Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against T...
Download
1 / 37

Understanding Computer Viruses: What They Can Do - PowerPoint PPT Presentation


  • 375 Views
  • Updated On :

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Classroom Activities Guide What is a computer virus? A computer virus is a malicious program that spreads from computer to computer. Viruses, Worms, Trojan Horses

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Understanding Computer Viruses: What They Can Do' - issac


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Slide1 l.jpg

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them

Classroom Activities Guide


What is a computer virus l.jpg
What is a computer virus? People Write Them and How to Defend Against Them

  • A computer virus is a malicious program that spreads from computer to computer.


Viruses worms trojan horses l.jpg
Viruses, Worms, Trojan Horses People Write Them and How to Defend Against Them

  • Have you heard other names for malicious computer programs?

    • Viruses, Worms, Trojan Horses

  • There are technical differences between each of these, but all of them attempt to run on your computer without your knowledge.


Malware l.jpg
Malware People Write Them and How to Defend Against Them

  • The most general name for a malicious computer program is malware.

  • You may have heard computer programs called software.

  • The word malware comes from MALicious softWARE.


How does malware invade your computer l.jpg
How does malware invade your computer? People Write Them and How to Defend Against Them

  • You have probably heard of some ways that malware can invade your computer.

  • What are they?

    • Through email attachments

    • By clicking on a web link when surfing the web

    • By downloading a program that claims to be a game or cool picture

    • Others?


Front door attacks l.jpg
Front Door Attacks People Write Them and How to Defend Against Them

  • What do many of these attacks (through email, web browsing or downloads) have in common?

    • They all require the actions of a legitimate user.

  • They can be considered “front door” attacks because a user is tricked into opening the door for the attack through their action.


Understanding front door attacks l.jpg
Understanding Front Door Attacks People Write Them and How to Defend Against Them

  • The key to understanding front door attacks is that when you run a program it runs with *all* your rights and privileges.

    • If you can delete one file, any program you run can delete all your files.

    • If you can send one email, any program you run could send thousands of spam emails.

  • This includes any program you run even accidentally by opening an email attachment or clicking on web link.


Back door attacks l.jpg
Back Door Attacks People Write Them and How to Defend Against Them

  • Not all attacks require action by a legitimate user.

  • “Back door” attacks target vulnerabilities in server software that is running on your computer.

  • Server software is software that listens for requests that arrive over the network and attempts to satisfy these requests.

    • A web server is an example of server software.


Are you running any servers l.jpg
Are you running any servers? People Write Them and How to Defend Against Them

  • Most home computer users think they are not running any server software.

  • However you would be surprised.

  • For example, most default installations of Windows run a number of network services by default.


How can you check l.jpg
How can you check? People Write Them and How to Defend Against Them

  • At a Windows command prompt, type the command “netstat –an”.

  • It will display a list of server software that is listening for requests over the network.


Things to notice in the list l.jpg
Things to Notice In the List People Write Them and How to Defend Against Them

  • The server listening on port 135 was attacked by the Blaster worm.

  • The server listening on port 435 was attacked by the Sasser and Korgo worms.


Server software l.jpg
Server Software People Write Them and How to Defend Against Them

  • Server software is designed to provide useful features.

    • For example, server software allows you to mount files from other computers or share printers between computers etc.

  • So how then can server software be used to attack a computer?


Legitimate vs illegitimate requests l.jpg
Legitimate vs. Illegitimate Requests People Write Them and How to Defend Against Them

  • Basically server software receives a request over the network, examines the request and decides if it can satisfy the request

    • Legitimate requests do not cause an attack.

    • Most illegitimate requests do not cause attacks either because the server simply answers that it does not understand or cannot satisfy a request.


Carefully crafted devious requests l.jpg
Carefully crafted, devious requests People Write Them and How to Defend Against Them

  • To attack server software, authors of malware do not just send any old illegitimate request.

  • They send very carefully crafted illegitimate requests that exploit a weakness or flaw in the server software.


What is an example of such a weakness part 1 l.jpg
What is an example of such a weakness? (part 1) People Write Them and How to Defend Against Them

  • When programmers write server software, they write it to listen for requests that come in over the network.

  • They might assume that no request will ever be longer than 1000 letters long.

  • This might be a perfectly valid assumption for all reasonable requests, but an attacker might send a request that is 100,000 letters long.


What is an example of such a weakness part 2 l.jpg
What is an example of such a weakness? (part 2) People Write Them and How to Defend Against Them

  • If the server only left room for 1000 letters, then the rest of the letters may get copied over the legitimate program instructions.

  • Thus, the request sent by the attacker takes the place of the legitimate program instructions and the server starts to execute the attackers code instead.


Buffer overflow attacks l.jpg
Buffer Overflow Attacks People Write Them and How to Defend Against Them

  • This type of attack is called a “buffer overflow attack” because it overflows the buffer of space left for a request with too many characters.

  • Such an attack could be prevented if the server always checked for requests that are too long.

    • Sometimes programmers neglect to do that and this is what produces the weakness or flaw that is exploited by the attacker.

    • If you are learning to program, you should know that you can prevent many viruses by following good programming practices.


Buffer overflow attacks aren t easy l.jpg
Buffer Overflow Attacks Aren’t Easy People Write Them and How to Defend Against Them

  • The attacker must

    • Know how long of a request to send

    • Send precisely the right data that can be interpreted as instructions by the server

    • Find a machine running a server with that weakness.

  • If the attacker sends the wrong data, the server might crash instead of running the attackers instructions.


Exploiting a weakness l.jpg
Exploiting a weakness People Write Them and How to Defend Against Them

  • If an attacker crafts an attack that works on their local machine then chances are that it will work on many other machines.

  • Attackers tend to target the most common computing platform – Windows – so that their attacks will impact the most machines.


