Viruses and Worms

Previous page
Table of content
Next page

Computer viruses and worms are relatively new types of attacks on systems. There is a strong analogy between a biological virus and a computer virus. A computer virus is code that inserts itself into other programs; these programs are said to be infected. Computer viruses cannot run by themselves. A virus may cause an infected program to carry out some unintended actions that may or may not be harmful. For instance, a virus may cause a message to be displayed on the screen, or it may wipe out files. One action a computer virus may do is have the infected program make copies of the virus and infect other programs and machines.

A worm is a computer program that can spread working versions of itself to other machines. A worm may be able to run independently, or it may run under the control of a master program on a remote machine. Worms are typically spread from machine to machine using electronic mail or other networking programs. Some worms have been used for constructive purposes, such as performing the same task on different machines in a network. Worms may or may not have damaging effects. They may use large amounts of processing time or be destructive. Worms often cause damage by writing over memory locations used for other programs.

The most famous worm was the Internet Worm that caused widespread panic on the Internet in November 1988. The programs used by the worm were written by a computer science graduate student. (The worm attacked computers running the BSD System and the SunOS from certain manufacturers.) These programs were sent to other computers using the sendmail command for electronic mail. The sendmail command, part of the BSD System, had several notorious loopholes that made the worm possible. In particular, the worm used sendmail code designed for debugging, which permitted a mail message to be sent to a running program, with input to the program coming from the message. The worm also took advantage of weaknesses in the implementation of the finger daemon on VAX computers from DEC, as well as security weaknesses of the remote execution system, including the rsh command. The security holes exploited by this 1988 virus were closed in all UNIX variants shortly after this attack. This is an example of how security in UNIX (and other systems) advances. Whenever security holes are found, an attempt is made to close them, resulting in new security features.



Previous page
Table of content
Next page
UNIX. The Complete Reference
UNIX: The Complete Reference, Second Edition (Complete Reference Series)
ISBN: 0072263369
EAN: 2147483647
Year: 2006
Pages: 316
Authors: Kenneth Rosen, Douglas Host, Rachel Klee, Richard Rosinski
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
Quantitative Methods in Project Management
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
The Oracle Hackers Handbook: Hacking and Defending Oracle
VBScript in a Nutshell, 2nd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy