How can one computer infected with a virus spread it over LAN?

565 views
0

Like if there are four computers on my router, 3 of them are updated to the most recent version of Windows 10, and 1 of them is on a copy of Windows 7 that hasn’t been updated in a decade, how could the Windows 7 machine spread a virus to the Windows 10 machine?

Isn’t there a firewall to stop this from happening?

In: Technology

Think of LAN like a blood transfuser. Everything connected to the LAN is a person.

Everyone has their blood shared. So if the blood (data) of one person is tainted it ends up in all.

To add regarding the question regarding the firewall(i take the example of the first responder):

Firewall and LAN are essentially different blood streams. That’s why they don’t apply.

If it spreads on its own, it would be called a worm, not a virus.

Home networking doesn’t usually have particularly complicated configuration over the internal network. Your switch is just blindly shuffling data back and forth between devices on your network without caring what it is. You’d need more expensive & complex equipment to set things up safely. It would probably make more sense to unplug or upgrade the machine.

The LAN is used to send messages between computers. When a computer receives a message, it has to process the information in that message. If the program processing the message has a bug in it, it’s possible for some messages to cause the computer receiving the message to do something the programmers didn’t intend.

For some programs, if you send them just the right message, you can convince them to save things onto the computer’s disk. If you can do that, you use those specially crafted messages to trick the other computer into saving a copy of yourself. Boom. That’s how a virus can copy itself to another computer.

A firewall is a blunt instrument. It helps, but it’s certainly not perfect, and it needs to be correctly configured. And it’s of no help when access must be allowed.

All a firewall does is having a list of rules:

* If a connection comes from place A, and wants to use service S, allow it
* If a connection comes from place B, and wants to use service S, allow it
* If a connection comes from place B, and wants to use service S2, allow it
* Otherwise, forbid the connection.

So that’s all well and good, but the protection it provides is limited. For instance, on a LAN you probably want to share data between machines. You want to have working file sharing, maybe remote desktop access. And that means those services are allowed through firewall, and any vulnerability they might have is exposed.

By analogy, a firewall is a list of people you’ll open the door to. Not opening the door to strangers certainly helps your security, but if a friend of yours decides to shoot you, the whitelist isn’t going to magically protect you against that.