feedburner
Enter your email address:

Delivered by FeedBurner


How malware spreads

Labels:

Once they’ve infected a system, viruses and the like can be very difficult to remove. For that reason, your best defense against them is to prevent them from infecting your computer in the first place.

The most useful tool you can use to keep malware off your computer is your cerebral cortex. Just as malware is written to exploit vulnerabilities in computer systems, the distribution of malware exploits the stupidity of users. Malware is typically spread in the following ways:


Email attachments
One of the most common ways viruses make their way into computers is through spam. Attachments are embedded in these junk email messages and sent by the millions to every email address in existence, for unsuspecting recipients to click, open, and execute. But how can people be that dumb, you may ask? Well, consider the filename of a typical
Trojan horse:

kittens playing with yarn.jpg .scr

Since Windows has its filename extensions hidden by default this is how the file looks to most Vista users:

kittens playing with yarn.jpg

In other words, most people wouldn’t recognize that this is an .scr (screensaver) file and not a photo of kittens. (The long space in the filename ensures that it won’t be easy to spot, even if extensions are visible.)

And since many spam filters and antivirus programs block .exe files, but not .scr files—which just happen to be renamed .exe files—this innocuous-looking file is more than likely to spawn a nasty virus on someone’s computer with nothing more than an innocent double-click. So, how do you protect yourself from these? First, don’t open email attachments you weren’t expecting, and manually scan everything else with an up-to-date virus scanner. Next, employ a good, passive spam filter, and ask your ISP to filter out viruses on the server side.


Infected files
Viruses don’t just invade your computer and wreak havoc, they replicate themselves and bury copies of themselves in other files. This means that once your computer has been infected, the virus is likely sitting dormant in any of the applications and even personal documents stored on your hard disk. This not only means that you may be spreading the virus each time you email documents to others, but that others may be unwittingly sharing viruses with you.
One of the most common types of viruses involves macros, small scripts (programming code) embedded in documents. By some estimates, roughly three out of every four viruses is actually a macro written for Microsoft Word or Excel. These macros are executed automatically when the documents that contain them are opened, at which point they attach themselves to the global template so that they can infect every document you subsequently open and save. Both Word and Excel have security features that restrict this feature, but these measures are clumsy and most people disable them so they can work on the rest of their documents. In other words, don’t rely on the virus protection built in to Microsoft Office to eliminate the threat of these types of viruses.


Peer-to-peer (P2P) file sharing
Napster started the P2P file-sharing craze years ago, but modern file sharing goes far beyond the trading of harmless music files. It’s estimated that some 40% of the files available on these P2P networks contain viruses, Trojan horses, and other unwelcome guests, but even these aren’t necessarily the biggest cause of concern. To facilitate the exchange of files, these P2P programs open network ports and create gaping holes in your computer’s firewall, any of which can be exploited by a variety of worms and intruders. And since people typically leave these programs running all the time (whether they intend to or not), these security holes are constantly open for business. But wait...there’s more! If the constant threat of viruses and Trojan horses isn’t enough, many P2P programs themselves come with a broad assortment of spyware and adware, intentionally installed on your system along with the applications themselves. Kazaa, one of the most popular filesharing clients, is also the biggest perpetrator of this, and the likely culprit if your system has become infected with spyware. (Note that other products like Morpheus, BearShare, Imesh, and Limewire do this, too, just in case you were thinking there was a completely “safe” alternative.)


Web sites
It may sound like the rantings of a conspiracy theorist, but even the act of visiting some web sites can infect your PC with spyware and adware. Not that it can happen transparently, but many people just don’t recognize the red flags even when they’re staring them in the face. Specifically, these are the “add-ins” employed by some web sites that provide custom cursors, interactive menus, or other eye candy. While loading a web page, you may see a message asking if it’s OK to install some ActiveX gadget “necessary” to view the page (e.g., Comet Cursor); here, the answer is simple: no.


Network and Internet connections
Finally, your network connection (both to your LAN and to the Internet) can serve as a conduit for a worm, the special kind of virus that doesn’t need your help to infect your system. Obviously, the most effective way to protect your system is to unplug it from the network, but a slightly more realistic solution is to use a firewall. Vista comes with a built-in firewall, although a router provides much better protection.

Source of Information : OReilly Windows Vista Annoyances Tips Secrets and Hacks

0 comments:

Post a Comment

Alltop, all the top stories
BlogMalaysia.com
All Malaysian Bloggers Project
Computer Blogs - BlogCatalog Blog Directory Add to Technorati Favorites
Technorati Profile
Top Computers blogs