ERIC
SPELLMANN
Viruses and other nasties
You’re working on your computer one night, when all of a sudden a picture
of the Cookie Monster appears on your monitor. Text below reads: "Feed
me a cookie". You don’t know what to do so you just hit the <ENTER> key
and he disappears.
Ten minutes later, he reappears, once again asking for that cookie. "What
is going on?" you ask. You hit <ENTER> again, but every 10 minutes
you are interrupted with the blue, furry guy asking for sweets.
Here’s what you don’t know: your computer is infected with the Cookie
Monster virus. If you don’t type in "Happy Birthday Yoshi" (and
how would you know to do that?) whenever he asks for a cookie, the virus goes
out, randomly selects one file on your hard drive, and deletes it! In other words,
every 10 minutes, this virus plays Russian roulette with your computer files.
By the way, Yoshi is the codename of the teenager that wrote the virus.
So, what is a virus, and how did you get one? Let’s start with the
basics. A virus is a program. It is not a mistake or accident. You
cannot "hit the wrong key" and cause a virus. They don’t
just come out of nowhere. Viruses are not alive. They are programs
created by people to "do something" (many times, malicious) to your
computer.
Viruses are not the same things as "computer bugs". Computer bugs ARE
unintentional mistakes made by programmers when developing software. Viruses
are VERY intentional.
Five types of viruses exist: File Infectors, Trojan Horses, Stealth Viruses,
Worms, and Polymorphic Viruses. Many of the newest viruses, though, fall
into multiple categories.
File Infectors
No-one in their right mind would ever double-click on a virus. So, how do
viruses get around? Well, many viruses attach themselves to "good" programs. Whenever
you double-click on the "good" program, the virus also executes or "runs". For
instance, if a virus infected Microsoft Word, every time you ran Microsoft Word,
the virus would come out and do its mischief.
Trojan Horses
Much like their name implies, trojan horse viruses are simply "programs
that claim to do one thing when, in fact, they do something else". As an
example, let’s say that I gave you a floppy disk to take home. I told
you that the disk contained a program called "MakeMoneyFast.exe" and
that by clicking on it, you would be well on your way to prosperity and happiness! Sounds
great, right? Well, you get home, insert the diskette, and double-click
on the "program". It immediately begins to erase your hard drive.
Trojan horses don’t replicate. They don’t spread like file
infectors. They are single-use "mail bomb" types of programs. Typically,
they are created by a "soon-to-be-fired disgruntled employee". Many
times, this angry worker will set the "bomb" to explode long after
he’s gone, maybe even months later! An unsuspecting employer wakes
up one morning to discover his corporate information has disappeared!
Stealth Viruses
Imagine a virus that can hide from "anti-virus software". In the old
days, anti-virus software only checked hard drives for viruses. A stealth
virus could "sense" that anti-virus software was coming. It would
then move itself from the hard drive and hide in RAM until the anti-virus program
left. Then, it would redeposit itself back onto the hard drive. Pretty
sneaky!
Today’s anti-virus software can find stealth viruses by checking RAM at
the same time as it checks the hard drive. Because of that, you don’t
see many stealth viruses "in the wild" any more.
Worms
Chances are, you will never see a computer "worm". Worms primarily
live on the internet. They go after "servers". If you remember
from earlier columns, a server is a computer that is on the Internet 24 hours/day,
7 days/week. Your computer is not a server; therefore, you are not at risk
of being "bitten" by a worm. When a worm finds a server, it will
probe its defences, looking for security holes. If it finds one, the worm wriggles
its way in and begins to replicate like mad.
After a while, the millions of replicating worms eventually overload the server,
causing it to crash. Worm attacks are rare, but they do occur. The largest
worm attack occurred in the late 1980s. Dubbed "The Internet Worm",
this program affected nearly one-third of the servers on the internet! (Not
that big a deal if you consider that only colleges and NASA used the Net during
that time …) However, it did make the newspapers. Network administrators
scurried to make sure that their servers were protected.
Well, I’m quickly running out of room. Next week, I’ll discuss
the most insidious of viruses: the polymorphic virus. I’ll also discuss
how anti-virus software works and how to choose a good one. Until then,
I’ll see you in Cyberspace!
www.EricSpellmann.com
©
Christian Family Network
is run by CPO, supported by
Care for the Family, Marriage Resource, Positive Parenting,
Care, Women Alive, Christian Herald and many others.