You are on page 1of 5

Viruses and Some Virus-like

When is a life form not a life form? When it's a virus. Viruses are strange things
that straddle the fence between living and non-living. On the one hand, if they're
floating around in the air or sitting on a doorknob, they're inert. They're about as
alive as a rock. But if they come into contact with a suitable plant, animal or
bacterial cell, they spring into action. They infect and take over the cell like
pirates hijacking a ship.

What They Are A virus is basically a tiny bundle of genetic material

either DNA or RNAcarried in a shell called the viral coat, or capsid, which is
made up of bits of protein called capsomeres. Some viruses have an additional
layer around this coat called an envelope. That's basically all there is to viruses.

Types of viruses:Boot viruses: These viruses infect floppy disk boot records or master boot records in
hard disks. They replace the boot record program (which is responsible for loading the
operating system in memory) copying it elsewhere on the disk or overwriting it. Boot
viruses load into memory if the computer tries to read the disk while it is booting.
Examples: Form, Disk Killer, Michelangelo, and Stone virus
Program viruses: These infect executable program files, such as those with extensions
like .BIN, .COM, .EXE, .OVL, .DRV (driver) and .SYS (device driver). These programs
are loaded in memory during execution, taking the virus with them. The virus becomes
active in memory, making copies of it self and infecting files on disk.
Examples: Sunday, Cascade
Multipartite viruses: A hybrid of Boot and Program viruses. They infect program files
and when the infected program is executed, these viruses infect the boot record. When
you boot the computer next time the virus from the boot record loads in memory and
then starts infecting other program files on disk.
Examples: Invader, Flip, and Tequila
Stealth viruses: These viruses use certain techniques to avoid detection. They may
either redirect the disk head to read another sector instead of the one in which they
reside or they may alter the reading of the infected files size shown in the directory
listing. For instance, the Whale virus adds 9216 bytes to an infected file; then the virus

Subtracts the same number of bytes (9216) from the size given in the directory.
Examples: Frodo, Joshi, Whale
Polymorphic viruses: A virus that can encrypt its code in different ways so that it
appears differently in each infection. These viruses are more difficult to detect.
Examples: Involuntary, Stimulate, Cascade, Phoenix, Evil, Proud, Virus 101
Macro Viruses: A macro virus is a new type of computer virus that infects the macros
within a document or template. When you open a word processing or spreadsheet
document, the macro virus is activated and it infects the Normal template (
general purpose file that stores default document formatting settings. Every document
you open refers to the Normal template, and hence gets infected with the macro virus.
Since this virus attaches itself to documents, the infection can spread if such documents
are opened on other computers.
Examples: DMV, Nuclear, Word Concept.
Active X: ActiveX and Java controls will soon be the scourge of computing. Most
people do not know how to control there web browser to enable or disable the various
functions like playing sound or video and so, by default, leave a nice big hole in the
security by allowing applets free run into there machine. There has been a lot of
commotion behind this and with the amount of power that JAVA imparts, things from the
security angle seem a bit gloom.
These are just few broad categories. There are many more specialized types. But let us
not go into that. We are here to learn to protect our self, not write a thesis on computer
virus specification.

Jean Yves-Sgro


Type A flu virus



IDS = Intrusion Detection system:

IDS is an acronym for Intrusion Detection System. An intrusion detection system
detects intruders; that is, unexpected, unwanted or unauthorized people or
programs on my computer network
There are many forms of IDS. Network IDS and Host IDS are the example.
Network IDS will Generally Capture all Traffic on the network
Host will Capture Traffic for Individual Host
IDS detects attempted attacks using Signature and Patterns much like an Anti Virus App will.

Anti Virus: Antivirus software (sometimes spelled Anti-Virus or anti-virus with

the hyphen) are computer programs that attempt to identify, neutralize or
eliminate malicious software. The term "antivirus" is used because the earliest
examples were designed exclusively to combat computer viruses; however most
modern antivirus software is now designed to combat a wide range of threats,
including worms, phishing attacks, rootkits, Trojans, often described collectively
as malware
They will capture attempted Infections of Files or email, the general infection will be a Trojan
and/or Virus/Malware.

Not limited to a Perimeter of a Network, Firewalls can be Sophisticated.
Firewall will scan TCP/IP packets based on Source and Destination then check again a list
( ACL ) and block/Allow traffic accordingly, some firewalls can provide Layer 7 Traffic Scanning
( Deep Packet Inspection) for instance rules can be setup for Applications.

Stay Current

A firewall has got holes to let things through: without it, you wouldn't be able to
access the Internet or send or receive emails. Anti-virus systems are only good at
detecting viruses they already know about. And passwords can be hacked, stolen
or left lying about on post-its.
That's the problem. You can have all this security, and all you've really got is a
false sense of security. If anything or anyone does get through these defenses,
through the legitimate holes, it or they can live on your network, doing whatever
they want for as long as they want. And then there's a whole raft of little known
vulnerabilities, known to the criminals, who can exploit them and gain access for
fun, profit or malevolence. A hacker will quietly change your system and leave a
back door so that he can come and go undetected whenever he wants. A Trojan

might be designed to hide itself, silently gather sensitive information and secretly
mail it back to source. And you won't even know it's happening - worse, you'll
believe it can't be happening because you've got a firewall, anti-virus and access
Unless, that is, you also have an intrusion detection system. While those other
defenses are there to stop bad things getting onto your network, an intrusion
detection system is there to find and defeat anything that might just slip through
and already be on your system. And in today's world, you really must assume
that things will slip through - because they most certainly will. From the outside,
you will be threatened by indiscriminate virus storms; from hackers doing it for
fun (or training); and more worryingly from organized criminals specifically
targeting you for extortion, blackmail or saleable trade secrets.
From the inside, you will have walk-in criminals using social engineering skills to
obtain passwords to, or even use of, your own PCs; from curious staff who
simply want to see what their colleagues are earning; and from malcontents with
a grievance.
What you really mustn't assume is that this is fanciful, or that you don't have
anything worth stealing. According to experts in the field even something as basic
as stored HR data on your employees is worth $10 per person on the black
market. Search for 'FBI' on this site, and see the variety of attacks and dangers
that exist; and how often there is a degree of success despite firewalls and antivirus and access control. You still need all of those defenses - but you also need
an intrusion detection system.