Viruses vs. Worms - PowerPoint PPT Presentation

1 / 13
About This Presentation
Title:

Viruses vs. Worms

Description:

Viruses vs. Worms. Enters a computer(almost always via an infected ... LoveLetter-May 2000-Melissa-style worm that relies on the user to execute an attachment ... – PowerPoint PPT presentation

Number of Views:160
Avg rating:3.0/5.0
Slides: 14
Provided by: Kar9228
Category:

less

Transcript and Presenter's Notes

Title: Viruses vs. Worms


1
Viruses vs. Worms
  • Enters a computer(almost always via an infected
    disk) and alters a system file.
  • Virus is dormant until activated.
  • Enters a computer(usually by the internet and
    launches a program.
  • Spreads with no assistance.
  • Once discovers an internet connection, it
    downloads a copy of itself.

2
Worm is Weapon of Choice
3
History of the Worm
  • Name comes from a science fiction story
  • First worm written in 1971 by Bob Thomas
  • Town crier worm
  • Vampire worm

4
How Worms Spread
  • Codependant worms
  • Loner worms

5
Codependant Worms
  • Worm enters computer from the Net by hiding in an
    e-mail attachment.
  • Person must click the e-mail attachment to set
    the worm loose.
  • Worm infects the computer.
  • Worm e-mails itself to everyone listed in the
    persons address book.

6
Loner Worm
  • Worm copies itself to computer through a security
    hole, bypassing the computer user.
  • Worm infects the computer.
  • Worm scans the Net for other computers with
    security holes.

7
The Internet Worm
  • Created by Robert Morris In 1988.
  • Single handedly crashed the internet.
  • Takes advantage of bugs and security holes to
    travel.
  • Designed to spread itself without giving
    indication of its existence.

8
What The Internet Worm Didnt Do
  • Didnt alter or destroy files
  • Didnt save or transmit the password
  • Didnt place copies of itself or other programs
    into memory to be executed at a later time
  • Didnt attack machines other than Sun3 systems
    and VAX computers running 4 BSD Unix
  • Didnt attack machines that were not attached to
    the internet
  • Didnt travel from machine to machine via disk
  • Didnt cause physical damage to computer systems

9
What The Internet Worm Did Do
  • Designed to spread itself to as many computers as
    possible without knowing of its existance
  • More and more processes infected the same machine
  • Machines were slowed as more copies tried to
    perform its functions

10
Example of Internet Worms Infection
  • 600 PM-About the time the worm is launched
  • 849 PM-Worm infects a VAX 8600 at University of
    Utah
  • 909 PM-Worm initiates attacks on other computers
  • 921 PM-Load average on the system reaches 5 (Any
    load higher than 5 causes delays)
  • 941 PM-Load average at 7
  • 1001 PM-Load average at 16
  • 1006 PM-So many worms the system cannot be used
  • 1020 PM-Administrator kills of the worms
  • 1041 PM-Re-infested and load average reaches 27
  • 1049 PM-System shutdown and then restarted
  • 1121 PM-Re-infestation causes load average to
    reach 37

11
Lessons of the Worm
  • Pointed out security holes in Unix networks
  • Access to certain files should only be granted to
    those who need said access
  • Having a variety of different computers running
    on the network was an advantage
  • Sharing of research is immensely helpful
  • Network security was inable to defend from these
    attacks

12
Other Popular Worms
  • Melissa-March 1999-two methods of spread-either
    traditional virus or worm
  • Sent active document to fist 50 people in address
    book
  • The first document was remailed
  • LoveLetter-May 2000-Melissa-style worm that
    relies on the user to execute an attachment
  • Next time it executes, checks for new addresses

13
Latest Internet Worm
  • I-Worm.Updater, Detected December, 2001
  • Written in Visual Basic
  • Spread via Outlook address book
  • Infected messages have different texts and
    attached file names
  • Creates a script program, UPDATE.VBS
  • Searches for .EXE, .DOC, and .VBS and creates a
    file companion
Write a Comment
User Comments (0)
About PowerShow.com