Showing posts with label Virus. Show all posts
‘Linux: A Virus-Free OS’ – Truth or Myth ?
Linux the term is altogether an alien word for many people. And of the handful of people switching or let’s say having their ‘tryst’ with Linux, have a very common misconception – ‘Linux is virus free.’ A very debatable sentence, lets take a look at some arguments.
For getting to our point lets take a look at how a linux system works. Linux works in a multi-user environment, where users are given privileges of different magnitude for different purposes. A typical user would have normal privileges, simple enough to help him use the system but not change major system settings.
To spread a virus around you’ll have to gain access to the core of a linux system and for that you’ll need to have root access.
Linux is centered around security and gaining root access is nearly impossible. But, as they say, impossible is nothing. Viruses for linux are on the rise. One of the major reasons is due to the fact that linux is being spread and marketed at quite a fast rate.
To accommodate novice users, GUI’s are being integrated. And this is one of the causes of rise in viruses. How? The following is a quote from a foobar blog post:
Then you save an email attachment under Linux, the execute flag is normally NOT set and thus, the file can’t be executed just by clicking on it. So, no luck?Not so fast. Modern desktop environments, such as Gnome and KDE, conveniently offer a nice “workaround” called ‘launchers’. Those are small files that describe how something should be started. Just a few lines that specify the name, the icon that should be displayed and the actual command to execute. Conveniently, the syntax of those launcher files is the same for Gnome and KDE. And those launchers don’t have to have any execute permissions set on them! Desktop environments treat those files as a special case, so when you click on them Gnome or KDE will happily execute the command that was specified within the launcher description and without the need for the execute bit to be set on the launcher itself. Now we are getting somewhere!
But don’t jump the gun yet. Most of the linux distros are still way safer than Windows systems. The reason being that as they are open source and have full disclosure, developers are quick to release patches/fixes.
Also the reason why Linux viruses are rare, is because of the simple fact that the world has too muchWindows Users. So if a hacker could write a code and hack (for eg.) 60% of the world’s computers (as they are Windows-based systems) instead of only a handful of Linux computers, what would he choose?
The 10 Best Free Anti-Virus Programs
There are many free anti-virus programs on the market, and you want to sort the wheat from the chaff. Fair enough. Documented here are the 10 best antivirus programs on the market.
Microsoft Security Essentials
Released by Microsoft in late 2009, Microsoft Security Essentials sports more than a typically verbose Microsoft name: it’s also a really good antivirus. Lightweight enough to run on older machines without crippling their performance, yet competent enough to handle most viruses and malware out there.
Perhaps the best part of MSE is its simplicity. As you can see, the user interface is really clear, with large buttons for the most basic functions. This is important if you’re setting it up on a computer for someone who is not computer-savvy.
Finally, MSE is completely free – there’s no professional version you can upgrade to. In fact, it’s even permissible to use in business situations, meaning you can use it at work without breaking the law. This alone sets it above most of the other selections for the 10 best antivirus programs.
AVG Free
This one recently topped our Movers and Shakers list of the top downloaded free anti-virus programs. But just because AVG is popular doesn’t mean it’s not great.
AVG has become synonymous with free anti-virus, and there’s a reason for this: AVG offers complete malware protection, with considerably less bloat than the top pay-to-use antivirus clients. And while AVG Free does constantly remind you that you could pay for the professional version of the program, it does this without ever getting in the way of the program’s core purpose: protecting you from viruses.
Though when it comes to upgrading one version of AVG to another, you need to make sure you’re good at reading what’s on screen, because the free download is only available via a tiny link at the bottom of the screen””the site really wants you to get the paid version. When upgrading to version 9 recently, for example, check out how hidden the free download was:
Not exactly a big link, is it? Figure this minor inconvenience out, however, and AVG is a a really good free anti-virus. Download AVG.
