Computer Repair For Older Computers

If you have an older model computer that is not working as well as it once did then you may want to consider a new system. If you cannot afford to replace your old computer at this time it does not mean that you are doomed, it may be possible to do some computer repair and make your older system run more efficiently. You will not be able to make it work just like it did when it was new unless you are a computer repair technician, you can however make it a lot better than it is.

The first thing you may want to do is get a new hard drive for your machine. This part will likely only cost you fifty dollars or so. You can easily install these items for yourself. Make sure that you have the back-up discs to reload everything back onto your computer when you get the new hard drive in place.

You can upgrade your operating system to a newer version. Read the requirements of the operating system that you want and if your computer meets those requirements then you can upgrade to a newer version.

Upgrade your memory by getting memory sticks so that you have the ultimate amount of memory your machine can handle. The increased memory will increase the speed of your system and will allow you to do more things on your computer.

Upgrade your antivirus to one that will handle newer threats that have been discovered. You have to make sure that any antivirus you choose will work with the operating system you have before you decide to switch. Remember that older machines did not have the same technology and you have to have compatible software for them.

You can buy burners and readers to put in your machine for a little bit of nothing. You can also buy versions of these items that sit outside of your tower and just connect to the device. This is perfect if you do not have place for another reader and you want one so you can burn disc to disc.

You can buy an external hard drive that simply plugs up and sits on the outside of the tower if you do not want to attempt to remove the old one and replace it with the new one.

Older machines are not just trash because they are old. There is a lot of good life left in them if you know how to replace a few worm parts.

Older computers may run slowly, but it is possible to do some computer repair [http://malwarefixfree.com/] and make your older machine run better [http://malwarefixfree.com/malware-removal/virus-removal/].

Social Engineering - Avoid Getting Conned

Social engineering (or human hacking) is a confidence trick, designed to gather information that will allow a hacker to access a computer system in order to commit a fraud or install malicious software. It is an easier way to get information such as access to a computer than actually hacking the system.

There are many ways in which you can be conned into revealing confidential information. All of these techniques are based on 'bugs in the human hardware', ie cognitive biases in human decision-making or, in other words, our tendency to accept a person or scenario at face value.

Social engineering techniques

There are literally thousands of ways a hacker can socially engineer a computer user... the only limit is the hacker's imagination! Here are a few of the most prevalent of these techniques:

Email from a friend

If a malicious person manages to get someone's email password, whether by social engineering or hacking, they have access to that person's entire contact list. This enables the miscreant to send emails to everyone on that list.

In this scenario, you receive an email from a friend that contains a link or an attachment that you can download. If the email contains a link, you'll trust the link because it comes from a friend.

So you click on the link and you are infected with malware that enables the perpetrator to collect all your contacts and con them into opening a similar link. At the same time, the malware will play havoc with your machine by installing viruses, worms, key-loggers, a back door etc.

You will also trust an email that comes from a friend if it contains an attachment but, once you download it, malicious software will be embedded with much the same result as clicking on a link.

The advice is obvious... do not click links or open attachments in an email unless you are expecting to receive them. Read the message carefully. If it does not seem the sort of message your friend would write, as regards language or content, you can be sure it has been sent by a hacker.

You should call your friend to check or send the email back to your friend asking him or her whether they sent it. Also advise them not to click on the link or open the attachment if it is not their email.

There are several other types of malicious email you can receive from a friend's email address.

A fairly common one is an urgent appeal for help. The email from your friend says that he or she is stuck in a foreign country having been robbed and cannot get home without a quick loan. The email will include details of how to send the money, usually a 'care of' (c/o) address.

The obvious way to treat this kind of email is either to delete it (if it looks false) or to reply to the sender seeking confirmation by asking a question to which only your friend could know the answer.

Another common malicious email is an appeal for a donation to a charity, with instructions as to how the money can be sent. Again, seek clarification from your friend.

Phishing

Phishing is a fraudulent technique for obtaining sensitive information such as access codes, bank account numbers, and PINs. A phisher obtains a list of email addresses from somewhere and sends the entire list emails that appear to come from a legitimate bank, credit card company or other financial institution. These emails can take several forms.

The most common is an email asking you to click on a link in order to confirm or verify certain information (such as your bank or credit card account number and PIN) and threatening dire consequences (such as a suspension of your account) if the information is not provided within a very short time frame. The purpose of the threat is to get you to act before you have time to think.

The website to which you will be taken when you click on the link will look very genuine, an exact replica of the legitimate website, with all the right logos and content. It may even have a warning about phishing!

