COMPUTER VIRUS, INTERNET SECURITY & FIREWALL

Anjani Kumar Tiwary

Roll No: 5
S1 MIB
School of Management Studies
CUSAT, Kochi-22
e-mail: [email protected]

Abstract: This paper concentrates on computer virus, internet security and firewall. Computer

viruses are the main concern for the computer experts. Lots of antivirus are there to protect the

computer system as they are causing several type of damages which may results in significant data

loss and functioning errors. Virus is a computer program that can copy itself and infect a computer

without permission or knowledge of the user. They are of several types and there mode of infecting

also different. A virus can only spread from one computer to another when its host is taken to the

uninfected computer. In addition of viruses there is a also focus on the internet security, why we

need internet security and how firewall can be use as a protection tool to protect network from

unauthorized entry. A firewall is an integrated collection of security measures designed to prevent

unauthorized electronic access to a networked computer system.

Key Word: Firewall, CUSAT, MIB,SMS

1.0 INTRODUCTION

It is often seen that user are made to open certain files (screen saver, game, utility, and so on) on

the internet. On opening such files , a user begins to face unusual activities from the computer,

such as malfunctioning of the application or inefficient running of hardware resources and so on.
Such unusual activity is the result of malicious programs, which penetrate along with it. These

malicious programs are often called virus, worm, Trojan horse etc.

1.1 COMPUTER VIRUS:

A Virus is a computer program that can copy itself and infect a computer without permission or

knowledge of the user. It attach to other programs ,and perform unsolicited and malicious action. A

virus can only spread from one computer to another when its host is taken to the uninfected

computer. Viruses are sometimes confused with computer worms and Trojan horses. A worm is
a

small piece of software that uses computer networks and security holes to replicate itself.they are

constructed to infiltrate on the legitimate data processing programs and alter or destroy the data.

A trojon horse is a destructive program enter into the computer through an e-mail or free

programs.

1.2 TYPE OF VIRUS:

1. Boot sector virus

2. File infecting virus

3. Polymorphic virus

4. Stealth virus

5. Multipartite virus

Boot sector virus:

These viruses infect floppy disk boot records or master boot records in hard disks. They replace the

boot record program (which is responsible for loading the operating system in memory) copying it

elsewhere on the disk or overwriting it. Boot viruses load into memory if the computer tries to read

the disk while it is booting.

File infecting virus:

replicates by attaching a copy of itself to an uninfected executable program. Then it modifies the

host program and subsequently, when the program is executed, it executed along with it.

Polymorphic virus:

A virus that can encrypt its code in different ways so that it appears differently in each infection.

These viruses are more difficult to detect.

Stealth virus:

These viruses use certain techniques to avoid detection. They may either redirect the disk head to

read another sector instead of the one in which they reside or they may alter the reading of the

infected file’s size shown in the directory listing.

Multipartite virus:

A hybrid of Boot and Program viruses. They infect program files and when the infected program is

executed, these viruses infect the boot record. When you boot the computer next time the virus

from the boot record loads in memory and then starts infecting other program files on disk.

1.3 Spreading of virus:

virus is designed to proliferate and propagate in computer network. This mean any contact

between two or more computers is an opportunity for infection. E-mail and removable disc(CD

,DVD ,USB ,Floppy disk) is the main cause for the spreading of viruses.

1.4 Avoiding virus attack:

To avoid virus attack we should keep in mind like Install anti-virus software, install an 'on

access' scanner, Scan the external storage devices, Be extremely careful about accepting

programs or other files during online sessions and also Backup of files should be there.

2.0 INTERNET SECURITY:

an outside user. Commercial & government enterprise are reluctant to use the internet because of

security concern since internet ultimately connects to a public network, the security concern are

very much valid. E-mails are also under threat and E-commerce operation are always threatened

by fear of loss of money and privacy. The two arms of internet security are firewall and encryption (

a method of ensuring data security).

