【填空题】Buy a Computer System IT Manager: I need t...

Computer Viruses

  

计算机病毒

  

Introduction

  A computer virus is a piece of software programmed to perform one major task: to replicate. Viruses accomplish their reproductive task by preying on other computer files, requiring a host program^[1]as a means of survival. Viruses gain control over their host in various ways, for example by attaching their infected code to the end of a host program and misguiding the header information at the beginning of the file so that it points toward itself rather than the legitimate program. Therefore, when an infected host program is run, the virus gets executed before the host. The host program can be almost anything: an application, part of the operating system's, part of the system boot code, or a device driver. The virus continues to spread, moving from file to file in this infectious manner.

  In addition to its propagation mission, many viruses contain code whose purpose is to cause damage. In some viruses, this code is activated by a trigger mechanism.^[2]A trigger condition may be linked to the number of times the host file is run, or it could be a response to a particular date, time or random number. In other cases, the damage could occur continuously or on a random basis. Of the 11,000 known viruses present today, more than 2,000 have been diagnosed as being data destructive.

  

Types of Viruses

  Several types of viruses exist and are classified according to their propagation patterns.

  1. Executable File Infectors

  These viruses spread infection by attaching to an executable file, misdirecting the header information, and executing before the host file. It is very common for these viruses to load themselves into memory once their infected host file is launched. From there, they monitor access calls, infecting programs as executed.

  2. Boot Sector Infectors

  This type of virus overwrites the original boot sector, replacing this portion of code with itself, so it is the first to load and gain control upon system boot, even before DOS. In order for boot block viruses to replicate, it is usually necessary to boot the computer from an infected floppy disk. Upon system boot, the virus will jump from the infected floppy disk to the hard disks partition table.

  3. Partition Table Infectors

  These viruses attack the hard disk partition table by moving it to a different sector and replacing the original partition table with its own infectious code. These viruses will then spread from the partition table to the boot sector of floppy disks as floppies are accessed. 4. Memory Resident Infectors

  Many viruses load themselves into memory while altering vital system services. For example, some viruses modify the operating system's Execute Program service in such a way that any executed program is immediately infected. Other viruses modify the operating system in order to camouflage their existence. These viruses are called Stealth Viruses.

  

Why Are Viruses Written?

  Bulgaria is often referred to as the "Virus Factory" because the country accounts for the highest percentage of new virus creation. Several cultural factors attribute to this state. Primarily, the country offers no software copyright protection, so legitimate software programmers are not rewarded financially for their work. And there are no laws in place to prohibit the authorship of new viruses. In fact, virus source code is often posted on international bulletin boards for anyone to access. Certainly, this is not the case in the United States, so why do we maintain the second highest level of virus authorship? Today's viruses are being written to attack a specific person, company or program. There are countless stories of disgruntled employees who seek vengeance by writing viruses to attack their former employer's computer system.

  

How Are Viruses Transmitted?

  Because a virus is nothing more than a piece of software, it can be acquired in the same way as legitimate programs. Viruses have reportedly been transmitted through shrink- wrapped retail software.^[3]Unsuspecting sales representatives often act as carriers by demonstrating infected programs. Newly purchased computers, which had their hard disks formatted by service technicians, have been returned with viruses. These pests travel over phone lines through programs sent by modem. Bulletin boards do occasionally transmit viruses. The most common means of contracting a virus, however, is through the use ot floppy disks. Piracy of software, in particular, expedites viral spread, as do floppy disks traveling from one computer to another.

  

We Are All at Risk

  All personal computer users are at risk for viral infection. Several events, trends and technological inroads have combined in the past few years to increase our vulnerability to infection. The proliferation of local area networks, the downloading of information from mainframes to desktop computers, our increased reliance on personal computers to store mission critical data, the arrival of electronic bulletin boards, the globalization of communications, the gained popularity of shareware, the growing use of remote communications, the increased sophistication of end users, the portability of data, the casual spread of software via piracy, and the staggering rate of new virus creation all contribute to increase our risk of virus infection.

