Monday, November 28, 2005

Lesson X - Head Em' Off At The Pass

The best way to prevent viruses (self-replicating files designed to vandalize digital data or halt system operations) from taking over your computer is by installing and regularly updating an anti-virus utility. An anti-virus utility, such as Symantec's Norton Anti-virus and McAfee Virus-Scan, vigilantly monitors the files on your system for the presence of malignant code and then automatically destroys that code upon finding it. It provides the most effective means of eliminating viruses from your computer.
Of course, an anti-virus utility is just a tool, one that works best when coupled with anti-virus strategies that minimize your exposure to viruses. To help you with this process, we compiled a list of the most effective strategies you should implement on your system.

Sunday, November 27, 2005

Don’t Get Caught In the ’Net

The Internet is similar to a variety of things. It’s like a highway because it provides a path to information. It’s like a library because it provides access to resources that contain reams of data. And it’s like an ill-equipped infirmary because it harbors so many contagious viruses. If you want to use the Internet without putting your system at risk, you must learn how to inoculate your PC against the most common viral threats.

Saturday, November 26, 2005

Get a security guard

One way to minimize problems is by letting your Web Browser play a major role in providing system security. The most recent version of Internet Explorer, version 6, provides advanced security settings that let you specify how you want the browser to handle potentially risky online transactions.
To access the security settings in IE, open its Tools menu and select Internet Options. Next, choose the Security tab, which gives you the option of configuring security settings for various zones, including Internet and Local Intranet. This tab is also where you can specify the URLs (uniform resource locators; web addresses) for sites you trust and those you don’t trust.
Start by configuring the settings for the Internet zone. Highlight the Internet icon at the top of the tab, and a slider will appear in the Security Level For This Zone area at the bottom. You can set this slider to one of four levels: Low, Medium-Low, Medium, and High. The ideal setting is Medium, which provides ample security without hindering usability. You can tweak the security settings by clicking the Custom Level button. In the resulting Security Settings dialog box, you’ll see a list of settings you can customize to govern downloads, certificates (code used to verify identities online), and scripts (small programs designed to perform a particular set of instructions), among other things. Review the settings, configure them according to your security preferences, and click OK to save the changes.
(NOTE: IE shares some security settings with Outlook and Outlook Express. As a result, your email correspondence will follow some of the same rules you enforce on your web activity.)

