home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hacker 2
/
HACKER2.mdf
/
virus
/
cpi2_2.txt
< prev
next >
Wrap
INI File
|
1995-01-03
|
4KB
|
70 lines
[2.2]
Explanation of Viruses and Trojans Horses
-----------------------------------------
Written by Acid Phreak
Like it's biological counterpart, a computer virus is an agent of
infection, insinuating itself into a program or disk and forcing its host
to replicate the virus code. Hackers fascinated by the concept of "living"
code wrote the first viruses as projects or as pranks. In the past few
years, however, a different kind of virus has become common, one that lives
up to an earlier meaning of the word: in Latin, virus means poison.
These new viruses incorporate features of another type of insidious
program called a Trojan horse. Such a program masquerades as a useful
utility or product but wreaks havoc on your system when you run it. It may
erase a few files, format your disk, steal secrets--anything software can
do, a Trojan horse can do. A malicious virus can do all this then attempt
to replicate itself and infect other systems.
The growing media coverage of the virus conceptand of specific viruse
has promoted the development of a new type of software. Antivirus programs,
vaccines--they go by many names, but their purpose is to protect from virus
attack. At present there are more antivirus programs than known viruses
(not for long).
Some experts quibble about exactly what a virus is. The most widely
known viruses, the IBM Xmas virus and the recent Internet virus, are not
viruses according to some experts because they do not infect other programs.
Others argue that every Trojan horse is a virus--one that depends completely
on people to spread it.
How They Reproduce:
-------------------
Viruses can't travel without people. Your PC will not become infected
unless someone runs an infected program on it, whether accidentally or on
purpose. PC's are different from mainframe networks in this way--the
mainframe Internet virus spread by transmitting itself to other systems and
ordering them to execute it as a program. That kind of active transmission
is not possible on a PC.
Virus code reproduces by changing something in your system. Some viruses
strike COMMAND.COM or the hidden system files. Others, like the notorious
Pakistani-Brain virus, modify the boot sector of floppy disks. Still others
attach themselves to any .COM or .EXE file. In truth, any file on your
system that can be executed--whether it's a program, a device driver, an
overlay, or even a batch file--could be the target of a virus.
When an infected program runs, the virus code usually executes first and
then transfers control to the original program. The virus may immediately
infect other programs, or it may load itself into RAM and continue spreading.
If the virus can infect a file that will be used on another system, it has
succeeded.
What They Can Do:
-----------------
Viruses go through two phases: a replication phase and an action phase.
The action doesn't happen until a certain even occurs--perhaps reaching a
special date or running the virus a certain number of times. It wouldn't
make sense for a virus to damage your system the first time it ran; it needs
some time to grow and spread first.
The most vulnerable spot for a virus attack is your hard disk's file
allocation table (FAT). This table tells DOS where every file's data resides
on the disk. Without the FAT, the data's still there but DOS can't find it.
A virus could also preform a low-level format on some or all the tracks of
your hard disk, erase all files, or change the CMOS memory on AT-class
computers so that they don't recognize the hard disk.
Most of the dangers involve data only, but it's even possible to burn
out a monochrome monitor with the right code.
Some virus assaults are quite subtl. One known virus finds four
consecutive digits on the screen and switches two. Let's hope you're not
balancing the company's books when this one hits. Others slow down system
operations or introduce serious errors.
Downloaded From P-80 International Information Systems 304-744-2253