May 1998

William F. Slater, III

(picture borrowed from http://cnn.com web article on bio-terrorism)

VIRUS QUESTIONS AND ANSWERS with Valuable Text Resources

1. What is a computer virus?

A computer virus is an intelligent, usually destructive computer program which has the peculiar ability to surreptitiously penetrate a computer system and replicate itself by attaching itself to other programs, while causing problems ranging from irritating system behavior, to destruction of physical system components to massive software and/or data destruction.

 

2. Besides viruses, what are other types of destructive programs are there?

Trojan Horses -- Like its namesake, this type of program enters a system through an innocent manner and waits for the right moment to unleash its attack.

 

Worms -- A self-replicating program which exists independent of other programs.

 

Logic bombs -- A destructive program which is triggered by a date, time, or event, and when triggered, it destroys data and/or other programs.

 

Salamis -- A special program which invades a financial program and removes assets a "slice at a time", hence the name.

 

Trap Doors -- These are facilities which permit a hacker to surreptitiously enter a system by means of a security loophole which is either inherent in the operating system, or possibly one which the hacker creates which he is a user on the system.

 

Session Hacking -- A special type of hacking which requires hardware, software, and communications expertise. It involves the penetration of a system via network lines and/or possibly through the detection of electronic emissions which radiate from active monitors and terminals.

 

 

3. How are viruses transmitted?

Viruses are transmitted via magnetic and/or electronic mediums because of careless and/or ignorant computing activities. These magnetic and electronic mediums include:

      1. floppy disks
      2. computer memory
      3. hard disks
      4. network wires
      5. network hard disks
      6. bootleg programs
      7. rogue software
      8. rogue websites or servers

And in some rare cases, viruses may even be spread via wireless networks and/or EPROM (firmware) chips.

4. How has the influence of the online world (the Internet, networks, bulletin board systems, and e-mail) affected the world of viruses?

Since November 1987 when the Internet Worm created by Robert T. Morris, Jr. wreaked over $100 million worth of problems on computers connected to the Internet, it has been obvious that having computers connected on a computer network increased the possibility of virus infections. That is not to say that networks are bad, in fact networks are becoming more and more essential and valuable all the time. It's just that being online on a network, a BBS, or dialed into a remote computer increases the possibility of contact with viruses.

5. Will you get in trouble if you report a virus?

No. It is expected that all computer users will recognize the seriousness of a virus attack and call your company Help Desk or an experienced person immediately.

6. What can viruses and other destructive software do to your system?

Best case, a virus may turn out to be a nuisance, such as playing a song repeatedly at random times. In the worst case, a virus can rapidly spread through a system or a group of systems on a computer network, rapidly destroying programs and data. The biggest problems with viruses is that they can spread and do their work silently, quickly, and efficiently, before you ever discover that they are there.

7. How many viruses are there?

At last count, there are over 11,000 viruses, and the list grows at about at least 50 new viruses per month. As you would guess this certainly is enough to keep the anti-virus software producers in business.

8. How do you prevent viruses?

Prevention of virus attacks requires a conscious effort in the area of "safe-computing". Safe computing means

1) be careful about the data and programs you put into your system.

2) don't ever operate bootleg (illegal copies) of software on your system

3) you don't leave disks lying in the open where someone may place a virus on it without your knowledge

4) use a virus attack prevention program, such as McAfee's VSHIELD or Symantec Norton Anti-Virus

 

9. How do you know if you have a virus?

Systems which are affected with viruses act erratically. Sometimes the virus will identify itself with a message giving its name on the screen of your computer monitor. In extreme cases, enough data and/or programs may have been destroyed to prevent your computer from successfully booting.

Does your PC have any of the following symptoms?

    1. Programs taking longer than normal to load and execute.
    2. Disk access taking longer than usual.
    3. Unusual screen activity.
    4. Hardware malfunctions.
    5. Files are disappearing.
    6. Strange files appearing.
    7. Warning messages appearing.
    8. Vindictive or threatening messages.
    9. Disk drive lights coming randomly without reason.
    10. Memory or disk space reduced.
    11. Increases in program file sizes
    12. Apparent data destruction or contamination errors.

10. How do you stop a virus once you discover you have one?

Call the Help Desk or a qualified technical person immediately. Since viruses can constitute a serious threat to a data intensive organization such as a law firm, it is absolutely imperative that virus outbreaks are quickly isolated, identified, and treated so it prevents their continued spread. Your contacting the Help Desk to get experienced people dispatched on the problem is the best way to check a virus attack.

11. Why do people write viruses and other destructive software?

Certain people get a thrill from using their intimate technical knowledge of software, computers, and human behavior, to write destructive software which wreaks havoc in the workplace. Another chief reason that viruses are written is to seek revenge against Americans for being ahead in computer technology and in the business environment. Since it is now illegal to write software which destroys other software and data, the people who write viruses are not only doing it to get a thrill, they are also breaking the law and they risk severe criminal and civil penalties if they are caught.

An interesting quote from The Computer Virus Protection Handbook by Colin Hayes, pp 28 - 29, 1990, SYBEX, gives further insight about the types of people who write computer viruses:

"Viruses have provided a weapon for those members of society who wish to harm others for a variety of reasons. Some of these people are mischievous or destructive vandals, others have political points to make, and still others want to sabotage governments, organizations, or companies that they feel have done them wrong.

"Because the computing population has become so big, there now exists a significant number of vandals, sick minds, and people alienated from the mainstream who have the necessary skills to express their feelings by spreading viruses.

