|
Network Chico security
terms glossary
| @ | A
| B | C | D
| E | F | G
| H | I | J
| K | L | M
| N | O | P
| Q | R | S
| T | U | V
| W | X | Y
| Z |
Welcome to the Network Chico
computer security terms glossary.
=V=
Virus: A computer virus
is a self-replicating program that explicitly copies itself and
that can infect other programs by modifying them or their environment
such that a call to an infected program implies a call to a possibly
evolved copy of the virus. Note that 'program' takes a fairly
liberal interpretation here, involving much more than the 'obvious'
application programs (executables) in a typical computer system.
Almost any code that is executed or interpreted may be 'virusable'
so long as, when running in its normal execution context, that
code has write access to some other executable object (note this
need not be the same kind of executable object!).
Some not immediately obvious targets for viruses include the
boot code in the system boot sectors and MBRs of PC disks and
hard drives. These are clearly programs, but are often overlooked
because they do not reside in files and thus are not readily
accessible to the user, or even 'visible'. Other less than obvious
programs include scripting facilities built into applications,
either in the form of sophisticated macro languages such as Visual
Basic for Applications (VBA), or the simpler procedural languages
for automating many applications such as the scripting feature
of popular Windows IRC clients like mIRC and Pirch. Another important
feature of viruses is that, unlike their biological namesakes,
they need not be parasitic. Various companion infection methods
exist and mechanisms that involve altering the behavior of the
host program's environment, rather than altering the program
itself, can be sufficient to classify a program as viral (so
long as it is also self-replicating). Worms are, in some ways,
similar to viruses in that they make copies of themselves. However,
there is a deal of disagreement between researchers over how
to classify worms. See the worm entry for more discussion of
this issue. When discussing viruses, it is common to hear talk
about obvious symptoms and damaging payloads. Some viruses display
symptoms, and some cause damage to files in a system they have
infected, but neither symptoms nor damage are essential in the
definition of a virus. A non-damaging virus is still a virus,
not a prank. There are no 'good' viruses. Viruses are seldom
intentionally installed. Users (and, more importantly in corporate
settings, system administrators) must be able to control their
computers. This requires that they have the power to install
and remove software, and that no software is installed, modified,
or removed without their knowledge or permission. As viruses
are usually surreptitiously self-installed and modify other software
in the system without user or administrator awareness, they break
these requirements of system administration. Further, their removal
can be difficult and costly and viruses will occupy drive space
and space on backup media and use CPU cycles and RAM that has
not been budgeted for. Many viruses cause intentional damage.
But many more cause damage that may not have been intended by
the virus' writer. For instance, when a virus finds itself in
a very different environment from that for which it was written,
a non-destructive virus can suddenly become very destructive.
A good case in point are many common (or formerly common) boot
viruses: while a particular boot virus might not contain any
code to damage computers running Windows NT, booting an NT machine
with such a virus is likely to result in system repairs the user
or system administrator may not have been prepared for. Even
if a virus causes no direct damage to a computer, the user's
or administrator's inexperience with viruses can mean that damage
occurs during the 'clean up' process. Many organizations have
shredded floppies, deleted files, and done low-level formats
of hard disks in their efforts to remove viruses. Even when removal
is done perfectly, with no damage to the infected system or files,
it is not normally done when the machine is first infected, and
the virus in that machine has had a few weeks to spread. The
social costs of infection include a loss of reputation and good
will which in a business setting can be significant.
Virus Creation Tool: A
program designed to generate viruses. Even early virus creation
tools were able to generate hundreds or thousands of different,
functioning viruses, which were initially undetectable by current
scanners.
Virus Source: Source code
is written by a programmer in a high-level language and readable
by people but not computers. Source code must be converted to
object code or machine language before a computer can read or
execute the program. Virus Source can be compiled to create working
viruses, or modified and compiled by programmers to make new
working viruses.
Virus Tutorial: Network Chico doesn't think there
is much need for viruses in today's offices so we don't think
there is much need to learn how to create them. Virus Tutorials
explain 'how to' create viruses.
| @ | A
| B | C | D
| E | F | G
| H | I | J
| K | L | M
| N | O | P
| Q | R | S
| T | U | V
| W | X | Y
| Z |
|
