1、Computer network virus and precautionsWith the new network technology and application of the continuous rapid development of the computer network should Use of becoming increasingly widespread, the role played by the increasingly important computer networks and human More inseparable from the lives
2、of the communitys reliance on them will keep growing. With With the continuous development of computer technology, the virus has become increasingly complex and senior, the new generation of Computer viruses make full use of certain commonly used operating systems and application software for protec
3、tion of the weak low Spots have rampant in recent years as the popularity of the Internet in the world, will be attached document containing the virus The situation in the mail has been increasing spread of the virus through the Internet, making the spread of the virus speed Sharp also increased, by
4、 an ever-increasing scope of the infection. Therefore, the protection of the security of computer networks will be Will become increasingly important. A computer virus The definition of computer virus computer virus (Computer Virus) in the “peoples republic of China The computer information system s
5、ecurity protection regulations “which has been clearly defined, the virus“ refers to the preparation or Computer program inserted in the damage or destruction of computer data functions, affecting computer use Self-replication and can a group of computer instructions, or code. “ Second, network viru
6、s With the development of network and the Internet, a wider spread, the greater New harm The virus emerged This is the Internet virus. The virus is an emerging concept in the traditional The virus was not classified network virus this concept, because the development of networks, the traditional vir
7、us The network also has a number of characteristics. Todays Internet virus is a broad notion of a As as long as it is carried out using the Internet to spread destruction can be known as network viruses, such as: “Love the back door“, “Panda burning incense.“ Third, network virus and the distinction
8、 between computer virus The original common computer virus is nothing more than the devastating formatted hard drive, delete system With the users documents, databases, etc. destruction. The mode of transmission is through nothing but also by virus infection Mutual copy of the software, carrying the
9、 virus, such as the use of pirated optical discs, such as infection disk systems The pilot virus and infected executable file virus, in addition to a network virus These are the common characteristics of the virus, but also steal users with remote data, remote control of the other side Computers and
10、 other damaged properties, such as Trojan and consumption of funding the operation of the network computer Source collapse of the network server worm. Fourth, the network against virus Network destructive virus, will directly affect the work of the network, ranging from lowering speed video Ring for
11、 the efficiency of the network, while in the collapse, undermining the server information to a multi-year work destroyed Dan. Because viruses and other network annually fraud led to economic losses of over 16 billion yuan, But this figure is constantly rising year by year. The next few years, the si
12、ze of the market will reach Security 60 billion yuan. One antivirus software experts pointed out: “Network avian flu virus even more.“ Such as: “Xiong Cat burning incense “In addition to virus infection through the web site users, the latest virus also through QQ Loopholes in propagating itself thro
13、ugh file-sharing networks, the default sharing, weak password systems, U disk and windows Forms bottom of the top mobile hard drives, and other means of communication. While LAN once a computer machine For infection, it can spread through the entire network instant, or even within a very short perio
14、d of time can be infected Thousands of computers, can lead to serious networks. Symptoms of poisoning in the performance of computers There are enforceable. Exe files have become a strange pattern, the pattern shown as “Panda Burning incense, “and then System blue screen, restart the frequent, hard
15、drive data destruction, serious entire company All computer LAN will all poisoning. “Panda burning incense,“ only more than half a month, a few varieties have high Of more than 50, and the number of its users infected constantly expanding. Makes infected, “Panda burn incense“ disease The personal dr
16、ug users has been as high as several million people infected with a few more corporate users is rising exponentially. Network More on the computer network the greater the harm caused by the virus. V. network transmission of the virus Features 1. Infection fast: single machine environment, the virus
