Соглашение | Публикация статей

Шторы - calon.by

METHODS OF PROTECTION FROM COMPUTER VIRUSES
Категория: English version

Whatever was not a virus, you need to know the basic methods of protection against computer viruses.
To protect against viruses, you can use:
* General protection of information that are useful as well as insurance against physical damage to the disc, not programs or erroneous actions user;
* Preventive measures to reduce the likelihood of infection;
* Specialized programs to protect against viruses.
Common remedies information useful not only for protection against viruses. There are two main types of funds:
* Copy of the information - the creation of duplicate files and system areas of the disc;
* Distinguish access prevents unauthorized use of information, in particular, protection from changes in programs and data by viruses, not programs and erroneous actions of users.
Despite the fact that the general protection of information is essential to protect against viruses, yet they are not enough. There is a need to use specialized programs to protect against viruses. These programs can be divided into several types: detectors, doctors (Faguy), auditors, doctors, auditors, filters and vaccines (immunizatory).
PROGRAM-detector can detect the files are infected with one of the few known viruses. They check whether the files on a user specified disk specific for this virus, a combination of bytes. When it detects any file on your screen displays a message.
Many detectors have treatment regimens or destruction of infected files.
It should be emphasized that the program detectors can detect only those viruses that are "known". Program Scan firm McAfee Associates and Aidstest DN Can detect some Lozinsky 1000 virus, but a total of more than five thousand! Some detectors, such as Norton AntiVirus or AVSP company "Dialogue-MSU, can adjust to new types of viruses, they need only indicate the combination of bytes inherent in the virus. Nevertheless, it is impossible to develop such a program, which could detect any previously unknown virus.
Thus, the fact that the program has not been identified as infested detectors should not be that it healthy - it can sit any new virus or a slightly modified version of an old virus, unknown program-detectors.
Many detectors (including Aidstest) do not know how to detect contamination of invisible viruses, if such a virus is active in memory. The point is that to read the disc they use functions DOS, and they perehvatyvayutsya virus, which says that all is well. True, Aidstest and other detectors are trying to identify the virus through the viewing of RAM, but against some "hitryh" virus that does not work. So reliable diagnosis program detectors provide only when booting DOS with a clean, sheltered from the floppy disk recording, with a copy of the program-detector should also be started from this disk.
Some detectors, for example, ADinf firm Dialog-Nauka, able to catch the "invisible" viruses, even when they are active. To do this, they read the disk without using the challenges of DOS. True, this method does not work at all drives.
Most detectors have a "Doctor", ie they are trying to restore the infected files or disk area in their original state. Those files that have not been restored, as a rule, are dysfunctional or removed.
Most doctors know how to "treat" only on a fixed set of viruses, so they quickly become obsolete. But some programs may be taught not only how to detect, but also new ways to treat viruses.
This includes AVSP company "Dialogue-MSU."
PROGRAM auditors have two stages of work. First, they remember the status of programs and system disk area (the boot sector and the sector with the table partitioning the hard disk). It is expected that at this point programs and system disks are not infected area. After that, using the auditor may at any time to compare state programs and systemic areas of the disc with the original. On the reported deficiencies identified user.
To check the status of programs and drives held every time you boot the operating system should include a command to run the program auditor in a batch file AUTOEXEC.BAT. This allows you to find any computer virus when he had not yet managed to inflict great harm. Moreover, the same program, the auditor will be able to find a virus damaged files.
Many programs, auditors are very "smart" - they can distinguish between changes in files, such as that caused by the transition to a new version of the program of changes to the virus, and do not cry wolf. The fact is that the virus is usually modify files very specific way and make the same change in different software files. It is clear that in normal circumstances, such changes are almost never found, so the program auditor, record of such changes can confidently report that they are caused by a virus that is.
It should be noted that many of the programs, auditors can not detect contamination "invisible" viruses, if such a virus is active in memory. But some programs, auditors, for example ADinf firm Dialog-Nauka, still know how to do it without using calls for DOS disk (though they do not work at all drives). Other programs often use different half - trying to find the virus in memory, call the challenges of the first line of the file AUTOEXEC.BAT, hoping to work on the "pure" computer, etc. Alas against some "hitryh viruses all this is useless.
To verify that the file whether unchanged, some programs, auditors check the length of the file. But this inspection is not sufficient - some viruses do not change the length of infected files. A more reliable verification - to read the entire file and compute the checksum. Edit the file so that the checksum remains virtually impossible.
Recently, there have been very useful hybrid auditors and doctors, that is Doctor-AUDITOR - programs that not only can detect changes in files and system areas discs, but can change automatically in the event returned to its original state. Such programs can be much more universal than-doctorate programs, because they use in the treatment of pre-stored information on the status of files and areas of the disc. This allows them to remedy the files, even from those viruses that have not been established at the time of writing programs.
But they can not treat all viruses, but only from those who use "standard", known at the time of writing programs, infected files.
There are also software filters that are resident in RAM, and intercept those resorting to the operating system, used by viruses to reproduction and harm, and report them to the user. The user can enable or disable execution of the operation.
Some filters are not "catch" suspicious activities, and inspect the implementation of the program caused by viruses. This is slowing down the computer.
However, the advantages of software filters is very important - they make it possible to detect many viruses at a very early stage, when the virus has not yet managed to reproduce and anything to spoil. In doing so, can be reduced losses from the virus to a minimum.
PROGRAM-VACCINE or IMMUNIZATORY, modify programs and disks in a way that does not affect the work programs, but the virus, of which the vaccination, believes these programs or disks are already infected. These programs are very inefficient.
Neither type of antivirus software separately does not provide complete protection against viruses. The best strategy for protection from viruses is a multilevel, "eshelonirovannaya" defense. Describe the structure of the defense.
Intelligence capabilities in the defense of virus-detection program correspond to inspect the newly acquired software for viruses.
At the front line of defense is software filters. These programs may be the first to report on the virus and prevent infection of the programs and CDs.
The second tier defense program, auditors, program doctors and doctor auditors.
The most profound line of defense - this means access control. They do not allow the virus and the wrong programs, even if they have entered into a computer, corrupt important data.
The "strategic reserves" are archived copies. This allows you to restore the information when it is damaged.
This is an informal description of the methodology allows a better understanding of the use of antivirus tools.


