This document provides a lesson plan on viruses and anti-viruses. It discusses what viruses are, how they spread, the evolution of viruses over time including major viruses from 1983 to present, statistics on known viruses, the differences between hackers and crackers, and the main types of viruses such as boot viruses, time bombs, worms, and Trojan horses. The goals are to increase knowledge about preventing and combating viruses through behavioral changes.
This document provides a lesson plan on viruses and anti-viruses. It discusses what viruses are, how they spread, the evolution of viruses over time including major viruses from 1983 to present, statistics on known viruses, the differences between hackers and crackers, and the main types of viruses such as boot viruses, time bombs, worms, and Trojan horses. The goals are to increase knowledge about preventing and combating viruses through behavioral changes.
This document provides a lesson plan on viruses and anti-viruses. It discusses what viruses are, how they spread, the evolution of viruses over time including major viruses from 1983 to present, statistics on known viruses, the differences between hackers and crackers, and the main types of viruses such as boot viruses, time bombs, worms, and Trojan horses. The goals are to increase knowledge about preventing and combating viruses through behavioral changes.
Virus? Lesson Plan: 1 - What is a virus? 2 - Main causes of contamination 3 - Timeline - Evolution of Viruses 4 - Statistical Data on Viruses 5 - Crackers and hackers 6 - Types of Viruses Lesson Plan (continued): 7 - The New Media Technology 8 - To detect, prevent and combat the virus 9 - Conclusion Goals:
By fostering a greater knowledge use prevent
measures to combat the virus and its derivatives.
Clarify the trainees on the main existing
viruses.
Encourage behavioral change to increase the
safety of all. What is Virus? In computer language, a computer virus is a malicious software developed by programmers who, like a biological virus infects the system, makes copies of itself and tries to spread itself to other computers, making use for this Causes of Contamination: 1st - Most contamination occurs by the action of the user: - running an infected file received as an attachment to an e-mail - through infected files on flash drives or CDs.
2nd - Outdated operating system - without
security enhancement, which may fix known vulnerabilities of operating systems or applications, which can cause the reception and execution of the virus Timeline - Evolution of the virus 1983 - The researcher Fred Cohen (Ph. D. in Engineering. Electrical at the Univ. Of Southern California), in their research programs called malicious code, "Computer Viruses". In the same year, Len Eidelmen demonstrated at a seminar on computer security, a program in a self-replicating system VAX11/750. This could settle in various parts of the system.
1984 - In 7th Annual Information Security
Conference, the term computer virus was defined as a program that infects other Timeline - Evolution of the virus (continued) 1986 - Discovered the first virus for PC. It was called Brain, was the class of viruses Boot, damaged the boot sector of the hard disk. The shape of the spread was contaminated by a floppy disk. Despite the Brain is considered the first known virus, the title belongs to the first malicious code EIK Cloner, written by Rich Skrenta.
1987 - Comes the first Computer Viruses
written by two brothers, Basit and Amjad has been dubbed as 'Brain', although it is also known as: Lahore, Brain-a, Pakistani, Pakistani Brain, and UIU. The Brain Virus Boot Virus Timeline - Evolution of the virus (continued)
1988 - It appears the first antivirus, by Denny
Yanuar Ramdhani in Bandung, Indonesia. First Antivirus to immunize the system against the Brain virus, extracted the entire virus from the computer and immunized the system against further attacks of the same pest
1989 - Appears the Dark Avenger,
contaminating computers quickly, but its damage is very slow, allowing the virus to pass unnoticed. IBM provides the first commercial Timeline - Evolution of the virus (continued)
1992 – Michelangelo, the first virus to appear
in the media. It is scheduled to re-record in parts of hard disk drives by creating folders and files with false content on March 6, birthday of Renaissance artist. The antivirus software sales have skyrocketed.