Avira Free
In terms of simplicity, Avira’s right up there with MSE. It’s fairly lightweight, too, so the comparison is quite apt. While Avira does have a paid professional version to peddle, much like AVG, it’s not quite as aggressive as AVG in peddling it. I’d say Avira is solid and worth looking into for sure. Download Avira Free here.
Avast! Free
If this competition were for the coolest name, the piratey Avast! would win hands down. Even though that’s not what we’re discussing, Avast! stands up pretty well. This is one of the top free anti-viruses on the market, and for good reason: it’s remarkably complete. Expect great all-around protection, including against trojans and spyware. You can also expect constant reminders that there’s a free version you can upgrade to, on your desktop and in your inbox. Still, the protection is solid.Malwarebytes
Whatever your default anti-virus is, you need Malwarebytes too. This program doesn’t run in your system background and constantly protect you, but when you run into a problem running Malwarebytes will usually take care of what other programs can’t. I’ve saved more than a few unbootable systems by running Malwarebytes from safe mode. This program takes care of any form of malware you throw at it, so keep it around. In fact, I’d keep this one on your flash drive in case you ever need to fix a computer for a friend (and if you’re reading this blog, you probably will).
Combo Fix
Consider this the nuclear option. If you know you’ve got a virus, but your usual anti-virus program can’t handle it, and Malwarebytes can’t handle it, it’s time for ComboFix. This program isn’t friendly: it runs from a command window and is proud of it. And this is not a program you should use if you don’t know what you’re doing, because it can have devastating effects in the hands of the uneducated. But when all else fails, ComboFix delivers. Every geek should have this one on their keychain.
Clamwin
Clamwin is the Windows version of ClamAV, the main Linux anti-virus on the market. ClamWin is flawed in many ways: it simply scans instead of offering real-time protection, it doesn’t really do non-virus malware and it’s not exactly easy to use. Still, having ClamWin around doesn’t cost anything, and you can never have enough scanning tools in your arsenal.
Download ClamWin and see if you like it.
Panda Cloud AntiVirus
At first I thought the idea of a cloud-based antivirus was stupid, because it would only work while I’m online. Then it occurred to me: why the heck do I need an anti-virus when I’m offline?
As the name suggests, Panda Cloud Antivirus stores its virus definitions online. There’s an upside to this: your definitions are always up to date. There’s a downside, too, however: your anti-virus is constantly making use of your network connection.
I’d say this is a really good idea for underpowered PCs with constant access to the net. Like, say, a netbook. But if you’ve got a netbook you shouldn’t be using Windows anyway; switch to Jolicloud and you’ll have a functional netbook operating system immune to practically every virus.
Read a previously published article on Panda Cloud. Then download Panda Cloud Antivirus if you’re interested.
Comodo Firewall + Antivirus
Comodo is best known for its free firewall, but it also offers a bundled firewall and antivirus program. While the Comodo firewall isn’t the easiest to use, and the antivirus doesn’t include protection for non-virus forms of malware, this one’s worth mentioning if you’re looking for a free security suite which includes both a firewall and anti-virus protection.
Common Sense 2012
This one’s unusual in that it’s free and considered by far the best protection out there, yet can’t be downloaded anywhere. Without it, however, even the best security software is rendered useless.
If you haven’t already figured this out, Common Sense 2012 isn’t a product you can download so much as it is a state of mind. If you’re going to be free of viruses and malware you need to use your head while browsing the web. The most important thing to remember is this: if something sounds too good to be true, it probably is””and your computer will probably be compromised.
Free porn usually isn’t. Warez are best to be avoided altogether. Nigerians that need your help transferring money are never actually princes or princesses. You get the idea: avoid shady sites online and you’ll find you’ll get far less malware on your machine.
Conclusion
There are a lot of great free anti-virus programs out there, but what you use is mostly a matter of preference. Myself, I use Microsoft Security Essentials on my Windows machine because it’s free, lightweight and will never ask me for money. But I also make sure I always have Malwarebytes on my thumb drive for quickly removing viruses and malware from the computers of friends and family.
