Professional Documents
Culture Documents
Social Engineering:
Implementation Bug:
Abuse of Feature:
System Misconfiguration:
Masquerading:
Preparing to do Battle
In general, how do viruses work? Well, first, the author
has to write the executable code required to carry out the
virus's activation process. What does the author want the virus
to accomplish? Should it reformat your hard drive? Delete JPG
files? Mail copies of itself to your friends and coworkers?
Making any of this happen requires executable code of some
kind. Second, in order for this code to execute, the virus needs
to be activated. The usual way a virus's executable code is run
is the direct method: some unwary user receives an e-mail
attachment called "Double-Click Here for Some Real Fun.exe"
or something equally enticing. This runs the program and the
virus is unleashed.
As easily avoided as this result seems to be—it still works
far more often than it should—virus writers have discovered a
number of other, less obvious techniques for getting a virus to
take over your computer. Let's take a look at some of these
techniques, beginning with the question of what constitutes
executable code, then I'll move on to examine several sneaky
activation methods. These activation methods are particularly
important, as this is how you'll unhook viruses from your
system in order to regain control of it following an infection.
Hacker, H4x0r5, crackers and black hats are all terms for
those individuals that KFSensor is ultimately designed to detect
and offer protection from. The term hacker is used in this
manual to cover all such individuals.