Friday, November 25, 2005

There’s danger in downloads

Every time you install a downloaded program or open a downloaded data file, you’re taking a chance. You have no way of knowing who touched the program or file before you, so you have no way of knowing whether it contains a virus. An anti-virus utility can pinpoint viruses for you, but you must use it faithfully and update it regularly (preferably once a week, or at least once per month) in order for the software to perform well.
Granted, the odds of acquiring a virus from a file you download from a reputable hardware manufacturer or software developer are very slim. Established companies would never knowingly post infected files on their publicly accessible servers. Nevertheless, mistakes can happen, and willful hackers (savvy computer users who break into systems for illegal and/or unethical purposes) might find a way around whatever security measures are in place. The safe course of action is to watch your PC’s behavior after installing downloaded files from a trusted source. Look for symptoms of viral infection and take action immediately if necessary.
Unfortunately, large corporations with legal responsibilities don’t develop all of the files and programs posted online for public consumption. The Internet is overflowing with screen savers, desktop enhancements, MP3 files, and thousands of homegrown applications wanna-be programmers designed. Some of these files include viruses or bugs that could cause major problems with your PC. Some are Trojan horses (programs that claim to be one thing while actually doing something else). To minimize the likelihood of inheriting such problems, you should shun downloads from unrecognized sources.
You also should avoid files that bear potentially dangerous file extensions, such as those listed in the “Be Wary Of These File Attachment Extensions” sidebar. Set your computer to display hidden file extensions so you can see what types of files you’re downloading. This is important because hackers know that smart computer users avoid potentially dangerous file extensions, so they add false file extensions to the middle of file names. For example, instead of naming a file Report.vbs, a hacker might name it Report.txt.vbs. That way, when you save the file to your PC, it displays as a benign text file called Report.txt. Only after setting the computer to display hidden file extensions will you see the .VBS extension and realize that the file is almost certainly a virus.
Windows makes it easy to expose hidden file extensions. Double-click the My Computer icon, open the Tools menu, and click the Folder Options command. In the resulting dialog box, choose the View tab, deselect the Hide File Extensions For Known File Types option (in Windows Me and Windows 98) or the Hide Extensions For Known File Types option (in Windows XP). Click OK to save the changes.
Now that you can see the file’s entire name, including its file extension, you should pay strict attention to the letters at the very end of the file name. Stay away from the file if its extension includes .VBS, .EXE, .PIF, or any of the extensions listed in the “Be Wary of These File Attachment Extensions” sidebar.
Sick of scripts. As dangerous as downloaded programs and files can be, at least you have the option of whether to download them; such is not the case with scripts. web site designers like to incorporate scripts within pages of HTML (Hypertext Markup Language) code precisely because they can configure scripts to launch automatically when visitors access the pages. This factor makes scripts good for adding interactive features to a shopping site, for instance, but bad for users who value the security of their PCs. Indeed, underhanded hackers frequently use scripts to surreptitiously infiltrate computer systems and exploit their weaknesses. What the hackers do after they gain access to systems is up to them; they may track online behavior, steal data files, infect systems with viruses, or perform other malicious activities.
There is a way to minimize your exposure to scripts: Configure your browser’s security settings to disable the most common scripting capabilities. To do this in IE, open the Tools menu, click Internet Options, and choose the Security tab. Either set the security level to High or customize the associated setting by clicking the Custom Level button and manually disabling all scripting functionality. Click OK to save the change.
Keep in mind that you may have difficulty accessing some legitimately secure web sites after you disable the scripting capabilities. You can mitigate this inconvenience by configuring IE’s Trusted Sites zone to permit scripts on sites you trust. From the Security tab of the Internet Options box, select the Trusted Sites icon, click the Sites button to add specific URLs to the list of trusted sites, and then click the Custom Level button to enable scripts in this zone.
P2P, or not P2P. Among the most controversial technologies, P2P (peer-to-peer) file sharing lets your computer swap data files with any other computer connected to the same network. Such networks serve as a convenient distribution channel for data pirates who want to share copy right-protected audio and video files across the Internet. They also serve as a convenient distribution channel for hackers who want to spread viruses, Trojan horses, and other malware (code intentionally designed for a malicious purpose) to unsuspecting computer users.
The easiest way to protect yourself from this source of trouble is to avoid P2P networks altogether, such as those based on LimeWire30 or Kazaa31 software. If you must use these networks, keep the P2P connection on your PC closed at all times, except when you’re using the program. These programs can run quietly in the background, so read the product documentation to find out how you can shut down the program entirely. You also should review the shared files folder on your PC (each P2P program has one) to determine whether you’ve acquired or are spreading any virus-laden files.

Thursday, November 24, 2005

You Have 29 Messages & A Virus

Email has completely revolutionized the way individuals and businesses communicate. It also has provided hackers with a convenient method for delivering viruses. For example, a hacker can vandalize a corporate network or terrorize thousands of innocent computer users simply by attaching a self-replicating file to a single email message and circulating it with an enticing subject line, such as “Look at this” or “Check out these pictures.” With more than 31 billion messages transmitting through cyberspace each day, users must stay alert so they can avoid messages that carry malicious code.
Fortunately, staying alert is as easy as paying attention to the messages you receive. Look at whom the message is from (check the Sender or From field), what the message is about (check the Subject field), and whether the message has an attachment. These three pieces of information can tell you a lot about whether the message is carrying a virus.