What about you? Which free anti-virus do you prefer? Commenting is good for you, so do so!
How to Know if Your Computer is Infected with a Virus
No one wants to own a computer infected with a nasty virus. That's why it's very important to practice safe computing habits and to install reliable anti-virus software. You can avoid most malware just by paying attention and staying away from a few common traps. If your anti-virus software is up to date, you should be in pretty good shape.
But once in a while, computer viruses get beyond our defenses. Maybe our anti-virus software is out of date or has been compromised by a particularly clever bit of code. Perhaps we clicked on a link by accident and activated a virus. Or someone else used our computer and downloaded some malware by mistake.
Signs of a Computer Virus
Assuming your anti-virus software hasn't alerted you to the presence of a virus, here are some indicators of malware on your computer:
If your computer has become unstable, that's a sign that something's wrong. Some malware messes with important files that keep your computer running properly. That could cause your computer to crash. If your computer crashes when you try to run a specific application or open a particular file, that tells you that something has corrupted the data. It could be malware.
Does your computer seem to run much more slowly than it used to? This could be the result of malware as the malicious code begins to drain your computer's processing resources. If you aren't running a resource-heavy application but your computer is very slow, you might have a computer virus.
Strange messages indicating that you can't access certain drives on your computer are another sign that something is wrong. In a similar vein, applications that won't run or files that won't open may also be the result of infection. Other indicators include hardware (like printers) that no longer respond to commands. While none of these guarantee the presence of a virus, they do suggest that something is wrong with your machine.
If you notice that file sizes are fluctuating even if you aren't accessing those files, that's another sign of a computer virus. And finally, if you access menus and their appearance is odd or distorted, you could be the victim of a malware attack.
How Computer Addiction Works
Obsessively checking e-mail. Playing online games for 12 hours or more at a time. Placing more value on chat-room friends than real friends. Neglecting family, work and even personal health and hygiene. These are all symptoms of a new form of addiction that has surfaced only in recent years: computer addiction. In this article, we'll learn about computer addiction, why it's a problem -- and why some doctors disagree about whether it exists at all.Creating a single definition for computer addiction is difficult because the term actually covers a wide spectrum of addictions. Few people are literally addicted to a computer as a physical object. They become addicted to activities performed on a computer, like instant messaging, viewing Internet pornography, playing video games, checking e-mail and reading news articles. These activities are collectively referred to as Computer Mediated Communication(CMC). Computer addiction focused on Internet use is often called Internet Addiction Disorder (IAD).
The various types of computer addicts have different reasons for their habits. Obsessive chat room use or e-mailing might fill a void of loneliness, while excessive viewing of pornography might stem from relationship problems or childhood abuse. The matter is further complicated by the fact that a computer is a useful tool. It's not like heroin, for example -- there are many legitimate reasons why someone might spend hours using a computer.Even if someone uses a computer extensively for purely recreational purposes, that doesn't necessarily represent a real addiction any more than someone who spends hours working on a model train set, makingquilts or gardening is "addicted" to those activities. Even the agreed-upon definition of addiction itself has evolved over the decades and remains a matter of debate in the medical community. In fact, the American Medical Association and the American Psychiatric Association do not currently consider computer addiction a valid diagnosis, a controversy we'll discuss later.As a result of all these complications, any single definition of computer addiction is necessarily broad and a little vague. If the computer use is so pervasive that it interferes with other life activities, and if the user seems unable to stop using the computer to excess despite negative consequences, the problem might be a computer addiction.
What is Ethical Hacking & Ethical Hacker ?
Ethical hacking is the process of hacking the information that is considered to be confidential. The information through the ethical hacking does not remain secret at all. The ethical hacking process is also known as the intrusion testing, penetration testing or red teaming. However the ethical hacking also gives s professional certification to the certified ethical hacker where the hacking of the computer system or some other devices takes place. This service had been made available to the people by the international council of e-commerce consultants.
