|
It seems to be inherent in human nature that any activity
involving large numbers of people will include some who behave in a harmful,
anti-social way. Thus on the Internet there is a constant threat from malicious
software or "malware." Two common types of malware are "viruses" and "worms."
What a virus is
A virus is
a self-replicating program that spreads by inserting copies
of itself into programs or documents that already exist on a computer. The
name comes from an analogy with biological viruses. These cannot reproduce
by themselves but make use of the functions of infected cells to spread.
Similarly, a computer virus makes use of the executable code in legitimate
programs to carry out its purposes. A virus may be designed to be destructive
to a system or to be a prank. In either case, the virus will rapidly reproduce
itself until the system may be overwhelmed. Viruses spread to other systems
when infected programs are
copied to another machine.
Documents with executable code like Word macros can also be vectors of infection.
A very common method of spreading viruses is by attachments
to email . Today a variant of a virus known as a worm is
more often used.
What a worm is
Viruses and worms are often lumped together in the single category of virus
but there is technical distinction. A worm differs from a virus in that it
contains all the code it needs to carry out its purposes and does not depend
on using other programs. Most recent instances of malware have been worms,
spread primarily by email. Worms are designed to replicate rapidly and to use
the Internet or other networks to spread with great facility. They may contain
code to damage or erase files or may carry other malicious payloads. On a number
of occasions, large numbers of computer systems have been brought down by worms.
In addition to the damage from whatever payload they carry, the sheer number
of worm copies can bring systems to a halt.
A very common method of spreading is by use of any email addresses on an infected
computer. The worm searches address books, temporary Internet caches and other
possible sources of email addresses. The worm then mails out random infected
fake messages. It may use the addresses it finds not only as recipients
but also may spoof mail to show them as senders. It may also combine random
pieces of addresses into new fake addresses. All the messages will contain
an attachment that is infected. None of this activity may be known by the owner
of the infected machine and may go on for weeks or months. A single infected
machine can send out thousands of worm-carrying messages.
Anti-virus programs
Most people know that anti-virus software is a necessity and most computers
come with some form of anti-virus program already installed. (Note that anti-virus
is a catchall term that refers to a variety of malware.) All the major programs
check email as well as scanning your system. However, new viruses appear every
day and anti-virus programs are only as good as their database or definitions
of viruses. A program can't recognize a new virus unless it has been kept up
to date. Anti-virus programs contain update features and these are automatic
in the newer major programs. However, the big vendors like Symantec and McAfee
no longer give unlimited free updates but start to charge after some initial
period ranging from 3 months to 1 year. Very often people do not subscribe
to the new updates and let their protection lapse. This leaves the computer
open to any new virus that comes along. Actually, it may be better to periodically
buy a whole new version of whatever anti-virus program you use. I have often
found rebate offers that make the new program cheaper than the update subscription.
Personally, I find both the Norton and McAfee programs to be very heavy users of system resources. An alternative is one of the free programs like Grisoft
AVG. In the past,
Symantec's Norton has always seemed to get much better reviews for efficacy
against infection than the freebies but a recent review by
the magazine
PC World indicates that there are several free programs that now provide acceptable
levels of protection. Tech
Support Alert gives a critique of
the various free programs and describes an effective computer defense that uses free programs.
Firewalls
Worms have also been spread by intruders planting them directly on unprotected
computers connected to the Internet. A firewall is essential to guard against
such occurrences and is discussed in more detail on the next
page.
Trojan horses
Another form of malware is the "Trojan horse" and we consider that on the next
page. |
