The document discusses the history of computer worms and viruses. It describes how the first widely known worm, the Morris worm, was created by a graduate student in 1988 and how he was later convicted. It defines worms as software that replicates itself across a network by exploiting security vulnerabilities. The document also provides details on typical functions of computer viruses today, how viruses spread through email, and examples like the Melissa virus. It concludes with recommendations for prevention like keeping systems updated and using antivirus software.

1. By Mr UV
Computer Viruses and Worms

2. Definition of Virus

3. Computer Virus Timeline

5. Worms

6. History of Worms
 The first worm to attract wide attention, the
Morris worm, was written by Robert Tappan
Morris, who at the time was a graduate
student at Cornell University.
 It was released on November 2, 1988
 Morris himself was convicted under the US
Computer Crime and Abuse Act and received
three years probation, community service and
a fine in excess of $10,000.

7. Worms…
 Worms – is a small piece of software that
uses computer networks and security holes to
replicate itself. A copy of the worm scans the
network for another machine that has a
specific security hole. It copies itself to the
new machine using the security hole, and
then starts replicating from there, as well.
 They are often designed to exploit the file
transmission capabilities found on many
computers.

8. Zombies



9. Typical things that some current
Personal Computer (PC) viruses do

10. Typical things that some current
Personal Computer (PC) viruses do

11. Distributed Denial of
Service

12. How it works?

13. MyDoom

14.  27 January: SCO Group offers a US $250,000
reward for information leading to the arrest of the
worm's creator.
 1 February: An estimated one million computers
around the world infected with MyDoom begin
the virus's massive distributed denial of service
attack—the largest such attack to date.
 2 February: The SCO Group moves its site to
www.thescogroup.com.

15.  Traditional Viruses
 pieces of code attached to a legitimate
program
 run when the legitimate program gets
executed
 loads itself into memory and looks around
to see if it can find any other programs on
the disk

16.  Traditional Virus
 infect the boot sector on floppy disks and
hard disks
 By putting its code in the boot sector, a
virus can guarantee it gets executed
 load itself into memory immediately, and it
is able to run whenever the computer is on

17. Decline of traditional viruses
 Reasons:
– Huge size of today’s programs storing on a
compact disk
– Operating systems now protect the boot
sector

18. E-mail Viruses
 Moves around in e-mail messages
 Replicates itself by automatically mailing
itself to dozens of people in the victim’s e-mail
address book
 Example: Melissa virus, ILOVEYOU virus

19.  March 1999
 the Melissa virus was the fastest-spreading virus
ever seen
 Someone created the virus as a Word document
uploaded to an Internet newsgroup
 People who downloaded the document and opened
it would trigger the virus
 The virus would then send the document in an e-
mail message to the first 50 people in the person's
address book

20. Melissa virus
 Took advantage of the programming
language built into Microsoft Word called
VBA (Visual Basic for Applications)

21. Prevention
 Updates
 Anti-Viruses
 More secure operating systems
e.g. UNIX

22. Reference
 http://mirror.aarnet.edu.au/pub/code-red/newframes-small-log.gif
 http://www.factmonster.com/ipka/A0872842.html
http://www.faqs.org/faqs/computer-virus/new-users/
 http://www.mines.edu/academic/computer/viri-sysadmin.htm