Copying the exact format and content of a web page is easy because the source code for any page on the internet can be found in your browser. For example, if you are using Firefox, click on Tools > Web Developer > Page Source or just click Control+U and you'll see the source code for the page you are on. In fact, the source code has to be assessable to your browser to enable it to present the page on your screen.

Of course, if you click on the link and provide your account number and PIN, you can be absolutely sure that your account will be cleaned out in a very short time indeed. This sort of scam relies on fear, fear to being cut off and denied access to your account.

Another common type of phishing email is one notifying you that you are a 'winner'... because your email address won a special internet lottery or you were the millionth person to click on the site or some similar pretext. However, in order to claim your prize you will have to prove who you are by sending in your full name, address, telephone and social services or social security number, which naturally allows your identity to be stolen.

These kinds of emails succeed due to greed... people want what is offered and give away their information even if the pretext isn't really believable.

Other phishing emails include messages asking for support. These phishes ask for a donation towards whatever natural disaster, charity or political campaign is currently in the news. You can make a donation by clicking the link to the website and there filling in your credit card number and the amount you wish to donate.

However, as soon as you click OK or Submit, your money goes straight to the rogue's bank account. This kind of con preys on your natural charitable instincts.

Baiting

Baiting is another form of social engineering based on the observation that, if you dangle something people want, many will take the bait. The bait can be on the internet or it can be physical bait.

Internet baiting schemes are most often found on sites offering a movie or music file for download. They are also found on social networking sites and on websites you find using search engines. The schemes also show up on auction sites and as amazingly great deals on classified-ad sites.

In physical baiting schemes, a CD or USB flash drive is left in a place where it is bound to be found, such as a bathroom, elevator or table. If it's a disc, it may have a corporate logo and a title suggesting that it contains financial or other confidential information... all designed to peak your curiosity and/or greed, so that you insert it into your computer where the "auto-run" program will take over.

Either way, whether you take the bait on the internet or by inserting a strange disc or flash drive into your machine, you will end up being infected with malicious software that can generate any number of exploits against you and your contacts.

Answers to unasked requests

A favourite trick for a hacker is to choose a company, such as a well-known software company or a bank used by hundreds of thousands of people and send emails to millions of people knowing that some of these people will be customers.

The email will state that the company is responding to your 'question or request for assistance'. Of course if you don't have a question or don't need help, you will ignore the email. But some recipients will respond because they do have a question or problem. If you are one of them, you will be happy to respond.

But, of course, the hacker will ask you to authenticate yourself by logging in to their system, or to give them remote access to your computer so they can fix the problem or tell you the commands to use so you can fix it yourself. Rest assured, if you follow their instructions, you'll end up with a back-door in your system through which the hacker can enter later at his leisure and do what he likes.

Telephone scam

Have you ever received a phone call from the 'Microsoft Technical Centre' telling you that your computer is running slowly because of certain problems? It seems that the sole purpose in life of this seemingly charitable organisation is to help people improve the performance of their computers... all without charge.

Having introduced himself and MS Technical Centre, the helpful technician will ask you if you have problems. If you say 'yes', he will ask you to type a few simple commands into your computer. If you say 'no', he will also ask you to type a few simple commands into your computer so that you can see for yourself the problems you have. Either way, the commands you type will create a back-door the hacker can use later. Social engineering at its most productive!

How can you protect yourself?

There are many ways you can protect yourself from social engineering. The overriding principle, as always on the internet, is CAUTION.

[1] Think carefully... social engineers want you to act first and think later, so never let their urgency prevent you from making a careful review before you take some action, such as clicking on a link or releasing information.

[2] Be suspicious of unsolicited emails... if it's from a company search them on the internet or use a phone directory to see if it, its website or phone number is genuine.

[3] Don't send personal information... just delete emails that ask you to confirm personal data. No reputable bank or other financial institution will ever send you an email asking you to confirm your banking details.

[4] Check website addresses... if you receive an email asking you to click on a link, check the website by using a search engine to find the company's website and then compare the website address with the address to which the link will send you. Hovering your mouse over a link will show the actual address (aka URL).

[5] Stifle your curiosity... if you are not sure, don't click a link... not before you have first checked with the sender and confirmed its authenticity.

[6] Stifle your greed... be very cautious when going for the freebies and rock-bottom bargains. Why should anyone spend time and money creating something valuable only to give it away free of charge?

[7] Never use phone numbers in an email... until you have compared them with the phone numbers found in a phone book.

