Conclusions:
As you probably read in the instructions for this report (that
is if you actually read them) ,Mr Sasabe states that he had a virus that made his
information appear different. I'm not quite sure I believe Mr. Sasabe actually fell
victim to a virus. For one thing, a virus that simply made a page appear out of sync
would seem to me to be quite harmless. Second, last semester I had the same thing
happen to me. I typed out my report, loaded up on the web and bang! Everything
appeared scattered when I viewed the uploaded page. Now perhaps I fell victim to the
same virus as Mr. Sasabe except for I use a computer at home and it is equipped with
Norton Antivirus so I doubt it.
However, there may be another type of virus which Dr. James
pointed out one day in class. These viruses are not created but evolve from
conflicts with software. So maybe Mr. Sasabe did indeed experience a virus but I
guess we'll never know for sure.
Back to Top
After reading the Edupage Online posting, I'm not quite sure I
understand exactly what the attack tools do. I know it says that the software sniffs
out vulnerable servers and launches attacks based on the denial of service strategy.
The problem is I don't know what the "denial of service" strategy is.
I guess it doesn't really matter, the point is that the software tells the hacker
which computer systems and networks can be broken into. To be brutally honest, I
really don't have a problem with hackers. It seems to me that most are highly
intelligent in computer science and hack into systems just to prove the system is
vulnerable. I know there are hackers who use their skills for evil but I think most
do not. One other note to mention on the Edupage post, this was posted almost two
years ago, I can only imagine what kind of software the hackers are using nowadays.
Back to Top
1. http://www.ciac.org/ciac/
2. www.mcafee.com/support/techdocs/vinfo/default.asp
This link no longer works, however it is required to be in the report.
http://www.mcafee.com/clinic/newuser.asp
I found this site while looking for the original site. Cool
site with free virus scanning online!
3. IBM's virus warning site
4. Computer Virus Myths
5. Symantec's Anti-Virus Research
Centre
6. http://www2.offutt.af.mil/wipo/virushoax.html
Another link that didn't
work.
7. http://csrc.ncsl.nist.gov/virus/
Back to Top
1.ICSA A very good source of information on virus hoaxes. The main purpose of this site however is certification of anti-virus software. This site is independent of any software company so the information is unbiased. The criteria for certification seems very strict, here is a sample of some criteria: ON DEMAND Module: Products to receive the ICSA Certified mark must:
Detect 100% viruses listed as In The Wild Test Suite (one Month old list)
Detect 100% viruses listed in the ICSA Common Infectors Test Suite
Detect 100% of ICSA's Polymorphic Test Suite Detect 90% of the ICSA Virus Collection
Products achieving ICSA certification will not cause any false alarms. The False Alarm tests will be conducted against the ICSA False/Positive Test Suite.
2.Virus Bulletin: Complete virus site with information on the latest viruses like Mellissa and CIH(Chernobyl). This site also includes a comparison of anti-virus software.
3.Mcafee Virus Information Center:
This site has information on 40,000 viruses and also includes a virus search engine.
Also includes free virus
scanning online .
Back to Top
A computer virus is a program which attaches itself to,
overwrites or replaces another program in order to replicate itself without the knowledge
of the computer's user.
Most viruses are relatively harmless, and may be present for
years with no noticeable effect. Some however, may cause damage to data
files or attempt to destroy files and disks. Others cause unintended damage. Even
benign viruses apparently non-destructive viruses cause significant damage by occupying
disk space and/or main memory, by using up CPU processing time, and by the time and
expense wasted in detecting and removing them. This is perhaps the type of virus Mr.
Sasabe experienced.
A Trojan Horse is a program intended to perform some covert and
usually malicious act which the victim did not expect or want. It differs from a
destructive virus in that it doesn't reproduce.
A dropper is a program which installs a virus or Trojan, often
covertly.
A worm is a program which spreads (usually) over network
connections. Unlike a virus, it does not attach itself to a host program. In practice,
worms are not normally associated with personal computer systems.
I think viruses are usually created by people who are very
knowledgeable in computers and express their aggression in infecting other people's
computers. I have recently learned that anyone can get a virus program on the
internet and then send it out to someone's computer. The viruses are free of charge
so any psycho with a computer can obtain a virus and screw up alot of people.
Back to Top
Viruses are spread when an infected program is run on an
uninfected computer. Viruses can also be spread when an uninfected computer is booted with
an infected device. The most common ways viruses are spread are: Infected floppy
disk, downloaded files from the internet, E-mail attachments. This suprised me, I
didn't know that viruses can only be spread through attachments but not regular
text e-mail. Other possible but unlikely ways of contracting viruses are
LAN's and even commercial software.
There are basically two types of viruses: the system virus which
is what I've been talking about and another type of virus called a macro virus. In
addition, there are boot sector viruses. A system virus attacks the operating
system and are written in code that can only be understood by the operating system.
A macro virus is a virus written for a specific application and written in that
application's language. An example would be a virus written in Microsoft Word.