17、can only be passed from one computer diskette To another, and in the network can be adopted by the rapid spread of network communication mechanism. According to measurement Set against a typical PC network use in normal circumstances, once a computer workstation sick Drugs, and will be online within
18、 10 minutes in the several hundreds of all infected computers. 2. Proliferation of a wide range: in the network due to the spread of the virus very quickly and spread to encompass a large area, not only the rapid transmission of all LAN computer, but also through remote workstations virus in 一瞬Inter
19、 spread to thousands of miles away. 3. Dissemination in the form of complex and varied: computer viruses in general through the network “ Station server workstation “channels of communication, but in the form of complex and diverse communication. 4. Difficult to completely wipe: the standalone compu
20、ter virus carriers sometimes can be deleted documents Or low-level formatted drives, and other measures to eliminate the virus completely, and the network once a computer work Clean stations failed to disinfect the entire network can be re-infected by the virus, or even just completed removal The wo
21、rk of a workstation is likely to be on-line by another workstation virus infection. Therefore, Only workstations in addition to killing viruses, and can not solve the virus harm to the network is. 6, the type of network virus As the network increasingly developed, the type of network virus has been
22、increasing, generally summed up as The following categories: 1. Worm It is the use of the transmission mechanism of replication and dissemination network, the mode of transmission is through the network And e-mail, the prefix is Worm. For example, in recent years the great harm “Nimda“ virus is Demo
23、dex A worm virus. The virus used Microsofts Windows operating system, computer flu With this virus, will continue to automatically dial-up Internet access and use information in the document or the address Sharing network spreads, and ultimately undermine the most important user data. 2. Macro Virus
24、 Hong virus is a Storage in the document or template in the Acer computer virus. The prefix Macro, once open such documents, which Acer will be implemented, then the virus would Acer Been enabled transferred to the computer, and in the presence of the Normal template. From then on, all since The doc
25、ument will be kept moving “infection“ that the Hong virus, and if other users opened the flu Documents with the virus, the Hong virus will be transferred to his computer. 3. Destructive procedures virus The prefix destructive virus program is: Harm. The characteristics of this virus is a good in its
26、elf Look at the user clicks on icons to temptation, when the user clicks on the virus, the virus will direct users Computer generated destruction. If C formatted disk (Harm.formatC.f), the killer orders (Harm. Command.Killer). 4. System virus The prefix system for the virus: Win32, PE, Win95, W32, W
27、95, and so on. These viruses The characteristics of the general public can be infected with the windows operating system *. exe and *. dll file, And through these documents for dissemination. If the CIH virus. 5. Backdoor virus Backdoor virus prefix is Backdoor. The total of such virus through netwo
28、rk - Sowing, opened the back door to the system to the user and potential safety problems. 6. Bundling machine virus Bundled-virus prefix is: Binder. The characteristics of this virus is the virus writers will use Specific procedures will be bundled with a number of applications such as QQ, IE bundl
29、ed up on the surface It is normal to see the paper, when users run these bundled virus, will run these applications on the surface Procedures, and then tied to the operation of hidden virus, which caused harm to the user. Such as: baled Tied QQ (Binder.QQPass.QQBin), the system killer (Binder.killsy
30、s). 7. Script virus The virus is usually JavaScript scripting code prepared by the malicious code, prefix is usually Spript, with the general nature of advertising, will modify your IE Home, modify registry, and other information, Computer user inconvenience caused. 8. Planting procedures virus viru
31、s This virus is of the public will run from the in vivo release of one or several new Under the virus to the system directory, by the release of a new virus damage. If the glaciers are sowing (Dropper.BingHe2.2C), MSN striker (Dropper.Worm.Smibag). 9. Joke virus The prefix is the virus joke: Joke. A
32、lso called prank virus. The characteristics of this virus is itself a nice user clicks on icons to temptation, When the user clicks of this virus, the virus will be made to disrupt the operation scare users, in fact The virus did not destroy any computer user. Such as: ghost (Joke.Girlghost) virus.