[8] Don't download... unless you know someone personally AND you expect a file from them.

[9] Set your spam filters to 'high'... you'll find the spam filters in your email program under the 'Settings' option.

[10] Secure your computer... by installing anti-virus software, firewalls, email filters etc, and keep them up-to-date.

What Is the Role of Security Switch in Managing Security Threats?

Managing who can access your network from the inside is more important than ever because nearly everyone is carrying a laptop, smart phone, or computer tablet configured to locate the nearest Wi-Fi network. Switches are the foundation framework of a network which connects computers, servers, printers, and additional devices. A security switch is essential for realizing a safe network environment by checking various network attacks and access levels based upon behavior blocking.

The first role of a security switch is to prevent trouble by blocking harmful traffic in the access level. Harmful traffic includes worms, viruses, malware, and DDoS attacks. It will also prevent the internal spread of any harmful traffic that may bog down network speed. From a network administrator's perspective, a security switch helps maintain a stable network environment. From a ISPs perspective it ensures high-quality Internet service and enhanced customer satisfaction.

Another role of security switches is to protect confidential information of individuals as well as the company relying on them. A switch plays a critical role in protecting internal confidential information from leaking out. It also limits the risk of privacy infringement and financial loss due to IP phone wiretapping and common forms of hacking.

A switch utilizing multi-dimension security engines can perform security functions by analyzing incoming and outgoing traffic transmitted through switching fabric. A high quality switch can do this regardless of the network speed. Additionally, as data is being analyzed, a switch can ensure maximum line performance by minimizing the additional loss of resources required for harmful traffic filtering.

The key to effective security switch is selectively blocking harmful packets of data while leaving other traffic untouched. This is the key to maintaining business continuity via web services and mail services while simultaneously creating a critical layer of protection against external threats.

Many security switch programs rely on an integrated security management system. This system makes it easy for network administrators to view the status of the network at any given moment on the same screen as their switch. It is essential for network administrators to have the ability to monitor and manage network conditions in real-time even when the workplace network is distributed. This includes gaining a detailed log of detected and blocked traffic. To maximize the value of this data it must be displayed in a way that is easy to understand and includes actionable information.

There are a growing number of different types of security switches available. The key is identifying the right option for particular institutions based upon a number of factors including cost, function, management capabilities, ease of installation, and overall effectiveness.

How To Use The Risk Management Framework for Requirement And Threat Traceability

Cybersecurity and Information Security (InfoSec) activities are implemented to protect data, information, systems, and users. Skilled security, program and system stakeholders work together to ensure that business objectives are met while minimizing the risk of threats where data or system control may be lost. This loss may be due to theft, natural disasters, computer/server malfunction, unauthorized or risky operation, or from any other threats. Program Management and security approaches are combined to maximize business functions and capabilities while also protecting an organization. These approaches include: Requirements Management, Risk Management, Threat Vulnerability Scanning, Continuous Monitoring, and System and Information Backups. All of these management approaches require significant experience to maximize results and prevent issues that could have otherwise been prevented.

Program Managers, as representatives of their companies and clients, call for the timely delivery of quality products and services to operations. Significant experience maximizes product quality and performance while also minimizing risks. Experience facilitates oversight, open collaboration, and decision-making to maximize innovation, reliability, sustainability, and the coordination of assets and resources.

An important Program Management concern today is that a great deal of confidential information is collected, processed and stored by every entity and shared across various private and public networks to other computers. Compounding this concern is the fast pace of technology, software, standards, and other changes that industry must maintain awareness of. It is essential that this information be carefully managed within businesses and protected to prevent both the business and its customers from widespread, irreparable financial loss, not to mention damage to your company's reputation. Protecting our data and information is an ethical and legal requirement for every project and requires proactive engagement to be effective.

Multiple Cybersecurity tools and techniques are used to effectively manage risk within system development and business operations. By necessity, management, engineering, and Cybersecurity activities must proactively work within the execution of requirements to maximize system functions and capabilities while also minimizing risks. Make no mistake; the threats to our businesses, systems, and users are real. As requirements are sufficiently documented, so must the security controls that are intended to help mitigate the known risks to our systems.

Requirements and threats are documented in much the same way as to ensure traceability and repeatability. Proactive management is needed to implement, execute, control, test, verify, and validate that the requirements have been met and the applicable threats have been mitigated. The management difference is while requirements must ultimately be met, threats are managed and mitigated on the likelihood and severity of the threat to our users, businesses, and systems. Risks are documented to show management and mitigation. Documenting these requirements and threats and their supporting details is the key to the proactive and repeatable effort that is needed. We believe the best approach in doing this is to keep this management as straightforward as possible and as detailed as needed to plan, execute, and control the program or business.

