Saturday, March 14, 2020

Anti-Virus Essays

Anti-Virus Essays Anti-Virus Essay Anti-Virus Essay The Interpretation mechanism must be specific to each operating system or component In which the antivirus Is going to be Implemented. For example, in Windows 91, a virtual driver VS. Is used, which continually monitors disk activity. In this way, every time the information on a disk or floppy disk is accessed, the antivirus will intercept the read and write calls to the disk, and scan the information to be read or saved. This operation is performed through a driver in kernel mode in Windows NT/2000/XP or an NIL which intercepts disk activity in Novel Antivirus products hat are not specially designed for operating systems, but are Implemented over other applications, have a different interpretation mechanism. For example, In an antivirus for CAP Firewalls, It Is the firewall that provides the antivirus with information in order to scan it through the CAP protocol and in the antivirus for Essential, the Millimeter filter facilitates information interpretation. Sometimes an interpretation mechanism is not provided by the antivirus (such as a Vs.) or the application (such as the CAP). In this case, special mechanisms between the application and the antivirus must be used. In other words, resources that intercept information and pass it to the antivirus, offering complete integration in order to disinfect viruses. Once the information has been scanned, using either method, if a threat has been detected, two operations are performed: 1 . The cleaned Information Is returned to the Interpretation mechanism, which In turn will return it to the system so that it can continue towards its final destination. This means that if an e-mail message was being received, the message will be let through to the mailbox, or if a file way being copied, the copy process will be allowed o finish. 2 A warning Is sent to ten user Interface. I Nils user Interface can vary greatly. In an antivirus for workstations, a message can be displayed on screen, but in server solutions the alert could be sent as an e-mail message, an internal network message, an entry in an activity report or as some kind of message to the antivirus management tool. As you can see, antivirus programs do not perform miracles, nor is it a software tool that you need to be wary of. It is a very simple security ally that offers precision and advanced technology. Consider this; when you copy a few mega bytes to the hard disk of your computer, the antivirus must look for over 65,000 viruses without affecting the normal functioning of the computer and without the user realizing. Antivirus programs offer a high level of protection and prevent any nasty surprises. It is as simple as putting XX dollars in a box to get peace of mind. Im sure that now you dont have any serious doubts.. Scan Engines Regardless of how the information to be scanned is obtained, the most important function of the antivirus now comes into play: the virus scan engine. This engine scans the information it has intercepted for viruses, and if viruses are detected, it disinfects them. The information can be scanned in two ways. One method involves comparing the information received with a virus database (known as virus signatures). If the information matches any of the virus signatures, the antivirus concludes that the file is infected by a virus. The other way of finding out if the information being scanned is dangerous, without knowing if it actually contains a virus or not, is the method known as heuristic scanning. This method involves analyzing how the information acts and comparing it with a list of dangerous activity patterns. For example, if a file that can format a hard disk is detected, the antivirus will warn the user. Although it may be a new formatting system that the user is installing on the computer rather than a virus; the action is dangerous. Once the antivirus has sounded the alarm, it is up to the user whether the danger should be eliminated or not. Both of these methods have their pros and cons. If only the virus signatures system is used, it is important to update it at least once a day. When you bear in mind that 15 new viruses are discovered everyday, an antivirus that is left for two or three days without being updated is a serious danger. The heuristic system has the drawback that it can warn you about items that you know are not viruses. If you have to work with a lot of items that may be considered dangerous, you could soon tire of the alerts. Programmers in particular may prefer to disable this option. Permanent and on demand scans when casseroling antivirus programs, It Is Important to clearly Lustiness Detente the two types of protection on offer. The first is permanent scans, which are more complex and essential. These scans constantly monitor the operations performed on the computer to prevent any kind of intrusion. The other type of protection available is on demand scans. These use the same scan engine as the permanent protection and check any parts of the system whenever the user wants. These are normally used under special circumstances. For example, a user may want to perform an on demand scan when using a new floppy disk or to check information stored on the computer that hasnt been used for a while.