Virus Entry Points

The infection techniques and software vulnerabilities exploited by viruses and other computer threats.

Internet
Networks
Removable Disks

If you want to prevent attacks, knowing how they can enter your system is a vital first step.

Internet

The Internet has become the most widely used form of sending and receiving information. Unfortunately, it also serves as the fastest way to spread viruses and other computer threats.

E-Mail. The most common way to spread a virus or other threat, and where almost 80 percent of virus infections originate. The biggest dangers of a virus spread through e-mail include:

• Rapid transmission. One infected message can, in just a few minutes, infect thousands of computers.
• Increased exploitation of inter-connected computers, as users can send and receive messages to and from any kind of computer or platform.
• The sophisticated techniques used by modern viruses mean they can resend themselves to all the users in your address book, unleashing their infection when the message is opened or exploiting vulnerabilities in mail programs to run automatically.

All this points to the need to thoroughly protect possible network entry points, including communication ports and e-mail protocols (POP3 and SMTP).

Internet browsing. Some web pages use programs such as Java applets and ActiveX controls to make web pages more dynamic, but viruses and other threats can also infect these programs and spread to Internet surfers visiting infected sites.

Some new viruses and other threats have the ability to take advantage of security vulnerabilities in web servers, while some viruses can redirect users to pages that have already been infected.

File Transfer (FTP). The term FTP stands for File Transfer Protocol. This information exchange system makes it possible to save documents (upload) and copy files (download) from one computer to another, anywhere in the world. When a file is downloaded from an FTP site, it is copied directly to your computer. Files from FTP sites can harbor viruses or other threats which could then be downloaded into your system.

News Groups (News). Online newsgroups and interactive messages known as chat (IRC, ICQ, etc.) represent another security risk. These groups have similar functions allowing users to post messages for others to read and respond to. The posted messages can sometimes be infected with a virus.

Networks

Networks are valuable tools for groupwork and sharing information throughout companies and organizations. However, they also greatly increase the number of entry points for viruses and other threats.

Shared disk. A computer can have one or more hard disks which can be shared with a number of users across a network. If these disks were infected, when other computers access the infected drive they would become infected as well, and vice versa.

Workstations. Users connected to a network carry out thousands of information transactions daily, both internally (within the network) and externally (outside the network and through the Internet). If not properly protected, each workstation becomes a liability, creating numerous potential entry points for infected files.

Servers. Servers allow a network to function; they facilitate the connections between workstations, location of files, e-mail management, outside communications, etc. However, they also use applications which can have vulnerabilities that can be exploited by viruses and other threats.

If a server is infected it can contaminate the workstations connected to a network instantaneously. Likewise, a server can be contaminated by a single workstation or other server.

Proxy servers and firewalls. These gateways create the boundaries of the network "perimeter", through which all the information entering and leaving a network must pass. Viruses and other threats from outside the network enter the perimeter in the form of infected files or malicious code, passing from one server to another.

Viruses spread through networks. Certain viruses and other threats are designed specifically to spread across computer networks, infecting all possible areas of the IT infrastructure.

Although they share similar objectives, they often use different means to access a system: exploiting vulnerabilities in software, attacking certain file or mail servers, sneaking through proxy servers and firewalls.

In order to properly protect a network, both inbound and outbound traffic passing through the perimeter must be monitored. The biggest danger that viruses and other threats present is their ability to spread. So should they enter the network, they must still be stopped from leaving.

This website offers network administrators specific advice to protect their systems. Other users should consult the practical tips section.

Disks (storage devices)

Disks are storage devices on which data is stored in the form of files, web pages (files with HTML, ASP…extensions), e-mail and downloaded Internet files etc.

DVD & CD-ROM. Abundant memory and versatility make these disks compatible with a large variety of hardware and software, replacing traditional floppy disks. The increasingly widespread use of DVD & CD-ROM presents a potential danger.

Removable/extractable Disk Drives. A removable disk drive is a drive that allows users to move information from one computer to another by connecting an external drive. If the information on the drive is infected it can be spread from one computer to another.

Shared Network Drive. This is a shared drive located on one computer and connected to a network of computers. All of the computers on the network then have access to the shared drive. Logically, if the network drive becomes infected, so can all the computers that share it.

Zip & Jazz Disks. These are portable disks that have a large capacity for storing data which has been compressed and minimized. If they are not properly protected they can also lead to virus transmission.

Floppy Disks. These were once the most common form of spreading viruses but have been replaced by newer more versatile disks. Still however, they do represent a significant risk in terms of spreading viruses. Floppy disks (or diskettes) for example, are the only known form of loading a boot virus into a computer, which can affect the system boot sector.