Risk Management Framework (RMF) processes are applied to the Security Controls that are found in Cybersecurity and Information Security references. These RMF activities are well documented and overlap the best practices of management and engineering. Often, you will find that the activities recommended of the RMF are activities that you should already be doing with significant proficiency. Traceability of these program and security activities require the ability to verify the history and status of every security control, regardless if the system is in development or in operation. Documentation by necessity is detailed. Traceability includes the identification between requirement, security control, and the necessary information needed to trace between requirements, security controls, strategies, policies, plans, processes, procedures, control settings, and other information that is needed to ensure repeatable lifecycle development and operational repeatability.

Program Management and Risk Management experience is of primary importance to managing requirements and risk. A tremendous and fundamental aid of the experienced is the Requirement Traceability Matrix (RTM) and Security Control Traceability Matrix (SCTM). The RTM and SCTM are fundamentally direct in purpose and scope which facilitates traceability and repeatability for the program. The variables of a RTM and SCTM can be very similar and are tailorable to the needs of the program and customer. There are many examples for the content details of the RTM or SCTM, both separate but similar documents, that may include:
1) A unique RTM or SCTM identification number for each requirement and security control,
2) referenced ID numbers of any associated items for requirements tracking,
3) a detailed, word for word description of the requirement or security control,
4) technical assumptions or customer need linked to the functional requirement,
5) the current status of the functional requirement or security control,
6) a description of the function to the architectural/design document,
7) a description of the functional technical specification,
8) a description of the functional system component(s),
9) a description of the functional software module(s),
10) the test case number linked to the functional requirement,
11) the functional requirement test status and implementation solution,
12) a description of the functional verification document, and
13) a miscellaneous comments column that may aid to traceability.

While the contents of the RTM and SCTM are flexible, the need for such tools is not. With the complexity and need to protect systems and services today from multiple threats, experienced managers, engineers, users and other professionals will look for the traceability that quality and secure systems require.

Free Anti-Virus Software Really Ain't Free

The lure of free anti-virus software is powerful. Many companies such as Norton and McAfee offer free versions of their pro products, but AVG was the first to offer a free version of their software over 10 years ago. The software can be free indefinitely or free for only a trial period, often lasting 14 to 30 days. These free versions are generally stripped down and limited in features and options. In the case of 14 or 30 day trial software, you have access to all the options and features for the duration of the trial. After that, the software is downgraded.

Free anti-virus software looks like a real bargain. In fact, I'm willing to bet that many of you are using it right now. However, it is advisable that you switch to a paid version. There is a hidden cost to using such software. Before we examine the hidden cost I'm going to list those features that are commonly reserved for paying customers:

• Link checking
• Email protection
• Personal data protection
• Automatic and frequent updates
• Complete and timely tech support
• Automatic scanning for threats
• Automatic scanning of removable storage

The above list is a composite list. I examined many of the leading anti-virus software maker's websites to generate that list so be aware that your options may vary. Now, let's examine the list in detail.

Link Checking

Pro anti-virus software interrogates each webpage before it loads in your browser. If it discovers suspect code it stops the page from opening. Free versions often leave you to fend for yourself.

Email Protection

Link checking also takes place in your inbox. Links in emails are scanned for malicious content, and built-in email rules stop virii from ever reaching your inbox. Free versions don't perform thorough email protection, potentially leaving a hole in your protection.

Personal Data Protection

Cybercriminals make money by stealing and selling your personal data. Many free anti-virus software will only provide limited protection, where pro versions provide users with proactive protection by blocking unauthorized outside connections to your computer.

Automatic and Frequent Updates

Pro versions of anti-virus software update several times per day, even up to once (or more) per hour. Free versions either require you to manually perform the updates or updates are performed automatically but infrequently. You are less protected that way, and the downloads are quite large resulting in long waits.

Timely Tech Support

Pro versions offer you telephone support, or at least a response via email that is measured in hours, not days. If you are using the free version, you'll still get help. Just not right away, and you may have to visit a forum to get answers.

Automatic Scanning for Threats

Anti-virus software should sit in the background and watch over your shoulder as you work, much like a bodyguard. Just as a bodyguard will spring into action even before you realize there is danger, your antivirus software should neutralize threats as soon as they are found. Free versions require you to manually start the scans - you aren't constantly protected.