Wednesday, November 23, 2005

Consider the Source

You should be wary of any message from an unrecognized or unidentified sender. Just as parents tell trick-or-treating children to discard any homemade goodies they receive from strangers, you should delete email messages you receive from senders you don’t know because you can’t be sure about what’s inside. Although such messages are probably harmless and seem like annoying spam (unsolicited bulk email sent to advertise products or services), you should err on the side of caution and delete them immediately.
Be particularly wary if you receive a message from a stranger that doesn’t include your email address in the To field. This indicates that the sender transmitted the message indiscriminately to hundreds or thousands of recipients to contact or infect as many computers as possible. Delete these messages right away.

Tuesday, November 22, 2005

Subject Matters

The warning to watch out for messages from strangers does not mean you can safely accept any message that comes to you from a trusted source. Some of the most obnoxious viruses, called worms (destructive programs designed to propagate across a network), spread themselves by sending contaminated messages to all of the email addresses contained on the infected computer. For this reason, you should review the Subject line whenever you receive unexpected email messages from friends or colleagues. Proceed with caution if the Subject line sound like it’s from someone trying to sell something or if it seems like something the sender would never say. Similarly, you should avoid messages with Subject lines that entice you to open the attached file.
On a similar note, avoid any message addressed to someone else. Hackers and spammers know that curiosity is a powerful motivator. They also know that including a random name, such as Cathy or Steve, in the Subject line or body of an email message will lure a certain number of naive computer users to peek inside. Curiosity may not kill the cat in this case, but it can do a lot of harm to a PC.

Monday, November 21, 2005

Beware of file attachments

If computer viruses are a weapon of digital terrorism, email is the delivery system and file attachments are the bombs. Regardless of whether the sender intentionally or accidentally infected the attachment, the result is the same once you open it. For this reason, you should never open files attached to your email messages unless you know the sender and are expecting the file. We can practically guarantee that your PC will contract a virus eventually if you fail to follow this advice.
In cases where you receive an expected file attachment from a trusted source, you should still exercise caution. Save the file to a storage drive and scan it for viruses before opening it. If you don’t have an anti-virus utility (of course, we don’t recommend taking this risk), try to determine the file extension before opening it. You should avoid file extensions that are particularly prone to viruses. As we previously mentioned, you can’t merely look at the file name because hackers may manipulate it so the file appears to be something other than what it actually is. To get to the bottom of things and discover the real file extension, you must set your PC so it displays file extensions for hidden file types.
In the event that you have to send a file attachment to someone, consider sending it in a format that is less prone to viruses. Send your text documents in a format using the .RTF file extension rather than the .DOC extension, for instance, or use the .CSV rather than the .XLS file extension and format for spreadsheets. It also isn’t a bad idea to call your intended recipients in advance to tell them you’re sending an attachment. That way, they’ll have less to worry about when they receive it.

Sunday, November 20, 2005

Suspect every message

The old rule stated that the only way to contract email-borne viruses was by opening file attachments; that’s not true anymore. Creative hackers found ways to embed malicious code inside email messages, and the simple act of opening these messages is enough to infect your system. Worse yet, hackers figured out how to disperse email so it appears to be from someone you know. You can minimize—but not completely eliminate—your risk of contracting such an infection by following all of the tips provided in this article and setting your email program so that it doesn’t automatically open attachments in the preview pane. Actually, it’s best not to even display a preview pane.

Saturday, November 19, 2005

IM a virus

Like email, IM (instant messaging) is a form of text communication that takes place across a network. Like email, IM is extremely popular. And like email, IM has become a common source of viruses. Because email and IM have so much in common, it makes sense that you should take the same precautions with IM as you do with email.
That means you should note who sends you messages, pay attention to the contents of the messages, and carefully analyze any attachments to the messages. You also should configure your IM program’s privacy and security settings to prevent unauthorized individuals (people you neither know nor want to communicate with) from sending messages to your account in the first place. Refer to your IM program’s Help files for detailed instructions.

Friday, November 18, 2005

Work the Network

In the eyes of a hacker, a net work is like a house with many doors. By opening just one of those doors, the hacker can gain access to everything inside. If you are responsible for a network, one of your most important duties is making sure the doors to that network stay locked.