Moreover for the ethical hacking the user has to be an ethical hacker which is somehow the name that is given to the person and for this the person must be a penetration tester. The ethical hacker is responsible for the performance of different activities. The main role that had been allotted to the ethical hacker is that he is the person who is mainly working for an organization or the organization hires the ethical hacker for the purpose of penetrating the information from different networks or systems. The organization trusts the ethical hacker as he is responsible for providing different services to the firm.
The ethical hacking service is very much similar to that of the hacking and the ethical hacker is also working in the same way as the hacker is working for different purposes. The ethical hacker is the person who is found to be a computer expert and at the same time he is also responsible for the working of the networking systems as well. He is the person who works on behalf of the members of the organization. At times the hacking service that is being provided by the hacker can also be dangerous for the firm and hence it can exploit the systems of the company.
An Ethical Hacker is an expert hired by a company to attempt to attack their network and computer system the same way a hacker would. Ethical Hackers use the same techniques and tactics as those used by illegal hackers to breach corporate security systems. The end result is the company's ability to prevent an intrusion before it ever occurs.
An Ethical Hacker works to uncover three key pieces of information. First, he determines what information an illegal hacker can gain access to. Next, he explores what an illegal hacker could do with that information once gained. Last, the Ethical Hacker ascertains whether an employee or staff member would be alerted to the break-in, successful or not.
In order to get the most out of the assessment, a company should decide in advance the nature of the vulnerabilities they're most concerned with. Specifically, the company should determine which information they want to keep protected and what they're concerned would happen if the information was retrieved by an illegal hacker.
The 8 Most Dangerous Computer Viruses In History
1 ) Jerusalem – 1987
This is one of the first MS-DOS viruses in history that caused enormous destructions, affecting many countries, universities and company worldwide. On Friday 13, 1988 the computer virus managed to infect a number of institutions in Europe, America and the Middle East. The name was given to the virus after one of the first places that got “acquainted” with it – the Jerusalem University.
Along with a number of other computer viruses, including “Cascade”, “Stoned”, “Vienna” the Jerusalem virus managed to infect thousands of computers while still remaining unnoticed. Back then the anti-virus programs were not as advanced as they are today and a lot of users had little belief of the existence of computer viruses.
2 ) Morris (Internet Worm) – November 1988
The Morris worm or Internet worm was one of the first computer worms distributed via the Internet. It is considered the first worm and was certainly the first to gain significant mainstream media attention. It also resulted in the first conviction in the US under the 1986 Computer Fraud and Abuse Act. Once the worm discovers an internet connection, all that it must do is download a copy of itself to that location, and continue running as normal. Now it has been 7 years since the Worm was defeated, but it is still worth looking at what happened, both in terms of how the program operated, and as to what conditions allowed it to do what it did. With that in mind, there are a number of subtopics of interest.
3 ) Solar Sunrise – 1998
Two Californian teenagers took American government by surprise, in 1998, when they intruded and took control of around 500 systems that belonged to the governmental as well as private sector. This was done with the help of a computer virus and the situation was given the name of Solar Sunrise, after an operating system called Sun Solaris. The computers that ran this OS had few weaknesses. US government took the incident as another golden opportunity to blame Iraqis but soon found out that the culprits were no other than their own Americans.
Initially it was believed that the attacks were planed by the operatives in Iraq. It was later revealed that the incidents represented the work of two American teenagers from California. After the attacks, the Defense Department took drastic actions to prevent future incidents of this kind.
4 ) Melissa – 1999
The Melissa virus, also known as “Mailissa”, “Simpsons”, “Kwyjibo”, or “Kwejeebo”, is a mass-mailing macro virus. As it is not a standalone program, it is not in fact a worm. Melissa can spread on word processors Microsoft Word 97 and Word 2000 and also Microsoft Excel 97, 2000 and 2003. It can mass-mail itself from e-mail client Microsoft Outlook 97 or Outlook 98. If a Word document containing the virus, either LIST.DOC or another infected file, is downloaded and opened, then the macro in the document runs and attempts to mass mail itself. When the macro mass-mails, it collects the first 50 entries from the alias list or address book and sends itself to the e-mail addresses in those entries.