1994 - Virus Name Pathogen, made in
England, is sought and found by Scotland Yard and the author is sentenced to 18 months in prison. It is the first time that the author of a virus spreading code is processed by the Timeline - Evolution of the virus (continued)
1995 - Concept name of the virus, the first
macro virus. Written in Basic Microsoft Word, can run on any platform with Word - PC or Macintosh. The Concept spreads easily because it multiplies through the boot sector, spreading to all executable files.
1999 - The Chernobyl virus, eliminating
access to hard drive and do not let the user access the system. Its appearance was in April. Its contamination was low in the United States but caused damage to other countries. Timeline - Evolution of the virus (continued)
2000 - The virus LoveLetter, started in the
Philippines, swept Europe and the United States in six hours. Infected about 2.5 million to 3 million machines. Caused damage estimated at $ 8.7 billion.
2001 - The "fashion" are the type of malicious
code Worm (proliferate on Web pages and mainly via e-mail). The name of one of them is the VBSWorms Generator, which was developed by a programmer Argentina only 18 years. Timeline - Evolution of the virus (continued)
2007 – By 2006 and 2007 there have been
many instances in Orkut virus that is able to send scraps (messages) automatically to all contacts in the victim's social network, and steal passwords and bank accounts of an infected computer by capturing keystrokes and clicks. Although those who receive the message having to "click" a link to become infected, the relationship of trust between friends increases the possibility for the user to "click" without suspecting that the link leads to a worm. Clicking on the link, a very small file is downloaded to the user's computer. He takes care of downloading and installing the Statistics: Until 1995 to 15,000 known viruses; Until 1999 to 20,500 known viruses; Until 2000 to 49,000 known viruses; Until 2001 to 58,000 known viruses; By 2005 - Approximately 75,000 known viruses; By 2007 - Approximately 200,000 known viruses; Until November 2008 - More than 530,000 known viruses. Until March 2012 - More than 950,000 known viruses. Crackers e hackers In the 90 were computer enthusiasts, knew many programming languages and almost always young, they created their virus, often know how they could spread. Today is completely different, they are people who attack other machines for criminal purposes with a goal set: to capture banking passwords, account numbers and privileged information that they arouse attention. Continued on the next Some say crackerpage and hackerare the same, but technically there are differences: Hacker They are breaking passwords, codes and security systems for pure pleasure to find such flaws.
Concerned to know the intimate functioning of
a computer system, ie, without intent to harm or invade operating systems or database.
Generally a hacker does not like being
mistaken for a cracker. Cracker It is the criminal who steals virtual people using their knowledge, using various strategies.
Their interest is basically vandalism.
Exists a veritable black market of computer
viruses, where certain sites, mainly Russians, offer downloads of virus and kits for anyone who can afford it, become a Cracker, which is called “the tertiary "activity. Types of viruses: Boot virus - one of the first types of viruses known to infect the boot operating system. Thus, it is activated when the hard drive is connected and the operating system is loaded.
Time Bomb - viruses like "bomb" are programmed
to activate at certain times, defined by its creator. Once infected a system, the virus will only become active and cause any harm on or before the time set. Some viruses have become famous as the "Friday the 13th", "Michelangelo," "Eros" and "April 1 (Conficker)." Types of viruses: (Continued) Worms - as interest to make it a virus is spread as widely as possible, the developers sometimes put aside the desire to damage the infected users' system and began to plan their viruses so that only replicate without the aim of causing serious damage to the system. Thus, the authors intended to make his most known in the Internet. This type of virus came to be called worm. They are more refined, there is already a version that by attacking the host machine, not only replicates but also spreads via the Internet, by e-mails that are registered Types of viruses: (Continued) Torjans or Trojan horses - bring in its wake a separate code, which allows a stranger to access the infected computer or collect data and send them over the Internet to a stranger, without notifying the user. These codes are called Trojans or Trojan horses.
