530 likes | 4.7k Views
TCS Special Program Virus, and How to Avoid Them. Fine Print. My views, not necessarily those of the Tulsa Computer Society Apologies to Symantec / Norton Anti-virus Concepts here are basic, given time constraints (but it is simple until you get infected)
E N D
Fine Print • My views, not necessarily those of the Tulsa Computer Society • Apologies to Symantec / Norton Anti-virus • Concepts here are basic, given time constraints (but it is simple until you get infected) • There are always exceptions and nuances to the issues discussed
What are the Basics? • Practice Safe Computing • Install an Anti-Virus (AV) program and keep it up-to-date • Inform yourself with the facts, taken with a grain of salt
What Is a Computer Virus? • A computer virus is a program that infects an executable file (such as a program, start-up record, or macro) and replicates, infecting neighboring files without the knowledge of the PC user
Most viruses are relatively harmless • Some may cause random damage to data files and program files • Some are intended to destroy files • All viruses use resources by using disk space, memory, CPU processing time, and the time and expense in detecting and removing them
What Is a Trojan Horse? • A Trojan horse, like a virus, may damage computer files • It is usually a single program, that like the old Greek trick, does something that the user does not expect • A Trojan horse does not replicate like a virus does
What Is a Dropper? • A dropper is a program which installs a virus or Trojan Horse, often covertly
What Is a Worm? • A worm is a rogue program which spreads (usually) over network connections • It is not to be confused with a WORM CD drive, an acronym for Write Once, Read Many (times) • Worms are uncommon and are most often programming errors
What Do Viruses Do? Like a biological virus, computer viruses infect: • Other executable program files • Data files containing macros, especially Word and Excel macros • Operating system program files • Special disk program files called boot records and master boot records that your computer uses to start up
What Do Viruses Do? • Infect an executable file that is attached to an e-mail message • Destroy files or simply replicate or display messages such as “this computer is stoned”
What Do Viruses Not Do? • Cause hardware damage (usually)
A computer can get a virus by running an infected executable file, usually from a floppy disk, E-mail attachment or downloaded from the Internet
A Computer Cannot get a virus by opening a pure data file or E-mail text
Risky Business (Behavior that may infect your computer)
High Risk Profile • Network connection without professional administrator • Internet connection • No anti-virus software running • High modem use • Many downloaded programs from local BBSs or unknown internet pages
High Risk Profile • Distribute and receive files, especially on floppy disks • Use pirated software • Collect bargain software from unknown sources
High Risk Profile • Trade computer games • Let other people use your computer or use computer lab equipment • Use recycled floppy disks of unknown origin or floppies someone else has formatted
Medium Use Profile • Network connection • Some downloaded programs from local bulletin boards or unknown internet pages • Use recycled floppy disks of unknown origin or floppies someone else has formatted • Use shared network programs
Medium Use Profile • Share files on floppy disks • Buy bargain or “swap meet” software
Low Risk Profile • No network connection • Modem use for e-mail with few or no downloaded programs or downloads from commercial web pages and bulletin boards • Use just a few applications regularly
Very Low Risk Profile • Single-user PC • No network connection • No modem • Only use shrink-wrapped software from reputable dealers • Scan all floppy disks before first use • Doesn’t receive files on floppy disks
There is no way to guarantee that you will avoid infection. However, the potential damage can be minimized by taking the following precautions:
Make a Clean Boot Disk • Make a boot disk • Add essential program files to it • Scan it with AV software • Write-protect it • If you suspect an infection, boot from it then run AV software
Use Anti-Virus Software • Use reputable, up-to-date and properly-installed AV software • Update AV software virus definitions regularly • Scan floppies and HDD with AV software regularly • Scan programs before installation
AVAST! AVP Avscan Dr. Web F ‑Prot McAfee and Dr. Solomon's (both owned by Network Associates) Norton (Symantec) Sophos sweep Thunderbyte Virus ALERT! Virusafe Panda Others???? Anti-Virus Software Programs
Do Some Reading • If you're a home user, you may well get an infection sooner or later. If you're a business user, it will be sooner. Either way you'll benefit from a little background reading.
What to Read • Computer Magazines • PC World, Ziff Davis, WinMag, etc. • AV Documentation • If you use a shareware/freeware AV package, print a hard copy of the documentation before you get an infection • AV Software help files
What to Read • Other types of resources • web pages like • CNet • http://www.tcs.org/ • http://www.symantec.com/avcenter/ • newsgroups (alt.comp.virus) • Frequently Asked Questions (FAQ's) • Key word search on “computer virus”
Other Safety Measures • Make sure both your home and work systems are protected • Get to know your AV software • If you're a business user, you need an enforceable virus policy • Practice Safe Computing • BACK UP YOUR DATA
Business Costs • Training a response team • Taking the team from their real jobs or hiring consultants when infection occurs • Cost of AV software • Cost of maintaining upgrades, subscriptions and tracking technological changes
Business Costs • Educating employees in the virus issues and safe computing • Cost in time of routine anti-virus measures, such as scanning hard disk drives • Cost of servicing false alarms
Business Costs • Resource utilization by undetected viruses • Formulating and enforcing a backup policy • Formulating and enforcing anti-virus policy
Personal Costs • Cost of AV software • Cost of maintaining upgrades every six months • Subscriptions for virus definitions • Cost in time of routine anti-virus measures, such as scanning hard disk drives
Personal Costs • Computer speed - something else for the computer to do • Software bugs
Bloomington • 1992 from a clone vendor the office employed • Monkey • 1996 from working on a laptop while trying to find out why a PCMCIA card did not work. The virus was not the reason for the hardware problem
Larue • 1998, Excel macro virus from an infected file sent over the office network • Anti CMOS A • 1998, found while scanning for the Larue
Pretty Park • March, 2000, e-mail attachment • Numerous hoaxes
Hype, Hoax and Myth are part of the Virus scene • The Internet is an ideal forum for information and misinformation
Hype • By news media to sell news and entertain us • By virus software vendors to sell software or enhance the company net worth
Hoax • Please Help! • Did you hear? Tell everybody you know! • Chain Letters
Hoax (Virus) • This virus will explode your hard disk drive • That virus will set your monitor on fire • The other virus will infect your cat
Myth • DOS file attributes (read only, hidden, system) protect executable files from infection • FDISK-ing your HDD will kill all viruses (it will certainly kill all your data)