jump to navigation

Worms and mitigation November 12, 2013

Posted by markwhylie in Security.

Computer worms are malicious software applications designed to spread via computer networks. A person typically installs worms by inadvertently opening an email attachment or message that contains executable scripts. [1]  Though the idea of a worm was not unheard of at the time of the paper [2], this was really one of the first widespread computer worms to affect a network of unix systems.

Though the author chose to not go into the exact details of the implementation of the worm, because of the fear of one attempting to essentially be a copycat, he did mention enough information from a high level of how this worm replicated and affected a system. It made use of applications and utilities essentially native to the unix environment as a breeding and transportation mechanism.

To stop the spread of worms, I personally believe that educating  the user is one of the most important, if not the most important, step to help mitigate the introduction of a worm to a system or a network. As mentioned in the definition of computer worms, a person typically installs worms inadvertently by opening an email attachment of a message. I believe that if one utilizes common sense, and by common sense I mean do not open email attachments from people you do not know or trust. I do understand that on the flip side of this situation, the person that you know or trust may unknowingly have a worm on their computer that is attempting to replicate itself to your system. With this situation, I believe utilization of email sandboxing could help with situations such as malicious activity maintaining a life cycle through email. Essentially what sandboxing allows is that any email content be stored in a restricted area with limited access and it trapped in that area unless the user specifically removes it. For more details on this please see [3]

[1] http://compnetworking.about.com/cs/worldwideweb/g/bldef_worm.htm

[2] http://spaf.cerias.purdue.edu/tech-reps/823.pdf

[3] http://www.sandboxie.com/?EmailProtection



No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: