Network Administration: Virus Background

Viruses are one of the most misunderstood computer phenomena around these days. What is a virus? How does it work? How does it spread from computer to computer?

Make no mistake — viruses are real. Now that most people are connected to the Internet, viruses have really taken off. Every computer user is susceptible to attacks by computer viruses, and using a network increases your vulnerability because it exposes all network users to the risk of being infected by a virus that lands on any one network user’s computer.

Viruses don’t just spontaneously appear out of nowhere. Viruses are computer programs that are created by malicious programmers who’ve lost a few screws and should be locked up.

What makes a virus a virus is its capability to make copies of itself that can be spread to other computers. These copies, in turn, make still more copies that spread to still more computers, and so on, ad nauseam.

Then, the virus patiently waits until something triggers it — perhaps when you type a particular command or press a certain key, when a certain date arrives, or when the virus creator sends the virus a message. What the virus does when it strikes also depends on what the virus creator wants the virus to do.

Some viruses harmlessly display a “gotcha” message. Some send an e-mail to everyone it finds in your address book. Some wipe out all the data on your hard drive. Ouch.

Virus programmers have discovered that e-mail is a very efficient method to spread their viruses. Typically, a virus masquerades as a useful or interesting e-mail attachment, such as instructions on how to make $1,000,000 in your spare time, pictures of naked celebrities, or a Valentine’s Day greeting from your long-lost sweetheart.

When a curious but unsuspecting user double-clicks the attachment, the virus springs to life, copying itself onto the user’s computer — and, in some cases, sending copies of itself to all the names in the user’s address book.

After the virus works its way onto a networked computer, the virus can then figure out how to spread itself to other computers on the network.

Here are some more tidbits about protecting your network from virus attacks:

  • The term virus is often used to refer not only to true virus programs (which are able to replicate themselves) but also to any other type of program that’s designed to harm your computer. These programs include so-called Trojan horse programs that usually look like games but are, in reality, hard drive formatters.

  • A worm is similar to a virus, but it doesn’t actually infect other files. Instead, it just copies itself onto other computers on a network. After a worm has copied itself onto your computer, there’s no telling what it may do there. For example, a worm may scan your hard drive for interesting information, such as passwords or credit card numbers, and then e-mail them to the worm’s author.

  • Computer virus experts have identified several thousand “strains” of viruses. Many of them have colorful names, such as the I Love You virus, the Stoned virus, and the Michelangelo virus.

  • Antivirus programs can recognize known viruses and remove them from your system, and they can spot the telltale signs of unknown viruses. Unfortunately, the idiots who write viruses aren’t idiots (in the intellectual sense), so they’re constantly developing new techniques to evade detection by antivirus programs. New viruses are frequently discovered, and antivirus programs are periodically updated to detect and remove them.