Exercises:
1) Using the internet, try to find an example of each of the above types of virus.
2) Research the Klez virus:
- what is its “payload”
- the Klez virus is well know for SPOOFING. What is spoofing, and how does Klez use it?
- you just learned that your computer is infected with Klez. Research how to remove it.
3) You just received an email with the following Subject “Warning about your email
account”. The body of the message explains that your inappropriate use of email will
result in your losing Internet privileges and that you should see the attachment for details.
But you haven't done anything weird with email as far as you know. Are you suspicious?
You should be. Research this information and determine what virus is attached to this
message. (HINT: When you start thinking of breakfast – you're correct.)
练习:
1)上网,找上面各种病毒的例子。
2)研究 Klez病毒:
---它的“静负荷”是什么?
---Klez病毒因为电子欺骗而闻名,什么是电子欺骗,Klez是怎么做到电子欺骗的?
---假如你的电脑现在感染上了Klez病毒,查找消除这种病毒的方法。
3)你刚收到带有“小心你的电子邮件账号”主题的电子邮件。这个信息提示你如果不妥善使用电子邮件将使你失去接受邮件的权限,你需要查看你的电子邮箱。但是你会很怀疑,因为你并没有用邮件做任何怪异的事。上网查找相关信息,判断这封邮件是不是带有病毒。(提示:当你没有理这封邮件,想去吃早餐-那么你
的做法是正确的)。
6.2 Worms
6.2.1 Introduction
Worms are older than viruses. The first worm was created many years before the first virus.
This worm made use of a flaw in the UNIX finger command to quickly bring down most of
the Internet (which was much smaller at that time). This following section deals with
worms.
6.2.2 Description
A worm is a program that, after it has been started, replicates without any need for
human intervention. It will propagate from host to host, taking advantage of an
unprotected service or services. It will traverse a network without the need for a user to
send an infected file or e-mail. Most of the large incidents in the press recently have been
worms rather than viruses.
Exercises:
1) Using the internet, see if you can find the first worm that was ever created.
2) Find out what vulnerability the Code Red and Nimda worms use to propagate.
6.2 蠕虫
6.2.1 简介
蠕虫的年纪要比病毒老。第一个蠕虫在第一个病毒出现之前很多年就出现了。蠕虫利用Unix系统的指令的一个缺点快速摧毁大多数的网络(当时的网络比现在小多了)。下面的一部分将介绍蠕虫。
6.2.2 描述
当蠕虫被启动后,便会自动的复制。会从一个机子上复制到另一个机子上,利用没有保护系统的电脑或服务器。它也可以自动的在网络中闲逛,不需要你发送被感染了的电子邮件。现在报道的大多数大的电脑故障都是由蠕虫导致的,而不是病毒。
练习:
1)通过网络,看能否查找到被制造出来的第一只蠕虫。
2)查找看看Nimda 蠕虫用来复制的红色代码的弱点。
6.3 Trojans and Spyware
6.3.1 Introduction
The first Trojan Horse was created by the Greeks several thousand years ago. ( Think about the
film “Troy” if you have seen it ). The basic concept is that you sneak something nasty into an
otherwise secure computer in the guise of something nicer. This can range from a
downloaded game trailer to an e-mail promising naked pictures of your favorite celebrity. This
section covers trojans and spyware.
6.3.2 Description
Trojans are pieces of malware which masquerade as something either useful or
desirable in order to get you to run them. At this point they may well do something unpleasant
to your computer such as install a backdoor or rootkit (see section 6.4), or - even worse - dial a
premium rate phone number that will cost you money.
Spyware is software that installs itself surreptitiously, often from websites that you might
visit. Once it is installed it will look for information that it considers valuable. This may be usage
statistics regarding your web surfing, or it might be your credit card number. Some pieces of
spyware blow their cover by rather irritatingly popping up advertisements all over your
desktop.
Exercises:
1) Using the internet, find an example of a trojan and of spyware.
6.3 木马和间谍程序
6.3.1 简介
第一只木马是几千年前由古希腊人制造的。(如果你看过的话,想想电影“特洛伊”)。你将一个乔装打扮后的会危害电脑的程序送入到一个装有安全检测系统的电脑上。木马可以是网上下载的游戏预告片,也可以是一封将给你发送某位你最喜欢明星裸照的邮件。这一部分将讲解木马和间谍软件。
6.3.2 描述
木马是一种假装成一些有用的软件骗你运行的恶意软件。运行后你的电脑可能会被安装一些后门软件或者隐匿程序,更坏的情况是
使用会花费你钱的电话号码。
间谍软件是一个可以偷偷安装自己到电脑上的恶意软件,也可能来自你访问的网站。一旦它被安装到你的电脑上,它便会在你的电脑上查找它认为有用的信息。可能是关于你的网络游戏用户有用的信息,或者是你的银行号码。一些间谍软件干脆脱掉了面纱,在你的桌面上弹出广告。
练习:
1)通过互联网,查找一个关于隐匿程序和间谍软件的例子。