Download presentation
Presentation is loading. Please wait.
Published byAbraham McKinney Modified over 9 years ago
1
1 Anti Virus vs virus System i-Specific Anti-Virus Product Ali ameen al said
2
Outline Viruses Anti-Viruses Discussion
3
Viruses A virus is “a program that can ‘infect other programs by modifying them to include a possibly evolved copy of itself.” - Fred Cohen Fred Cohen seems to have been the first to define the term virus, but the concept had been discussed earlier and there were some viruses out in the wild before he began his research. Link to virus historyvirus history
4
Example of a virus In his 1984 Turing award acceptance speech to the ACM, Ken Thompson related the story of how he modified the C compiler to insert a backdoor into the UNIX login program and to insert his modifications into any C compiler compiled using his modified compiler. Slick—no trace of the backdoor remains in any source code!
5
Viruses example The WM.Nuclear Microsoft Word macro virus infects Word documents during opening, saving, and printing by adding a set of macros to them. On April 5th it attempts to overwrite critical system files, and it occaisonally adds the text "STOP ALL FRENCH NUCLEAR TESTING IN THE PACIFIC!" to the current document. (Information from Symantec’s security bulletin.)Symantec’s security bulletin
6
Worms are not viruses The VBS.SST@mm “Anna Kournikova” malware is a worm, not a virus, because it e- mails copies of itself but does not infect any other documents. (Information about VBS.SST@mm from Symantec’s security bulletin.)security bulletin
7
More about viruses Viruses aren’t necessarily hard to write Cohen reports that his first virus took only 8 hours for an experienced programmer to write. Viruses aren’t necessarily big Cohen reports on a UNIX shell script virus that was only 7 lines long
8
Viruses can be malicious in many ways Virus payloads could: Carry out a denial of service attack Crash the machine Randomly destroy data Install a trojan horse program Perform password cracking … and basically any other nasty thing you can think of.
9
Virus detection problems According to Cohen, the following are undecidable: Detection of a virus by its appearance Detection of a virus by its behavior Detection of an evolution of a known virus Detection of a triggering mechanism by its appearance Detection of a triggering mechanism by its behavior Detection of an evolution of a known triggering mechanism Detection of a virus detector by its appearance Detection of a virus detector by its behavior Detection of an evolution of a known viral detector
10
Known clean system Some virus detection techniques require you to start from a clean system. DOS users used clean boot disks to defeat stealth viruses… But is it always possible to get to a known clean state? What if every UNIX vendor had been infected with Ken Thompson’s C compiler virus? Even their “clean” distribution media would be infected…
11
Anti-Virus Features Dedicated, System i-Specific Anti-Virus System Provides full protection against standard PC types of viruses for files and programs used or stored on the System i server Real-time anti-virus monitoring of files while they are being written to memory on the server Tagging of infected files so they can’t be used by others inadvertently Marking of clean files so they won’t be rechecked (saving time and resources) Removal of marks/tags if files are changed Scanning of entire libraries Supports definition of automatic, pre-scheduled periodic scans Automatic virus signature update via the internet Proactive virus signature updates via the network for internet isolated servers
12
Anti-Virus – Main Screen Activate Anti-Virus protection with one click Quick, reliable scanning lets you know of possible virus infection Make sure your database has the most up-to-date definitions Detailed History Log enables you to view scan and virus history Quarantine keeps Destructive viruses away from your files
13
Discussion (cont’d) Anti-virus can win in the future?
14
Thanks
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.