|
|
|
Virus Protection |
Last Updated: January 14,, 2006
Firewalls. This site provides good information about firewalls including a
review of all the products.
http://www.firewallguide.com/
The Difference Between a Virus, Worm and Trojan Horse? Excellent information
from Webopedia.
http://www.webopedia.com/DidYouKnow/Internet/2004/virus.asp
Nohack.net. This site presents a great deal of information about trojan horses.
Be forewarned, when you first access the page it will pretend to be Trojan horse
and tell you it is deleting your files- don't worry, it is not.
http://www.nohack.net/index2.htm
In the "good old days" (8 years or more ago) viruses were generally introduced to computers by an infected disk. The virus was one of two kinds, a program, or a boot sector virus. Program viruses attached themselves to a program, replicated themselves within your computer and did whatever they were programmed to do, which could be as innocuous as putting a one time message on your screen or as malicious as destroying other programs and and your files. The second type was a boot virus which infected what is known as the "boot sector" of a diskette, or the place on a disk that the computer reads while booting up. You caught a program virus usually from an infected program, which may have been an illicit copy, and a boot virus by having the disk infected with a boot virus in your computer when you turned it on, or "booted it".
Today the most usual type of virus is spread by email. One can quibble over whether to call these menaces trojan horses, worms, or viruses, but the bottom line is that you don't want any of them! One protection against any of these menaces is to be a little paranoid about email attachments. This is not to say that you should stop sending and receiving them - many of us do business using this wonderful communication method - but you should exercise some caution. The best caution is to never open an email attachment that arrives out of the blue, i.e. you don't have any reason to expect it. Even if it is from someone you know. See page 90 in the text for a decision tree about whether to open an email attachment.
Being cautious is necessary because most of the current crop of viruses work in two ways. They not only do whatever damage their perpetuator designed them to do, but unknown to you they open your address book and send a message to each and every person in it with themselves attached. The email message they send will contain a message such as, "You will love this," "Open and enjoy," "Greetings from Your Friend," "See what is in here." The words "your friend" are apt to be replaced with your name. Plus the message may very well be signed with your name! These are messages that in informal conversation or even email messages you might send to a friend. Note, however, how impersonal they are. Trusting souls open the attachment and the virus repeats the process in this new home. The speed with which these viruses can spread makes the speed of spread of old time viruses look like a stroll in the park.
If you receive an unexpected attachment, there is ALWAYS time to contact the sender and ask what they have sent you. Do so! There is a temptation to rely on an anti-virus program and believe that this will protect you against all evil. Anti-virus programs have their place, and this writer has caught many viruses with one, but relying on them to be all protecting is dangerous. First, the anti-virus program only protects you against a virus that it knows. Three to ten new viruses are discovered each day, and it takes time for the anti-virus vendors to include the new ones in their program. Add to that the fact that most of use do not update as frequently as we should, plus the great speed of spread of the new class of virus and you can see that this can be fraught with danger.
Some viruses are spread by attaching a small program known as a macro (a macro can be created in most application programs by a user, generally to quickly perform a function that the user performs repeatedly, but when performed using the prescribed steps takes a great deal of time). Macros can also be designed to start as soon as a file is open, a useful feature in some situations, but open to danger in others. It is this type of macro that the perverse individual uses to attach a virus to a file that the office suites use such as a word processing document or a spreadsheet. You can easily protect yourself against this type of virus. Whenever you open a document that was an email attachment and you are asked if you wish to enable the macro to runclick on DISABLE the macro. Do NOT let the macro run!
Black hat hackers (the bad guys) find and exploit security holes in operating systems in computers. As soon as security problems are found, the operating system's vendor takes steps to close it. They then make updates for the operating system available free at their Web site. The newer systems will frequently tell you that new updates are available and ask you if you wish to download them. A "yes" answer automatically contacts the vendor's site and downloads the update. As this is written you are asked if you wish to install it then, but the paper today siad the Microsoft is considering just making these updates mandatory and automatically updating your comptuer... Despite the fact that some updates will mess up some programs it is recommended that you take advantage of these offers at least monthly and more often if there are announcements in the print or tv media. You can always uninstall and then reinstall any software programs, a virus infection is a worse problem.
Examples of email messages that usually lead to viruses or worms
http://www.michaelhorowitz.com/bademails.html
An extension is the last four characters (counting the dot) of a file name. Word files always have ".doc" at the end of their file name and Excel files have ".xls" "Files from application programs are generally safe, as long as you follow the rule of always disabling any macros.
Files that are very dangerous are those whose extensions are ".exe" ".vbs" "pif" "scr" "zip" and ".com." These files are what is known as an executable file, that is, they are programs. (If your computer does not show extensions, this can be changed.) If a file with such an extension arrives in your email, be alert that this can be trouble. Under no circumstance open one until you have checked it with an updated anti-virus checker, and even then think twice before opening. Ask yourself, do I really need this file as you make a decision. Even if I am assured the file is ok, I will not open any file sent as an attachment with the aforementioned extensions.
