Sunday, November 16, 2008
A computer worm is a program which copies itself across a network.
| (' |
A computer worm differs from a computer virus in that a computer worm can run itself. A virus needs a host program to run, and the virus code runs as part of the host program. A computer worm can spread without a host program, although some modern computer worms also use files to hide inside.
Well known examples of the computer worm
The original computer worm was (perhaps accidentally) unleashed on the Internet by Robert Tappan Morris in 1988. The Internet Worm used sendmail, fingerd, and rsh/rexec to spread itself across the Internet.
The SQL Slammer Worm of 2003 used a vulnerability in Microsoft SQL Server 2000 to spread itself across the Internet. The Blaster Worm, also of 2003, used a vulnerability in Microsoft DCOM RPC to spread itself.
The Melissa worm of 1999, the Sobig worms of 2003 and the Mydoom worm of 2004 all spread through e-mail. These worms shared some features of a trojan horse, in that they spread by enticing a user to open an infected e-mail attachment.
Mydoom also attempted to spread itself through the peer-to-peer file sharingDenial of Service (DoS) attack application KaZaA. The Mydoom worms attempted a against SCO and Microsoft.
Protecting yourself against computer worms
Computer worms which spread through vulnerabilities in network services can best be protected against by keeping up-to-date in installing patches provided by operating system and application vendors. This includes worms like SQL Slammer and Blaster.
Computer worms which spread like trojan horses can best be defended against by not opening attachments in your e-mail. These infected attachments are not limited to .EXE files. Microsoft Word and Excel files can contain macros which spread infection.
Some people would say that the best way to protect yourself against computer worms is not to run Microsoft software. :-)
0 comments:
Post a Comment