Virus/en

De FdIwiki ELP
(Redirigido desde «Virus(En)»)
Saltar a: navegación, buscar


Classification

  • Directed: A human evolved. Example trojans
  • Not directed: not a human evolved. The attack is automatic. Example worms, virus..

More known types

Virus

Definition

Say it for a program or programs builded by a programmer or group of programmers who after execute in a system manage to alter the normal working of the system. Exist a many types of virus and everyone achieve distincts conducts. Most of them have the premise of keep hidden for the user do not notice its operation.

Types

  • Polymorphic: decode it’s useful load.
  • Silent: modifies system calls to keep hidden
  • Gobbled: re-write the infected executable with code.
  • Duplicator: made copies of the executable which infects.
  • Retrovirus: its objective is the antivirus.
  • Others

Examples

  • Creeper: first virus in the history.

Trojans

Definition

It’s principal objective it’s the stole of information, but may go as far as manipulate the objective system at it´s whim. Most do it through a back door there by achieving keep hidden to the user. The way to prevent the firewalls and the antivirus it´s to make the objective system connection to the attacker machine.

Forms of infection

  • Applications of p2p networks.
  • Webs with executable , like java,ActiveX
  • Exploits OS or applications.

Examples:

  • Netbus (1997)
  • Nuclear RAT (2003)
  • Poison Ivy (2007)


Worms

Definition

It´s principal objective it`s massive replication, can leave inoperative a determinate system to fill the hard disk and/or re-write determinate important structures. Utilize automatic parts of the system to perform the actions.

Examples

  • Morris worm (1988): First worm in the history. Among others, affect to the NASA and to Sun MicrSystems. The losses reached $ 96 million.

Boot Virus

Definition

It´s a pioneers in the world of the viruses. This virus goal it´s infect the partition of the boot process.and when it´s switched load the virus

Adware

Show publicity in the internet explorer or other programs. Sometimes it´s consider like a spyware, when forces the user to used a determinate web searcher because can be used for monitorize user activity. This generate many critics of the experts of security and defenders of privacity. Other programs adware, dont realize this monitoring user’s personal

Spyware

Recopila datos del usuario. Collect data of the user. Are programs which install in automatic mode or are hidden in the installation of reputable programs. The spy software have basically two methods of action:

  • Force to the user to see determinate things/use determinate programs and interfaces
  • Extract information of the computer’s user

However, unlike virus, dont try replicate in another pc’s, consequently works like a parasite. The consequences of a spyware’s infection normal or dangerous( apart from the privacy issues) generally include a considerable loss of performance of the system ( up 50% in extreme cases), and stability problems.

Exploitation of vulnerabilities

The majority of virus attack to the OS throw existing vunerabilities but unknown in his code or system vulnerabilities don’t actualized to the last version. The mayority`s objective of the viruses it´s the SO of Microsoft, Windows, because its one most famous in the world, unlike Linux, in addition to be a stronger SO and more implemented, have a fewer amount of viruses.

Currently no one considers that the viruses can affect to portable devices. This is a common error and allows ,Android to be one of the most vulnerability OS. In addition, with the importance to use of the Smarthphones, is becoming in a principal objectivo of the hackers, displacing the computer.

Defense and protective mechanism

The ways for defend can be fairly long, but whatever the objective of the attack, exist two principal components to use:

Antivirus: program that monitors the services and actions that realize the system, allow detect abnormal behaviours. Too exist for portable devices.

Firewall: Component that allows lock the illegal access to the system, allowing at the same time the authorized communications. One of his basically roles it´s the packages filtering, studying or not the context of the same, but it can have more roles and be more comprehensive.