Chapter 28 Anti-Virus

Table 150 Anti-X > Anti-Virus > Signature (continued)

LABEL

DESCRIPTION

Severity

This is the severity level of the anti-virus signature. Click the severity column

 

header to sort your search results by ascending or descending severity.

 

 

Category

This column displays whether the signature is for identifying a virus or spyware.

 

Click the column heading to sort your search results by category.

 

 

28.7 Anti-Virus Technical Reference

Types of Computer Viruses

The following table describes some of the common computer viruses.

Table 151 Common Computer Virus Types

TYPE

DESCRIPTION

File Infector

This is a small program that embeds itself in a legitimate program. A file infector is

 

able to copy and attach itself to other programs that are executed on an infected

 

computer.

 

 

Boot Sector Virus

This type of virus infects the area of a hard drive that a computer reads and

 

executes during startup. The virus causes computer crashes and to some extend

 

renders the infected computer inoperable.

 

 

Macro Virus

Macro viruses or Macros are small programs that are created to perform repetitive

 

actions. Macros run automatically when a file to which they are attached is

 

opened. Macros spread more rapidly than other types of viruses as data files are

 

often shared on a network.

 

 

E-mail Virus

E-mail viruses are malicious programs that spread through e-mail.

 

 

Polymorphic Virus

A polymorphic virus (also known as a mutation virus) tries to evade detection by

 

changing a portion of its code structure after each execution or self replication.

 

This makes it harder for an anti-virus scanner to detect or intercept it.

 

A polymorphic virus can also belong to any of the virus types discussed above.

 

 

Computer Virus Infection and Prevention

The following describes a simple life cycle of a computer virus.

1A computer gets a copy of a virus from a source such as the Internet, e-mail, file sharing or any removable storage media. The virus is harmless until the execution of an infected program.

2The virus spreads to other files and programs on the computer.

3The infected files are unintentionally sent to another computer thus starting the spread of the virus.

4Once the virus is spread through the network, the number of infected networked computers can grow exponentially.

Types of Anti-Virus Scanner

The section describes two types of anti-virus scanner: host-based and network-based.

A host-based anti-virus (HAV) scanner is often software installed on computers and/or servers in the network. It inspects files for virus patterns as they are moved in and out of the hard drive. However, host-based anti-virus scanners cannot eliminate all viruses for a number of reasons:

480

 

ZyWALL USG 100/200 Series User’s Guide