Log in ....Tribune

Monday, August 25, 2003

The dirty half-dozen
Gurpreet S Arora

A VIRUS is a program that reproduces its own code by attaching itself to another program. It is basically a self-replicating program written for destructive purpose. It interferes with the computerís operating system (the basic software that runs the computer). Viruses are designed to replicate and elude detection. Like any other computer program, a virus must be executed to function ó that is, it must be loaded from the computerís memory, and the computer must then follow the virusí instructions. These instructions are called the payload of the virus. The payload may disrupt or change data files, display a message, or cause the operating system to malfunction. It is made in such a way that it enters computer without the knowledge of machine or its user.

The idea of virus started with the possibility of writing self-replicating software. The idea was first put forward by Hungarian American mathematician John von Neumann at the Institute for Advance Study in Princeton, New Jersey.

There are six categories of virus ó parasitic, bootstrap sector, multipartite, companion, link, and data file. Parasitic virus infects executable files or programs in the computer. They leave the contents of the host program unchanged but append to the host in such a way that the virus code is run first. Bootstrap sector virus reside on the first portion of the hard disk or floppy disk, known as the boot sector, and replace either the programs that store information about the diskís contents or the programs that start the computer. Multipartite viruses combine the abilities of the parasitic and the bootstrap sector viruses, infecting either files or boot sectors. A companion virus does not modify a file. Instead it creates a new program with the same name as a legitimate program and tricks the operating system into running it. Link viruses modify the way the operating system finds a program, tricking it into first running the virus and then the desired program. The entire directories (sections) on a computer can be infected by a link virus, and any executable program accessed within that directory will trigger the virus. Other viruses infect programs that contain powerful macro languages (programming languages that let the user create new features and utilities), which can open, manipulate, and close data files. These viruses, called data file viruses, are written in macro languages and automatically execute when the legitimate program is opened.

Viruses that left their mark

1) April 26

2) Friday 13th

3) Christmas

4) I love you

5) Melissa

6) Win97M.Gesture B

7) W32.Pixo

8) VBS.Loveletter.F

9) W32.NewApt.Worm

10) UA1.Trogan

Computer virus spread when the infected executable code - that run programs are exchanged from one computer to another. It can be through infected floppy or CD or through infected e-mail. Through these mediums, the virus copies itself to the other computer without the knowledge of the user. A virus upon entering a system first monitors the system and then activates itself at a proper time to cause maximum harm to the information stored on to the computer.