Статьи по теме:

Spyware battle; Use of firewall protection
Backing up data. Should I pay?
The organization and classification of printers
Best Antivirus
Installing Windows Xp on a network without the use of Ris
The situation for the computer
Requirements for computer technology
Tame your registration with the Windows software cleaning registry
Windows Media Player
Geographic Information Systems (GIS) as a means of collecting and analyzing Geodannyh
The story of software Escrow
COMPUTER CRIME PREVENTION
Ms Word Vs Notepad
The physical medium for LANs
Macromedia Dreamweaver against Microsoft placed on the first lane
What is the codec and where they can be downloaded
Advantages of Mobile Commerce
The company Janet Systems Llc Presented Soa-Platform Ijanet Framework Ultra The exhibition «Kitel 2008»
Legal and technical documents
The counterfeiting of computer information
Bus EISA
Developing databases, Inside View
Network
The reverse side of the coin Spyware
Protect photos, images and video
1C Program Office Trade 8
Mistakes Windows registry repair
History of Opera browser
Sugarcrm In Russia
Automation planning printing by Apple (Mac)
Robot Tartalo knocking at your door
Using Protection Agency to maintain the security Professional
The total points in the organization LAN
Windows Vista: When ends Diskspace
Integration Ibm Rational Clearquest and Microsoft Project - The key to successful planning
All font - Using Type1 I Truetype
Routers NetGear
The advent of IBM PC
Completed work on setting up a new product Alee Archive 3 for work with DBMS
Version Mobile Forex 2.15: A new approach to reliability and convenience
Enabling Windows XP
The Office of visualization
Threats to Security Modern Networks
Mobile Trade Optimum - Office Business Representatives
ABOUT personal characteristics COMPUTER CRIMINALS
Architecture Risc Computational kernels
Gigabit Ethernet Technology
The signals under UNIX
VARIETY COMPUTER VIRUSES
Areas which use computer systems based on CompactPCI
HISTORY OF BUILDERS
SWISH Max or Flash animation effects
"Trojan horse"
The funds protect your computer and maximum security
Repair permissions for sluggish computer