Irrespective of hacking, it is very important for one to have an idea about viruses.A computer virus is one of thousands of programs that can invade computer systems (both IBM PC and Macintosh) and perform a variety of functions ranging from annoying (e.g., popping up messages as a joke) to dangerous (e.g., deleting files or destroying your hard disk). Trojan horses or worms are specific types of clandestine programs (loosely categorized as viruses) and can be just as dangerous. For simplicity's sake, future mention of viruses in this document will refer to viruses, trojan horses, and worms taken as a whole.
Classification of computer viruses
There are many types of computer viruses:
Boot sector virusA boot sector virus occupies the boot sector of a floppy disk or hard disk and loads into memory during the boot-up process. Once in memory, it will attempt to infect the boot sector of any floppy disk that is used in the computer system.
Executable load virus
This type of virus attaches itself to executable files and installs itself on the system whenever the executable file is run. Once in memory, it will attempt to infect other program files by attaching itself to them.
Polymorphic virus
A polymorphic virus is a virus that encrypts itself, changing it's 'signature' so that it is difficult to detect by anti-virus software, by using a 'mutation engine' to change the appearance of the virus in an attempt to evade detection and destruction.
Macro viruses
A macro virus is one written in a programming language embedded inside another document, such as a word processor document or spreadsheet document. The software suite most targeted by macro viruses is the Microsoft Office suite of applications, but any application that contains a complex embedded macro language can be used to write such a virus.
Trojan horses
Although technically not a virus, the Trojan horse posses a greater threat to the integrity of your computer system's privacy than any other attack. A Trojan horse must be installed on your machine either by direct access (by a hacker using a floppy, etc.), or installed using the 'executable load' payload method described above. Once installed, the virus begins to log every key press made on the keyboard into a log file, which it then e-mails to the hacker covertly upon you connecting to the internet.
The key log file may contain credit card numbers, personal information, or network or e-mail passwords which often leads to Trojan horses being labelled 'password-sniffers'.
Worms
Worms possess the ability to replicate themselves independently of human interaction, while using polymorphic engines to disguise their movements. They are often designed to read the computer users contact e-mail lists from something like Outlook Express, and then e-mail themselves to every address within that list.
Worms copy themselves from computer to computer rather than from file to file, and because they require no human help to do so, they can spread much more rapidly than regular computer viruses, in extreme cases they can cause e-mail servers to crash with the resulting excessive e-mail traffic that is generated.
Zombies
Zombies may remain dormant on a computer system for an extended period of time. They are normally programmes used by hackers in a coordinated attack on a system, whereby the hacker triggers the Zombie remotely to aid his/her attack on the computer system or network, creating a 'back door' into the system by weakening security devices or programs.
Although Zombies cause no actual damage to a computer system, their presence on the system is unwelcome. Like many other types of virus, they can be received by e-mail or else have to be physically installed onto the targeted system.
No comments:
Post a Comment