130 likes | 270 Views
VIRUS. Presented by:. Dhruv Harsh Hitesh Lakshmi Narayan Shashank. Computer virus.
E N D
VIRUS Presented by: Dhruv Harsh Hitesh Lakshmi Narayan Shashank
Computer virus A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer. Malware includes computer viruses, computer worms, Trojan horses, most rootkits, spyware, dishonest adware and other malicious and unwanted software, including true viruses. Viruses are sometimes confused with worms and Trojan horses, which are technically different. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious or simply do nothing to call attention to themselves. Some viruses do nothing beyond reproducing themselves.
THREE TYPES OF VIRUSES FILE INFECTORS BOOT SECTOR VIRUSES MACRO VIRUSES
File infectors, also known as parasitic viruses, operate in memory and usually infect executable files. They activate every time infected files are executed: They copy themselves into other executable files and can remain in memory long after the virus has activated. FILE INFECTORS A boot sector virus is a computer virus which infects the boot sector on hard disks, floppy disks, and theoretically also other bootable media such as CD's and DVD's. BOOT SECTOR VIRUS A macro virus is a computer infection written in macro language, which is commonly built into word processing applications. In general, macros is a series of commands and executions that help automate specific tasks. Regardless of how they are created, they must be executed by a system able to interpret stored commands. MACRO VIRUS
HOW DO COMPUTER VIRUS SPREAD?? When you execute program code that's infected by a virus, the virus codewill also run and try to infect other programs, either on the same computeror on other computers connected to it over a network . And the newlyinfected programs will try to infect yet more programs When you share a copy of an infected file with other computer users,running the file may also infect their computers; and files from thosecomputers may spread the infection to yet more computers If your computer is infected with a boot sector virus, the virus tries towrite copies of itself to the system areas of floppy disks and hard disks.Then the infected floppy disks may infect other computers that boot fromthem, and the virus copy on the hard disk will try to infect still morefloppies. Some viruses, known as 'multipartite' viruses, can spread both by infectingfiles and by infecting the boot areas of floppy disks.
Damages • Can destroy file allocation tables (FAT) and lead to the corruption of an entire file system, resulting in the need to fully reinstall and reload the system. • Can create bad sectors on the disk, destroying parts of programs and files. • Can decrease the space on hard disks by duplicating files. • Can format specific tracks on their disks or format the entire disk. • Can destroy specific executable files and alter data indata files, causing a loss of integrity in the data. • Can cause the system to hang so that it does not respond to any keyboard or mouse movements.
Trojan horse A Trojan horse, or Trojan, is malware that appears to perform a desirable function for the user prior to run or install but instead facilitates unauthorized access of the user's computer system. "It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems", as Cisco describes. The term is derived from the Trojan Horse story in Greek mythology.
Purpose and operation Security Trojan horses may allow a hacker remote access to a target computer system. Once a Trojan horse has been installed on a target computer system, a hacker may have access to the computer remotely and perform various operations, limited by user privileges on the target computer system and the design of the Trojan horse. Trojan horses in this way require interaction with a hacker to fulfill their purpose, though the hacker need not be the individual responsible for distributing the Trojan horse. It is possible for individual hackers to scan computers on a network using a port scanner in the hope of finding one with a malicious Trojan horse installed, which the hacker can then use to control the target computer. Installation and distribution Trojan horses can be installed through the following methods: Some users, particularly those in the Warez scene, may create and distribute software with or without knowing that a Trojan has been embedded inside. Compilers and higher-level software makers can be written to attach malicious software when the author compiles his code to executable form. Self-replication A Trojan horse may itself be a computer virus, either by asking other users on a network, such as a instant-messaging network, to install the said software, or by spreading itself through the use of application exploits.
Computer worm A computer worm is a self-replicating malware computer program. It uses a computer network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
Worms with good intent Beginning with the very first research into worms at Xerox PARC, there have been attempts to create useful worms. The Nachi family of worms, for example, tried to download and install patches from Microsoft's website to fix vulnerabilities in the host system–by exploiting those same vulnerabilities. In practice, although this may have made these systems more secure, it generated considerable network traffic, rebooted the machine in the course of patching it, and did its work without the consent of the computer's owner or user. Another research proposed what seems to be the first computer worm that operates on the second layer of the OSI model (Data link Layer), it utilizes topology information such as Content-addressable memory (CAM) tables and Spanning Tree information stored in switches to propagate and probe for vulnerable nodes until the enterprise network is covered. Most security experts regard all worms as malware, whatever their payload or their writers' intentions.
Protecting against dangerous computer worms Worms spread by exploiting vulnerabilities in operating systems. Vendors with security problems supply regular security updates, and if these are installed to a machine then the majority of worms are unable to spread to it. If a vulnerability is disclosed before the security patch released by the vendor, a Zero-day attack is possible. Users need to be wary of opening unexpected email, and should not run attached files or programs, or visit web sites that are linked to such emails.Anti-virus and anti-spyware software are helpful, but must be kept up-to-date with new pattern files at least every few days. The use of a firewall is also recommended. The researchers discovered how to contain the kind of worm that scans the Internet randomly, looking for vulnerable hosts to infect. They found that the key is for software to monitor the number of scans that machines on a network sends out. When a machine starts sending out too many scans, it is a sign that it has been infected, allowing administrators to take it off line and check it for viruses.
Spam (electronic) • Spam is the use of electronic messaging systems to send unsolicited bulk messages indiscriminately. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile phone messaging spam, Internet forum spam, junk fax transmissions, social networking spam, television advertising and file sharing network spam. • Spamming remains economically viable because advertisers have no operating costs beyond the management of their mailing lists, and it is difficult to hold senders accountable for their mass mailings. Because the barrier to entry is so low, spammers are numerous, and the volume of unsolicited mail has become very high. The costs, such as lost productivity and fraud, are borne by the public and by Internet service providers, which have been forced to add extra capacity to cope with the deluge. Spamming has been the subject of legislation in many jurisdictions. • People who create electronic spam are called spammers. Avoiding Spam • To help avoid spam or junk mail is create a filter that finds and does something to e-mail that you suspect is Spam. • Not to register yourself with true id to sign up things on the Internet.
Virus Prevention • Never use a “foreign” disk or CD without scanning it for viruses. • Always scan files downloaded from the internet or other sources. • Never boot your PC from a floppy unless you are certain that it is virus free. • Write protect your disks. • Use licensed software. • Password protect your PC to prevent unattended modification. • Make regular backups. • Install and use antivirus software. • Keep antivirus software up to date.