Viruses, Worms, and Malicious Software
best defense is to become as informed as possible about how these forms of software work and how to employ operating system tools to thwart them. damage because users and system administrators have neglected to use the defenses already built into their operating systems. cost companies and individuals billions of dollars every year, from the expenses of recovering systems and purchasing antivirus software For this reason, viruses, worms, and Trojan horses are all classified as forms of malicious software (malware), disrupt normal computer and network functions. a virus is a program that is borne by a disk or a file and has the ability to replicate throughout a system, typically without the user’s knowledge until there is a visible outcome or problem. The user might first become aware of the virus by seeing a pop-up message or by discovering that specific files are damaged. Sometimes an operating system becomes extraordinarily slow, crashes, or even fails to boot. Some viruses lie dormant for a period of time and then strike—Viruses typically affect an executable program, a script or macro, or the boot or partition sector of a drive. Many are loaded into memory and continue infecting systems from there, as well as from executable files. Viruses spread in stages. The first stage involves transporting the virus from one medium or system to another. The virus may arrive by disk, by e-mail, or through a shared drive, for example. Once it is on a system, a portion or all of the virus may be attached to one or more files, memory, written to the boot sector or partition sector of a hard drive, or written to the Registry in a Windows-based system. The next stage, replicating throughout a system, is designed to spread the infection in that system. . For example, replication may occur from the boot sector each time the computer is booted, or from an executable file each time that file is run. A worm is a program that replicates and replicates on the same computer, or one that sends itself to many other computers on a network or the Internet. Worms often spread using methods such as buffer overflow Trojan Horses
A Trojan horse is a program that appears useful and harmless, but instead does harm to the user’s computer. Some Trojan horses also provide back-door access to a computer. A Trojan horse is typically a program that looks appealing, such as a game, a simple word-processing program, or a screen saver, but there is another program attached to it that is not harmless. Users often unknowingly obtain a Trojan horse by downloading it from an Internet or network site, and then may spread it further by giving a disk with the program to a friend, or by e-mailing the program. Spyware is software that is placed on a computer, typically without the user’s knowledge, and then reports back information—to an attacker or an advertiserSome types of spyware used by attackers can capture cookies or information written to cookies, so that the spyware operator can reconstruct a user’s every move on the Internet. There are several basic steps to take to protect an operating system from malicious software. These include:to disable the creation of cookies through your Internet browser snarfing spyware ; Installing updates Viewing what is loaded when a system is booted
Using malicious software scanners
Using digital signatures for system and driver files
Backing up systems and creating repair disks
Creating and implementing Security through organizational policies Web security through Browser Settings-browser settings also allow the user to customize security and privacy. Alert the User to the Type of Transaction The first type of setting is Warn if changing between secure and not secure mode. This alerts the user to the type of transmission taking place with the Web site he or she is visiting. Most Web sites use the HTTP protocol for sending data through...