"There is the copycat phenomenon to consider as well -- for example, one case of someone putting poison into a proprietary medicine can lead to others imitating that action. Unlike drug tampering, however, you cannot stop the spread of copycat virus activity by putting tamperproof seals on software packaging. Also, virus creation grows by going beyond simple copycat activity to inspiring someone to create a better virus...

"Particularly intriguing is the possibility of virus creation being a new manifestation of the antagonism felt by some hackers against the way computers are being used by big business, government agencies, and other establishment symbols. Computing is a passion that dominates the lives of many enthusiasts. For some, that passion can develop into obsessional behavior, creating irrational motives to wreak revenge against those perceived to be abusing the "purity" of computing concepts.

"Jealousy and a sense of inferiority can also play a role in shaping a hacker's attitudes. A maverick hacker who has difficulty relating to people and the real physical world feels that he must protect the computing environment, in which he functions comfortably, from being controlled by the very individuals and groups he resents. By disrupting systems and destroying data, he demonstrates that he is in control and has tangible power in territory that he regards as his personal space."

12. What are some good reference books on computer viruses and other destructive software?

There are several which have been published since 1988. Listed below are several very good texts:

Computer Virus Information Text Resources

Maximum Security: A Hacker's Guide to Protecting Your Internet Site and Network

By Anonymous

ISBN 1-57521-268-4, 886 pages, $49.99

1997, Sams Publishing

 

The Underground Guide to Computer Security

By Michael Alexander

ISBN 0-201-48918-X, 240 pages, $19.95

1996, Addison-Wesley Publishing Co.

 

Robert Slade's Guide to Computer Viruses

ISBN 0-387-94663-2, 422 pages, $34.95

1996, Springer

 

Computer Crime: A Crimefighter's Handbook

By David Icove, Karl Seger, and William VonStorch

ISBN 1-56592-086-4, 440 pages, $24.95

1995, O'Reilly & Associates

 

Complete LAN Security and Control

By Peter T. Davis

ISBN 0-8306-4548-9, 330 pages, $34.95

1994, Windcrest / McGraw-Hill

 

Computer Viruses, Artificial Life and Evolution

By Mark Ludwig

ISBN 0-929408-07-1, 374 pages, $22.95

1993, American Eagle Publications (Tucson, AZ)

 

The Little Back Book of Computer Viruses -- Vol. One: The Basic Technology

By Mark Ludwig

ISBN 0-929408-02-0, 182 pages, $14.95

1991, American Eagle Publications (Tucson, AZ)

 

The Computer Virus Protection Handbook

By Colin Hayes

ISBN 0-89588-696-0, 192 pages, $24.95

1990, SYBEX

 

VIRUS! The Secret World of Computer Invaders That Breed and Destroy

By Alan Lundell

ISBN 0-8092-4437-3, 190 pages. $9.95.

1990, Contemporary Books (Chicago and New York)

 

Computers Under Attack: Intruders, Worms and Viruses

Edited by Peter J. Denning

ISBN 0-201-53067-8, 566 pages, $24.95

1990, ACM Press, Div. of Addison-Wesley

 

Rogue Programs: Viruses, Worms, and Trojan Horses

Edited by Lance J. Hoffman

ISBN 0-442-00454-0, 384 pages, $24.95

1990, Van Nostrand Reinhold (New York)

 

Computer Viruses, Worms, Data Diddlers, Killer Programs and Other Threats to Your System

By John McAfee and Colin Hayes

ISBN 0-312-02889-X, 236 pages, $16.95

1989, St. Martin's Press

 

V.I.R.U.S. Protection: Vital Information Resources Under Siege

By Pamela Kane

ISBN 0-553-34799-3, 478 pages, $39.95.

1989, Bantam Books

 

Special Section on the Internet Worm

Communications of the ACM - June 1989

"The Worm Story" Issue

"The Internet Worm: Crisis and Aftermath" by Eugene H. Spafford

"With Microscope and Tweezers: The Worm from MIT's Perspective" by Jon A. Rochlis and Mark W. Eichin

"Password Cracking: A Game of Wits" by Donn Seeley

"The Cornell Commission: On Morris and the Worm" by Ted Eisenburg, David Gries, Juris Hartmanis, Don Holcomb, M. Stuart Lynn, Thomas Santoro

 

Compute!'s Computer Viruses

By Ralph Roberts

ISBN 0-87455-178-1, 170 pages, $14.95

1988, Computer! Books Publications (Greensboro, NC)

 

Computer Viruses: A High-tech Disease

By Ralf Berger

ISBN 1-55755-043-3, 276 pages, $18.95

1988, Abacus

 

Computer Virus Developments Quarterly: The Independent Journal of Computer Viruses

Published quarterly by American Eagle Publications, Inc.

P.O. Box 41401

Tucson, AZ 85717

Price $75 per year.

 

 

-----------------------

Byline: William F. Slater, III is a computer consultant who has been working in the Computer Industry since 1977. He also teaches and writes, and loves this stuff so much that he has a seven-computer network in his home. The names of his computers are Jim, Mitchell, Andreas, Elvis, Peter, Carey, and Bill. To learn more about Mr. Slater and to sample his free class materials, visit him on the web at http://billslater.com or e-mail him at slater@xsite.net.

E-Mail Me

Last Updated: May 10, 1998

By Bill Slater, Webmaster

http://billslater.com