Computer
Corner : Computer Viruses
by Bob Hubbard
With
the ever-growing increase in email traffic, viruses are a constant threat
to the computer user. In the old days, viruses were limited to those
who shared infected software. Today, with around 1/5th of the world’s
population online, and the ever-growing dependence on the Internet as
a communications medium, viruses are a major threat.
So,
what is a virus? We’ve all heard the terms ‘virus’,
‘worm’, ‘trojan horse’, and more, but what are
they exactly? Aren’t they all the same thing? Not really. In this
column, I’ll define what a virus is, what the differences between
a virus and a worm are, why you should care, and what you can do to
protect yourself.
1.
What is a computer virus?
The
word virus is often used very generally when we normal computer users
talk about unwished programs we have got into our computers. What we
often carelessly call a virus is actually a trojan or worm. A real computer
virus is a (hostile) program, that is capable to reproduce it self and
infect other programs.
The victim of these infections usually doesn’t care what they
are called; the important question is how to get rid of it, preferably
without losing any data. Knowing a bit about them however can ease the
panic, and speed the safe recovery of your system. Panic reactions often
cause the bigger part of the costs of virus infections.
Viruses are little programs. They have to be executed to be able to
make harm. A virus that is not executed is not an immediate risk. Therefore,
it is very important to not allow e-mail programs to automatically open
attachments.
Not all viruses are “dangerous” to the computer. Some of
them just play music, show text or a picture. But although the virus-writer
didn’t mean to make any harm, these “innocent” joke-viruses
might be malicious. Most virus-writers are no stars of programming,
and bugs in their code can cause trouble when the virus is executed.
2.
What is a Worm?
Unlike
a virus, a worm doesn’t need to infect other programs. It reproduces
itself and spread mostly via e-mail. Some worms use different means
to work their way around the Internet. In the late 1980’s, the
infamous ‘Morris Worm’ brought the Internet to a virtual
standstill by exploiting holes in the Unix operating system. Worms will
often scan the system they are attacking for email addresses and use
that information to launch the next phase of their attack. Because of
this, worms can spread very quickly.
Many worms attach a document from the infected computer when they send
themselves to various addresses. Recent worms include Code Red, SoBig
and Blaster.
Some worms, including Klez H, inactivates the anti-virus program in
the infected computer, and destroys the ant-virus program file system.
Often a worm will take an address from either the address book or from
another source on the system and use that as the “sender”
address when it attacks other systems. Forged and falsified sender information
is a common trick used by the current worms. If it also takes a document
from the computer, it may be very difficult for the recipient to separate
it from a normal mail with attachment. This increases the risk that
the attachment is opened and another computer infected.
It’s very common that worms use a bug in a mail program, some
version of Outlook Express for example, that makes the attachments open
automatically. The receiving computer then will be infected as soon
as the message is read.
3.
What is a Trojan?
“The Trojan horse” is well known from Greek history. The
Trojan Horse was an instrument of war used by the Greeks to gain access
to the city of Troy. The horse appeared to be a gift, but in fact had
an enemy hidden inside. In safety of darkness the Greek soldiers could
beat the guards and let their army in to town, and the Greeks won a
great victory.
In the computer world the word Trojan stands for something similar,
but more technical. A trojan is a program, hidden in something looking
friendly or useful. When installing the nice program, game or whatever
it is, you also install the trojan. This makes it possible for a malicious
hacker to take full control over your computer and all that is in it.
You can get a trojan into your system together with a program you install.
Trojans can be a part of a virus or worm, they can be a component of
an other trojan. A site-owner might place them in your computer when
you visit a website, by making it be a part of a Java applet, a ActiveX
control or something else, that is executed on the visitors computer.
An other way to place trojans, is to hide them in e-cards, congratulation
cards, Christmas cards, Easter cards, Happy New Year cards and so on,
sent to the victim via e-mail. It’s easy to hide the trojan in
the card contents to make effects on the screen. If this is done, the
victim gives the hacker free entrance to the computer when he starts
the nice greeting. Or let out a virus or a worm...
Why
should you care?
When your computer is attacked, you run the risk of:
· Losing all data stored on your computer
· Information could be stolen from you or your company
· Your computer could be used to attack other computers
· You could be held liable in court if your network was not deemed
secure.
· Your identity can be stolen.
· Increased chance of lawsuits due to hacker-inflicted damages.
· Your passwords can be stolen.