Melissa computer virus was developed by David L. Smith in Aberdeen Township, New Jersey. Its name comes from a lap dancer that the programmer got acknowledged with while in Florida. After being caught, the creator of the virus was sentenced to 20 months in federal prison and ordered to pay a fine of $5,000. The arrest represented a collaboration of FBI, New Jersey State Police and Monmouth Internet.
5 ) I Love You – May 2000
This is one of the most dangerous worms ever and spread worldwide in only one night. It infected around ten percent of all internet users, and the monetary loss was around $5.5 billion. The process started when a user received an email with the subject “ILOVEYOU†and an attachment “LOVE-LETTER-FOR-YOU.TXT.vbsâ€. As soon as the file was opened, the virus managed to send its copy to every address present in the Windows Address Book. This worm was written by a Filipino student who was punished as Philippines had no law related to such cyber crimes. Perhaps this incident triggered the creation of European Union’s global Cybercrime Treaty.
6 ) The Code Red worm – July 2001
The Code Red worm was a computer worm observed on the Internet on July 13, 2001. It attacked computers running Microsoft’s IIS web server. The Code Red worm was first discovered and researched by eEye Digital Security employees Marc Maiffret and Ryan Permeh. The worm was named the .ida “Code Red” worm because Code Red Mountain Dew was what they were drinking at the time, and because of the phrase “Hacked by Chinese!” with which the worm defaced websites.
Although the worm had been released on July 13, the largest group of infected computers was seen on July 19, 2001. On this day, the number of infected hosts reached 359,000. The worm spread itself using a common type of vulnerability known as a buffer overflow. It did this by using a long string of the repeated character ‘N’ to overflow a buffer, allowing the worm to execute arbitrary code and infect the machine.
7 ) Nimda – 2001
Nimda is a computer worm, and is also a file infector. It quickly spread, eclipsing the economic damage caused by past outbreaks such as Code Red. Multiple propagation vectors allowed Nimda to become the Internet’s most widespread virus/worm within 22 minutes. The worm was released on September 18, 2001. Nimda was considered to be one of the most complicated viruses, having up to 5 different methods of infecting computers systems and duplicating itself.
8 ) Downadup – 2009
The Downadup worm, also known as Conficker and Kido, has affected 6 million PCs in just the past three days, according to British officials. his malicious program was able to spread using a patched Windows flaw. Downadup was successful in spreading across the Web due to the fact that it used a flaw that Microsoft patched in October in order to distantly compromise computers that ran unpatched versions of Microsoft’s operating system. According to New York Times, conficker has more than 7 million computer systems under its control now. China, Argentina, Brazil, Russia, and India were the main affected nations.
What is a Computer Virus & How it works ?
Understanding exactly how a computer virus works is not a simple task. Here's a generic explanation:
Let's imagine a desk clerk coming to work every day to his office. Everyday he finds a stack of papers with a list of tasks that he must fulfill during his work day. He takes the top paper from the stack, reads the instructions, follows them carefully, then throws the "used" paper into the wastebasket and continues to the next task. Now, suppose a bad guy sneaks into the office and inserts a paper into the stack with his own task which goes like this: "Copy this paper two times and put the copies into your neighbors' stacks". This is approximately the scenario according to which the computer virus works.
A computer, like a desk clerk, carefully fulfills all the commands contained in the program (task lists), starting with the first one. If the first instruction is "copy my body into two other programs", the computer will do so, and the virus command will now be in two other programs. When the computer starts running other "infected" programs, the virus will continue to spread to all over the computers in a similar manner. In the above scenario, about a desk clerk and his office, our paper virus does not check whether another stack of papers is infected or not. Therefore, by the end of the working day, all the office will be overrun by piles of such copies and the clerks will have nothing else to do but copy the same text and give it to their neighbors. The result of all this...the first clerk makes two copies of the paper, the next victims of the virus makes four copies, then 8, 16, 32, 64 and so on.
