Worm

WormWorm

A Worm creates files that copy themselves repeatedly and consume disk space. Worms do not require user intervention to be launched; they are self-propagating. Some worms can install back doors - a way of gaining unauthorized access to a computer or other resource, such as an unused port or terminal service, that makes it possible for attackers to gain control over the computer. Worms often replicate to new host systems by exploiting flaws in popular network services such as IIS, SQL, or other networked services that await inbound connections on a specific port. A port is an area in random access memory (RAM) that is assigned a number (the port address) and is reserved for a program that runs in the background to listen for requests for the service it offers. Other worms can destroy data on a hard disk or network file share. Just like a cold or flu virus, computer viruses and worms can mutate or be altered to defeat anti-virus software.

Viruses, worms, and Trojan programs are a major security threat. They can damage files, enable attackers to control computers, and prevent applications from functioning correctly. When creating a network defense perimeter, you need to consider guarding against all three. Firewalls and Intrusion Detection Systems do not block malicious code on their own; you need to install anti-malware software or proxy servers that can be configured to filter out malicious code and delete it before it causes harm.


Defenses

User Awareness and Information Security Training: Empowering the user is always the first line of defense. Diligent and educated users will automatically be wary of worm activity. While worms are self-executing and self-replicating without user interaction, they can cause odd system behavior, and slow or consume system resources.

Anti-Virus / Anti-Malware End-Point Protection: Not just for viruses, anti-virus software protects against worms, Trojan Horses, and more. There are many free anti-virus solutions for home users, for Windows, Linux and Macintosh computers. Regardless of the operating system you use, anti-virus is a must-have. This protection provides a second layer of defense, and will intervene if the computer user (or some background program process) attempts to execute or interact with a virus. Furthermore, anti-virus solutions typically quarantine the malicious program, placing it in an isolated location which can allow for further review by a technician or information security practitioner.