33、10. Trojan hacking virus Trojan its prefix is: Trojan, hackers virus prefix General for Hack. Public special Sex is through the network or system loopholes into the users system and hidden, and then leaked to the outside world User information, hackers virus there is a visual interface to the users
34、computer remotely Control. Trojans, hackers often paired virus emerging, Trojan horse virus responsible for the invasive power users Brain, and hackers virus will be passed to the Trojan horse virus control. . General Trojan such as QQ News tail Trojan Trojan.QQ3344, there are big Trojan.LMir.PSW.60
35、. Virus Form A PSW or anything like PWD general said that the virus has stolen password function, If some hacker programs, such as network 枭雄 Hack.Nether.Client. 7, the mode of transmission and network anti-virus Through the above, we can see that e-mail viruses spread Click homepage, users download
36、, Others implant, implant, and other loopholes through five computer transmission, so long as holding these five A thoroughfare, we will be able to live better anti-virus network. 计算机网络病毒与防范随着各种新的网络技术的不断应用和迅速发展, 计算机网络的应用范围变得越来越广泛, 所起的作用越来越重要, 计算机网络与人类的生活更加密不可分, 社会对其的依赖程度也会随之不断增长。而随着计算机技术的不断发展, 病毒也变得
37、越来越复杂和高级, 新一代的计算机病毒充分利用某些常用操作系统与应用软件的低防护性的弱点不断肆虐, 最近几年随着因特网在全球的普及, 将含病毒文件附加在邮件中的情况不断增多, 通过网络传播病毒, 使得病毒的扩散速度也急骤提高, 受感染的范围越来越广。因此, 计算机网络的安全保护将会变得越来越重要。一、计算机病毒计算机病毒的定义计算机病毒(Computer Virus) 在中华人民共和国计算机信息系统安全保护条例中被明确定义, 病毒“指编制或者在计算机程序中插入的破坏计算机功能或者破坏数据, 影响计算机使用并且能够自我复制的一组计算机指令或者程序代码”。二、网络病毒随着网络和 Internet
38、的发展,一个传播范围更广 ,危害更大的新型病毒应运而生.这就是网络病毒。网络病毒是一个新兴的概念, 在传统的病毒分类里没有网络病毒这个概念, 由于网络的发展, 传统的病毒也就具有了一些网络的特性。如今的网络病毒是一个广义的概念, 一般只要是利用网络来进行传播、破坏的都可以被称为网络病毒, 如:“爱情后门”、 “熊猫烧香 ”等。三、网络病毒与计算机病毒的区别原先常见的计算机病毒的破坏性无非就是格式化硬盘, 删除系统与用户文件、破坏数据库等等。而传播途径也无非是通过遭病毒感染的软件的互相拷贝, 携带病毒的盗版光盘的使用等, 如感染磁盘系统区的引导型病毒和感染可执行文件的文件型病毒, 而网络病毒除了
39、具有普通病毒的这些特性外, 还具有远端窃取用户数据、远端控制对方计算机等破坏特性, 比如特洛伊木马病毒和消耗网络计算机的运行资源, 拖垮网络服务器的蠕虫病毒。四、网络病毒的危害网络上病毒破坏性大, 将直接影响网络的工作, 轻则降低速度, 影响工作效率, 重则使网络崩溃, 破坏服务器信息, 使多年工作毁于一旦。每年由于病毒等网络欺诈行为导致的经济损失高达 160 亿多元,而且这个数字逐年还在不断地攀升。未来几年, 安防市场规模将达到600 亿元。一位杀毒软件专家指出: “ 网络病毒更甚于禽流感”。如: “熊猫烧香”除了通过网站带毒感染用户之外, 此病毒还会通过 QQ 最新漏洞传播自身, 通过网络
