Intro: Goals of the paper:
1. Set definitions for types of viruses.
2. Describe Viral Symptoms.
3. Understand how viruses are caught and spread.
4. Understand what you can do to delay or prevent Viral Attacks.
5. Be able to take appropriate actions while under
a suspected or actual viral attack.
Definitions: The
Computer Anti-Virus Community does not have a 100% Agreement on
what constitutes a virus. The definitions I am about to give
are accepted by a majority, but there are some variations..
1. VIRUS: A virus is a malicious,
but not necessarily destructive, unauthorized, self-replicating
string of computer code (or program). Argumentatively, a virus
is parasitic, meaning it copies itself from and to another program
and or system environment. Some people believe that a virus does
not need to be self-replicating or require a host.
2. TROJAN HORSE: A Trojan
Horse is a malicious, usually destructive program hidden within
what appears to be an interesting or useful program, e.g., a
spreadsheet, calendar program or a game. Argumentatively, some
people consider a trojan horse a virus. Trojan Horses, however,
are not self-replicating. Rather they rely upon unsuspecting
users to spread them.
3. LOGIC BOMB: A malicious
program set to "go off" under a certain set of circumstances,
when something happens, or does not happen. Examples would be
a date, a logon or the deletion of a user. These are generally
destructive. Some people consider Logic Bombs viruses. Like the
Trojan Horse they are not self-replicating. However, unlike a
Trojan Horse, a Logic Bomb maybe programmed into a Virus or even
a Trojan Horse. Logic Bombs are the most common means of employee
revenge and are often targeted to one system or company.
4. WORMS: By themselves
are non destructive, and are used to infiltrate systems. Worms
were originally used by system maintenance and administrators
to locate trouble spots, but they were mutated to gain illegal
access and passwords. The most troublesome worms are the ones
that are so poorly programmed that they cause too many copies
of themselves to infest a host machine, thus causing a system
overload, resulting in a system crash. A Worm is a stand alone
program (non-parasitic) that can be self-replicating that could
have a Virus or Logic Bomb as a "Payload". Some people
consider Worms a virus. The most famous Worm would be the Internet
Worm.
FAMILIARIZATION
1. TYPES OF VIRUSES:
2. HOW CAUGHT/ SPREAD:
3. SYMPTOMS: Each virus has its
own set of symptoms, just as human viruses do. What I am going
to give are generic symptoms and should not be considered exclusive
or all inclusive. These are some of the many different symptoms
As you can see these symptoms are very similar to
"common" computer malfunctions, and in fact, most symptoms
occur due to programming incompatibilities. The most "Successful"
viruses have no intentional payload, which would tip the user
to it's presence on the infected system. Notice, I have NOT
said a word about damaged hardware, that is because hardware
can NOT be damaged by software, and viruses are software.
While rumors abound about exploding monitors and engraved hard
drives, no one has yet to produce a hardware damaging virus.
4. COUNTERMEASURES:
The following are some steps to use to protect your
home system.
5. TAKE APPROPRIATE ACTIONS: When
you discover that you are infected or being attacked by a virus,
or if you suspect you may be under attack, take the following
actions:
VIRUSES ARE NOT SOMETHING TO EXPERIMENT WITH,
THEY ARE DANGEROUS.
Additional Reading:
The Following is a list of recommended additional
reading. While this list is not all inclusive, it is a good starting
point. All these books were written in the 90's and are relatively
current as for content.
COMPUTERS UNDER ATTACK: INTRUDERS, WORMS & VIRUSES
Edited by Peter J. Denning (1990, 150pp)
ROGUE PROGRAMS
Dr. Lance J. Hoffman (1990, 384pp)
COMPUTER VIRUS SURVIVAL GUIDE
David Stang (1991, 87pp)
PC VIRUS CONTROL HANDBOOK
Robert Jacobson (1990, 162pp)
EXECUTIVE GUIDE TO COMPUTER VIRUSES
Charles Rustein (1992, 60pp)
All the above books and more are available through
your local bookstore of from the National Computer Security Association
(NCSA) whose address is as follows:
ICSA
1200 Walnut Bottom Drive
Carlisle, PA 17013
http://www.icsa.net
Disclaimer: While as
a computer specialist, I realize some of what I have written is
over simplified or seemingly flawed. Please remember my target
audience is Viral beginners. This paper is not intended to be
all inclusive. For more information, contact your local library
or book store. This paper is only to provide basic working knowledge
of viruses and help the user protect themselves. I take no responsibility
for any infection, damage or data loss the reader may incur.
There is no 100% method, other than not using your P.C., to prevent
a viral infection. If you follow the above suggestions, you will
be fairly safe from infections.
The Author may be contacted:
on CompuServe at user # 72154,3302
Via Internet: kbechtel@bigfoot.com