its port and press OK.