Справочник Пользователя для ZyXEL Communications 5 Series
Chapter 15 Anti-Virus Screens
ZyWALL 5/35/70 Series User’s Guide
310
15.6 Technical Reference
Types of Computer Viruses
The following table describes some of the common computer viruses.
Computer Virus Infection and Prevention
The following describes a simple life cycle of a computer virus.
1 A computer gets a copy of a virus from a source such as the Internet, e-mail, file sharing
or any removable storage media. The virus is harmless until the execution of an infected
program.
program.
2 The virus spreads to other files and programs on the computer.
3 The infected files are unintentionally sent to another computer thus starting the spread of
3 The infected files are unintentionally sent to another computer thus starting the spread of
the virus.
4 Once the virus is spread through the network, the number of infected networked
computers can grow exponentially.
Types of Anti-Virus Scanner
The section describes two types of anti-virus scanner: host-based and network-based.
A host-based anti-virus (HAV) scanner is often software installed on computers and/or servers
in the network. It inspects files for virus patterns as they are moved in and out of the hard
drive. However, host-based anti-virus scanners cannot eliminate all viruses for a number of
reasons:
in the network. It inspects files for virus patterns as they are moved in and out of the hard
drive. However, host-based anti-virus scanners cannot eliminate all viruses for a number of
reasons:
• HAV scanners are slow in stopping virus threats through real-time traffic (such as from
the Internet).
• HAV scanners may reduce computing performance as they also share the resources (such
as CPU time) on the computer for file inspection.
• You have to update the virus signatures and/or perform virus scans on all computers in the
network regularly.
Table 87 Common Computer Virus Types
TYPE
DESCRIPTION
File Infector
This is a small program that embeds itself in a legitimate program. A file infector is
able to copy and attach itself to other programs that are executed on an infected
computer.
able to copy and attach itself to other programs that are executed on an infected
computer.
Boot Sector Virus
This type of virus infects the area of a hard drive that a computer reads and
executes during startup. The virus causes computer crashes and to some extend
renders the infected computer inoperable.
executes during startup. The virus causes computer crashes and to some extend
renders the infected computer inoperable.
Macro Virus
Macro viruses or Macros are small programs that are created to perform repetitive
actions. Macros run automatically when a file to which they are attached is
opened. Macros spread more rapidly than other types of viruses as data files are
often shared on a network.
actions. Macros run automatically when a file to which they are attached is
opened. Macros spread more rapidly than other types of viruses as data files are
often shared on a network.
E-mail Virus
E-mail viruses are malicious programs that spread through e-mail.
Polyrmorphic
Virus
Virus
A polymorphic virus (also known as a mutation virus) tries to evade detection by
changing a portion of its code structure after each execution or self replication.
This makes it harder for an anti-virus scanner to detect or intercept it.
A polymorphic virus can also belong to any of the virus types discussed above.
changing a portion of its code structure after each execution or self replication.
This makes it harder for an anti-virus scanner to detect or intercept it.
A polymorphic virus can also belong to any of the virus types discussed above.