| Basic types of viruses |
|
| File viruses |
File viruses, also known as parasitic or executable viruses, are pieces of code that attach themselves to executable files, driver files or compressed files, and are activated when the host program is run. After activation, the virus may spread itself by attaching itself to other programs in the system, and also carry out the malevolent activity for which it was programmed.
Most file viruses spread by loading themselves in system memory and looking for any other programs located on the drive. If it finds one, it modifies the program’s code so that it contains and activates the virus the next time it’s run.
It keeps doing this over and over until it spreads across the system, and possibly to other systems that the infected program may be shared with. Besides spreading themselves, these viruses also carry some type of destructive constituent that can be activated immediately or by a particular ‘trigger’. The trigger could be a specific date, or the number of times the virus has been replicated, or anything equally trivial. Some examples of file viruses are Randex, Meve and Mr Klunky. |
|
|
| Boot sector viruses |
| A boot sector virus affects the boot sector of a hard disk, which is a very crucial part. The boot sector is where all information about the drive is stored, along with a program that makes it possible for the operating system to boot up. By inserting its code into the boot sector, a virus guarantees that it loads into memory during every boot sequence. A boot virus does not affect files; instead, it affects the disks that contain them. Perhaps this is the reason for their downfall. During the days when programs were carried around on floppies, the boot sector viruses used to spread like wildfire. However, with the CD-ROM revolution, it became impossible to infect pre-written data on a CD, which eventually stopped such viruses from spreading. Though boot viruses still exist, they are rare compared to new-age malicious software. Another reason why they’re not so prevalent is that operating systems today protect the boot sector, which makes it difficult for them to thrive. Examples of boot viruses are Polyboot.B and AntiEXE. |
|
|
| Multipartite viruses |
| Multipartite viruses are a combination of boot sector viruses and file viruses. These viruses come in through infected media and reside in memory. They then move on to the boot sector of the hard drive. From there, the virus infects executable files on the hard drive and spreads across the system. There aren’t too many multipartite viruses in existence today, but in their heyday, they accounted for some major problems due to their capacity to combine different infection techniques. A well-known multipartite virus is Ywinz. |
|
|
| Macro viruses |
| Macro viruses infect files that are created using certain applications or programs that contain macros. These include Microsoft Office documents such as Word documents, Excel spreadsheets, PowerPoint presentations, Access databases and other similar application files such as Corel Draw, AmiPro etc. Since macro viruses are written in the language of the application and not in that of the operating system, they are known to be platform-independent—they can spread between Windows, Mac and any other system, so long as they are running the required application. With the ever-increasing capabilities of macro languages in applications, and the possibility of infections spreading over networks, these viruses are major threats. The first macro virus was written for Microsoft Word and was discovered back in August 1995. Today, there are thousands of macro viruses in existence—some examples are Relax and Bablas. |
|
|
| Network viruses |
| This kind of virus is proficient in quickly spreading across a Local Area Network (LAN) or even over the Internet. Usually, it propagates through shared resources, such as shared drives and folders. Once it infects a new system, it searches for potential targets by searching the network for other vulnerable systems. Once a new vulnerable system is found, the network virus infects the other system, and thus spreads over the network.Some of the most notorious network viruses are Nimda. |
|
|
| Email Viruses |
| An email virus could be a form of a macro virus that spreads itself to all the contacts located in the host’s email address book. If any of the email recipients open the attachment of the infected mail, the virus spreads to the new host’s address book contacts, and then proceeds to send itself to all those contacts as well. Email viruses can infect hosts even by previewing the infected email in a mail client. |
| How to Protect Yourself from Virus? | | | Virus Protection | | A virus may or may not present itself. Viruses attempt to spread before activating whatever malicious activity they may have been programmed to deliver. So, viruses will often try to hide themselves. Sometimes there are symptoms that can be observed by a trained casual observer who knows what to look for (but, don't count on it). | | | Virus authors often place a wide variety of indicators into their viruses (e.g., messages, music, graphic displays). These, however, typically only show up when the virus payload activates. With DOS systems, the unaccounted for reduction of the amount of RAM known to be in the computer is an important indicator resident viruses have a hard time getting around. But, under Windows, there is no clear indicator like that. The bottom line is that one must use anti-virus software to detect (and fix) most viruses once they are on your system. | | | Your main defense is to detect and identify specific virus attacks to your computer. There are three methods in general use. Each has pros and cons and are discussed via these links. Often, a given anti-virus software program will use some combination of the three techniques for maximum possibility of detection. | | | With dangerous viruses on the network, what can computer users do to protect their systems?Here are just a few hints: | | • Be sure to install an anti-virus software program (see the next section) to guard against virus attacks. Also, be sure you turn on the scanning features. It can't protect you if it's not enabled. | | | • Practice caution when working with files from unknown or questionable sources. | | | • Do not open e-mail attachments if you do not recognize the sender (though you may also receive viruses from people you know). Scan the attachments with anti-virus software before opening them. | | | • Download files only from reputable Internet sites, and be wary when exchanging diskettes or other media with friends. | | | • Scan your hard drive for viruses monthly. | | | Even with these precautions, new viruses may find ways to enter your computer system. | |
|
|
No comments:
Post a Comment