Network security journal guide

by : Mansi Gupta

The term 'Virus' has not just created havoc in life of living beings but also in the world of computers. Though the two kinds of viruses are completely different from each other yet both can prove extremely fatal.

Virus in computers can be defined as a program or a piece of code that is loaded onto your computer without your knowing it and it runs against your wishes. The computer viruses are manmade and can easily replicate themselves. A simple virus can duplicate itself time and again and it is quite easy to produce. Even a simple virus can swallow the entire memory of your system and stop it's working while a slightly more dangerous or strong virus can transmit it across networks and bypass the security systems. Viruses can be transmitted as attachments to an e-mail note or in a download file, or be present on a diskette or CD. Some viruses cast their effect as soon as their code is executed; other viruses lie inactive until circumstances cause their code to be executed by the computer.

But gone are the days when viruses and diseases caused by them were left untreated. Just as people have developed cures to protect themselves, they have also invented something to safeguard their computer against the devastating threat of virus. The device that is meant to detect virus is called anti-virus.

An anti-virus program can be defined as a utility that searches a hard disk for any known or potential viruses and eliminates any that are found. Anti-virus software comprises of computer programs that attempt to identify, obstruct and eradicate computer viruses and other harmful software.

Every anti-virus software functions according to two techniques with a special focus on the first one -

(1) Examining i.e. scanning files to check familiar viruses that match the definitions in a virus dictionary.

(2) Identifying any malfunctioning software that indicates infection. Such analysis includes data captures, port monitoring and other methods.

While examining any file, the anti-virus software refers to a dictionary of known viruses that are already identified by the authors of the anti-virus software. The moment the code of a virus matches with the virus detected in the dictionary, the anti-virus software at first tries to repair the software by removing the virus itself from the file. If the virus is not removed at this stage then the software quarantines the file in a way that file remains inaccessible to other programs and the virus ceases to harm the system any more. Finally if the virus still continues to exist, the software deletes the infected file.

In order to function correctly and in a right manner the virus dictionary approach needs regular updates that involves downloads of updated virus dictionary entries. The anti-virus software that works in accordance to a dictionary typically scrutinizes files and spontaneously detects a virus when the operating system of the computer creates, opens, and closes or e-mails them. However a System Administrator can program the anti-virus software to examine or scan all the files on the user's hard disk on a routine basis.