The NCSA Guide to PC & LAN Security
Stephen Cobb, CISSP
Chapter 9: Secure Code
This chapter is about: Defeating viruses, worms and other malicious code
...the chapter helps you to protect against what is probably the most widely publicized threat to personal computer security: harmful or malicious programs. This is software which can erase files, bring down networks, and waste an awful lot of person power and processing time. If you need immediate assistance with a Virus problem, check out the NCSA Anti-Virus page.There are several types of malicious program that go by strange names, like viruses, bombs, and worms, grouped together as malicious code, or MC, although each type poses a different threat to the integrity and availability of your data.
- Virus: a program which, when executed, can add itself to other program, without permission, and in such a way that the infected program, when executed, can add itself to still other programs.
- Worm: a program which copies itself into nodes in a network, without permission.
- Trojan: a program which masquerades as a legitimate program, but does something other than what was intended, (as in the deceptive wooden horse used by the Greek army to achieve the fall of Troy).
For companies active in this field check out the following Hot Links at NCSA:
- Anti-Virus Protection
- Malicious code detection and prevention, anti-virus software, anti-virus education.
The Story So Far
- No typos or errors reported so far.
- Links and supplemental info being prepared.
- Check back in 10 days for more links and info.
Table of Contents with Links to Chapters
- Chapter 1. Security Matters: Assessing the problems, threats, and issues
- Chapter 2. Security Solutions: Basic concepts and techniques
- Chapter 3. Security Planning: Risk analysis and security policy
- Chapter 4. Secure Hardware: Defending and insuring equipment
- Chapter 5. Secure Power: Spikes, Sparks, and Electrical Threats
- Chapter 6. Secure Sites: Defending sites and systems
- Chapter 7. Secure Access: Controls, passwords, and encryption
- Chapter 8. Secure Data: Backup, backup, backup
- Chapter 9. Secure Code: Defeating viruses, worms and other malicious code
- Chapter 10. Secure Software: Piracy, bugs, and other "soft" threats
- Chapter 11. Secure Networks I: Generic network defense
- Chapter 12. Secure Networks II: Protecting name brand networks
- Chapter 13. Secure Communications: WANs, remote access, and the Internet
- Chapter 14. Secure People: Hacking and ethical issues
- Chapter 15. Security in the Future: How to become and remain secure
- Appendix A: Threat List
- Appendix B: A Brief Guide to Batch Files
- Appendix C: Computer Security Policy
- Appendix D: Notes on EMR
- Appendix E: Export Restrictions on Encryption
- Appendix F: Further Resources
- Appendix G: Glossary
- Appendix H: How Public Key Encryption Works
- Appendix I: Introduction to LANs
- Appendix J: Securing Safe Software
- Appendix K: Appraising Microsoft AV