Types of Computer Viruses
Resident Viruses
This type of virus is a permanent which dwells in the RAM. From there it can overcome and interrupt all the operations executed by the system: corrupting files and programs that are opened, closed, copied, renamed etc.
Examples include: Randex, CMJ, Meve, and MrKlunky.
Direct Action Viruses
The main purpose of this virus is to replicate and take action when it is executed. When a specific condition is met, the virus will go into action and infect files in the directory or folder that it is in and in directories that are specified in the AUTOEXEC.BAT file PATH. This batch file is always located in the root directory of the hard disk and carries out certain operations when the computer is booted.
Overwrite Viruses
Virus of this kind is characterized by the fact that it deletes the information contained in the files that it infects, rendering them partially or totally useless once they have been infected.
The only way to clean a file infected by an overwrite virus is to delete the file completely, thus losing the original content.
Examples of this virus include: Way, Trj.Reboot, Trivial.88.D.
Boot Virus
This type of virus affects the boot sector of a floppy or hard disk. This is a crucial part of a disk, in which information on the disk itself is stored together with a program that makes it possible to boot (start) the computer from the disk.
The best way of avoiding boot viruses is to ensure that floppy disks are write-protected and never start your computer with an unknown floppy disk in the disk drive.
Examples of boot viruses include: Polyboot.B, AntiEXE.
Macro Virus
Macro viruses infect files that are created using certain applications or programs that contain macros. These mini-programs make it possible to automate series of operations so that they are performed as a single action, thereby saving the user from having to carry them out one by one.
Examples of macro viruses: Relax, Melissa.A, Bablas, O97M/Y2K.
Directory Virus
Directory viruses change the paths that indicate the location of a file. By executing a program (file with the extension .EXE or .COM) which has been infected by a virus, you are unknowingly running the virus program, while the original file and program have been previously moved by the virus.
Once infected it becomes impossible to locate the original files.
Polymorphic Virus
Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and encryption keys) every time they infect a system.
This makes it impossible for anti-viruses to find them using string or signature searches (because they are different in each encryption) and also enables them to create a large number of copies of themselves.
Examples include: Elkern, Marburg, Satan Bug, and Tuareg.
File Infectors
This type of virus infects programs or executable files (files with an .EXE or .COM extension). When one of these programs is run, directly or indirectly, the virus is activated, producing the damaging effects it is programmed to carry out. The majority of existing viruses belong to this category, and can be classified depending on the actions that they carry out.
Companion Viruses
Companion viruses can be considered file infector viruses like resident or direct action types. They are known as companion viruses because once they get into the system they "accompany" the other files that already exist. In other words, in order to carry out their infection routines, companion viruses can wait in memory until a program is run (resident viruses) or act immediately by making copies of themselves (direct action viruses).
Some examples include: Stator, Asimov.1539, and Terrax.1069
FAT Virus
The file allocation table or FAT is the part of a disk used to connect information and is a vital part of the normal functioning of the computer.
This type of virus attack can be especially dangerous, by preventing access to certain sections of the disk where important files are stored. Damage caused can result in information losses from individual files or even entire directories.
Worms
A worm is a program very similar to a virus; it has the ability to self-replicate, and can lead to negative effects on your system and most importantly they are detected and eliminated by antiviruses.
Examples of worms include: PSWBugbear.B, Lovgate.F, Trile.C, Sobig.D, Mapson.
Trojans or Trojan Horses
Another unsavory breed of malicious code are Trojans or Trojan horses, which unlike viruses do not reproduce by infecting other files, nor do they self-replicate like worms.
Logic Bombs
They are not considered viruses because they do not replicate. They are not even programs in their own right but rather camouflaged segments of other programs.
Their objective is to destroy data on the computer once certain conditions have been met. Logic bombs go undetected until launched, and the results can be destructive.
