|
1
|
|
|
2
|
- “A computer virus is a small program written to alter the way a computer
operates, without the permission or knowledge of the user.”
- Source: Symantec Security Response Website FAQ
- http://service1.symantec.com/SUPPORT/nav.nsf/aab56492973adccd8825694500552355/024c927836400f528825675100593eb2?OpenDocument&src=sec_web_nam
- “A virus is a program that can enter a computer in many different ways
and can cause effects ranging from the simply annoying to the highly
destructive.”
- Source: Panda Software Website
- http://www.pandasoftware.com/virus_info/about_virus/keys2.htm
|
|
3
|
- Virus
- Worm
- Trojan
- Backdoor
- Combo
- Hoaxes
|
|
4
|
- Virus
- Ability to execute and replicate itself
- Infects files to “stay alive”
- Usually cause damage
- Typically enter without user knowledge
|
|
5
|
- Worm
- Similar to a virus
- Does NOT need to infect to “stay alive”
- Quick replication is the typical goal of a worm
- Can cause damage to files, etc
- Can/typically cause network congestion
- Can enter through any network connection
- Many times takes advantage of OS vulnerabilities
|
|
6
|
- Trojan
- Some type of executable (i.e. exe, com, bat, vbs, scr, etc)
- Usually attached to an email
- Looks desirable or critical to open and use
- Message typically entices user into executing the code.
|
|
7
|
- Backdoor
- Typically the result of a previous virus/worm/trojan infection/incident
- Makes computer available to unknown parties for undesirable purposes
- Email (spam) relay
- Web proxy or server
- DDoS
- Remote control
|
|
8
|
- Combo
- Combines characteristics of the previous basic types to produce nasty
results
- Can cause system damage
- Can open backdoors
- Can perform data gathering (i.e. credit card, bank account, password
info, etc)
|
|
9
|
- Hoaxes
- Usually harmless but irritating
- Some may try to convince user to delete system files
- Most try to convince people to send to everyone in their address book
- Examples
|
|
10
|
- Virus
- Worm
- Trojan
- Backdoor
- Combo
- Hoaxes
|
|
11
|
- Removable Media
- Network (LAN)
- Internet
|
|
12
|
- Removable Media
- Media types
- Floppy Disk
- CD/DVD
- Flash
- Tape
- Older viruses typically spread via floppy disk
- Newer still can spread via media, but most use Network or Internet
methods
|
|
13
|
- Network (LAN)
- Passed between peers on a local network
- Passed via files on a local network file server
- Could make initial entry via removable media or the Internet
- Operating system vulnerabilities
- Other software vulnerabilities
- Can spread without any user interaction
|
|
14
|
- Internet
- Most common entry point for viruses today
- Email currently most prevalent
- Just visiting harmful websites
- File downloads
- Especially peer-to-peer (P2P) type downloads like Kazaa
- IRC and IM services
- Operating system vulnerabilities
- Other software vulnerabilities
- Can spread without any user action
|
|
15
|
- Removable Media
- Network (LAN)
- Internet
|
|
16
|
- Use an Antivirus Program
- Use email/spam filtering
- Keep your OS and other software patched!
- Practice “safe” computing
- Use an Internet firewall
- Maintain good backups
- Stay informed
|
|
17
|
- Use an Antivirus Program
- Should be INSTALLED and used for prevention – not just for reactive
disinfection!
- Should UPDATE *SIGNATURE/DEFINITION files regularly!
- At the very least update daily.
- *Note: Virus signature or definition files are provided and maintained
by antivirus software companies. These files are constantly updated and
are what allow the antivirus software to identify (and in many case
clean) viruses.
|
|
18
|
- Use an Antivirus Program
- A good antivirus program should:
- Auto-update at regular intervals
- Auto-update when new viruses appear
- Offer protection when using email and/or the web
- Should be easy to use
- Should NOT be a system resource “hog”
- Provide 24x7 support
- UPDATE! UPDATE! UPDATE!
|
|
19
|
- Use email/spam filtering
- Additional email and spam filtering software may also be desirable
- Services such as this may be available from your ISP or mail hosting
provider.
- Filtering services are in many cases a better option for email and
spam filtering as they do not consume your valuable computer
resources.
- MapleNet and MapleData offer postini email spam and virus
pre-filtering services.
|
|
20
|
- Keep your OS and other software patched!
- New vulnerabilities are frequently found in Operating Systems (i.e.
Windows XP) that allow virus and other malicious activities to take
advantage of your computer.
- http://windowsupdate.microsoft.com
- New vulnerabilities are frequently found in other software too that can
allow virus and other malicious activities to take advantage of your
computer.
|
|
21
|
- Practice safe & smart computing
- Email
- DISABLE the preview pane in Outlook/OE!
- Email “From” addresses are very often false (trivial to spoof)
- Must examine Internet Headers to see actual source IP of the message.
- Do not open email with attachments without verifying the sender
intentionally sent them.
|
|
22
|
- Practice safe & smart computing
- Internet Browsing
- Be cautious about the sites you visit
- Configure your browser to ask before running programs
- Ensure your antivirus software protects against programs on harmful
websites
- Be very careful about where you download files on the Internet.
|
|
23
|
- Practice safe & smart computing
- Do NOT forward hoaxes
- Research before forwarding that virus warning or taking action based on
an email from a friend.
- Urban Legends at About.com - http://urbanlegends.about.com
- Also handy for rebuking those ridiculous myths that float through
email!
- Hoaxbusters – http://hoaxbusters.ciac.org/HoaxBustersHome.html
- Norton - http://securityresponse.symantec.com/avcenter/hoax.html
- Panda Software - http://www.pandasoftware.com/virus_info/hoaxes/
|
|
24
|
- Use an Internet firewall
- Get firewall software for your PC (if you only have 1 PC)
- Get a router/firewall device for your home network (if you have more
than 1 PC)
- Becomes even more important if you have an “always on” broadband
connection
|
|
25
|
- Maintain good backups
- Backup important files on a regular basis.
- Businesses should be doing daily backups with off-site storage.
- Be careful to NOT restore a virus!
- XP restore features have been know to do this because anti-virus
software can not scan the restore files when the restore feature is
enabled.
|
|
26
|
- Stay informed
- Check antivirus software company and security websites often (at least
weekly)
- Norton – http://securityresponse.symantec.com/
- McAfee – http://www.mcafee.com/
- Panda – http://www.pandasoftware.com
- CERT – http://www.cert.org
- Security Focus – http://www.securityfocus.com
- MapleNet – http://www.maplenet.net/news_virus.php
- Subscribe to antivirus or security email lists
- SecurityFocus – http://www.securityfocus.com/archive
- CERT – http://www.cert.org
|
|
27
|
- Use an Antivirus Program
- Use email/spam filtering
- Keep your OS and other software patched!
- Practice “safe” computing
- Use an Internet firewall
- Maintain good backups
- Stay informed
|
|
28
|
- http://www.mapletronics.com
- http://www.mapletronics.com/training/
- http://www.maplenet.net
- http://www.mapledata.net
|
Notes
