Related Topics:| E-biz Advice | Internet Security |

Computer Viruses. What are they?

Computer viruses top the charts as the most significant computer security issues. It has become an increasing serious threat.


By corrupting network systems and desktops, viruses can render system downtime that may result in damages amounting to millions of Ringgit in losses and damages that cannot be measured, such as the possibility of public embarrassment. The damage caused by viruses is far greater than that caused by all other security threats combined.

 

The image of a hacker staying up all night trying to crack a network is out-of-date. Today, hackers want their targets to run programs that will comprise security. Thus, the computer viruses, trojans and worms have become the toy of choice for hackers, crackers and spies.

 

Many computer viruses steal data or even allow hackers to remotely access infected systems. The Pretty Park virus, for example, steal password files off PCs and posts them over a dozen IRC sites. Other viruses take files or data off targeted computers and e-mail them or post them. The Melissa virus, for example, recently caused a confidential document from Disney to be spammed to thousands of people.

 

The most effective way to stop computer viruses is to scan e-mail traffic. If e-mails are encrypted, they cannot be scanned for viruses. Always be careful if the attached file in an e-mail ends with .exe

 

Business entities always need to deploy layers of virus protection. The first line of defence should be at the Internet firewall and/or proxy server, where all Internet traffic (SMPT, HTTP and FTP) can be scanned for malicious code. The second line of defence should be internal e-mail servers. E-mail is the primary way information is sent through a business entity, and is thus the primary conduit for viruses as well. Finally, desktops and file servers should have virus protection as well.

 

If you want to minimise the risk of being attack by viruses, you should practice the following:

1.   Do not open any files attached to e-mail (especially .exe file) unless you know why it was sent to you and from trusted sources;

2.   Update desktop virus protection at least once a week or a month;

3.   Update server based virus scanners daily;

4.   Get the latest security patches from Microsoft (http://window-supdate.microsoft.com/default.htm?page=productupdates) or from any anti-virus software supplier whom you have bought the anti-virus software, at least twice a year;

5.   If you think you have a virus, get a free scan from Trend Micro at www.antivirus.com or alternatively consult your business associate or consultant to assist you.

Currently, there are three main categories of antivirus solutions: They are the behavioural monitors, checksummers and virus scanners.

 

Behavioural monitors detect viruses by examining the behaviour of a program execution.  It is the trait of patterns produced by the suspected program during its execution. If the execution patterns matched those stored in the database reference of the bahavioural monitors, the program is identified as a virus. On the contrary, if the behavioural monitors fail to match any pattern traits of an actual viral program, then the malicious program goes undetected and continues its devastating execution.

 

Checksummers are often sold as a default part of the operating system (OS) packages. Their operation begins at the initial phase of OS installation. During the OS installation, checksummers  record the sizes of system files. At a later stage, should a system file be detected for any size alteration, checksummers will alert the system administrator.

 

Virus scanners carry out the functions of detecting, preventing and correcting problems. At the detection stage, if a virus scanner fails to identify an existing virus, the virus will bypass the rest of the stages and will effect devastations on the hosts.


The detecting ability of virus scanners underlines the capability to recognise virus signatures. Using the analogy of human fingerprints, virus signatures are the 'fingerprints' of viruses, which uniquely identify each of them from others. Virus scanners store a list of virus signatures alongside their names in their databases.

 

A new strain of virus with different virus signature will fool the detecting mechanisms of virus scanners and will render virus scanners helpless. To be effective, virus scanners must have their databases constantly updated to store new virus signatures in order to identify new strains of viruses.


You should constantly update the virus scanners in order to increase the chances of thwarting new strains of viruses. However, not many users see the urgency and significance of updating their virus scanners regularly.

 

Some of the commonly available virus scanners available in the market are:

Norton Anti-Virus

Armour Anti-Virus

 

I want help                                         FreeAdvice  

 

 

Please contact Alvin For Advertising & Sponsorship Information

FINMART FreeAdvice® is the leading business advisory site for business people doing business in Malaysia. It provides advice relating to most common business problems and to help business people to understand the way how business should be properly conducted, but is not a substitute for personal business advice from the respective professional and experts. You are welcome to view FINMART FreeAdvice® for your own personal, non-commercial purposes, and subject to our legal disclaimer and conditions of use.  

©2000 FINMART. All rights reserved. Legal Disclaimer