Presentation is loading. Please wait.

Presentation is loading. Please wait.

Life in a Dangerous World: Developing effective strategies against Virus, Worms and Other Threats Marshall Breeding Vanderbilt University

Published byLauren Hancock Modified over 8 years ago

Similar presentations

Presentation on theme: "Life in a Dangerous World: Developing effective strategies against Virus, Worms and Other Threats Marshall Breeding Vanderbilt University"— Presentation transcript:

1 Life in a Dangerous World: Developing effective strategies against Virus, Worms and Other Threats Marshall Breeding Vanderbilt University breeding@library.vanderbilt.edu http://www.library.vanderbilt.edu/libtech/breeding/

2 The Threat v Computers are under attach more than ever before v As computer operating systems become more powerful, they also become more vulnerable v Original Viruses were transmitted by files and diskettes v Macro viruses are cross platform

3 The Threat... v Most current viruses transmitted by e-mail v Mail attachments common vehicles v Some viruses live within message body v Scripting engines are vulnerable

4 What is a virus v Transmit v Replicate v Attack v Mutate

5 Major virus outbreaks v 1980’s: attacks begin on COM, EXE, boot sectors –Jerusalemz (Friday the 13th) –AIDS (trojan) v 1988: Internet worm v 1992: Michelangelo v 1994 Good Times hoax v 1996 Concept (Macro virus)

6 ...Major Virus outbreaks v 1998: Chernobyl/CIH (activates v 1998: Chernobyl/CIH (activates 26th of April) v 1999: Melissa (Macro virus/propagates through Outlook) v 2000: ILOVEYOU, Stages (VBX) v 2000: Phage; Vapor: Palm Virus

7 Observations v Over 50,000 viruses and variants v Major outbreaks more frequent v Microsoft products targeted v Fast propagation through E-mail v Very complex to manage: e.g. Microsoft

8 Trends v Current generation requires active role by user v Emerging viruses: passive victim v Future/present concern for wireless devices v Wider range of targets: Computers, PDA, Cell Phones

9 Anti-virus solutions v User behavior v Technical

10 The #1 Anti-virus strategy involves human behavior v Be aware and cautious v Train computer users to be wary v Never access files from an unchecked disk –any removable media v Do not download software from untrusted sources v Know the true source of all software

11 Be careful with E-mail v Don’t open obviously suspicious messages v Don’t open attachments unless you know the sender and are expecting that specific attachment v Ensure that your mail client displays extensions of attachments –Avoid: VBX, EXE, v Never send attachments from listserves v Never open attachments from listserves

12 What users should do when a virus is found or suspected v Notify system administrator v Don’t panic v Don’t restart computer v Don’t send spam E-mail warnings

13 Technical solutions

14 Implement a multi-layer approach v Desktop: dynamic inspection, regular scanning v Network Server v Mail scanning/interception

15 Anvi-virus Architecture Mail Serve r Local Network INTERNET Firewall File Server Dynamic Scan-on-access File Scanning Desktop Computers Mail Scanning Current Virus Signatures Regular scanning of Disks

16 Desktop layer v Inspect files on access v Regularly scan all permanent disks v Scan all removable media with each use v Regularly update virus signature database

17 Desktop Anti-virus software v Norton Anti Virus v McAfee ActiveShield v Command Anti-Virus (was Fprot) v Data Fellows F-Secure v Dr. Solomons Anti-Virus

18 Network Fileserver layer v Regularly scan all disk volumes v Shared folders easily missed by desktop scanning

19 E-Mail scanning v Inspect incoming messages v Inspect outgoing messages v Inspect messages from one local user to another within mail system

20 E-Mail Scanning software v Trend Micro Virus Wall v Sybari Antigen

21 Virus signature database v the key to the current generation of anti- virus software v must be current v can’t be current enough

22 Firewalls v Part of a general computer security plan, but also helpful with viruses v Institutional firewalls imperative –CheckPoint FireWall-1 v Consider personal/workstation-level firewalls –BlackIce –ZoneAlarm

23 What software should do when it detects a virus v clean file/message when possible v remove if it can’t be cleaned v warn system administrator v warn recipient v warn sender

24 Need to identify the signature of each virus –distinguish malicious items v Original products scanned after the fact v Scanning of files as they are accessed

25 Mitigate vulnerability v Avoid being logged in with workstation/network administrative rights v Minimize the number of network drives mapped at any given time –Web document directories –shared network drives v Turn off features not needed: –e.g. Windows Scripting Host from e-mail –Do we need support for VBX or JavaScript in e-mail?

26 Web-oriented vulnerabilities v Java applets v Active-X

27 More advanced anti-virus software v rely less on specific virus signatures v rely more on trapping unwanted behaviour

28 Future expectations v No end in sight v The world is becoming more dangerous v Enormous dependence on commercial anti- virus applications v Future computer OS will be designed to be less vulnerable...

Download ppt "Life in a Dangerous World: Developing effective strategies against Virus, Worms and Other Threats Marshall Breeding Vanderbilt University"

Similar presentations

Wichita Public Library Rex Cornelius Electronic Resources Webliography online at:

Wichita Public Library Rex Cornelius Electronic Resources Webliography online at:
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,

Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
COMPUTER VIRUS: Potentially damaging computer program designed to infect other software or files by attaching itself to the software or files with which.

COMPUTER VIRUS: Potentially damaging computer program designed to infect other software or files by attaching itself to the software or files with which.
Trojan Horse Program Presented by : Lori Agrawal.

Trojan Horse Program Presented by : Lori Agrawal.
Computer Viruses.

Computer Viruses.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.

Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.
Viruses, Worms, Spyware, and Other Perils of an On- Line World Computer Services Tech Talk September 23, 2003.

Viruses, Worms, Spyware, and Other Perils of an On- Line World Computer Services Tech Talk September 23, 2003.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Security. Physical security Protection from fire/water Protection from dust and extremes of temperature.

Security. Physical security Protection from fire/water Protection from dust and extremes of temperature.
1 Computer Security: Protect your PC and Protect Yourself.

1 Computer Security: Protect your PC and Protect Yourself.
Viruses, Worms and Spam Definitions Virus - unauthorized software, embedded in other programs and with the ability to propagate when the host program is.

Viruses, Worms and Spam Definitions Virus - unauthorized software, embedded in other programs and with the ability to propagate when the host program is.
What is it, how does it work, and why is it important?

What is it, how does it work, and why is it important?
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.

Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.

Similar presentations

Ads by Google