Computer Viruses and Worms
Types of Infection
VIRUSES E-MAIL VIRUSES WORMS TROJAN HORSES
What are Viruses?
A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user.
WORMS
Small piece of software that uses computer networks and security holes to replicate itself.
Copy of the worm scans the network for another machine that has a specific security hole.
Copy itself to the new machine using the security hole and start replicating.
Example “CODE RED”, “Bubbleboy”.
Difference between Virus and Worm
The difference between a worm and a virus is that a virus does not have a propagation vector. i.e., it will only effect one host and does not propagate to other hosts.
Worms propagate and infect other computers. Majority of threats are actually worms that propagate to other hosts.
E-mail Viruses
Moves around in e-mail messagesUsually replicate itself by
automatically mailing itself to dozens of people in the victim’s email address book.
Example “MELISSA VIRUS”Example “I LOVE YOU VIRUS”
Trojan Horse
A simple computer program
It claim to be a gameErase your hard diskNo way to replicate
itself.
Types of Viruses
File infector virus Infect program files
Boot sector virus Infect the system area of a disk
Master boot record virus infect disks in the same manner as boot sector viruses. The difference between
these two virus types is where the viral code is located.
Multi-partite virus infect both boot records and program files
Macro virus infect data files. Examples: Microsoft Office Word, Excel,
PowerPoint and Access files
Melissa Virus (March 1999)
Melissa virus spread in Microsoft Word documents sent via e-mail.
How it works ?Created the virus as word documentUploaded to an internet newsgroupAnyone who download the document
and opened it would trigger the virus.Send friendly email messages to first
50 people in person’s address book.
Melissa Virus
Melissa Virus was the fastest spreading virus ever seen.
Forced a number of large companies to shut down their e-mail systems.
I Love You Virus (May,2000)
Contained a piece of code as an attachment.
Double Click on the attachment triggered the code.
Sent copies of itself to everyone in the victim’s address book
Started corrupting files on the victim’s machine.
Code Red (Worm)
Code Red made huge headlines in 2001It slowed down internet traffic when it
began to replicate itself.Each copy of the worm scanned the
internet for Windows NT or Windows 2000 that don’t have security patch installed.
Each time it found an unsecured server, the worm copied itself to that server.
Code Red Worm
Designed to do three things Replicate itself for the first 20 days
of each month. Replace web pages on infected
servers with a page that declares “Hacked by Chinese”
Launch a concreted attack on the White House Web server
Worms
How Bubbleboy works Bubbleboy is embedded within an email
message of HTML format. a VbScript while the user views a HTML page a file named “Update.hta” is placed in the start
up directory upon reboot Bubbleboy executes
Symptoms of Virus Attack
Computer runs slower then usual Computer no longer boots up Screen sometimes flicker PC speaker beeps periodically System crashes for no reason Files/directories sometimes disappear Denial of Service (DoS)
•Internet
•Router
•Firewall
•Switches
•Servers
•Workstations
•Desktop
•Mobile
•Remote Access
•Dial-in
•VPN
•Internet
•Router
•Firewall
•Switches
•Servers
•Workstations
•Desktop
•Mobile
•Remote Access
•Dial-in
•VPN
•Vulnerable Areas
Why do people do it ?
For some people creating viruses seems to be thrill.
Thrill of watching things blow up.To show how sophisticated and
interconnected human beings have become.
To show loopholes in system.
Protection Measures
Always update your anti-virus software at least weekly.
Back up your important files and ensure that they can be restored.
Change the computer's boot sequence to always start the PC from its hard drive
Don't share Drive C: without a password and without read-only restrictions.
Protection Measures
Empty floppy drives of diskettes before turning on computers, especially laptops.
Forget opening unexpected e-mail attachments, even if they're from friends
Get trained on your computer's anti-virus software and use it.
Have multiple backups of important files. This lowers the chance that all are infected.
Anti-Virus, The Conqueror
•Network Associates/McAfee•Symantec/Norton•Trend Micro• AVG•Panda•Sophos
Conclusion
You know know more about virus and how: viruses work through your system to make a better virus
Have seen how viruses show us a loophole in popular software
Most viruses show that they can cause great damage due to loopholes in programming
•PRIYANGI- 13•SEJAL -21•SALONI -51•SHAGUN -52