3.0 FIREWALL:

A firewall is an integrated collection of security measures designed to prevent unauthorized

electronic access to a networked computer system. firewall is defined as group of system that

enforce an access control policy between two networks. In other word it is mechanism to protect

trusted network from untrusted networks. It act as a electronic barrier to stop unauthorized entry.

3.1 Function of firewall:

A firewall is a dedicated appliance, or software running on another computer, which inspects

network traffic passing through it, and denies or permits passage based on a set of rules. A

firewall's basic task is to regulate some of the flow of traffic between computer networks of different

trust levels. Typical examples are the Internet which is a zone with no trust and an internal network

which is a zone of higher trust. A zone with an intermediate trust level, situated between the

Internet and a trusted internal network, is often referred to as a "perimeter network" .A firewall's

function within a network is similar to firewalls with fire doors in building construction. In the former

case, it is used to prevent network intrusion to the private network. In the latter case, it is intended
to contain and delay structural fire from spreading to adjacent structures.

Without proper configuration, a firewall can often become worthless. Standard security practices

dictate a "default-deny" firewall ruleset, in which the only network connections which are allowed

are the ones that have been explicitly allowed. Unfortunately, such a configuration requires detailed

understanding of the network applications and endpoints required for the organization's day-to-day

operation. Many businesses lack such understanding, and therefore implement a "default-allow"

ruleset , in which all traffic is allowed unless it has been specifically blocked. This configuration

makes inadvertent network connections and system compromise much more likely.

Two type of functions are there.

Gate keeping:

it examines the location from which the data enter your system and then decides based on your

instruction whether or not to allow the information.

Monitoring:

it includes login of all system activities and generation of report for system administration.

Monitoring can be active or passive monitoring a firewall notify a manager whenever an incidence

occurs, generally by E-mail or pager.

3.2 Type of firewall:

Packet filter:

packet filtering is the most basic firewall protection technique used in an organization. It

operate at the network layer to examine incoming and outgoing packet and apply a fixed rule

to the packet to determine whether they will be allowed to pass. It does not examine any of the

data in the packet. It simply examine the IP packet header, the source and destination.
Application gateway;

Applies security mechanisms to specific applications, such as FTP and Telnet server. An

application level gateway firewall uses server program, which run on the firewall. These proxies

take requests from the external network, examine them and forward the legitimate requests to the

internal host computer.

Circuit level gateway:

In circuit level firewall, all connections are monitored and only those connections that are found to

be valid are allowed to pass through the firewall. A typical use of circuit level gateway is a situation

in which the system administrator trusts the internal users.

3.3 Working of firewall:

For example, if we take an organization, having hundreds of computers on the network. In addition,

the organization will have one or more connections to the internet lines. Now without a firewall in

place, all the computer are directly accessible to anyone on the internet. With firewall in place, the

network landscape becomes much different . the firewall can implement security rules. For

example, one of the security rules that out of hundreds computers ,only one is permitted to receive

public FTP traffic or allowing FTP connections only to that one computer and prevent them on

others.

3.4 Drawbacks of firewall:

1. An internet firewall can’t protect against attack that do not go through the firewall. For example, if

an unrestricted dial-out connection is permitted from inside the protected network the user can

make a direct connection to the internet.

2. The internet firewall can not protect against threat posed by traitors who may copy sensitive data

in to floppy and other media.

4.0 SUMMARY:

1. A Virus is a computer program that can copy itself and infect a computer without permission or

knowledge of the user. It attach to other programs ,and perform unsolicited and malicious

action.

2. A virus can only spread from one computer to another when its host is taken to the uninfected

computer.

3. Internet security involves the protection of a computers internet account and files from intrusion

of an outside user.

4. A firewall is an integrated collection of security measures designed to prevent unauthorized

electronic access to a networked computer system.

5. A firewall is a dedicated appliance, or software running on another computer,

which inspects network traffic passing through it, and denies or permits passage based on a

set of rules.
5.0 REFERENCE:

1. www.howstuffworks.com

2. www.microsoft.com

3. www.newton.dep.anl.gov

4. www.tml.tkk.fi

5. www.bbc.co.uk

6. www.google.com

7. www.wikipedia.org