Monthly Archives: August 2011

High Energy Physics Owes Debt to Nobel Laureate Georges Charpak

Georges CharpakHe developed a host of particle detectors and won the 1992 Nobel Prize for his ground breaking multiwire proportional chamber which revolutionized particle physics. Find resources with additional information about Georges Charpak at the OSTI DOE R&D Accomplishments website. DOE R&D Accomplishments is a central forum for information about significant outcomes of past DOE R&D widely recognized as remarkable advancements in science.

HUD Charges Connecticut Property Owner and Manager with Discriminating Against African American Woman

HUD has charged the owner and manager of a Windsor Locks, CT, rental property with discrimination for refusing to allow the home to be subleased to a woman and her two children because she is African American. HUD’s charge alleges that when the married couple renting the home, an African American man and a white woman, decided to move out before their lease ended, they notified the property manager that they would find someone to sublease the home and posted an ad on Craigslist.com. When the couple notified the manager that they had found someone to lease the home, the manager asked if she is white. When the husband told the manager that she is African American, the manager allegedly said that he “did not want too many blacks at the property.” HUD’s charge further alleges that the manager also told the husband that “the neighbors would not want to see too many blacks there,” and that the only reason he had rented to the couple was because his wife is white and it was a “good mix.
Read the charge

HUD Charges Toledo Property Owners with Discriminating Against African American Couple and Their Four Children

The Department of Housing and Urban Development has charged the owners of a rental home in Toledo, Ohio, with discriminating against an African American couple and their four minor children because of their race. HUD’s charge alleges that the owners of the home falsely accused the couple, who are engaged, of illegal drug use, hosting loud parties and damaging the property. HUD’s charge also alleges that the owners intimidated and harassed the couple by sending the mother of the children a letter accusing her of child abuse, reporting alleged child abuse to the local Child Services Office, reporting alleged drug use to local police, and threatening the couple with eviction.
Read the charge

ST06-001: Understanding Hidden Threats: Rootkits and Botnets

Original release date: August 24, 2011 | Last revised: February 06, 2013

Attackers are continually finding new ways to access computer systems. The use of hidden methods such as rootkits and botnets has increased, and you may be a victim without even realizing it.

What are rootkits and botnets?

A rootkit is a piece of software that can be installed and hidden on your computer without your knowledge. It may be included in a larger software package or installed by an attacker who has been able to take advantage of a vulnerability on your computer or has convinced you to download it (see Avoiding Social Engineering and Phishing Attacks for more information). Rootkits are not necessarily malicious, but they may hide malicious activities. Attackers may be able to access information, monitor your actions, modify programs, or perform other functions on your computer without being detected.

Botnet is a term derived from the idea of bot networks. In its most basic form, a bot is simply an automated computer program, or robot. In the context of botnets, bots refer to computers that are able to be controlled by one, or many, outside sources. An attacker usually gains control by infecting the computers with a virus or other malicious code that gives the attacker access. Your computer may be part of a botnet even though it appears to be operating normally. Botnets are often used to conduct a range of activities, from distributing spam and viruses to conducting denial-of-service attacks (see Understanding Denial-of-Service Attacks for more information).

Why are they considered threats?

The main problem with both rootkits and botnets is that they are hidden. Although botnets are not hidden the same way rootkits are, they may be undetected unless you are specifically looking for certain activity. If a rootkit has been installed, you may not be aware that your computer has been compromised, and traditional anti-virus software may not be able to detect the malicious programs. Attackers are also creating more sophisticated programs that update themselves so that they are even harder to detect.

Attackers can use rootkits and botnets to access and modify personal information, attack other computers, and commit other crimes, all while remaining undetected. By using multiple computers, attackers increase the range and impact of their crimes. Because each computer in a botnet can be programmed to execute the same command, an attacker can have each of them scanning multiple computers for vulnerabilities, monitoring online activity, or collecting the information entered in online forms.

What can you do to protect yourself?

If you practice good security habits, you may reduce the risk that your computer will be compromised:

  • Use and maintain anti-virus software – Anti-virus software recognizes and protects your computer against most known viruses, so you may be able to detect and remove the virus before it can do any damage (see Understanding Anti-Virus Software for more information). Because attackers are continually writing new viruses, it is important to keep your definitions up to date. Some anti-virus vendors also offer anti-rootkit software.
  • Install a firewall – Firewalls may be able to prevent some types of infection by blocking malicious traffic before it can enter your computer and limiting the traffic you send (see Understanding Firewalls for more information). Some operating systems actually include a firewall, but you need to make sure it is enabled.
  • Use good passwords – Select passwords that will be difficult for attackers to guess, and use different passwords for different programs and devices (see Choosing and Protecting Passwords for more information). Do not choose options that allow your computer to remember your passwords.
  • Keep software up to date – Install software patches so that attackers can’t take advantage of known problems or vulnerabilities (see Understanding Patches for more information). Many operating systems offer automatic updates. If this option is available, you should enable it.
  • Follow good security practices – Take appropriate precautions when using email and web browsers to reduce the risk that your actions will trigger an infection (see other US-CERT security tips for more information).

Unfortunately, if there is a rootkit on your computer or an attacker is using your computer in a botnet, you may not know it. Even if you do discover that you are a victim, it is difficult for the average user to effectively recover. The attacker may have modified files on your computer, so simply removing the malicious files may not solve the problem, and you may not be able to safely trust a prior version of a file. If you believe that you are a victim, consider contacting a trained system administrator.

