What Is a Computer Virus?
The number of poisoned websites is increasing. 1 in 1,000 web pages are infected with malicious drive-by downloads. (source: IDG News)
According to a post on Google's blog on July 25, 2008, there are now over 1
trillion URL's on the internet, even though they admit to
only indexing some 40 billion of them. At 1 in 1,000, this translates into
1 billion poisoned pages! Feeling lucky?
Key Terms To
Understanding Computer Viruses:
Virus
A program or piece of code that is loaded onto your computer without your
knowledge and runs against your wishes.
Trojan Horse
A destructive program that masquerades as a benign application. Unlike viruses,
Trojan horses do not replicate themselves
Worm
A program or algorithm that replicates itself over a computer network and
usually performs malicious actions
Blended Threat
Blended threats combine the characteristics of viruses, worms, Trojan Horses,
and malicious code with server and Internet vulnerabilities.
Antivirus Program
A utility that searches a hard disk for viruses and removes any that are found.
Call or email Salem Computer Doctors today for FREE Anti-Virus Software for home users!
Computer Viruses
A computer virus is a
program or piece of code that is loaded onto your computer without your
knowledge and runs against your wishes. Viruses can also replicate themselves.
All computer viruses are manmade. A simple virus that can make a copy of itself
over and over again is relatively easy to produce. Even such a simple virus is
dangerous because it will quickly use all available memory and bring the system
to a halt. An even more dangerous type of virus is one capable of transmitting
itself across networks and bypassing security systems.
Since 1987, when a virus
infected ARPANET, a large network used by the Defense Department and many
universities, many antivirus programs have become available. These programs
periodically check your computer system for the best-known types of viruses.
Some people distinguish
between general viruses and worms. A worm is a special type of virus that can
replicate itself and use memory, but cannot attach itself to other programs.
The Difference Between a
Virus, Worm and Trojan Horse
The most common blunder
people make when the topic of a computer virus arises is to refer to a worm or
Trojan horse as a virus. While the words Trojan, worm and virus are often used
interchangeably, they are not the same. Viruses, worms and Trojan Horses are all
malicious programs that can cause damage to your computer, but there are
differences among the three, and knowing those differences can help you to
better protect your computer from their often damaging effects.
A computer virus
attaches itself to a program or file so it can spread from one computer to
another, leaving infections as it travels. Much like human viruses, computer
viruses can range in severity: Some viruses cause only mildly annoying effects
while others can damage your hardware, software or files. Almost all viruses are
attached to an executable file, which means the virus may exist on your computer
but it cannot infect your computer unless you run or open the malicious program.
It is important to note that a virus cannot be spread without a human action,
(such as running an infected program) to keep it going.
People continue the spread of a computer virus, mostly unknowingly, by
sharing infecting files or sending e-mails with viruses as attachments in the
e-mail.
A worm is similar to a
virus by its design, and is considered to be a sub-class of a virus. Worms
spread from computer to computer, but unlike a virus, it has the capability to
travel without any help from a person. A worm takes advantage of file or
information transport features on your system, which allows it to travel
unaided. The biggest danger with a worm is its capability to replicate itself on
your system, so rather than your computer sending out a single worm, it could
send out hundreds or thousands of copies of itself, creating a huge devastating
effect. One example would be for a worm to send a copy of itself to everyone
listed in your e-mail address book. Then, the worm replicates and sends itself
out to everyone listed in each of the receiver's address book, and the manifest
continues on down the line. Due to the copying nature of a worm and its
capability to travel across networks the end result in most cases is that the
worm consumes too much system memory (or network bandwidth), causing Web
servers, network servers and individual computers to stop responding. In more
recent worm attacks such as the much-talked-about .Blaster Worm., the worm has
been designed to tunnel into your system and allow malicious users to control
your computer remotely.
A Trojan Horse is full
of as much trickery as the mythological Trojan Horse it was named after. The
Trojan Horse, at first glance will appear to be useful software but will
actually do damage once installed or run on your computer.
Those on the receiving end of a Trojan Horse are usually tricked into
opening them because they appear to be receiving legitimate software or files
from a legitimate source. When a
Trojan is activated on your computer, the results can vary. Some Trojans are
designed to be more annoying than malicious (like changing your desktop, adding
silly active desktop icons) or they can cause serious damage by deleting files
and destroying information on your system. Trojans are also known to create a
backdoor on your computer that gives malicious users access to your system,
possibly allowing confidential or personal information to be compromised. Unlike
viruses and worms, Trojans do not reproduce by infecting other files nor do they
self-replicate.
Added into the mix, we
also have what is called a blended threat. A blended threat is a sophisticated
attack that bundles some of the worst aspects of viruses, worms, Trojan horses
and malicious code into one threat. Blended threats use server and Internet
vulnerabilities to initiate, transmit and spread an attack. This combination of
method and techniques means blended threats can spread quickly and cause
widespread damage. Characteristics of blended threats include: causes harm,
propagates by multiple methods, attacks from multiple points and exploits
vulnerabilities.
To be considered a
blended thread, the attack would normally serve to transport multiple attacks in
one payload. For example, it wouldn't just launch a DoS attack — it would also
install a backdoor and damage a local system in one shot. Additionally, blended
threats are designed to use multiple modes of transport. For example, a worm may
travel through e-mail, but a single blended threat could use multiple routes
such as e-mail, IRC and file-sharing sharing networks. The actual attack itself
is also not limited to a specific act. For example, rather than a specific
attack on predetermined .exe files, a blended thread could modify exe files,
HTML files and registry keys at the same time — basically it can cause damage
within several areas of your network at one time.
Blended threats are
considered to be the worst risk to security since the inception of viruses, as
most blended threats require no human intervention to propagate.
Combating Viruses, Worms
and Trojan Horses
The first steps to
protecting your computer are to ensure your operating system (OS) is up-to-date.
This is essential if you are running a Microsoft Windows OS. Secondly, you
should have anti-virus software installed on your system and ensure you download
updates frequently to ensure your software has the latest fixes for new viruses,
worms, and Trojan horses. Additionally, you want to make sure your anti-virus
program has the capability to scan e-mail and files as they are downloaded from
the Internet. This will help prevent malicious programs from even reaching your
computer. You should also install a firewall as well.
A firewall is a system
that prevents unauthorized use and access to your computer. A firewall can be
either hardware or software. Hardware firewalls provide a strong degree of
protection from most forms of attack coming from the outside world and can be
purchased as a stand-alone product or in broadband routers. Unfortunately, when
battling viruses, worms and Trojans, a hardware firewall may be less effective
than a software firewall, as it could possibly ignore embedded worms in out
going e-mails and see this as regular network traffic. For individual home
users, the most popular firewall choice is a software firewall. A good software firewall will protect your computer from
outside attempts to control or gain access your computer, and usually provides
additional protection against the most common Trojan programs or e-mail worms.
The downside to software firewalls is that they will only protect the computer
they are installed on, not a network.
It is important to
remember that on its own a firewall is not going to rid you of your computer
virus problems, but when used in conjunction with regular operating system
updates and a good anti-virus scanning software, it will add some extra security
and protection for your computer or network.
Source: Webopedia (except where noted)
Call or email Salem Computer Doctors today for FREE Anti-Virus Software for home users!
Salem Computer Doctors
(540) 330-4279
Copyright 2008 Salem Computer Doctors, Salem Virginia / All rights reserved.