Automatic Scanning of Removable Storage

Attacks can come from anywhere. Flash drives are those little dongles that have taken the place of 3.5" floppies and are used to carry data from one computer to another. Pro versions of anti-virus software will begin a scan as soon as a flash drive is inserted into the computer, looking for any harmful software and stopping it in its tracks. Free versions require you to manually scan the flash drive. Forgetting to manually start a scan could lead to your computer getting infected.

Free anti-virus software has a hidden cost and it is expensive once you add it up. Firstly, many of the free versions just aren't as robust and feature filled as the pro versions, leaving you without comprehensive protection. Secondly, you have to invest a lot more time into the free versions, doing chores such as:

• Manually scanning for threats as you work on the web throughout the day
• Remembering to update the database several times, daily
• Searching for your own answers, or waiting for email replies while malicious software is infecting your computer
• Scanning those portable flash drives that can also carry harmful code

Forgetting to do any of the above chores could potentially leave you open and vulnerable to attack. It is advisable that you switch to a paid version of anti-virus software to protect yourself and your sensitive data from online threats.

Shellshock Bug – How Does it Impact You?

A new security bug has been discovered recently, and it is as big, if not bigger, than the Heartbleed bug from a few months back. This security bug is called ‘Shellshock’ and it is found in a common program that runs on UNIX and Linux operating systems. The scope of this bug is pretty huge and now that attackers are aware of this, it could lead to severe security risks for many users. Not since Heartbleed have we seen such a security bug operate on such a large scale.

What is Shellshock all about?

Shellshock is a security vulnerability found in Bash. Bash is a command shell that is commonly used on Linux and UNIX operating systems and it has been around since 1989. Alarmingly, Shellshock has been around for more than 20 years now and it is yet unknown if it was accidentally developed by the creator. Just like Heartbleed, Shellshock seems to have been around for a long time and has been missed by several security audits.

What is Bash and how does Shellshock work within it?

Shellshock is what is commonly termed as a Remote Code Execution (RCE) vulnerability within Bash. Just like we have the Command Prompt on Windows, Linux and UNIX have the command shell known as Bash. It helps the user run other programs within the system and Bash stands for “Bourne Again Shell”.

Using the Shellshock vulnerability, an attacker can affect machines using a technique known as command injection. Via this method, he can run a program on Bash without intimating the user and without logging on to the computer himself. Since Bash runs several programs in the background, all the attacker needs to do is ensure that his malicious text is not spotted. Harmless looking data contains malicious code that gets executed in this scenario.

Who is vulnerable to Shellshock?

Bash is commonly used in Apple’s OS X operating system. Additionally, it is also present in several web-servers and home appliances such as routers and other devices which face the Internet. This causes further trouble as updates for these devices are not easy to acquire or implement. As a result, Shellshock could potentially disrupt several services and homes.

With Heartbleed, an attacker could only steal data stored in the memory of systems. However, with Shellshock, he can gain complete access of the system. Hence the potential risk here is far greater.

Are Microsoft Windows users also vulnerable to Shellshock?

As of now, users of Apple Macs, Linux and UNIX based machines are vulnerable to Shellshock and the Bash vulnerability. Windows users are not directly vulnerable to the same. However, attackers are working on ways to utilize this weakness against Windows users as well. So it is highly recommended that Windows users keep their OS and security software completely updated at all times.

So what is the solution for Shellshock?

There are several programs and techniques that prevent command injection. However, the problem is that no one really knows what commands to look for as attackers can mask it well. Placing a few words of malicious code within thousands of lines is very easy, and pinpointing it is like finding a needle in a haystack.

The best solution here is for Bash to be updated by the people who use it. If there are any other vendor-specific updates available, they should be initiated as well.

E-Mail Bombing

I. Description

Email bombing is characterized by abusers repeatedly sending an email message to a particular address at a specific victim site. In many instances, the messages will be large and constructed from meaningless data in an effort to consume additional system and network resources. Multiple accounts at the target site may be abused, increasing the denial of service impact.

Email spamming is a variant of bombing; it refers to sending email to hundreds or thousands of users (or to lists that expand to that many users). Email spamming can be made worse if recipients reply to the email, causing all the original addressees to receive the reply. It may also occur innocently, as a result of sending a message to mailing lists and not realizing that the list explodes to thousands of users, or as a result of a responder message (such as vacation(1)) that is setup incorrectly.

Email bombing/spamming may be combined with email spoofing (which alters the identity of the account sending the email), making it more difficult to determine who actually sent the email.