What do viruses do l.jpg
What do viruses do? People Write Them and How to Defend Against Them

  • Once an attacker manages to exploit a weakness, they can run any code they want on the victim’s machine.

  • Attack codes vary in what they try to do.

  • Have you ever suffered a computer attack? What happened to your machine? How hard was it to recover?


What does malware do l.jpg
What does malware do? People Write Them and How to Defend Against Them

  • Some attackers just want to see if they can make an attack succeed.

    • The malware they write may simply displaying something to the user or announce its presence in another way.

  • Other attackers want to do damage to others without trying to benefit directly.

    • The malware they write might delete files or otherwise corrupt the system.


What does malware do continued l.jpg
What does malware do? (continued) People Write Them and How to Defend Against Them

  • Still others try to write malware that steals information from the victim.

    • The malware they write might search for credit card numbers or other personal information and send it back to the attacker.

    • Spyware might watch for victim’s passwords or otherwise spy on their online activity.


What does malware do continued24 l.jpg
What does malware do? (continued) People Write Them and How to Defend Against Them

  • Still others write malware that uses the victim’s computer for their own purposes.

    • Use it to store files (often illegal) and make them available to others – shifting liability away from the attackers.

    • Use it to attack other computers – making it harder to trace the attack to its real source.


Self replicating l.jpg
Self-replicating People Write Them and How to Defend Against Them

  • Regardless of its other goals, a large percentage of malware tries to spread itself automatically.

  • Malware programs may try to spread by

    • Sending out email with infected attachments.

    • Send out carefully-requests back door attack packets.


Consequences of attacks l.jpg
Consequences of Attacks People Write Them and How to Defend Against Them

  • If you have ever been attacked by a computer virus, you know the damage it can cause

    • Your computer can begin to run very slowly and constantly pop-up annoying messages that make it difficult to do anything productive.

    • Having the virus removed by a technician can be expensive and time-consuming.

    • The virus itself may destroy irreplaceable files like family pictures or videos. Even if the virus itself does not cause data loss, often the process of removing the virus can require reinstalling the operating system and all the programs.

    • Your credit card or other private information can be stolen.


World wide damage estimates l.jpg
World-wide damage estimates People Write Them and How to Defend Against Them

  • Computer viruses cause a huge amount of damage worldwide.

    • Damages from just one virus (The I Love You Virus) are estimated at $10 billion dollars. It is also estimated that 45 million people worldwide were affected.

  • Costs come from restoring damaged systems, replacing lost information, steps taken to prevent attacks and steps taken to prepare to recover from attacks.


Slide28 l.jpg
Case People Write Them and How to Defend Against Them

  • Jason, a 16 year old honor student, wrote a computer virus that causes 4 billion dollars of damage and impacted countless home and business computers. The authorities traced the virus to him. Jason says that he is very sorry and didn’t mean for it to get so out of hand. He said he was just fooling around to see if he could do it.


Discussion l.jpg
Discussion People Write Them and How to Defend Against Them

  • How would you feel if you were a friend of Jason’s?

  • How would you feel if you had lost your entire MP3 collection or a book report you had worked on for 3 weeks?

  • What type of punishment would recommend in this case?


Blackhat vs whitehat l.jpg
Blackhat vs. Whitehat People Write Them and How to Defend Against Them

  • Blackhat computer hackers look for flaws in software to exploit them or break into computer for malicious purposes.

  • Whitehat computer hackers look for flaws in software to fix them or attempt to break into computers to audit their security.


What do whitehat hackers do l.jpg
What do whitehat hackers do? People Write Them and How to Defend Against Them

  • Analyze server software for flaws that could be exploited and recommend fixes.

  • Analyze new viruses or malware to characterize what they are doing and to build patches.

  • Audit the overall security of computer systems.


Defenses l.jpg
Defenses People Write Them and How to Defend Against Them

  • Even if you are not whitehat hacker there is a lot you can do to defend your computer against attack

  • Defending against front door attacks means being careful about what programs you run and what attachments and links you open

  • Defending against back door attacks means knowing what services are running on your machine and keeping them patched


Defending against front door attacks l.jpg
Defending against front door attacks People Write Them and How to Defend Against Them

  • 1) Be careful opening email attachments even from friends.

  • 2) Be careful clicking on web links found on less reputable web sites.

  • 3) Beware of free downloads that seem too good to be true.

  • 4) Use a good virus scanner and keep your virus signatures up-to-date.

  • 5) Consider using less popular email readers and web browser software.( Attackers target the most popular software.) There are excellent and free open source options.


Defending against back door attacks l.jpg
Defending against back door attacks People Write Them and How to Defend Against Them

  • 1) Use netstat to see what services are running.

  • 2) Periodically check to see if any new services have been started.

  • 3) Keep your server software patched and up-to-date.

  • 4) Consider shutting down any services you do not need.


Prepare to recover from an attack l.jpg
Prepare to recover from an attack People Write Them and How to Defend Against Them

  • No matter how careful you are it is still wise to prepare to recover from an attack if one does occur.

    • 1) Back up your personal data such as digital pictures, letter and papers you’ve written, your address book, etc.

    • 2) Keep track of the software you’ve installed on your computer including where you got it and any activation keys you paid for.


Review questions l.jpg
Review Questions People Write Them and How to Defend Against Them

  • What is a front door attack? What are some examples?

  • What is a back door attack? What are some examples?

  • Give some examples of what malware tries to accomplish.

  • Describe ways that whitehat hackers try to make systems more secure.

  • Describe things you can do to secure your computer against attack.


Conclusion l.jpg
Conclusion People Write Them and How to Defend Against Them

  • Knowing the different kinds of attacks and the goals of attackers can help you understand how better to defend yourself.


ad