This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
A computer virus is a computer program that can copy itself. and infect a computer. The term virus is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.
Discuss the damage that a computer virus can cause to a computer system.
Computer Virus is a kind of malicious software written intentionally to enter a computer without the user's permission or knowledge, with an ability to replicate itself, thus continuing to spread. Some viruses do little but replicate others can cause severe harm or adversely effect program and performance of the system. A virus should never be assumed harmless and left on a system. Most common types of viruses are mentioned below:
This type of virus is a permanent which dwells in the RAM memory. From there it can overcome and interrupt all of the operations executed by the system: corrupting files and programs that are opened, closed, copied, renamed etc.
Examples include: Randex, CMJ, Meve, and MrKlunky.
Direct Action Viruses
The main purpose of this virus is to replicate and take action when it is executed. When a specific condition is met, the virus will go into action and infect files in the directory or folder that it is in and in directories that are specified in the AUTOEXEC.BAT file PATH. This batch file is always located in the root directory of the hard disk and carries out certain operations when the computer is booted.
Discuss the security measures that are commonly implemented to safeguard against computer viruses.
The risk of virus infection can be minimized by a combination of common sense, vigilance, virus defense software and the use of virus alert services. The most effective solutions use a combination of these. The following sections describe some general steps to take to prevent a virus infection.
Common sense and vigilance
Keep your premises physically secure. This makes good sense in all circumstances, especially as some intruders have been known to introduce viruses deliberately by using infected floppy discs.
Do not open suspicious e-mails or attachments. Treat as suspicious any e-mails from:
- anonymous senders
- strangers addressing you in a familiar manner
- non-standard addresses.
Virus defense software
Basic actions (again, based on common sense) should include the following:
Keep your Internet browser up-to-date by 'patching' it regularly. Most browser updates include new security elements to meet newly identified virus
threats. These updates can be obtained from Microsoft (for Internet Explorer) or Netscape.
Purchase virus defense software. You should identify your individual requirements depending on your technical infrastructure, geographic spread and dependency on technology.
Any technical solutions need to be managed. The following steps provide a simple framework.
Define a virus defense strategy, addressing:
- gateway virus checking
- server virus checks
- workstation virus checks
- update mechanism for patches and fixes
- isolation policy
- recovery procedures.
Virus alert services are provided by a number of bodies, including:
European Institute for Computer Anti-Virus Research
Symantec Security Response
Sophos Virus Information
SECURITY: HOW TO PROTECT YOURSELF AGAINST COMPUTER VIRUSES
Details on subscription to these services can be obtained directly from the service itself. If alerts are used, they should be combined with a practical procedure for updating the systems at risk, including your servers, desktops and laptops.
N.B. Inclusion of companies listed on these pages does not reflect any form of endorsement by BERR.
Describe a computer worm in the context of internet security
What is the worm in computer?
Computer worms are malicious software applications designed to spread via computer networks. Computer worms are one form of malware along with viruses andtrojans. A person typically installs worms by inadvertently opening an email attachment or message that contains executable scripts.
Once installed on a computer, worms spontaneously generate additional email messages containing copies of the worm. They may also open TCP ports to create networks security holes for other applications, and they may attempt to flood the LAN with spurious Denial of Service (DoS) data transmissions.
What are computer worms?
A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer
Discuss the damage that a computer worm can cause.
A worm may infect a computer without any action on the users part, or it may trick a user into performing an action which would allow it to infect the computer; though a worm that requires a user to propagate borders on being a Trojan horse, which is another form of malware.
Worms may propagate over a computer network, portable storage, or any other means in which any data could enter a system by exploiting un-patched vulnerabilities in the computer's software.
Discuss the term computer hacking
Computer hacking is more difficult to define. Computer hacking always involves some degree of infringement on the privacy of others or damage to computer-based property such as files, web pages or software. The impact of computer hacking varies from simply being simply invasive and annoying to illegal. There is an aura of mystery that surrounds hacking, and a prestige that accompanies being part of a relatively elite group of individuals who possess technological savvy and are willing to take the risks required to become a true hacker
a hacker can be defined as:
A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.
One who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming.
A person capable of appreciating hack value.
A person who is good at programming quickly.
An expert at a particular program, or one who frequently does work using it or on it.
Discuss the ethical issues concerning computer hacking and the fact that computer hackers are looked down upon from an ethical point of view.
Ethics Of Hacking
Cracking is the correct concept for deconstructing/sabotaging in the cyberspace/Internet, e.g. by circumventing the security of a website and posting your own (critical) stuff on their site or spreading viruses in the Internet. Hacking, on the other hand, is about using and reconstructing the computer or other machines/systems in a new and (by the owners and inventors) unintended way. Hacking is about reclaiming the system, manipulating it and using it, not destroying it. Both terms define people who can break into computer systems and rewrite programs, but hackers do not use their knowledge offensively or illegally. Crackers use their skills for illegal use: distributing pirated materials, stealing money and identities, etc.
Describe a firewall in the context of internet security
firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices which is configured to permit or deny computer applications based upon a set of rules and other criteria.
Firewalls can be implemented in either hardware or software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
There are several types of firewall techniques:
Packet filter: Packet filtering inspects each packet passing through the network and accepts or rejects it based on user-defined rules. Although difficult to configure, it is fairly effective and mostly transparent to its users. It is susceptible to IP spoofing.
Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.
Discuss the Application Layer Firewall and the Network Layer Firewall in your report.
An application firewall is a form of firewall which controls input, output, and/or access from, to, or by an application or service. It operates by monitoring and potentially blocking the input, output, or system service calls which do not meet the configured policy of the firewall. The application firewall is typically built to monitor one or more specific applications or services (such as a web or database service), unlike a network firewall which can provide some access controls for nearly any kind of network traffic. There are two primary categories of application firewalls, network-based application firewalls and host-based application firewalls network-based application layer firewall is a computer networking firewall operating at the application layer of a protocol stack and are also known as a proxy-based or reverse-proxy firewall. Application firewalls specific to a particular kind of network traffic may be titled with the service name, such as a web application firewall. They may be implemented through software running on a host or a stand-alone piece of network hardware. Often, it is a host using various forms of proxy servers to proxy traffic before passing it on to the client or server.