As an alternative, some vendors are developing products and tools that may remove a rootkit from your computer. If the software cannot locate and remove the infection, you may need to reinstall your operating system, usually with a system restore disk that is often supplied with a new computer. Note that reinstalling or restoring the operating system typically erases all of your files and any additional software that you have installed on your computer. Also, the infection may be located at such a deep level that it cannot be removed by simply reinstalling or restoring the operating system.


Author: Mindi McDowell


This product is provided subject to this Notification and this Privacy & Use policy.

ST06-001: Understanding Hidden Threats: Rootkits and Botnets

Original release date: August 24, 2011 | Last revised: February 06, 2013

Attackers are continually finding new ways to access computer systems. The use of hidden methods such as rootkits and botnets has increased, and you may be a victim without even realizing it.

What are rootkits and botnets?

A rootkit is a piece of software that can be installed and hidden on your computer without your knowledge. It may be included in a larger software package or installed by an attacker who has been able to take advantage of a vulnerability on your computer or has convinced you to download it (see Avoiding Social Engineering and Phishing Attacks for more information). Rootkits are not necessarily malicious, but they may hide malicious activities. Attackers may be able to access information, monitor your actions, modify programs, or perform other functions on your computer without being detected.

Botnet is a term derived from the idea of bot networks. In its most basic form, a bot is simply an automated computer program, or robot. In the context of botnets, bots refer to computers that are able to be controlled by one, or many, outside sources. An attacker usually gains control by infecting the computers with a virus or other malicious code that gives the attacker access. Your computer may be part of a botnet even though it appears to be operating normally. Botnets are often used to conduct a range of activities, from distributing spam and viruses to conducting denial-of-service attacks (see Understanding Denial-of-Service Attacks for more information).

Why are they considered threats?

The main problem with both rootkits and botnets is that they are hidden. Although botnets are not hidden the same way rootkits are, they may be undetected unless you are specifically looking for certain activity. If a rootkit has been installed, you may not be aware that your computer has been compromised, and traditional anti-virus software may not be able to detect the malicious programs. Attackers are also creating more sophisticated programs that update themselves so that they are even harder to detect.

Attackers can use rootkits and botnets to access and modify personal information, attack other computers, and commit other crimes, all while remaining undetected. By using multiple computers, attackers increase the range and impact of their crimes. Because each computer in a botnet can be programmed to execute the same command, an attacker can have each of them scanning multiple computers for vulnerabilities, monitoring online activity, or collecting the information entered in online forms.

What can you do to protect yourself?

If you practice good security habits, you may reduce the risk that your computer will be compromised:

  • Use and maintain anti-virus software – Anti-virus software recognizes and protects your computer against most known viruses, so you may be able to detect and remove the virus before it can do any damage (see Understanding Anti-Virus Software for more information). Because attackers are continually writing new viruses, it is important to keep your definitions up to date. Some anti-virus vendors also offer anti-rootkit software.
  • Install a firewall – Firewalls may be able to prevent some types of infection by blocking malicious traffic before it can enter your computer and limiting the traffic you send (see Understanding Firewalls for more information). Some operating systems actually include a firewall, but you need to make sure it is enabled.
  • Use good passwords – Select passwords that will be difficult for attackers to guess, and use different passwords for different programs and devices (see Choosing and Protecting Passwords for more information). Do not choose options that allow your computer to remember your passwords.
  • Keep software up to date – Install software patches so that attackers can’t take advantage of known problems or vulnerabilities (see Understanding Patches for more information). Many operating systems offer automatic updates. If this option is available, you should enable it.
  • Follow good security practices – Take appropriate precautions when using email and web browsers to reduce the risk that your actions will trigger an infection (see other US-CERT security tips for more information).

Unfortunately, if there is a rootkit on your computer or an attacker is using your computer in a botnet, you may not know it. Even if you do discover that you are a victim, it is difficult for the average user to effectively recover. The attacker may have modified files on your computer, so simply removing the malicious files may not solve the problem, and you may not be able to safely trust a prior version of a file. If you believe that you are a victim, consider contacting a trained system administrator.

As an alternative, some vendors are developing products and tools that may remove a rootkit from your computer. If the software cannot locate and remove the infection, you may need to reinstall your operating system, usually with a system restore disk that is often supplied with a new computer. Note that reinstalling or restoring the operating system typically erases all of your files and any additional software that you have installed on your computer. Also, the infection may be located at such a deep level that it cannot be removed by simply reinstalling or restoring the operating system.


Author: Mindi McDowell


This product is provided subject to this Notification and this Privacy & Use policy.

HUD Charges Oregon Developer and Designer with Failing to Build Apartments that are Accessible to Persons with Disabilities

HUD has charged the developer and designer of a 275-unit apartment complex in Salem, OR, with violating the Fair Housing Act for designing and constructing apartments that fail to meet the accessibility requirements of the Fair Housing Act. HUD’s charge contends that Montagne Development, Inc., and Multi/Tech Engineering Services, Inc., both Oregon corporations, designed and built Gateway Village Apartments in a way that is inaccessible to persons with disabilities in several ways, including excessive slopes on required accessible routes, interior doorways that are too narrow, and bathrooms that do not have the required clear floor space. The complex also does not offer an accessible route connecting covered ground floor units with such common use features as the trash dumpster, the two mailbox locations, and some storage units.
Read the charge

More science images at Science.gov

Science images from the NSF Image Collection have been added to the Science.gov image search. The Science.gov image search makes it easy to find science images from a variety of federal agencies/organizations, including NASA, NOAA, USDA, USGS and USGS-NBII. Get photos and drawings of plants, weather and space images, photos of thousands of marine species, and more.