  

A Special Threat to Networks

  Viruses present a special threat to networks because of the inherent connectivity they provide and because of the potential for widespread data loss. Once a virus infects a single networked computer, the average time required for it to infect another workstation is anywhere from 10 to 20 minutes. With a propagation time of this magnitude, a virus can paralyze an entire network in several hours.

  

Virus Infection Symptoms

  The most successful virus has no symptoms at all. Your computer may be infected, and you will notice no change in the normal behavior of your computer. The only way to be aware of such viruses is to use automated virus detection tools. Some less sophisticated viruses may exhibit "visible" symptoms such as:

  1) Changes in program length

  2) Changes in the data or time stamp

  3) Longer program load times

  4) Slower system operation

  5) Unexplained disk activities

  6) Unexplained reduction in memory or disk space

  7) Bad sectors on your floppy

  8) Disappearing programs

  9) Unusual error messages

  10) Unusual screen activity

  11) Access lights turn on for non-referenced drive

  12) Failed program execution

  It is important to remember that some viruses may not exhibit any visible symptoms at all. Don't count on your intuition as your only tool for detecting viruses.

  

Anti-Virus Tools

  In dealing with today's sophisticated viruses, intuition and strict employee policies are not enough. The more carefully engineered virus programs exhibit no visible symptoms at all until it is too late. Your computer may be infected with a virus without any noticeable alteration in functionality. Therefore, relying solely on visible side effects, such as slower system operation, longer program load time or unusual screen activity as a means of early detection, may not prove as reliable as it once did. You can no longer afford to count on your intuition as your only tool for detecting viruses. While information systems managers should establish employee guidelines and policies to lessen the potential for infection, strict rules alone will not insure complete protection. What about the shrink-wrapped software program purchased by your company that was later found to be infected by a virus? Or what about the hard drive that was sent out for repair by a service technician, only to^[4]have it returned with a virus? The only way to prevent viruses from mysteriously entering your company is to reinforce the security programs already in place with automated virus detection tools.

  

Defending against Viruses

  Following are some tips in helping to combat the growing threat of viral infection.

  1) Use an automated virus detection tool, such as Fifth Generation Systems Untouchable virus protection software.

  2) Regularly perform a backup of your data with a backup program, such as Fifth Generation Systems Fastback Plus.^[5]

  3) Prevent unauthorized access to your computer by using a security access program, such as Fifth Generation Systems Disklock.^[6]

  4) Use write-protected tabs on all program disks before installing any new software. If the software does not allow this, install it first, then apply the write-protected tabs.

  5) Do not install new software unless you know it has come from a reliable source. For instance, service technicians and sales representatives are common carriers of viruses. Scan all demonstration or repair software before use.

  6) Scan every floppy disk before use and check all files downloaded from a bulletin board or acquired from a modem.

  7) Educate employees. As the adage goes, an ounce of prevention is worth a pound of cure.

  8) Do not boot from any floppy disk^[7], other than a clean, DOS based disk.

  9) Avoid sharing software and machines.

  10) Store executable and other vital system parameters on a bootable DOS based disk and regularly compare this information to the current state of your hard drive.

  Notes

  [1]requiring a host program：host表示“主人”、“东道主”。此处a host program可译成“主机程序”。

  [2]a trigger mechanism：触发装置。

  [3]shrink-wrapped retail software：用收缩塑料薄膜包装的零售软件。

  [4]only to：不定式短语表示结果；翻译成“结果……”，如：He made a long speech only to show his ignorance of the subject．他讲一大段话，结果只暴露出他对这门学科一无所知。

  [5]Fifth Generation Systems Fastback Plus：第五代生成系统快速备份。

  [6]Fifth Generation Systems Disklock：第五代生成系统磁盘锁。

  [7]Do not boot from any floppy disk. boot意指“引导”、“启动”。此句译为“不要直接从软盘启动计算机”。

  Choose the best answer for each of the following:

Youarethedesktopadministratorforyourcompany‘ssalesdepartment.TheITmanagerforthesalesdepartmentneedstodistributethreecustomapplicationstothedepartment‘sWindowsXPProfessionalcomputers.ShedeploystheseapplicationsbyusingGroupPolicy.Someusersreportthattheymustlogonseveraltimesbeforethenewlydeployedapplicationsarepresentontheircomputers.Youneedtoensurethatallsoftwareisdeployedthenexttimetheuserslogon.Whatshouldyoudo?（）

A.EnabletheAlwayswaitforthenetworkatcomputerstartupandlogonpolicy.