The latest round of viruses had .txt as the extension - but they were not text files. Your best protection is always to check with the sender and keep an antivirus program updated.
To find out what type of file a file extension represents, see the comprehensive list of extensions at Webopedia's Data Format and File Extensions.
Even though their protection is not 100%, it is a still a good idea to obtain, install, and keep updated (Good ones will automatically update if you allow it), a good anti-virus program. They offer some protection from viruses you might pick up on the Web as well as checking many attachments (but not all) that you choose to open. These programs can be downloaded from the web or purchased in a software store. Some places where they are available are:
Norton Anti-Virus - available for $50 at http://www.symantecstore.com/dr/sat1/ec_Main.Entry17C?SID=49997&SP=10023&CID=189667&PID=773577&PN=51&V1=773577&V2=&V3=&V4=&V5=31033611&CUR=840&DSP=&PGRP=0&API1=65&API2=GOOGLE&API3=Norton_antivirus_phr&API4=Google&API5=www.google.com&ABCODE=&CACHE_ID=189667 (Must renew every year for $10 to be allowed to continue downloading the updates.)
McAffee Anti-Virus - available at http://www.mcafee.com/us/ ($42 for virus detection and removal program and anti-spyware)
F-Prot - available at http://www.f-prot.com/. ($50 ) Trial version available, but no information on how long it lasts. Also, no information easily found on how long updates are available.
The quickness with which information can spread on the Internet encourages some to take advantage of this. Unsubstantiated rumors can easily be spread by the Internet. Thus, take with a grain of salt anything that stretches your credibility, especially those messages with no source that one can check. Also be wary of those that give a source - every time I check such a source I find that it is phony.
Chain letters are one of the most prevalent of this type of Internet abuse. Incidentally, if you are accessing the Internet through an agency account it is advisable that you refrain from passing on ANY chain letter. Many institutions have policies against chain letters. Penalties range from a warning to losing your account to losing your job.
Chain letters often appear very legitimate and appeal to a desire to do some good. One that makes the rounds routinely asks for a get well card to be sent to a given person who wants to be in the Guinness Book of Records, or it may ask for an email message to be sent to an individual for the same reason. After performing the given deed, you are asked to pass the letter on. You may be promised good health if you pass the letter on, or that something bad will happen if you break the chain.
Or, a chain letter may warn of something such as the Klingerman Virus. This was suppose to be spread by a letter received by email. There was a phone number to call at the end of the letter. At the time I received it, not finding any information on this at either of the hoax sites below I called the number. This poor site had received so many phone calls asking about this that information about the hoax chain letter was included in their voice mail. Obviously a great number of folks had passed it on without bothering to check it out.
A realistic appraisal of some chain letters should identify them immediately as a hoax. If you are asked to send money, or offered a freebie beware. There are, however, two great sources for more information about these hoaxes. Check with them before you make a decision as to how to react.
If you are tempted to pass on the letter, think ahead to the possible consequences. Sending thousands of get well cards or electronic messages to one individual is going to create a big problem to the recipient. Also, chain letters are used by some to get a list of current email addresses.
Let the rule "Check out anything before you pass it on and be very skeptical" guide you in how you handle chain letters or other Internet received warnings.
The Center for Disease Control (CDC) maintains a site for the purpose of preventing
the spread of health related hoaxes via the Inter net.
http://www.cdc.gov/doc.do/id/0900f3ec80226b9c/
Don't spread information about a pending virus (computer or health!) until it has been thoroughly checked out. Most of the warnings received via email are hoaxes. You can check out if a virus warning is a hoax at two sites below.
http://www.kumite.com/myths/myths.htm - The information on this site is intended to provide guidelines for your protection. It is NOT intended as the last word on viruses or other nuisances spread through the Internet.
For more information on "stuff" that routinely makes the rounds on
the Internet see "Urban Legends and Folklore."
http://urbanlegends.about.com/?once=true&
See also Hoaxes
A new form of harassment involves sending an email that tells you that if you have a file named "X" (you fill it in) on your computer it is a virus that in 14 days will delete all your files. This is followed by elaborate instructions on exactly how to check for the file and how to delete it if you have it.
You have it. And it is NOT a virus. If you look at file details you will see that the file in question was created the day that your computer was set up. Why? Because it is part of the operating system or a program. Deleting it can cause your computer to work improperly, or more likely not work at all.
To see if your anti-virus program is working properly use ths page. Scroll
down to find the checker - it's there below all the fun. Note few anti-virus
programs will detect a virus in a "zip" file as it is downloaded.
If you download any zip file ALWAYS do a manual scan of the file BEFORE opening.
The same is true for "txt" files. The best policy is to always manually
check any emailed file before opening. (Added May 22,
2004)
http://www.thepcmanwebsite.com/virus_test.shtml
By Linda Q. Thede
For questions or broken links please email the author .
Copyright 2003/2008 Linda Q. Thede
All rights reserved