WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Read this whole guide offline with no ads, for a low price!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Need more practice? 300 additional Security+ questions!
Get It Here!

Google
Web CertiGuide






Table Of Contents  CertiGuide to Security+
 9  Chapter 1:  General Security Concepts (Domain 1.0; 30%)
      9  1.5  Malicious Code

Previous Topic/Section
1.5  Malicious Code
Previous Page
Pages in Current Topic/Section
1
2
Next Page
 1.5.2  Trojan Horses
Next Topic/Section

1.5.1  Viruses
(Page 1 of 2)

This is a catchall phrase for any man-made code that is anything from annoying (WAZZU100) to destructive, such as a boot sector virus101, which includes some way to attach itself to other files, called “host files,” and replicate itself. A virus can replicate either from file to file on a single system, or across a network (if it replicates automatically across the network without a user’s assistance, it is more precisely called a worm, another type of malicious code discussed in 1.5.4).

A Virus is…

A virus is a program that attaches itself to a host file and replicates itself on a system. Usually when run, unbeknownst to the user, a virus performs some action that is either malicious or simply annoying. For example, a virus may delete or modify system files, or just produce a joke message on the user’s screen.


Viruses move from computer to computer by some user’s actions, rather than spreading automatically across a network. A virus typically gets into a system from an external source, such as a floppy disk containing software given to you by an office-mate, a file on a network share being copied onto your system and then executed to install it or “just see what it does,” an email message sent to you by a friend containing a file that claims to be a greeting card (to get you to open it), or software that you download from the web or install from a very unlucky vendor’s CD distribution (the latter really has happened ).

The possibility of transmitting a virus by email is why many email systems feature virus scanning for in-bound email, trying to limit the number of ways known viruses can enter a network.

[spacer]Viruses are Getting Sneaky

Over the years, the IT world has seen several different kinds of viruses, including:

1. Boot sector viruses which place their code in the hard disk’s boot sector, which is loaded every time the machine powers on.

2. File infector viruses which attach themselves to legitimate executable programs, causing the virus to run each time one of those programs is launched.

3. Script viruses which, like file infectors, attach themselves to existing legitimate programs (in this case, scripts like DOS batch files or VBscript or java script batch files), causing the virus to run each time the infected script is launched.

4. Macro viruses that are embedded in files such as word processing documents and spreadsheets whose environments (such as Microsoft Word) support “macro” programming in documents to customize Word’s behavior when the document is open. These viruses are often attached to initialization macros that run whenever the document is opened, so that the user is not aware that they are “running” anything.



 __________________

100. http://open.jeffersonhospital.org/tju/dis/virus/desc/wazzu.html (I wonder if a U of W <Huskie> wrote this?)

101. http://www.sophos.com/virusinfo/analyses/index_dosexe.html.

Previous Topic/Section
1.5  Malicious Code
Previous Page
Pages in Current Topic/Section
1
2
Next Page
 1.5.2  Trojan Horses
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.