Professional Documents
Culture Documents
BY
INDEX
v
5/4/12
VIRUS
What Is Computer Virus? History Of Computer Virus. Background Virus Through The Internet. Symptoms Of Virus Attack. Typical Things That Computer Viruses Do. Prevention of Virus.
WORMS
What Is Worms? History Of Worms. Anatomy of Worms. Types Of Worms. Harmful Effects Of Worms. Prevention of Worms
TROJANS
What Are Trojans? Types Of Trojans. What Trojans Can Do. Detection Of Trojans. Prevention of Trojans
v COUNTER-MEASURE
5/4/12
VIRUS
A computer virus is a computer program that can copy itself and infect a computer. term "virus" is also commonly used to refer to other types of malware, adware and spyware. can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer. its running, it spreads by inserting copies of itself into other executable code or documents
The
Viruses
Once
5/4/12
1981 Apple Viruses 1, 2, & 3 1980s Fred Cohen 1987 Lehigh Virus 1988 The first anti virus software 1990 The first polymorphic viruses 1991 Symantec releases Norton Anti Virus 1992 The Michelangelo Virus 1994 Kaos4 virus spreads via adult websites. 1996 The Concept virus
5/4/12
1999 The Melissa Virus 2000 The I Love You Virus 2001 The Code Red Worm 2003 The Slammer Worm. 2004 MyDoom
5/4/12
Background
There Over First
300 new ones are created each month virus was created to show loopholes in software
Today almost 87% of all viruses are spread through the internet (source: ZDNet) Transmission time to a new host is relatively low, on the order of hours to days Latent virus
5/4/12
Computer no longer boots up Screen sometimes flicker PC speaker beeps periodically System crashes for no reason Files/directories sometimes disappear Denial of Service (DOS)
5/4/12
files erratic screen behavior viruses do nothing obvious at all except spread!
the PC
Many
PREVENTION OF VIRUS
Most antivirus are capable of detecting and removal of major virus. Get the latest Anti-Virus Software. As prevention is concern use of any detection tool is preferred e.g. adware, spyware. Not to open any unknown source downloads. To prevent attacks. Even after using these precautions, if the virus creeps into your system, it can be detected in various ways apart from using a virus scanner for it. Always keep backup of your data/programs Keep floppies Write-protected (especially if they are bootable.)
5/4/12
5/4/12
WORMS
The
actual term "worm"' was first used in John Brunners 1975 novel, The Shockwave Rider. worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes and it may do so without any user intervention. a computer virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
A computer
Unlike
5/4/12
History of Worms
The first worm to attract wide attention, the Morris worm, was written by Robert Tappan Morris, who at the time was a graduate student at Cornell University. It was released on November 2, 1988
Morris
himself was convicted under the US Computer Crime and Abuse Act and received three years probation, community service and a fine in excess of $10,000.
5/4/12
Anatomy of Worms
5/4/12
TYPES OF WORMS
Conficker Worm Email and Instant Message Worms Internet Worms (Morris Worm) IRC Worms File-Sharing Network Worms Slapper Worm
5/4/12
uses a compromised system to spread through email, file sharing networks, instant messenger, online chats and unprotected network shares. files, corrupts installed applications and damages the entire system. or discloses sensitive personal information, Valuable documents, passwords, etc. worm installs a backdoor or drops other dangerous parasite. speed & System performance.
Connection
5/4/12
TROJANS
A Trojan The
horse or Trojan, is a destructive program that masquerades as an application. Trojan Horse, at first glance will appear to be useful software but will actually do damage once installed or run on your computer. are also known to create a backdoor on your computer that gives malicious users access to your system. viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate. well known Trojans:Net-bus,Girl friend, Back orrifice ,Flooder, Vundo Trojan etc.
Trojans
Unlike Some
PREVENTION OF WORMS
A personal firewall should be run on any system that is not behind a corporate firewall. This should be done on any computer that connects to the internet.
5/4/12
Patching is the act of downloading updates to the vulnerable operating system or application and applying the update to the program.
sometimes the worm can infect the system before the anti-virus software can detect it.
5/4/12
Types of Trojans
1) 2) 3) 4) 5) 6) 7) 8) 9)
Remote access Trojans Password sending Trojans Keyloggers Destructive Denial of service(DOS) Attack Trojans Mail-Bomb Trojans Proxy-Wingate Trojans FTP Trojans Software Detection Trojans
5/4/12
Use of the machine as part of a Botnet (e.g. to perform automated spamming or to distribute Denial-of-service.) Uninstallation of software, including thirdparty router drivers. Downloading or uploading of files on the network hdd. Watching the users screen. Spreading other malware? Such as viruses. In this case? The Trojan horse is called a
q q
5/4/12
Modification or deletion of files. Data theft(e.g. retrieving username or postal code information) Erasing or overwriting data on a computer. Encrypting files in a crypto viral extortion attack. Crashing the computer. Corrupting files in a subtle way. Setting up networks of zombie computers in order to launch Dodos attacks or send spam.
q q q q q
5/4/12
Spying on the user of a computer and covertly reporting data like browsing habits to other people. Logging keystrokes to stealing formation such as passwords and credit card numbers (also known as a key logger) Phish for bank or other account details? Which can be used for criminal activities. Installing a backdoor on a computer system
5/4/12
Detection of Trojans
a) b) c) d)
Suspicious open ports: Monitoring outgoing traffic: Detection tools: Start up files:
5/4/12
PREVENTION OF TROJAN
One of most important difference between Trojan and his friends is that it does not replicate. Thus limit the destruction. Anti-virus can detect and safely deleted the Trojan.
COUNTER-MEASURE OF
5/4/12
TROJAN,VIRUS,WORMS
Virus -Virus detection/disinfection software
5/4/12
WORMS
TROJANS
Acomputer A computer ATrojan, is WORM is a self- software that virus contained attaches appears to program (or set perform a itself it of programs), travels to a that is able to desirable programor spread function for file the user prior functional enabling it to copies of itself to run or spread from or its segments install, but to other one steals computer to computer information or systems (usually harms the another, via network leaving system connections). infections
TYPES
VIRUS
WORMS
TROJANS
1.Remote Access Trojans 2.Data Sending Trojans 3.Destructive Trojans 4.Proxy Trojans 5.FTP Trojans 6.security software disabler Trojans 7.DoS Trojans
5/4/12
1.Trojan Horse 1. host 2.Worm computer 3.Macro worms & 2.network worms.
VIRUS
WORMS
TROJANS
5/4/12
virus may exist the worm cause serious on your consumes too damage by computer but it much system deleting files actually cannot memory(or and destroying infect your network information on computer unlessbandwidth), your system. you run or open causing Web the malicious servers, program network servers and individual computers to stop responding
EXISTENCE
INDEPENDENT
5/4/12
VIRUS
WORMS
TROJANS
Unlike virus and worms Trojans do not reproduce by infecting other files nor do they self-replicate.
Propagation
VIRUS
WORMS
TROJANS
. Trojans are also known to create a backdooron your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised
5/4/12
virus does not Worms have a propagate and propagation infect other vector. i.e., it computers. will only effect one host and does not propagate to other hosts.
5/4/12
EXAMPLES Melissa
VIRUS
WORMS TROJANS
Nimda, Code Red I Love You
5/4/12
Bibliography
Virushttp:// en.wikipedia.org/wiki/Computer_virus Trojan http:// en.wikipedia.org/wiki/Trojan_horse Wormhttp://en.wikipedia.org/wiki/Computer_w orm Trojan Horses http://www.mpsmits.com/highlights/trojan_horses
5/4/12
THANK
YOU