1 / 28

Life in a Dangerous World: Developing effective strategies against Virus, Worms and Other Threats

Life in a Dangerous World: Developing effective strategies against Virus, Worms and Other Threats. Marshall Breeding Vanderbilt University breeding@library.vanderbilt.edu http://www.library.vanderbilt.edu/libtech/breeding/. The Threat. Computers are under attach more than ever before

diem
Download Presentation

Life in a Dangerous World: Developing effective strategies against Virus, Worms and Other Threats

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Life in a Dangerous World: Developing effective strategies against Virus, Worms and Other Threats Marshall Breeding Vanderbilt University breeding@library.vanderbilt.edu http://www.library.vanderbilt.edu/libtech/breeding/

  2. The Threat • Computers are under attach more than ever before • As computer operating systems become more powerful, they also become more vulnerable • Original Viruses were transmitted by files and diskettes • Macro viruses are cross platform

  3. The Threat ... • Most current viruses transmitted by e-mail • Mail attachments common vehicles • Some viruses live within message body • Scripting engines are vulnerable

  4. What is a virus • Transmit • Replicate • Attack • Mutate

  5. Major virus outbreaks • 1980’s: attacks begin on COM, EXE, boot sectors • Jerusalemz (Friday the 13th) • AIDS (trojan) • 1988: Internet worm • 1992: Michelangelo • 1994 Good Times hoax • 1996 Concept (Macro virus)

  6. ...Major Virus outbreaks • 1998: Chernobyl/CIH (activates 26th of April) • 1999: Melissa (Macro virus/propagates through Outlook) • 2000: ILOVEYOU, Stages (VBX) • 2000: Phage; Vapor: Palm Virus

  7. Observations • Over 50,000 viruses and variants • Major outbreaks more frequent • Microsoft products targeted • Fast propagation through E-mail • Very complex to manage: e.g. Microsoft

  8. Trends • Current generation requires active role by user • Emerging viruses: passive victim • Future/present concern for wireless devices • Wider range of targets: Computers, PDA, Cell Phones

  9. Anti-virus solutions • User behavior • Technical

  10. The #1 Anti-virus strategy involves human behavior • Be aware and cautious • Train computer users to be wary • Never access files from an unchecked disk • any removable media • Do not download software from untrusted sources • Know the true source of all software

  11. Be careful with E-mail • Don’t open obviously suspicious messages • Don’t open attachments unless you know the sender and are expecting that specific attachment • Ensure that your mail client displays extensions of attachments • Avoid: VBX, EXE, • Never send attachments from listserves • Never open attachments from listserves

  12. What users should do when a virus is found or suspected • Notify system administrator • Don’t panic • Don’t restart computer • Don’t send spam E-mail warnings

  13. Technical solutions

  14. Implement a multi-layer approach • Desktop: dynamic inspection, regular scanning • Network Server • Mail scanning/interception

  15. Anvi-virus Architecture File Server File Scanning INTERNET Mail Scanning Local Network Regular scanning of Disks Dynamic Scan-on-access Firewall Mail Server Current Virus Signatures Desktop Computers

  16. Desktop layer • Inspect files on access • Regularly scan all permanent disks • Scan all removable media with each use • Regularly update virus signature database

  17. Desktop Anti-virus software • Norton Anti Virus • McAfee ActiveShield • Command Anti-Virus (was Fprot) • Data Fellows F-Secure • Dr. Solomons Anti-Virus

  18. Network Fileserver layer • Regularly scan all disk volumes • Shared folders easily missed by desktop scanning

  19. E-Mail scanning • Inspect incoming messages • Inspect outgoing messages • Inspect messages from one local user to another within mail system

  20. E-Mail Scanning software • Trend Micro Virus Wall • Sybari Antigen

  21. Virus signature database • the key to the current generation of anti-virus software • must be current • can’t be current enough

  22. Firewalls • Part of a general computer security plan, but also helpful with viruses • Institutional firewalls imperative • CheckPoint FireWall-1 • Consider personal/workstation-level firewalls • BlackIce • ZoneAlarm

  23. What software should do when it detects a virus • clean file/message when possible • remove if it can’t be cleaned • warn system administrator • warn recipient • warn sender

  24. Need to identify the signature of each virus • distinguish malicious items • Original products scanned after the fact • Scanning of files as they are accessed

  25. Mitigate vulnerability • Avoid being logged in with workstation/network administrative rights • Minimize the number of network drives mapped at any given time • Web document directories • shared network drives • Turn off features not needed: • e.g. Windows Scripting Host from e-mail • Do we need support for VBX or JavaScript in e-mail?

  26. Web-oriented vulnerabilities • Java applets • Active-X

  27. More advanced anti-virus software • rely less on specific virus signatures • rely more on trapping unwanted behaviour

  28. Future expectations • No end in sight • The world is becoming more dangerous • Enormous dependence on commercial anti-virus applications • Future computer OS will be designed to be less vulnerable...

More Related