Objective ad verbatim:
“Antivirus software is important yet free AV products may not offer the best protection. In this project, you download a virus test file to determine how your AV software reacts. The file downloaded is not a virus but designed to appear to an antivirus scanner as if it were a virus. You need to have antivirus software installed on your computer to perform this project.” (Ciampa, 2009)
Process:
1. First, I clicked Start - Control Panel - Security - Security Center. I checked that Virus Protection was turned On.
2. Next, I started up Mozilla Firefox and pointed my browser to http://www.eicar.org/anti_virus_test_file.htm and read the “Anti-Virus or Anti-Malware test file” information. Following that, I downloaded “eicar.com”.
3. When the download completed, my antivirus gave me a warning about the file I just downloaded.
4. Next, I downloaded “eicar_com.zip”. There were no warnings given about the download.
5. I then scanned the .zip file manually for viruses. This time, it detected the infected file.
6. Last, I downloaded “eicarcom2.zip”, a double compressed file. No warnings were given about the download.
7. I then scanned the file when the download completed and it detected infected files.
Reflection:
With the advent of high-speed internet and the greater content available for download over the internet, it is no doubt that a deluge of malware and viruses accompany these downloads. Thus, the importance of antiviruses with internet scanners. From the project, I noticed that although my antivirus had caught the test file during download in its uncompressed form, it allowed the zipped versions to pass through.
This made me think about double confirming that a file is free from infection by manually scanning every downloaded file instead of relying on the download scanner. Also, this prompted me to check how many people actually scanned a file after download. I did a survey with my contacts over MSN Live Messenger and found that only 40% of them scanned a file most of the time and 10% scanned them conscientiously.
With viruses being able to circumvent virus scanners by simply zipping themselves up, it becomes a weak point when users trust their antiviruses to blindly detect malicious code and open the .zip without thinking that the compressed file could be infected.
Sine Cera,
Jeremy Heng
"Quis custodiet ipsos custodes?"
Hands-On Project 3.2 Sources
No comments:
Post a Comment