INDEX VIRUS• What Is Computer Virus?• History Of Computer Virus.• Background• Virus Through The Internet.• Symptoms Of Virus Attack.• Typical Things That Computer• Viruses Do.• Prevention of Virus. WORMS• What Is Worms?• History Of Worms.• Anatomy of Worms.• Types Of Worms.• Harmful Effects Of Worms.• Prevention of Worms TROJANS• What Are Trojans?• Types Of Trojans.• What Trojans Can Do.• Detection Of Trojans.• Prevention of Trojans COUNTER-MEASURE OF TROJAN,VIRUS,WORMS DIFFERENCE BETWEEN VIRUS,WORMS & TROJANS
VIRUS A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly used to refer to other types of malware, adware and spyware. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer. Once it’s running, it spreads by inserting copies of itself into other executable code or documents
THE HISTORY OF COMPUTER VIRUSES• 1981 Apple Viruses 1, 2, & 3• 1980’s Fred Cohen• 1987 Lehigh Virus• 1988 The first anti virus software• 1990 The first polymorphic viruses• 1991 Symantec releases Norton Anti Virus• 1992 The Michelangelo Virus• 1994 Kaos4 virus spreads via adult websites.• 1996 The Concept virus
• 1999 The Melissa Virus• 2000 The I Love You Virus• 2001 The Code Red Worm• 2003 The Slammer Worm.• 2004 MyDoom
BACKGROUND There are estimated 30,000 computer viruses in existence Over 300 new ones are created each month First virus was created to show loopholes in softwareVirus through the Internet Today almost 87% of all viruses are spread through the internet (source: ZDNet) Transmission time to a new host is relatively low, on the order of hours to days “Latent virus”
SYMPTOMS OF VIRUS ATTACK Computer runs slower then usual Computer no longer boots up Screen sometimes flicker PC speaker beeps periodically System crashes for no reason Files/directories sometimes disappear Denial of Service (DOS)
TYPICAL THINGS THAT SOME CURRENTPERSONAL COMPUTER (PC) VIRUSES DO Display a message. Erase files Scramble data on a hard disk Cause erratic screen behavior Halt the PC Many viruses do nothing obvious at all except spread!
PREVENTION OF VIRUS• Most antivirus are capable of detecting and removal of major virus.• Get the latest Anti-Virus Software.• As prevention is concern use of any detection tool is preferred e.g. adware, spyware.• Not to open any unknown source downloads. To prevent attacks.• Even after using these precautions, if the virus creeps into your system, it can be detected in various ways apart from using a virus scanner for it.• Always keep backup of your data/programs• Keep floppies Write-protected (especially if they are bootable.)
WORMS The actual term "worm" was first used in John Brunner’s 1975 novel, The Shockwave Rider. A computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes and it may do so without any user intervention. Unlike a computer virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
HISTORY OF WORMS The first worm to attract wide attention, the Morris worm, was written by Robert Tappan Morris, who at the time was a graduate student at Cornell University. It was released on November 2, 1988 Morris himself was convicted under the US Computer Crime and Abuse Act and received three years probation, community service and a fine in excess of $10,000.
ANATOMY OF WORMS Attack Mechanism Payload New target selection
TYPES OF WORMS Conficker Worm Email and Instant Message Worms Internet Worms (Morris Worm) IRC Worms File-Sharing Network Worms Slapper Worm
HARMFUL EFFECTS OF WORMS A worm uses a compromised system to spread through email, file sharing networks, instant messenger, online chats and unprotected network shares. Infects files, corrupts installed applications and damages the entire system. Steals or discloses sensitive personal information, Valuable documents, passwords, etc. The worm installs a backdoor or drops other dangerous parasite. Connection speed & System performance.
TROJANS A Trojan horse or Trojan, is a destructive program that masquerades as an application. The Trojan Horse, at first glance will appear to be useful software but will actually do damage once installed or run on your computer. Trojans are also known to create a backdoor on your computer that gives malicious users access to your system. Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate. Some well known Trojans:Net-bus,Girl friend, Back orrifice ,Flooder, Vundo Trojan etc.
PREVENTION OF WORMS• A personal firewall should be run on any system thatis not behind a corporate firewall. This should be doneon any computer that connects to the internet.•Patching your system with updates to fix thevulnerabilities.•Patching is the act of downloading updates to thevulnerable operating system or application andapplying the update to the program.•sometimes the worm can infect the system before theanti-virus software can detect it.
WHAT TROJANS CAN DO? Use of the machine as part of a Botnet (e.g. to perform automated spamming or to distribute Denial-of-service.) Uninstallation of software, including third-party router drivers. Downloading or uploading of files on the network hdd. Watching the user’s screen. Spreading other malware? Such as viruses. In this case? The Trojan horse is called a dropper or vector.
WHAT TROJANS CAN DO? Modification or deletion of files. Data theft(e.g. retrieving username or postal code information) Erasing or overwriting data on a computer. Encrypting files in a crypto viral extortion attack. Crashing the computer. Corrupting files in a subtle way. Setting up networks of zombie computers in order to launch Dodos attacks or send spam.
WHAT TROJANS CAN DO? Spying on the user of a computer and covertly reporting data like browsing habits to other people. Logging keystrokes to stealing formation such as passwords and credit card numbers (also known as a key logger) Phish for bank or other account details? Which can be used for criminal activities. Installing a backdoor on a computer system
DETECTION OF TROJANSa) Suspicious open ports:b) Monitoring outgoing traffic:c) Detection tools:d) Start up files:
PREVENTION OF TROJAN• One of most important difference between Trojan and his friends is that it does not replicate.• Thus limit the destruction.• Anti-virus can detect and safely deleted the Trojan.
DIFFERENCE BETWEEN VIRUS,WORMS & TROJANS VIRUS WORMS TROJAN A computer A computerDefinition WORM is a self- S virus attaches A Trojan, is itself it contained program (or set software that travels to a of programs), appears to program or that is able to perform a file spread desirable enabling it to functional copies function for spread from of itself or its the user prior one computer segments to to run or to another, other computer systems (usually install, but leaving steals infections via network connections). information or harms the system
VIRUS WORMS TROJANSWhat they virus may exist the worm cause serious on your consumes too damage bydo? computer but it much system deleting files and actually cannot memory (or destroying infect your network information on computer unless bandwidth), your system. you run or open causing Web the malicious servers, program network servers and individual computers to stop respondingEXISTENCE NOT NOT INDEPENDENT INDEPENDENT INDEPENDENT
VIRUS WORMS TROJANSSELF- . A virus attaches a worm is self- Unlike virus andREPLICATION itself to, and contained and worms becomes part of, does not need to Trojans do not another be part of reproduce by executable another program infecting other program to propagate files nor do they itself. self-replicate.
VIRUS WORMS TROJANSPropagation virus does not Worms . Trojans are have a propagate and also known to propagation infect other create a vector. i.e., it computers. backdoor on will only effect your computer one host and that gives does not malicious users propagate to access to your other hosts. system, possibly allowing confidential or personal information to be compromised
VIRUS WORMS TROJANEXAMPLE Melissa Nimda, SS Code Red I Love You