Thursday, November 17, 2005

Close the door behind you

Today’s broadband technologies provide access that is fast and perpetual. Your connection is live shortly after turning on the DSL (Digital Subscriber Line) or cable modem. It then stays active until you turn off or disconnect the modem, which isn’t very often in some cases. Many users let their Internet connections remain active around the clock. What these users fail to understand is that by doing this, they essentially leave the door to the network wide open.
The first step in protecting a network, or any PC connected to a broadband Internet connection, is to close the broadband connection when it is not in use. You can do this by turning off the power to the access device (such as a DSL or cable modem), unplugging its cable from the wall jack, or powering down the computer.

Wednesday, November 16, 2005

Erect a Firewall

A firewall is a hardware or software tool that effectively separates your network from other computers or networks it encounters. You should deploy a firewall on any computer that has a high-speed Internet connection, including DSL or cable. Software firewalls, such as McAfee Personal Firewall Plus, Symantec’s Norton Personal Firewall, and ZoneAlarm Pro from Zone Labs, cost little, install easily, and provide adequate coverage to a single PC or personal network. Hardware firewalls, which cost much more, are generally intended for corporate use.
Depending on your OS (operating system), you may not need a third-party product. WinXP bundles with ICF (Internet Connection Firewall), a built-in firewall you can implement with minimal fuss and no expense. To activate ICF, open the Control Panel (from the Start menu), click the Network And Internet Connections category, and then click the Network Connections icon. In the resulting window, select your Internet connection to highlight it, and click the Change Settings Of This Connection option in the Network Tasks area in the pane on the right. When the Properties dialog box appears on-screen, choose the Advanced tab and select the checkbox next to Protect My Computer And Network By Limiting Or Preventing Access To This Computer From The Internet. Click OK to activate ICF. Note that you must log on as the activate ICF. Note that you must log on as the Administrator to activate the ICF.

Tuesday, November 15, 2005

A Date with an Update

One of the easiest ways to secure your network or standalone PC is to download the most recent Windows updates from Microsoft. These updates include the code necessary for fixing bugs, adding enhancements, and filling known security gaps in Microsoft’s OSes.
You can access the updates by visiting the Windows Update site16 or using the Windows Update feature in your version of Windows. You’ll find a shortcut to the Windows Update feature in either the main portion of the Start menu, the All Programs submenu, or the Accessories submenu (the exact location depends on your Windows version and how you arranged the Start menu). Follow the on-screen instructions to complete the process, which varies depending on your system configuration.

Monday, November 14, 2005

Don’t Stop There

The battle against viruses has no end. Consequently, you must take steps to prevent viruses even when you are not regularly using email, the Internet, or a network.
For example, you may want to consider changing the boot sequence in the BIOS (Basic Input/Output System; set of instructions that controls the computer’s startup process, loads the OS, and activates hardware components) so it bypasses the diskette drive altogether. Why? Because you can easily acquire a virus if you boot the computer while an infected floppy diskette is in the diskette drive. Refer to the computer’s users manual for instructions about accessing the BIOS setup utility and changing the boot sequence.
You also should be on the lookout for social engineering. Social engineering is a term that describes the non-technical techniques hackers use to obtain information or spread viruses. For example, a hacker posing as a representative of Microsoft may send you an email message instructing you to install an attached update for Windows. But in reality, the attached file from the hacker is actually a virus. In such a case, the hacker doesn’t need to use a technical maneuver to deliver a virus to your PC; the hacker simply tells a lie. This is social engineering. The best defense against social engineering is common sense and a healthy amount of skepticism.
Speaking of which, common sense and a healthy amount of skepticism will protect you from most virus threats. For example, it’s common sense that tells you to install anti-virus software and update it regularly. It’s also common sense that encourages you to make regular backups and keep your installation CD-ROMs on hand so you can recover from a virus infection. And it’s skepticism that warns you not to open every email message that arrives in your inbox. These, and all of the preventative steps we described, will keep your computer running virus-free for a long time.