40、文件共享、默认共享、系统弱口令、U 盘及窗体顶端窗体底端移动硬盘等多种途径传播。而局域网中只要有一台机器感染, 就可以瞬间传遍整个网络, 甚至在极短时间之内就可以感染几千台计算机, 严重时可以导致网络瘫痪。中毒症状表现为电脑中所有可执行的.exe 文件都变成了一种怪异的图案, 该图案显示为 “熊猫烧香”, 继而系统蓝屏、频繁重启、硬盘数据被破坏等, 严重的整个公司局域网内所有电脑会全部中毒。 “熊猫烧香”仅半个多月, 变种数已高达 50 多个, 并且其感染用户的数量不断扩大。使得感染“熊猫烧香”病毒的个人用户已经高达几百万, 企业用户感染数更是成倍上升。网络上的计算机越多, 网络病毒造成的危害
41、越大。五、网络病毒传播特点1.感染速度快: 在单机环境下 , 病毒只能通过软盘从一台计算机带到另一台, 而在网络中则可以通过网络通讯机制迅速扩散。根据测定, 针对一台典型的 PC 网络在正常使用情况, 只要有一台工作站有病毒, 就可在几十分钟内将网上的数百台计算机全部感染。2.扩散面广: 由于病毒在网络中扩散非常快 , 扩散范围很大, 不但能迅速传染局域网内所有计算机, 还能通过远程工作站将病毒在一瞬间传播到千里之外。3.传播的形式复杂多样: 计算机病毒在网络上一般是通过“工作站服务器工作站”的途径进行传播的, 但传播的形式复杂多样。4.难于彻底清除: 单机上的计算机病毒有时可通过删除带毒文件
42、或低级格式化硬盘等措施将病毒彻底清除, 而网络中只要有一台工作站未能消毒干净就可使整个网络重新被病毒感染, 甚至刚刚完成清除工作的一台工作站就有可能被网上另一台带毒工作站所感染。因此,仅对工作站进行病毒杀除, 并不能解决病毒对网络的危害。六、网络病毒的类型由于网络越来越发达, 网络病毒的种类也越来越多, 大体归纳为以下几类:1.蠕虫病毒它的传染机理是利用网络进行复制和传播, 传染途径是通过网络和电子邮件,前缀是 Worm。比如近年危害很大的“ 尼姆达”病毒就是蠕虫病毒的一种。这一病毒利用了微软视窗操作系统的漏洞, 计算机感染这一病毒后, 会不断自动拨号上网, 并利用文件中的地址信息或者网络共享
43、进行传播, 最终破坏用户的大部分重要数据。2.宏病毒宏病毒是一种寄存在文档或模板的宏中的计算机病毒。前缀是Macro, 一旦打开这样的文档 , 其中的宏就会被执行, 于是宏病毒就会被激活, 转移到计算机上, 并驻留在 Normal 模板上。从此以后, 所有自动保存的文档都会“感染” 上这种宏病毒, 而且如果其他用户打开了感染病毒的文档, 宏病毒又会转移到他的计算机上。3.破坏性程序病毒破坏性程序病毒的前缀是: Harm。这类病毒的特性是本身具有好看的图标来诱惑用户点击, 当用户点击病毒时, 病毒便会直接对用户计算机产生破坏。如格式化 C 盘(Harm.formatC.f) 、杀手命令(Harm
44、.Command.Killer) 等。4.系统病毒系统病毒的前缀为:Win32、PE、Win95、W32 、W95 等。这些病毒的一般公有的特性是可以感染 windows 操作系统的*.exe 和*.dll 文件,并通过这些文件进行传播。如 CIH 病毒。5.后门病毒后门病毒的前缀是 Backdoor。该类病毒的共有特性是通过网络传播, 给系统开后门, 给用户带来安全隐患。6.捆绑机病毒捆绑机病毒的前缀是: Binder。这类病毒的特性是病毒作者会使用特定的捆绑程序将病毒与一些应用程序如 QQ、IE 捆绑起来, 表面上看是正常文件, 当用户运行这些捆绑病毒时, 会表面上运行这些应用程序, 然后
45、隐藏运行捆绑在一起的病毒, 从而给用户造成危害。如: 捆绑 QQ(Binder.QQPass.QQBin) 、系统杀手(Binder.killsys) 等。7.脚本病毒脚本病毒通常是 JavaScript 代码编写的恶意代码, 前缀是通常为Spript, 一般带有广告性质 , 会修改您的 IE 首页、修改注册表等信息,造成用户使用计算机不方便。8.病毒种植程序病毒这类病毒的公有特性是运行时会从体内释放出一个或几个新的病毒到系统目录下, 由释放出来的新病毒产生破坏。如冰河播种者(Dropper.BingHe2.2C) 、MSN 射手(Dropper.Worm.Smibag)等。9.玩笑病毒玩笑病
46、毒的前缀是: Joke。也称恶作剧病毒。这类病毒的特性是本身具有好看的图标来诱惑用户点击,当用户点击这类病毒时, 病毒会做出各种破坏操作来吓唬用户, 其实病毒并没有对用户电脑进行任何破坏。如: 女鬼( Joke.Girlghost) 病毒。10.木马黑客病毒木马病毒其前缀是: Trojan, 黑客病毒前缀名一般为 Hack。公有特性是通过网络或者系统漏洞进入用户的系统并隐藏, 然后向外界泄露用户信息, 黑客病毒则有一个可视的界面, 能对用户的电脑进行远程控制。木马、黑客病毒往往是成对出现的, 木马病毒负责侵入用户的电脑, 而黑客病毒则会通过该木马病毒来进行控制。 。一般的木马如 QQ消息尾巴木马 Trojan.QQ3344, 还有大 Trojan.LMir.PSW.60。病毒名中有 PSW 或者什么 PWD 之类的一般表示这个病毒有盗取密码的功能,一些黑客程序如网络枭雄 Hack.Nether.Client 等。
