Computer Viruses
and what you can do to keep them off your PC!
Some of the following contains excerpts from articles and information freely available from our own United States Government's Computer Emergency Response Team (CERT) – www.cert.org and www.us-cert.gov. In particular, you may want to check out the article “Home Computer Security” at the following link:
http://www.cert.org/homeusers/
HomeComputerSecurity/home_computer_security.pdf
A few of the common ways a computer virus can infect your computer:
via email attachments:
--example: you get an email that looks like it came from a friend that entices you to open an attached file. If you do – your PC is infected. A good anti-virus software that scans email attachments might spot the virus and alert you – but don't count on it.
Also – just because it came from your friend doesn't mean that it came from that friend – or that your friend's computer has the virus. Most of the active email viruses out there are set up to grab random names from the address books found on an infected computer. They put random names from that person's address book into the “To:” field and the “From:” field and send out their enticing payloads to everybody in that address book.
exploiting unpatched security holes in your operating system:
--example: go out and buy a new computer with Windows XP and connect directly to the internet and you will likely be infected with an internet worm (a type of virus) such as the Sasser worm– even if you already have an active anti-virus software. Since the operating system is most likely not updated with the latest patches from Microsoft, there is nothing the virus software can do – the operating system has a flaw in it which allows the worm to automatically spread from one un-patched computer to the next.
Inserting infected disks or storage devices into your computer:
--This particular type of infection is becoming more and more infrequent as the popularity of the internet and email use grows.
What can you do to secure your computer and prevent Viruses from infecting
your computer (as well as keep intruders out)? Follow the CERT recommended
task list:
Task 1 - Install and Use Anti-Virus Programs
Task 2 - Keep Your System Patched
Task 3 - Use Care When Reading Email with Attachments
Task 4 - Install and Use a Firewall Program
Task 5 - Make Backups of Important Files and Folders
Task 6 - Use Strong Passwords
Task 7 - Use Care When Downloading and Installing Programs
Task 8 - Install and Use a Hardware Firewall
Task 9 - Install and Use a File Encryption Program and Access Controls
The CERT 9 tasks for securing your computer:
Task 1 - Install and Use Anti-Virus Programs
Norton anti-virus is good – and there are many other excellent anti-virus products out there. Most work on a subscription basis – which means that when you buy the product – it will protect your computer for a year and then the subscription will run out (no more updates). Don't forget to keep you anti-virus software updates often (I recommend weekly – if not sooner). Look for products that do this automatically for you. For a free (for home users) product that works well and includes free definition updates try AVG Anti-Virus Version 6.0 Free Edition available free from www.Grisoft.com
Task 2 - Keep Your System Patched
If your Microwave was defective and needed repairing – you would probably fix it. Chances are, your computer is broken right now – even as you read this. Security flaws and other defects are found in computer operating systems almost daily – especially products from Microsoft due to the widespread proliferation of their products and much of the malice that people who make these viruses seem to have for Bill Gates and his big company.
The good news is that it is easy and free to fix your defective computer. If you have a PC with Windows, all you have to do is use the free Microsoft Windows Update site.
Do this weekly as well. If you have a PC, you can open up Internet Explorer, go to the tools menu and select “Windows Update”. Or you can go to the website windowsupdate.microsoft.com. Click on “Scan for Updates” and have it scan you computer and then select and download all of the critical updates available. Newer versions of Microsoft operating systems also come with an automatic update feature. Use it – but don't rely on it. Many people think their computer is patched when in fact the automatic update feature is set incorrectly or didn't update the computer in time – and then wonder why their computer gets infected with the latest worm.
Task 3 - Use Care When Reading Email with Attachments
Use these 5 security rules recommended by CERT:
The Know test: Is the email from someone that you know? (although that doesn't necessarily mean it actually came from them)
The Received test: Have you received email from this sender before?
The Expect test: Were you expecting email with an attachment from this sender?
The Sense test: Does email from the sender with the contents as described in the Subject line and the name of the attachment(s) make sense? For example, would you expect the sender – let's say your Mother – to send you an email message with the Subject line “Here you have, ;o)” that contains a message with attachment – let's say AnnaKournikova.jpg.vbs? A message like that probably doesn't make sense. In fact, it happens to be an instance of the Anna Kournikova worm, and reading it can damage your system.
The Virus test: Does this email contain a virus? To determine this, you need to install and use an anti-virus program. That task is described in Task 1 - Install and Use Anti-Virus Programs.
Task 4 - Install and Use a Firewall Program
Windows XP now comes with a built-in firewall. But it is turned off by default. Learn how to turn it on. Norton and MacAfee make good firewall programs. For an excellent free firewall program, try Zone Alarm free version from www.ZoneLabs.com This program actually alerts you when programs try to access the internet (like a virus), not just when intruders are trying to get into your computer. The paid version includes an excellent pop-up blocker and email scanner.
Task 5 - Make Backups of Important Files and Folders
I can't say enough about backing up. Hard drives fail. Disasters happen. Viruses many times destroy the files they infect and sometimes even the contents of entire hard drives. What would you lose if this happened? Most computers these days have CD burners. Use them!
Task 6 - Use Strong Passwords
Mix and match letters and numbers. Don't use passwords like “password” or your children's names.
Task 7 - Use Care When Downloading and Installing Programs
Get in the habit of using your anti-virus software to manually scan downloaded programs. When visiting a suspect website and a pop-up window says something along the lines of, “You need to install this software or plug-in in order to continue, download, or view this site” JUST SAY NO. Even better – close the window by clicking on the “x” in the upper right-hand corner.
Task 8 - Install and Use a Hardware Firewall
A hardware firewall/Router is an excellent defense for the home user. It makes your computer no longer visible from the internet (unless you want it to be) and blocks all unnecessary traffic (like worms trying to infect your computer).
The Linksys BEFSX41 is under $100, easy to set up, and uses a type of Firewall method called “Stateful Packet Inspection”. Many Netgear products also use this technology and work very well. Don't buy a product that doesn't use this technology.
Task 9 - Install and Use a File Encryption Program and Access Controls
This one is for the more paranoid, but prudent none the less. Use encryption technology if you have really sensitive information on your computer and want to protect it from prying eyes. Windows 2000, or Windows XP – when setup properly - offer separate user logins with unique read access and write access file permissions (called Access Control). Use access control features in environments where other people or children use the same computer and you want to protect your files.
The best defense against viruses and hackers is education and prevention. All of the methods above will not work alone. They work – and work very effectively – when used together. An anti-virus program alone will not prevent your computer from getting a virus. An updated computer will not keep out hackers or stop viruses. And never opening your email, or never using the internet simply out of fear, hurts you in the long run probably more than any virus infection ever could. By following the simple advice above you too can maintain a productive and enjoyable virus-free computing experience!
This Article was provided to you courtesy of Michael Mack
- Mack Multimedia Systems.
