Computer
virus:
-
Definition
You
can
"catch
a
cold"
if
you
use
handkerchief
of
some
person
who
is
suffering
from
cold.
Also
if
you
touch
something
that
is
infected,
you
stand
a
good
chance
of
contracting
a
disease
of
some
sort.
In
the
same
way
Computer
viruses
work.
When
a
virus
attacks
our
body,
a
small,
diseased
cell
might
cling
to
a
healthy
one
and
begin
to
do
its
damage.
When
your
computer
is
attacked,
a
healthy
component
(like
your
boot
sector...
the
part
of
your
system
your
computer
needs
when
it
powers
up)
might
be
damaged
and
cut
off
access
to
your
A:\
drive.
Therefore
in
literally
term
(As
per
the
definition
of
Fred
Cohen's
computer
virus
can
be
defined
as
“A
computer
program
that
can
infect
other
computer
programs
by
modifying
them
in
such
a
way
as
to
include
a
(possibly
evolved)
copy
of
itself.
Note
that
a
program
does
not
have
to
perform
outright
damage
(such
as
deleting
or
corrupting
files)
in
order
to
be
called
a
"virus".
However,
Cohen
uses
the
terms
within
his
definition
(e.g.
"program"
and
"modify")
a
bit
differently
from
the
way
most
anti-virus
researchers
use
them,
and
classifies
as
viruses
some
things
which
most
of
us
would
not
consider
viruses."
History
of
viruses
On
November
3,
1983,
an
idea
was
conceived
of
by
Fred
Cohen
as
an
experiment
to
be
presented
at
a
weekly
seminar
on
computer
security.
The
idea
was
simple
enough:
design
a
computer
program
that
could
modify
other
programs
to
include
a
possibly
evolved
copy
of
itself.
This
evolved
copy
would
then
modify
other
programs
and
thus
continue
the
propagation
and
evolution.
Unknowing
users
throughout
a
computer
system
or
network
could
easily
spread
the
program.
It
only
took
eight
hours
of
expert
work
on
a
heavily
loaded
VAX
11/750
to
complete
the
first
of
such
programs
and
prepare
it
for
demonstration.
The
program
was
inserted
into
the
beginning
of
a
new
program
on
the
system
called
'vd,'
which
displayed
Unix
structures
graphically.
A
new
program
was
chosen
so
that
details
of
its
operation
and
its
performance
characteristics
would
be
unknown.
Users
were
introduced
to
vd
via
the
system
bulletin
board.
The
program
inside
of
vd
used
the
authorizations
of
every
user
using
it
to
infect
their
programs.
In
all
of
the
experiments,
the
program
that
was
initially
inserted
into
vd
was
granted
all
system
rights
in
under
an
hour.
The
shortest
time
was
under
five
minutes,
with
the
average
time
under
30
minutes.
Even
people
who
knew
that
the
experiments
were
taking
place
were
unable
to
defend
themselves.
Once
the
surprising
results
of
the
experiments
were
announced,
the
administrators
of
the
VAX
11/750
decided
that
no
further
computer
experiments
would
be
performed
on
their
system.
Precautions
were
taken
to
keep
the
experiment
under
control.
No
damage
was
done
and
only
reports
were
sent
back
on
the
program's
progress.
Also,
traces
were
generated
to
insure
that
the
program
could
not
spread
without
detection.
All
files
were
purged
of
the
program
after
the
experiment
was
completed.
It
is
unfortunate
that
an
apparent
fear
reaction
on
the
part
of
the
system
administrators
prohibited
any
further
testing.
What
Do
They
Do?
There
are
two
major
categories
of
viruses.
1)
Destructive
viruses,
that
cause:
Massive
destruction...
i.e.:
Low-level
format
of
disk(s),
whereby
any
programs
and
data
on
the
disk
are
not
recoverable.
