Navigation

Home

Mission Statement

Steps to Take

File ExtensionsFile Extensions

Windows Scripting HostWindows Scripting Host

Outlook ExpressOutlook Express

Internet ExplorerInternet Explorer

NetscapeNetscape

OperaOpera

Conclusion

Links

Back to Tutorials

In the past, the most common way to spread a virus was through a floppy disk. But today, hackers and virus writers have a much more powerful and easier means of infecting PCs: E-mail attachments and embedded scripts in the text of an e-mail. Although not as common, other known vulnerabilities are the malicious scripts embedded in web pages and virus infected programs that have been downloaded over the Internet.

In the tutorials on this site you will be disabling ActiveX and various scripting to prevent "Script Viruses". However, there may be times when you really need scripting enabled. For example, on-line banking or on-line college classes may require scripting. For this I would recommend one of two things:

  1. Having two browsers, one with scripting disabled for your daily web surfing and another browser with scripting enabled for when you are viewing sites that you trust.
  2. Or you can place the URL's of the sites that you trust in the "Trusted Sites" section of your security settings (we will go over this later).

Viruses
A virus is a program that infects systems by rewriting files, or by inserting or attaching a copy of itself to a file such as an e-mail attachment. When an infected file is opened, the embedded virus is executed. Often, users don't realize that this is happening in the background.

Script Viruses
Script viruses are written in script programming languages, such as Visual Basic Script (VBS) and JavaScript. VBS and JavaScript viruses make use of Microsoft's Windows Scripting Host to activate themselves and infect other files.

ActiveX
ActiveX are programs that run from within browsers like Microsoft's Internet Explorer. They add functionality to Web sites and make them interactive. They are used to provide animation, display images with sound, display scrolling text, and for certain interactive online games on Web sites.

ActiveX controls can be used within a variety of Microsoft applications, aside from Internet Explorer, and have control over the computer's operating system. An ActiveX component could therefore be made to perform a wide variety of malicious things from wiping out data, to damaging the operating system, to stealing passwords.

Windows Scripting Host
Windows Scripting Host (WSH) runs scripts written in Visual Basic or Javascript. WSH is available on Windows 98 (can be installed on Win95) and Windows 2000. Script viruses can be activated simply by double-clicking a .vbs or .js file from Windows Explorer, by reading text in Outlook Express or by double-clicking a .vbs or .js attachment, and even by visiting a web site that has a malicious script emebeded in the page itself.

Java Applets
Java applets allow Web developers to create interactive, dynamic Web pages with broader functionality. Java applets are small, portable Java programs embedded in HTML pages. They can run automatically when the pages are viewed. However, hackers, virus writers, and others who wish to cause mischief may use Java malicious code as a vehicle to attack the system.

Here are a few examples of what malicious scripts are and what they can do:
 

  1. Buffer Overrun Vulnerability. By using a specific HTML directive, an attacker could create a Web page and either post it on a Web site or send it to a user. Once invoked the attacker would gain the same access on the system that the user had. Potential actions include reading files, starting applications and reformatting the hard drive.

  2. GetObject Scripting Vulnerability. Successful implementation of this vulnerability would allow an attacker to read files on another computer or send the content of files to an attacker.

  3. Display of File Names Vulnerability. This vulnerability could allow an attacker to display the wrong file name when a download is initiated from the Web. This could be used to trick a user into downloading a dangerous file.

  4. Content-Type HTML Header Field Vulnerability. An attacker could potentially start any application on another computer and run a file supplied by the attacker. There is a range of possible actions, including the creation of new files on the user's system or the reformatting of the hard drive.
Valid CSS! Valid HTML 4.0!
Hosted by www.Geocities.ws

1