II. Technical Issues

• If you provide email services to your user community, your users are vulnerable to email bombing and spamming.
• Email spamming is almost impossible to prevent because a user with a valid email address can spam any other valid email address, newsgroup, or bulletin-board service.
• When large amounts of email are directed to or through a single site, the site may suffer a denial of service through loss of network connectivity, system crashes, or failure of a service because of
• overloading network connections
• using all available system resources
• filling the disk as a result of multiple postings and resulting syslog entries

III. What You Can Do

1. Detection
2. If your system suddenly becomes sluggish (email is slow or doesn't appear to be sent or received), the reason may be that your mailer is trying to process a large number of messages.
3. Reaction
1. Identify the source of the email bomb/spam and configure your router (or have your Network Service Provider configure the router) to prevent incoming packets from that address.

Review email headers to determine the true origin of the email. Review the information related to the email bomb/spam following relevant policies and procedures of your organization.

2. Follow up with the site(s) you identified in your review to alert them to the activity. Contact them to alert them to the activity.
3. Ensure you are up to date with the most current version of your email delivery software (sendmail, for example) and increase logging capabilities as necessary to detect or alert you to such activity.
3. Prevention
4. Unfortunately, at this time, there is no way to prevent email bombing or spamming (other than disconnecting from the Internet), and it is impossible to predict the origin of the next attack. It is trivial to obtain access to large mailing lists or information resources that contain large volumes of email addresses that will provide destination email addresses for the spam.
1. Develop in-house tools to help you recognize and respond to the email bombing/spamming and so minimize the impact of such activity. The tools should increase the logging capabilities as well as check for and alert you to incoming/outgoing messages that originate from the same user or same site in a very short span of time. Once you identify the activity, you can use other in-house tools to discard the messages from the offending users or sites.
2. If your site uses a small number of email servers, you may want to configure your firewall to ensure that SMTP connections from outside your firewall can be made only to your central email hubs and to none of your other systems. Although this will not prevent an attack, it minimizes the number of machines available to an intruder for an SMTP-based attack (whether that attack is a email spam or an attempt to break into a host). It also means that should you wish to control incoming SMTP in a particular way (through filtering or another means), you have only a small number of systems--the main email hub and any backup email hubs--to configure.
3. Consider configuring your mail handling system(s) to deliver email into filesystems that have per-user quotas enabled. Doing this can minimize the impact of an email bombing attack by limiting the damage to only the targeted accounts and not the entire system.
4. Educate your users to call you about email bombing and spamming.
5. Do not propagate the problem by forwarding (or replying to) spammed email.

There are three methods of perpetrating an email bomb; Mass mailing, list linking and zip bombing

Mass mailing

Mass mailing consists of sending numerous duplicate mails to the same email address. These types of mail bombs are simple to design but their extreme simplicity means they can be easily detected by spam filters. Email-bombing using mass mailing is also commonly performed as a DDoS attack by employing the use of "zombie" botnets; hierarchical networks of computers compromised by malware and under the attacker's control. Similar to their use in spamming, the attacker instructs the botnet to send out millions or even billions of emails, but unlike normal botnet spamming, the emails are all addressed to only one or a few addresses the attacker wishes to flood. This form of email bombing is similar in purpose to other DDoS flooding attacks. As the targets are frequently the dedicated hosts handling website and email accounts of a business, this type of attack can be just as devastating to both services of the host.

This type of attack is more difficult to defend against than a simple mass-mailing bomb because of the multiple source addresses and the possibility of each zombie computer sending a different message or employing stealth techniques to defeat spam filters.

List linking

List linking means signing a particular email address up to several email list subscriptions. The victim then has to unsubscribe from these unwanted services manually. In order to prevent this type of bombing, most email subscription services send a confirmation email to a person's inbox when that email is used to register for a subscription. This method of prevention is easily circumvented: if the perpetrator registers a new email account and sets it to automatically forward all mail to the victim, he or she can reply to the confirmation emails, and the list linking can proceed.

Zip bombing

A ZIP bomb is a variant of mail-bombing. After most commercial mail servers began checking mail with anti-virus software and filtering certain malicious file types, EXE, RAR, Zip,7-Zip, mail server software was then configured to unpack archives and check their contents as well. A new idea to combat this solution was composing a "bomb" consisting of an enormous text file, containing, for example, only the letter z repeating millions of times. Such a file compresses into a relatively small archive, but its unpacking (especially by early versions of mail servers) would use a greater amount of processing, which could result in a DoS (Denial of Service).