Damaging
the
hardware:
Viruses
like
Chernobyl
over-
write
The
hardware
flash-bios
rendering
them
un-usable
Partial
destruction...
i.e.:
Erasure
or
modification
of
a
portion
of
a
disk.
Selective
destruction...
i.e.:
Erasure
or
modification
of
specific
files
or
file
groups.
Random
havoc...
i.e.:
Randomly
changing
data
on
disk
or
in
RAM
during
normal
Program
Applications,
or
changing
keystroke
values,
or
data
from
other
input/output
Devices,
with
the
result
being
an
inordinate
amount
of
time
to
discover
and
repair
the
Problem,
and
Damage
that
may
never
be
known
about.
2)
Non-Destructive
viruses,
intended
to
cause
attention
to
the
author
or
to
harass
the
end
user.
i.e.:
Displaying
a
message,
changing
display
colours,
changing
keystroke
values
such
as
Reversing
the
effect
of
the
Shift
and
Unshift
keys,
etc.
For
example:
THE
LEHIGH
VIRUS:
-
The
Lehigh
virus
was
typical
of
many
other
viruses.
It
sat
in
the
COMMAND.COM
file
and
was
thus
loaded
into
the
computer
whenever
it
was
booted.
The
virus
hid
inside
this
file
in
a
temporary
storage
space
called
the
stack
space.
After
infecting
the
same
file
on
a
number
of
other
disks,
the
virus
would
wipe
out
all
data
and
program
files
on
the
disk
it
was
on.
Backup
copies
were
similarly
infected;
some
users
were
attacked
more
than
once.
Once
the
outbreak
had
come
to
light,
work
began
immediately
to
identify
what
was
happening
and
to
find
a
cure.
Fortunately,
the
virus'
creator
made
a
mistake:
the
date
on
the
COMMAND.COM
file
was
altered
by
the
infection.
(It
is
relatively
simple
to
keep
the
date
from
changing,
so
the
absence
of
a
changed
file
date
does
not
guarantee
that
a
file
is
virus-free.)
Upon
examination
of
the
file,
the
contaminated
stack
space
was
discovered.
Since
this
space
is
normally
all
zeros,
student
lab
consultants
wrote
a
simple
program
that
looked
at
the
stack
space
and
wrote
zeros
over
any
code
that
was
present.
The
virus
was
then
erased
from
approximately
600
disks.
If
it
were
not
for
the
creator's
date
mistake,
it
would
have
taken
much
longer
for
the
Lehigh
Computing
Centre
to
kill
its
virus.
It
is
doubtful
that
any
new
viruses
that
crop
up
will
make
a
similar
mistake.
As
everything
else
related
to
computers
increases
in
complexity,
so
will
viruses.
Impact
of
Virus
Lost
productivity
time!!!
In
addition
to
the
time
and
skills
required
to
re-construct
damaged
data
files,
viruses
can
waste
a
lot
of
time
in
many
other
ways.
With
either
type
of
virus,
the
person
subjected
to
the
attack
as
well
as
many
support
personnel
from
the
attacked
site
and
from
various
suppliers,
will
sacrifice
many
hours
of
otherwise
productive
time:
Time
to
determine
the
cause
of
the
attack.
The
removal
of
the
virus
code
from
the
system.
The
recovery
of
lost
data.
The
detective
work
required
locating
the
original
source
of
the
virus
code.
Then,
there's
the
management
time
required
to
determine
how
this
will
be
prevented
in
the
future.
Who
develops
Viruses?
Some
of
the
reasons
for
someone
to
spend
their
time
developing
a
virus
program
are:
A
practical
joke.
A
personal
vendetta
against
a
company
or
another
person.
i.e.:
a
disgruntled
employee.
The
computer-literate
political
terrorist.
Someone
trying
to
gain
publicity
for
some
cause
or
product.
The
bored,
un-noticed
"genius,"
who
wants
attention.
The
mentally
disturbed
sociopath.
|