TCS Special Program Virus, and How to Avoid Them - PowerPoint PPT Presentation

tcs special program virus and how to avoid them n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
TCS Special Program Virus, and How to Avoid Them PowerPoint Presentation
Download Presentation
TCS Special Program Virus, and How to Avoid Them

play fullscreen
1 / 53
TCS Special Program Virus, and How to Avoid Them
4096 Views
Download Presentation
bernad
Download Presentation

TCS Special Program Virus, and How to Avoid Them

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. TCS Special ProgramVirus, and How to Avoid Them

  2. Fine Print • My views, not necessarily those of the Tulsa Computer Society • Apologies to Symantec / Norton Anti-virus • Concepts here are basic, given time constraints (but it is simple until you get infected) • There are always exceptions and nuances to the issues discussed

  3. The Basics

  4. What are the Basics? • Practice Safe Computing • Install an Anti-Virus (AV) program and keep it up-to-date • Inform yourself with the facts, taken with a grain of salt

  5. Definitions

  6. What Is a Computer Virus? • A computer virus is a program that infects an executable file (such as a program, start-up record, or macro) and replicates, infecting neighboring files without the knowledge of the PC user

  7. Most viruses are relatively harmless • Some may cause random damage to data files and program files • Some are intended to destroy files • All viruses use resources by using disk space, memory, CPU processing time, and the time and expense in detecting and removing them

  8. What Is a Trojan Horse? • A Trojan horse, like a virus, may damage computer files • It is usually a single program, that like the old Greek trick, does something that the user does not expect • A Trojan horse does not replicate like a virus does

  9. What Is a Dropper? • A dropper is a program which installs a virus or Trojan Horse, often covertly

  10. What Is a Worm? • A worm is a rogue program which spreads (usually) over network connections • It is not to be confused with a WORM CD drive, an acronym for Write Once, Read Many (times) • Worms are uncommon and are most often programming errors

  11. What Do Viruses Do? Like a biological virus, computer viruses infect: • Other executable program files • Data files containing macros, especially Word and Excel macros • Operating system program files • Special disk program files called boot records and master boot records that your computer uses to start up

  12. What Do Viruses Do? • Infect an executable file that is attached to an e-mail message • Destroy files or simply replicate or display messages such as “this computer is stoned”

  13. What Do Viruses Not Do? • Cause hardware damage (usually)

  14. How Do You Get Virus?

  15. A computer can get a virus by running an infected executable file, usually from a floppy disk, E-mail attachment or downloaded from the Internet

  16. A Computer Cannot get a virus by opening a pure data file or E-mail text

  17. Risky Business (Behavior that may infect your computer)

  18. High Risk Profile • Network connection without professional administrator • Internet connection • No anti-virus software running • High modem use • Many downloaded programs from local BBSs or unknown internet pages

  19. High Risk Profile • Distribute and receive files, especially on floppy disks • Use pirated software • Collect bargain software from unknown sources

  20. High Risk Profile • Trade computer games • Let other people use your computer or use computer lab equipment • Use recycled floppy disks of unknown origin or floppies someone else has formatted

  21. Medium Use Profile • Network connection • Some downloaded programs from local bulletin boards or unknown internet pages • Use recycled floppy disks of unknown origin or floppies someone else has formatted • Use shared network programs

  22. Medium Use Profile • Share files on floppy disks • Buy bargain or “swap meet” software

  23. Low Risk Profile • No network connection • Modem use for e-mail with few or no downloaded programs or downloads from commercial web pages and bulletin boards • Use just a few applications regularly

  24. Very Low Risk Profile • Single-user PC • No network connection • No modem • Only use shrink-wrapped software from reputable dealers • Scan all floppy disks before first use • Doesn’t receive files on floppy disks

  25. How to Avoid Infection

  26. There is no way to guarantee that you will avoid infection. However, the potential damage can be minimized by taking the following precautions:

  27. Make a Clean Boot Disk • Make a boot disk • Add essential program files to it • Scan it with AV software • Write-protect it • If you suspect an infection, boot from it then run AV software

  28. Use Anti-Virus Software • Use reputable, up-to-date and properly-installed AV software • Update AV software virus definitions regularly • Scan floppies and HDD with AV software regularly • Scan programs before installation

  29. AVAST! AVP Avscan Dr. Web F ‑Prot McAfee and Dr. Solomon's (both owned by Network Associates) Norton (Symantec) Sophos sweep Thunderbyte Virus ALERT! Virusafe Panda Others???? Anti-Virus Software Programs

  30. Do Some Reading • If you're a home user, you may well get an infection sooner or later. If you're a business user, it will be sooner. Either way you'll benefit from a little background reading.

  31. What to Read • Computer Magazines • PC World, Ziff Davis, WinMag, etc. • AV Documentation • If you use a shareware/freeware AV package, print a hard copy of the documentation before you get an infection • AV Software help files

  32. What to Read • Other types of resources • web pages like • CNet • http://www.tcs.org/ • http://www.symantec.com/avcenter/ • newsgroups (alt.comp.virus) • Frequently Asked Questions (FAQ's) • Key word search on “computer virus”

  33. Other Safety Measures • Make sure both your home and work systems are protected • Get to know your AV software • If you're a business user, you need an enforceable virus policy • Practice Safe Computing • BACK UP YOUR DATA

  34. Business Cost of Virus Attacks

  35. Business Costs • Training a response team • Taking the team from their real jobs or hiring consultants when infection occurs • Cost of AV software • Cost of maintaining upgrades, subscriptions and tracking technological changes

  36. Business Costs • Educating employees in the virus issues and safe computing • Cost in time of routine anti-virus measures, such as scanning hard disk drives • Cost of servicing false alarms

  37. Business Costs • Resource utilization by undetected viruses • Formulating and enforcing a backup policy • Formulating and enforcing anti-virus policy

  38. Personal Costs of Virus Attacks

  39. Personal Costs • Cost of AV software • Cost of maintaining upgrades every six months • Subscriptions for virus definitions • Cost in time of routine anti-virus measures, such as scanning hard disk drives

  40. Personal Costs • Computer speed - something else for the computer to do • Software bugs

  41. My Experience With Virus Attacks

  42. Bloomington • 1992 from a clone vendor the office employed • Monkey • 1996 from working on a laptop while trying to find out why a PCMCIA card did not work. The virus was not the reason for the hardware problem

  43. Larue • 1998, Excel macro virus from an infected file sent over the office network • Anti CMOS A • 1998, found while scanning for the Larue

  44. Pretty Park • March, 2000, e-mail attachment • Numerous hoaxes

  45. Hype, Hoax and Myth

  46. Hype, Hoax and Myth are part of the Virus scene • The Internet is an ideal forum for information and misinformation

  47. Hype • By news media to sell news and entertain us • By virus software vendors to sell software or enhance the company net worth

  48. Hoax • Please Help! • Did you hear? Tell everybody you know! • Chain Letters

  49. Hoax (Virus) • This virus will explode your hard disk drive • That virus will set your monitor on fire • The other virus will infect your cat

  50. Myth • DOS file attributes (read only, hidden, system) protect executable files from infection • FDISK-ing your HDD will kill all viruses (it will certainly kill all your data)