B.EnabletheAlwaysuseclassiclogonpolicy.

C.EnabletheTurnoffbackgroundrefreshofGroupPolicypolicy.

D.EnabletheGroupPolicyslowlinkdetectionpolicy.

YoumanageacomputerrunningWindows2000Professionalthatbelongstoaworkgroup.Youcreateanewuseraccount（Tony）onthatcomputerthatisnotamemberoftheAdministratorsgroup.Youlogonusingthenewaccount.YoucreateafilewithnotepadinafolderthatisonavolumeformattedwithNTFS.Youencryptthefile.Yougiveanotheruseraccountdefinedonthatcomputer，Luisthepermissiontotakeownershipofthefile.Luislogsonusingtheaccountandtakesownership.However，shereceivesanerrormessagereportingthataccessisdeniedwhenshetriestoopenthefile.WhatcanyoudotoallowLuistoopenthefile？（）

Virtually every company with a computer is vulnerable to computer abuse, crime and accident. Security of the computer and of the information and assets contained within it are therefore of paramount importance to management. Skilled computer criminals can break into a computer system far more easily than an armed robber can gain access to a bank vault, and usually with far less risk of apprehension and punishment. A slight change in a complex program can bring about the misappropriation of thousands of pounds. Accidental erasure of crucial data can paralyze company's operations. Anyone familiar with the necessary procedure can gain access to information stored in the computer, no matter how confidential, and utilize it for his own purposes.

Although the actual extent of computer crime is difficult to measure, most experts agree that it is one of the fastest growing areas of illegal activity. The principal reason for both the growth and the lack of accurate measurement is the difficulty in detecting a well-executed theft. Losses per incident thus tend to be higher than in other types of theft. Once the Computer criminal has compromised the system, it is just as easy to steal a great sum as it is to steal a little, and to continue stealing long after the initial theft. Indeed, the computer criminal may find it more difficult to stop his illicit activity than to start it.

Computer criminals are, for the most part, well-educated and highly intelligent. The fact that computer criminals do not fit criminal stereotypes helps them to obtain the positions they require to carry out crimes. Being intelligent, they have fertile imaginations, and the variety of ways in which they use equipment to their advantages is constantly being extended. In addition to direct theft of funds, the theft of data for corporate espionage or extortion is becoming widespread, and can obviously have a substantial effect on a company's finances. Another lucrative scheme, often difficult to detect, involves accumulating fractions of pence from individual payroll accounts, with electronic transfer of the accumulated amount to the criminal's payroll. Employers are hardly concerned with pence, much less fractions of pence. In addition, undoubtedly, the company's payroll is unaffected. But the cumulative value of fractions of pence per employee in a company with a substantial payroll can add up to a useful gain.

Guarding against computer abuse—whether deliberate or accidental—involves attention to the protection of hardware from physical damage as well as protection of software and data. Computer must be isolated from other company facilities, and unauthorized person should never be admitted to the computer area. Event though some risks are reduced through this measure, most damage to software, accidental and intentional, is caused by those whose jobs require at least some access to the computer. The writer of the program is often the one responsible for its misuse. Programs devised exclusively for a particular company are therefore far more valuable to abuse and accident than standard software packages produced by external suppliers.

Skilled computer criminals can break into a computer system______.

A．quite easily

B．without any risk

C．more easily than an armed robber can gain access to a bank vault and with far less risk

D．without being punished