Embed Size (px)
Citation preview
NETWORK VIRUS- PROTECTION AND PREVENTION
Presented By: Anup MahatoElectronics & Communication Engineering
ABOUT NETWORK VIRUS• What is a Network virus?• Types of Virus• Who are vulnerable?• How they spread? • Symptoms of attackPROTECTION AND PREVENTION• Host vs. Network-based antivirus• Firewall and its Function• Prevention• The steps in the virus removal process
INTRODUCTION• A network virus has the ability to quickly degrade
the performance of a network, totally disabling critical devices, programs and network connections.
• Once the infection spreads, fully eradicating it often
becomes difficult.
• Viruses that use network protocols to spread and infect other computers on a computer network are called worms.
TYPES OF NETWORK VIRUSES
• E-mail (and other application)
• Windows file sharing worms
• Traditional Network Virus
WHO ARE VULNERABLE?
• Financial institutions and banks• Internet service providers• Pharmaceutical companies• Government and defense agencies• Contractors to various government agencies• Multinational corporations• ANYONE ON THE NETWORK
HOW THEY SPREAD
• A network virus makes use of networking protocols and/or applications to spread.
• Network viruses make uses of system network mechanisms, search local and remote system information, monitor network traffic.
• Take advantage of system and network vulnerabilities, and build network connections.
Dept
B
University X
Location
A
Location
CLocation
B
Dept
A
Dept
B
Dept
C
Carrier NAP
Los Angeles
NAP
St. Louis
NAP
Dept
A
Carrier NAP
Carrier NAP
Carrier NAP
Carrier NAP
Carrier NAP
Small Town U.S.A.
NAP
VIRUS/WORM/DATA SPREAD IN UNPROTECTED NETWORKS
Dept
B
University X
Location
A
Location
CLocation
B
Dept
A
Dept
B
Dept
C
Carrier NAP
Los Angeles
NAP
St. Louis
NAP
Dept
A
Carrier NAP
Carrier NAP
Carrier NAP
Carrier NAP
Carrier NAP
Small Town U.S.A.
NAP
VIRUS/WORM/DATA SPREAD IN UNPROTECTED NETWORKS
Dept
B
University X
Location
A
Location
CLocation
B
Dept
A
Dept
B
Dept
C
Carrier NAP
Los Angeles
NAP
St. Louis
NAP
Dept
A
Carrier NAP
Carrier NAP
Carrier NAP
Carrier NAP
Carrier NAP
Small Town U.S.A.
NAP
VIRUS/WORM/DATA SPREAD IN UNPROTECTED NETWORKS
Dept
B
University X
Location
A
Location
CLocation
B
Dept
A
Dept
B
Dept
C
Carrier NAP
Los Angeles
NAP
St. Louis
NAP
Dept
A
Carrier NAP
Carrier NAP
Carrier NAP
Carrier NAP
Carrier NAP
Small Town U.S.A.
NAP
VIRUS/WORM/DATA SPREAD IN UNPROTECTED NETWORKS
Dept
B
University X
Location
A
Location
CLocation
B
Dept
A
Dept
B
Dept
C
Carrier NAP
Los Angeles
NAP
St. Louis
NAP
Dept
A
Carrier NAP
Carrier NAP
Carrier NAP
Carrier NAP
Carrier NAP
Small Town U.S.A.
NAP
VIRUS/WORM/DATA CONTAINMENT IN PROTECTED NETWORKS
SYMPTOMS
• The computer fails to start • Programs will not launch or they fail when simple
commands are performed • Names of files are changing or become unreadable • File contents change or are no longer accessible • Unusual words or graphics appear on the screen • Hard or floppy disks are formatted • Variations occur in computer performance, such as
slowing down in loading or operation
PROTECTING A NETWORK
• Single-User Anti-Virus Software• Managed Anti-Virus Service• Enforced Network Anti-Virus• Server-based Anti-Virus• Firewall to provide external Network security
HOST-BASED VS. NETWORK-BASED ANTIVIRUS
Viruses enter an HAV (host-based antivirus) protected internal network
Using Network -based Antivirus Firewall to stop viruses at the network edge
FIREWALL
• A firewall is a combination of hardware components (such as routers, host computers, NIC cards) and appropriate software, that controls access between your private network (such as a LAN) and an external network (such as the Internet).
FUNCTIONS OF FIREWALL
• A firewall provides specific exit and entry points to your network for both external and internal users.
• We can also allow some external access from the Internet, but only to selected servers for sending email or accessing public corporate information.
• Thus it can stop intensive hacking techniques in network virus implementation.
WHAT WE CAN DO TO PREVENT A VIRUS ATTACK
The best cure for any virus is prevention.To avoid virus infection, weneed to do the following:
• Develop a Virus Protection Plan • Install Network-Based Anti-Virus and Firewall• Scan, Update, and Upgrade Automatically • Back Up Your Data Regularly • Consider Every Disk, Program, and Email Attachment as a Threat • Use Caution When You Download Files from the Internet • Be Aware of Virus Hoaxes• Block executables file attachments • Educate Your Network Users• Avoid using accounts with administrative privileges on an infected network. • Strong password on Shared Drives/folder• Keep all applications (including your operating system) patched.
THE STEPS IN THE VIRUS REMOVAL PROCESS
• Determine the type of virus• Isolate all infected systems and hard disks.• Make sure you have a clean hard disk drive
formatted as a system disk• Use the clean system disk to boot up all
systems with suspected infection• Scan every physical and logical hard disk, as
well every USB Drives.• Clean the infected server.
CONCLUSION• When it comes to virus attacks, knowledge is
the best possible weapon to prevent them.• Preventive measures should be taken before
viruses establish strong hold within a network.• For system administrators it is necessary to
develop a Virus protection Plan and install Network-based antivirus and Firewall.
• Establish a secure infrastructure for your network
THANK YOUSTAY PROTECTED