Initially, the Trojans allowed the infected computer
could receive external commands without the user's knowledge. Thus the attacker could read, copy, delete and modify data in the system. Currently the Trojans looking to steal user's sensitive data, such as banking passwords. Types of viruses: (Continued) Currently, Trojan horses do not come exclusively carried by viruses, are now installed when the user downloads a file from the Internet and executes it. Practice effective because of the huge amount of fraudulent e-mails that arrive in users' mailboxes. These emails contain a web address for the victim to download the Trojan horse, instead of the file that the message claims to be. This practice is called phishing, expression derived from the verb to fish, "fish" in English. Currently, most Trojans aimed at banking sites, "fishing" the password entered by users of infected PCs. There is also the Trojans that are downloaded on the Internet Types of viruses: (Continued) Also, the Trojans can be used to prompt the user to fake websites where without your knowledge, are downloaded trojans for criminal purposes, as happened with the Google links: a security breach could lead a user to a fake page. For this reason the service has been down for a few hours to fix this bug, otherwise people do not distinguish the fake from the original site would be affected. Types of viruses: (Continued) Another consequence is the computer becomes a zombie and, without the user noticing, perform actions such as sending spam, send itself to infect other computers and servers to attacks (DDoS usually one, an English acronym for Distributed Denial of service). Although only one micro of a network is infected, it can consume almost all the bandwidth of Internet connection with such actions even if the computer is not used, just connected. The goal often is to create a large network of zombie computers, which together Types of viruses: (Continued) Hijackers - are programs or scripts that "hijack" Internet browsers. When this occurs, the hijacker changes the browser home page and prevents the user to change it, displays advertisements in pop- ups or new windows, install toolbars in the browser and may prevent access to certain sites (such as antivirus software sites , for example). Types of viruses: (Continued) Estado Zumbi - num computador ocorre quando é infectado e está a ser controlado por terceiros. Podem usá-lo para disseminar, vírus, keyloggers, e procedimentos invasivos em geral. Geralmente esta situação ocorre quando a máquina tem o seu Firewall e ou Sistema Operativo desactualizados. Segundo estudos nesta área, um computador que está na internet nessas condições tem quase 50% de hipótese de se tornar uma máquina zumbi, que dependendo de quem está controlando, quase sempre com fins Types of viruses: (Continued) Vírus de macro (ou macro vírus) - vinculam as suas macros a modelos de documentos gabarito e a outros arquivos de modo que, quando um aplicativo carrega o arquivo e executa as instruções nele contidas, as primeiras instruções executadas serão as do vírus.
Vírus de macro são parecidos com outros vírus em
vários aspectos: são códigos escritos para que, sob certas condições, este código se "reproduza", fazendo uma cópia dele mesmo. Como outros vírus, eles podem ser escritos para causar danos, apresentar uma mensagem ou fazer qualquer coisa que um programa possa fazer.
Resumindo, um vírus de macro infecta os arquivos do
Microsoft Office (.doc - word, .xls - excel, .ppt - power New Media Technology Muito se fala de prevenção contra vírus de computador em computadores pessoais, o famoso PC, mas pouca gente sabe que com a evolução, aparelhos que tem acesso à internet, como muitos tipos de telemóveis, handhelds, VOIP, etc podem estar atacando e prejudicando a performance dos aparelhos em questão. Por enquanto são casos isolados, mas o temor entre especialistas em segurança digital é que com a propagação de uma imensa quantidade de aparelhos com acesso à internet, hackers e crakers irão interessar-se cada vez mais por atacar esses novos meios de acesso à web. Também se viu recentemente que os vírus podem chegar em produtos electrónicos defeituosos, como aconteceu recentemente com os iPODS da Apple, que traziam um "inofensivo" vírus (qualquer antivírus o elimina, New Media Technology (continued) Existem igualmente vírus que são executados quando se entra na página através de browser, mais conhecido como vírus "Script", podendo ser utilizado para invadir o computador ou plantar outro vírus no computador. New Media Technology (continued)
SPLog - There are also fake blogs, or
splogues, blogs that are advertising almost always tend to promote the sales of any product, rarely do any harm, but may contain links that can be dangerous. Detect, prevent and combat viruses Nothing can guarantee the complete safety of a computer. But you can improve his safety and decrease the likelihood of being infected.
Remove a virus from a system without the help
of necessary tools is a daunting task even for a professional.
Some viruses and other malicious programs
(including spyware) are scheduled to re-infect your computer even after it detected and Detect, prevent and combat viruses (continued)
Update your computer regularly is a preventive
action against the virus. In this option, there are some companies that provide tools not free, which aid in the detection, prevention and permanent removal of viruses. Detect, prevent and combat viruses (continued) Antivirus - are programs developed by security companies, in order to detect and eliminate viruses found on your computer. The virus have a database containing signatures that can eliminate the virus. Thus, only after upgrading your database, the newly discovered viruses can be detected.
Some virus have technology heuristics which is a
means of detecting the action of an unknown virus through its action on the user's system. Panda Software has created a service that was very popular heuristic, because 98.92% of viruses detected unknown (not in its database) in a test. Now, people with this heuristic may be 98.92% more rested! Detect, prevent and combat viruses (continued) Personal Firewall's - are programs developed by software companies in order to prevent the personal computer is the victim of malicious attacks (or "Blended Threats" - malicious code that spread over the Internet without the user's computer that infects / is infect know) and spyware attacks. Speaking of his duties related to the virus, this program oversees the "gates" (the TCP / IP are the media, associated with a particular application, which allow travel on the information from your computer to the network), to prevent attack the virus in a given protocol. So, if you install a personal firewall on your computer, the user is protected from attack by many viruses, preventing them from gaining access to your Conclusion Although it has taken a big step forward in computer systems become increasingly safe, it can be worth anything against social engineering, which consist of techniques to convince the user to deliver data as banking passwords, credit card number, financial data in general, is a carefree and casual conversation in a chat room, a messenger, which generally tend to occur such acts, and even personally. Conclusion (continued) Therefore, you should NEVER provide any password of any kind, as the gateway to the loss of information, espionage, theft of money in a bank account and personal details fall into the hands of strangers who do not know what kind destination may give this information. Currently, data are obtained of this species and also more specific data (like passwords for computer networks of businesses, location of back door, etc..).
Social engineering does not have the slightest
connection with the hacking techniques are totally different from one another. "The Social Engineer Conclusion (continued) Money in the form of bits - With so many hackers obtaining passwords around the world, it is inevitable to create links between them, they begin to use stolen data as currency. Today the access data of users marketed by real gangs online. It is common to see messages like "I have the password 100 bank accounts bank X, who gives more for them?" specialized in various forums. A real black market formed in underground chat rooms where these shady deals are made between a veritable ocean of codes, acronyms and abbreviations - a recipe for cyberthieves. Armed with data from access to bank accounts, cybercriminals can perform fraud and illegal transfers of money very easily. There is also a Conclusion (continued)
Antiespiões (antispyware) - an anti-spyware
software is suitable for removing spyware (spyware), or when little, detect them and, if possible, inactivates them, sent them to Quarantine. Like antivirus, need to have your database updated constantly.
The anti-spyware often monitor certain entries in
the Windows registry to detect infection attempts, but eventually can not identify what it is trying to change the registry - it may even be spyware or a virus actually. Summary of Lesson After reading this lesson should have been clear about: 1 - What is a virus? 2 - Main causes of contamination 3 - Timeline - Evolution of computer viruses. 4 - Statistical Data on Viruses 5 - Crackers and hackers 6 - Types of Viruses 7 - The New Media Technology 8 - To detect, prevent and combat viruses “Seeks to prevent crimes, lest thou be obliged to punish them.” (Confúcio)
"No computer is aware of what
makes. But for the most part, neither do we.” ( Marvin Minsky ) Bibliography
http://pt.wikipedia.org/wiki/V%C3%ADrus_de_co mputador Thank You for Attention
Linux Malware Incident Response: A Practitioner's Guide to Forensic Collection and Examination of Volatile Data: An Excerpt from Malware Forensic Field Guide for Linux Systems