The menace of worms

It is a given in this world that every entity has two aspects - one benign, and the other malignant. This duality of functionality can be found in virtually everything. Take the humble kitchen knife, for example. Cooks use it for chopping vegetables. It can also be used to slice through tender necks. Human brain can be used to do constructive things - such as planting seeds in farms to grow food crops, construct strong shelters that protect against nature's forces, and build computers and software that make life so easy. The human brain can also do destructive things - such as build the bomb, indulge in genocide, and take advantages of the computer's weaknesses to wreck havoc on established conventions of doing things on the net.

The worms are but another example of man's darker side of genius.

Worms are such pesky creatures. They apparently appear out of nowhere, and having done whatever they had come to do, vanish into nowhere. Their reproducing and replicating mechanisms are so simple. Computer worms share similar attributes. They are apparently very easy to construct, too. Why, the first worm that was created with malignant intention, was actually written by a student! When it was released to an unsuspecting world in 1988, it heaped a lot of damage on several BSD UNIX machines before an angry world could trace it, track it down, and catch both the worm and its perpetrator red-handed. The boy - Robert Tappan Morris Jr - was convicted and fined.

So, what exactly is a computer worm?

A computer worm differs from its other illustrious brethren - the virus - in that a worm does not need any props or help from other executable files. It can use the system's transmission capabilities - so it can travel from machine to machine, merrily, like a happy-go-lucky vagabond. One of its most important features is its strong sense of self-propagation. A worm, after lodging itself on one machine, can spawn several clones of itself. Each of these clones then marches forth, to conquer the cyber world.

How do worms spread?

Where do newly cloned computer worms march to? A worm can open your email address book, and in a jiffy despatch one clone each to each of the addresses available there. Of course, the machine has to be connected to the net. If it is not, the worm silently bides it time till the connection takes place. Instant messaging softwares (MIRC, MSN Messenger) too act as unwitting carriers for these worms which spread like wildfire throughout the cyberworld (the "Choke" worm is an example). Vulnerabilities in operating systems, preferred Windows, are thoroughly exploited by worms to push themselves out. Machines and servers where these vulnerabilities can be made use of are known as "Backdoor-compromised remote systems" in worm-parlance. The "Bormex" worm is an infamous example of such a creature.

There is this facility available with peer-to-peer networks, known as the P2P folder, which all users of the network share with each other. A worm can simply copy itself in here, innocently waiting for the other users to pick it up. If the folder does not exist, the worm simply creates it for the benefit of the users! How benevolent can worms be! In the hall of hoodlums, worm "Axam" gets top honours for such devious activity.

Some worms take on even more deceptive forms to snare users. Sending emails with malicious code embedded in them, or through attachments, or by acting as SMTP proxies themselves (Sircam, Nimda), or by exploiting MX record lookups for SMTP server address resolution, or attempting remote logins (especially on Microsoft SQL servers - the "Spida" worm does this quite elegantly!) to launch DDoS (distributed denial of service) attacks, or injecting malicious code in scripts running on the server like "Slammer", ... whew. The arsenal available with these worms is huge and evergrowing.

Worms that shall stay for a long, long time in the living memories of mankind, for the kind of damage that they did to global commerce are the Sasser, MyDoom, Sober, Blaster, Code Red, Melissa, and the Loveletter worm. Besides giving sleepless nights to the sleuths that were backed by governments and the industry with all their combined might, billions of dollars went down the drain to control their menace. The face of internet surfing and computerized operations was changed radically, due to these worms.

What exactly is the nature of havoc that these worms bring to bear upon us? Well, Denial of service (DoS) is one situation that users of a server may find themselves in, thanks to these programs. As a worm zooms towards doom, precious data residing on the hard disk is destroyed in its swathe. (The file is not deleted. Its data is plucked out and vaporized in thin air. It is like some evil plucking out the soul from your body, while being careful to keep your body intact. So people think you are "okay", when in fact you are "not".)

Worm writers are nowadays working together with Spammers (they make a nice twosome, don't they?) to send out unsolicited emails to increasingly bloated inboxes. "Phishing", the latest fad in town, that is devised to prise those secret passwords of bank accounts and credit cards out of you, are piggyback-riding on worms' powerful shoulders.

So much for the end-of-the-world-speak. What is the cure for all this, for crying out loud! You would ask.

Like a cat-and-mouse game, the moment worms came into existence, worm-trappers came into existence too. Special softwares have been designed that not only kill worms that were known when they were built, but also update themselves on a daily basis against any new threats.

However, this updation is always going to be a tad behind the ultra-sophisticated lethal wizardry of worms. The best way to guard oneself strongly is to go in for the anti-worm software a-squared, a software that it is in the fore-front of attacks against malware.

How does a-squared score over other anti-worm and anti-virus products?

a-squared has a special Malware Intrusion Detection System (Malware-IDS) that is able to detect and kill these worms at the doorway of your system itself. The great thing about this is that the detection process does not require any signature scanning to identify the worms, which all the other products are handicapped with.

The Malware-IDS, once installed, never sits idle. You may visualize an always worrying, paranoid housewife, with a fetish to keep the house clean, and who runs after every rat or other vermin that she sees with a broomstick in hand. Like this housewife, the Malware-IDS continuously keeps an alert eye on every program that is running, or trying to run, on your machine, ready to pounce on any program that is trying to do something that "good" programs are not supposed to be doing. Such "delinquent" programs are caught by the neck, by the IDS, and paraded before you. You can leisurely sit back, and decide whether the program has malafide intentions or not, and can pronounce your verdict. Based on the verdict, the program is acquitted honorably, or sent to the gallows.

With a strong development and support team spanning continents, a-squared has emerged as an important player in the anti-malware domain. Keeping your machine in a-squared's safe hands would be the safest thing to do today.

Protect thyself!