US-CERT Computer Virus Resources
This document lists resources that might be useful for dealing with
computer viruses. We have provided these lists for information and
convenience only. As part of a Federally Funded Research and
Development Center (FFRDC), the CERT® Coordination
Center cannot endorse any products, services, or organizations.
I. Frequently Asked Questions (FAQs) about Computer Viruses
II. Hoax and Chain Letter Databases
III. Virus Databases
IV. Virus Organizations and Publications
V. Data Integrity Tool Vendors
VI. Anti-Virus Vendors
VII. Papers
VIII. Other Resources
I. Frequently Asked Questions (FAQs) about Computer Viruses
If you are not familiar with computer viruses or do not know how to
clean a computer virus from a computer, these FAQs are a good
starting point. The following list of FAQs is hosted at:
http://www.faqs.org/
II. Hoax and Chain Letter Databases
The CERT Coordination Center receives many calls and emails from
people asking whether or not a message they received via email is
true or not. The following list of resources can help you separate
the hoaxes from the valid warnings. (In addition to these
resources, there are also several papers in section VII. Papers and Articles that discuss how to identify
a hoax.)
III. Virus Databases
The following databases can be useful if you are looking for
specific information about a particular virus. Some of the
databases are larger than others and some may have more detailed
information than others do.
IV. Virus Organizations and Publications
The following descriptions come from the web site of the organization
or publication.
- EICAR (European Institute for Computer Anti-Virus Research)
- http://www.eicar.com/
- EICAR combines universities, industry and media plus technical,
security and legal experts from civil and military government
and law enforcement as well as privacy protection organisations
whose objectives are to unite non-commercial efforts against
writing and proliferation of malicious code like computer
viruses or Trojan Horses, and, against computer crime, fraud
and the misuse of computers or networks, inclusive malicious
exploitation of personnel data, based on a code of conduct.
- Virus Bulletin
- http://www.virusbtn.com/
- The international publication on computer virus prevention,
recognition and removal. Virus Bulletin is the technical
journal on developments in the field of computer viruses and
anti-virus products
- The WildList Organization International
- http://www.wildlist.org/
- The mission of the Wildlist Organization is to provide
accurate, timely and comprehensive information about "In the
Wild" computer viruses to both users and product developers.
The WildList, a list of computer viruses found in the wild and
reported by a diverse group of over 40 qualified volunteers, is
made available free of charge by the organization.
V. Data Integrity Tool Vendors
Data integrity tools are useful important tools in knowing if any
files have been modified on a system. This is useful for protecting
system agains computer viruses since integrity checkers do not
require updating signature files to detect computer viruses. When an
integrity checker is installed it creates a database of checksums for
a set of files. The integrity checker can then tell if files have
been modified by comparing the current checksum to the checksum it
took when installed. If the checksums do not match then the file has
been modified in some manner. Some integrity checkers may be able to
identify the virus that modified a file, but others may just be able
to aleart you to the changes. Integrity checkers are not only useful
for detecting a possible infection, but also useful for helping to
detect intruders.
VI. Anti-Virus Vendors
Anti-virus products provide important tools for protecting your
systems from computer viruses. Since new viruses are created every
day, it is important to keep your anti-virus product up to date.
The following list of anti-virus vendors includes URLs from which
you can download updates for anti-virus products and for definition
files. Contact information for product support is also listed.
Some vendors use email mailing lists to alert users of
updates. Often, you can subscribe to these lists through the vendors
web sites.
VII. Papers and Articles
The following documents about computer viruses, chain letters, and
hoaxes come from various sources.
Viruses
Hoaxes and Chain Letters
VIII. Other Resources
|