Computer programs Essay

Computer programs that reside in a troops computers memory and control its functionality, in order to suffer information residing on the host computer, atomic number 18 cognise as contrary code. Vir holds like the Melissa, The Love Bug, Hybris, and CIH ar the best examples of hostile code. The development of the meshing has helped the release, transmission and effectiveness of hostile code and its rapid development (Robert J. Bagnall, manifest 14, 2001). Hostile code has been classified into three categories, namely, Viruses which are computer programs commonly hidden within other seemingly harmless programs.These malicious programs puke and get embedded in other programs with the intention of performing most harmful action (Merriam-Webster OnLine, n. d). They stretch out from file to file on the kindred computer and not to other computers from that computer (Symantec, n. d). Worms, which are self contained programs that spread copies of it to other computer systems, via networks connections like the IRC or as email attachments. They echo like viruses, exclusively spread from computer to computer.They are much to a greater extent dangerous than viruses because they spread faster and affect entire computer networks. fifth column Horses, which contain hidden commands within code resembling a useful program. They energize the computer do what was not intended to be d ace by the user. They erase specific files format hard disk drives, steal passwords and institute server programs onto the infected computer in order to permit international access. In order to tackle hostile code attacks, forensics use irreverence detection and incident response.Intrusions are suspicious computer activity these are dealt with by the following step wise procedure, preparation, detection, investigation, eradication, recovery and follow up. That such(prenominal) an attack is taking place gage be assumed whenever, thither are service slowdowns or malfunctions, web de facements, anonymous tips, etc. The post will be to isolate and contain the attacker by place up a so called victim machine or point subnet on the network. Once the IP Address is determined, then the source of the attacks can be determined.A few of the methods used in this process are the ping and traceroute facilities, suppose the IP Address is known but it is not in quad format then one can use the ping or traceroute detect the IP Address in the average quad format. In case the domain name is known but not the IP Address or vice versa, then one can use the nslookup tool. This tool works with UNIX, Windows NT and Windows 2000. While, registering the domain name it is indwelling to furnish details of name and contact address.The whois utility is used to give contact information on a specific domain to capture the contact details of all persons registered with them. One of the more well known of such utilities are provided by the Sam Spade Web internet site (http//samspade. o rg) and the one provided by Network Solutions. After the contact information is obtained a traceroute is run to determine the route that the data packets are following. In this dash the source of the hostile code can be determined (Heiser and Kruse, 2001).SourcesBagnall, Robert J.Computer Viruses & auspices WARNING Visual Basic, Active X, Java and other Mobile Code, Retrieved action 29, 2006 from http//membrane. com /security /java_and_cookies/notes/mobile_code_malware. html Merriam-Webster OnLine. Retrieved March 29, 2006, from the World Wide Web http//www. m-w. com/cgi-bin/ dictionary? virus Symantec. Retrieved March 29, 2006, from the World Wide Web http//www. symantec. com/avcenter/virus. backgrounder. html Heiser, Jay G. and Kruse II, rabbit warren G. Computer Forensics Tracking an Offender. Addison Wesley Professional. Boston MA.