Every computer owner connected to the global Internet has heard about computer viruses. If experienced users have at least some idea of ​​the possible danger posed by such malware, then there are two opposing beliefs among newcomers. According to the first, only regular users of adult sites and hacked program lovers can “pick up” a computer virus, so you don’t have to think about what network worms and other malicious codes are. Typically, there is no antivirus software (other than system software) on the computers of such users. Others, frightened by the stories about viruses burning the contents of BIOS chips, stealing passwords to bank accounts and other things, are afraid to once again connect someone else's flash drive to their computer. Often, such users have several antiviruses installed at once, with duplicate functions (protection is like cabbage). But the truth, as always, is somewhere in between.
The effectiveness of any recommendations is much higher if a person understands the meaning of their actions, and not thoughtlessly follows what is written. Therefore, today we look at what computer viruses are and, in particular, network worms.
A virus is a computer program capable of independently cloning its code (“propagating”). It is distributed via communication channels or via storage media. Carefully hides the fact of his presence. Performs various malicious actions - corrupts information, transfers sensitive data to its creator through the global network, etc. The list of actions is huge. Computer infection occurs when you start (open) a file whose structure contains the virus code.
Among all varieties of viruses, network worms require special attention. The peculiarity of such programs is that some of their types (batch) are able to infect a computer that is simply connected to the Internet - the user does not need to start and open anything. Network worms are a type of malware whose feature is the active use of local and global networks.
For its distribution uses two methods:
- the user launches the infected file on his own. This may be a promotional email, a file with a modified extension, etc .;
- Using errors in operating systems and open ports, a network worm can end up in the computer’s RAM and on the hard drive.
Further actions after infection depend on the tasks for which the worm was created. Surely, everyone heard the term “botnet”. Its meaning is that the creator of the malware through the Internet can manage the network requests of infected computers. If necessary, he gives a control command to all copies of his network worm. As a result, traffic from infected computers is redirected to a specific network resource. Due to the huge number of one-time requests, the resource stops working (DoS attack).
In addition, the constant scanning of other computers on the network in order to infect them causes an increased load on computing power, takes away part of the Internet channel for its needs. Some varieties of worms, once on a computer, download a trojan. In this case, we are talking about complex infection.
Network worms are a very significant threat, therefore it is always necessary to have anti-virus protection with an effective proactive module. Such protection does not imply a search for infected files on the storage medium, but tracking of suspicious actions of all programs located in main memory.