Think
about all the information you have on your system. Usernames and passwords.
Credit card numbers or bank account information. Important phone numbers.
All of this and more can be stolen or destroyed or changed when your
system is attacked successfully.
Wait
you ask, who would want to target me? I’m a nobody. Well, that
may be true. But, it doesn’t matter. Computers are attacked for
many reasons. A few are:
Fun, Excitement, or Fame:
· Exciting and thrill-seeking for inexperienced attackers
· Experienced attackers brag about accomplishments
· Fame – recognized in print for their “work”
Revenge:
· Former employees getting even with employers. 57% of security
breaches are by insiders
Steal Information:
· Company’s proprietary information
· Company’s customer information (credit cards)
· Personal information from home computers
· Passwords or system information from systems other than the
one broken into
Denial of Service:
· Computer may be attacked for sole purpose of being used to
conduct denial-of-service or other malicious attacks on other computers
Storage Space:
· Attackers store pirated material on unsuspecting computers
· Continuously connected computers allow other pirates to download
material from systems used as storage
Cover Their Tracks:
· Make it difficult for law enforcement to track them
Intercept Passwords:
· Packet sniffers record transmitted information and Keystroke
recorders record all keystrokes
SPAM:
· Many compromised systems are used to send out SPAM. Much of
the junk email that we receive is sent out by these compromised systems.
The recipients often direct their anger at the owner of the pc, rather
than the real culprits.
Ok,
so how do you protect yourself?
As
in any battle, defense is key. In the battle against the viruses, I
recommend a multi-layered defense. This consists of good computing practices,
up to date anti virus software on your system, and a well-maintained
firewall to help block the attacks.
Lets
look at good computing practices first.
· Use hard to guess passwords. “Bob” is an easy one.
“56as34rt” is much harder to guess.
· Memorize your password
· Don’t share password with others
· Don’t write password on a sticky note stuck to monitor
· Disable file and printer sharing in Windows
· Install a personal firewall such as Zone Alarm or SyGate
· Keep programs on your system updated by installing the latest
patches
· Regularly check your system for SpyWare. Spyware are hidden
programs installed while you websurf.
Installing
a quality anti virus program is also essential today. The days of “I’ll
just reinstall if I get hit” are long past. Proper configuration
is also essential as is weekly or even daily updating of it to keep
you ahead of the enemy. An out of date anti virus package is actually
worse than not having one due to the false sense of security you can
have. Most anti virus software allows for automatic updating. I strongly
encourage you to use it, as most folks, myself included always mean
to do it, but usually forget.
Also,
be certain to have an up to date personal firewall. Do not depend totally
on your ISP to filter for you. Most do not. Many of us run DSL or Cable
and use the $100 ‘cable routers’ which come with some firewall
capabilities. These are a good first line of defense when properly configured.
For a second line, I strongly recommend the installation of a personal
firewall. The best of these will also allow you to block both outgoing
and incoming traffic. Worms are rendered impotent when they can’t
get in or out.
In
conclusion, viruses are a major threat today, but with a combination
of knowledge, and proper defense, we can keep our systems clean, our
data safe, and our lives less stressed. I will end with a list of information
for those seeking further information. Thank you.
Anti
Virus Software Vendors:
· AVG Anti-Virus Free antivirus software. www.grisoft.com
· F-Protect www.f-prot.com
· Norton : www.symantec.com
· Mcafee : mcafee.com
· Panda Software Antivirus : www.pandasoftware.com
·Trend Micro: www.trendmicro.com
Windows Update: windowsupdate.microsoft.com
FireWalls:
Zone Alarm: http://www.zonelabs.com
SyGate:
http://sygate.com/
SpyWare
Removal:
Ad Aware:http://lavasoft.de
SpyBot
: http://www.safer-networking.org/
Further
Reading:
Robert Morris Worm:
http://www.swiss.ai.mit.edu/6805/articles/morris-worm.html
General
Virus info:
http://antivirus.about.com
This is a great resource with more links, news and tools to help you
win the war.
===
Bob
Hubbard is an administrator of the popular martial arts portal site
MartialTalk.com and president of SilverStar WebDesigns inc., a web site
design and hosting company specializing in affordable solutions for
martial artists. A student of all the arts, he is currently studying
Modern Arnis.
Bob
can be reached at kaith@martialtalk.com
Originally
Published September 2003 MartialTalk Magazine
Copyright ©2003 Bob Hubbard - All Rights Reserved