The virus would attack only the document itself and not the operating system.
The problem with macro viruses although they are not as harmful as system viruses,
they are fairly easy to create. Also, macro viruses are easily altered, making
anti-virus updates necessary. Boot sector viruses attack the boot sector of the hard
drive. Once loaded into the memory they often cannot be removed.
Back to Top
Some famous viruses in history include "concept",
"datacrime", and "Michelangelo". The concept virus was a macro
virus created for Microsoft Word templates. The way this virus works is, when an
infected template is opened under Word, the virus copies its macros into the global macro
pool (which is usually in the file NORMAL.DOT), and displays a popup box containing the
number "1". While the global macro pool is infected, any document saved using
the "Save As" dialog will become infected.
The datacrime virus is a COM infector of IBM DOS. The way
this virus works is, the virus is spread between COM files. If an infected program is run
between October 13th and December 31st, inclusive, in any year, it will display the
message DATACRIME VIRUS RELEASEDD 1 MARCH 1989, and erase part of the hard disk,
rendering data inaccessible.
The Michelangelo virus is a diskette and hard disk master
boot-record infector. The way Michelangelo works is, when booted from a diskette,
this virus infects the master boot record of the first hard disk (if any) and installs the
virus in memory. When booted from an infected hard disk, it only installs the virus in
memory. While the virus is in memory, diskettes used in drive A become infected. If the
date is March 6 when you boot from an infected disk or diskette, the virus will overwrite
parts of the boot disk with random data. Attempting to boot from a non-bootable
diskette that is infected with the Michelangelo virus will also infect the hard disk, and
will overwrite parts of the boot disk if the date is March 6.
Back to Top
Over time many myths about viruses have surfaced. Here
are some myths I have encountered in doing this report. Some people think you can
get a virus from cookies on the internet. Cookies are files that some web sites
store on your computer for informational purposes. Since cookies are not executable,
they pose no threat of infection. Another myth is that you can get a virus from
viewing graphics on the internet. Again, GIFs and JPEGs are data files and not
executable therefore cannot infect your system. Finally, as I stated in an earlier
section, virus cannot be spread by e-mail unless an attachment is included. There
was a major virus hoax on the internet about a virus called "Good Times".
The good times virus was supposedly spread via e-mail. A phony warning was in
circulation stating that e-mail that had "good times" in the subject line was an
infected e-mail.
Back to Top
Computer viruses are similiar to biological viruses in many
ways. Both can and are created by man. Both computer and biological viruses
can be used for evil. Anti-virus software can be compared to immunization from
biological viruses. Computer viruses can be altered to render the software useless
against the virus. Similarly, biological viruses can adapt into new strains and
render current medical treatments useless. Just as anti-virus software must be
consistently updated to fight against current viruses so to medical treatments must be
studied to make sure the treatments are effective. Finally, it may be possible for
both viruses to simply evolve from benign events such as conflicts with hardware on a
computer or something in the environment in the body.
Back to Top
The way people react to computer viruses is very similiar to
the way people would react to a biological virus. Usually, there is alot of panic
among the public if there is enough attention given to the virus. In my opinion,
most of the hysteria caused by both biological viruses and computer viruses stems from
ignorance of the true facts. Examples of this would be AIDS and recently the flesh
eating virus known as Strep. Melissa would be a good example in the computer medium.
I can remember when the AIDS virus first came to light, there was so much
misinformation circulating as to the cause and spreading of the virus I didn't know what
to believe. The same can be said of the Melissa virus that recently surfaced.
Many people believed that the virus could be spread by receiving the e-mail.
But as I have said ad nauseam in this report, viruses can only be spread from
e-mail via the attachment. A good site for information on the Melissa virus is this site that answers many
Frequently Asked Questions about the virus. I think with both computer and
biological viruses the best thing to do before panicking is to get all the facts and then
make your own decisions.
Back to Top
I have only seen two other students reports on the topic of computer viruses as most people either didn't do the same topic or haven't posted on the net yet. The reports I did look at were from Albert Ne and Russ Muramatsu. The presentation of both reports is very good, I especially liked Russ' use of a framed page with cool graphics. The content and approach is fairly similiar in all of our reports however. I think this is due to the fact that we were each given the same set of strict guidelines to follow which doesn't allow for that much originality or experimentation. Back to Top
In writing this report I have learned much about how viruses
are spread, created, and the different types of viruses. I have found that knowledge
is key in understanding viruses and that you should get all the facts about a virus before
you start panicking.
As far as how future generations will use my report, I'm not
quite sure. Personally, I feel I've presented some useful information in this report
but I could be considered rather biased. I hope others will find the content of this
report helpful, but one can only hope.
In regards to furthering this topic, I think over time this topic
will be furthered on its own as technology keeps advancing. Viruses are created
every day and I don't think we will ever be completly free from them.
Back to Top
| Home Report 1 Report 3 Oral Report Bookmarks Icons Class Page Dr. James Page My G10 Page |
Email: pederson@hawaii.edu