VI-C. Security on the Internet

 [Previous] [Beginning] [Next]
Viruses

Definitions: A Virus is a piece of code or program that typically attaches itself to some known or trusted program on your system and is executed when the trusted program runs. Closely related are Worms and Trojans. A Worm is a program or piece of code attached to a trusted program that tries to copy itself over the network and imbed itself into other unsuspecting user’s systems. A Trojan horse is a program that allows a cracker a back way in to your system. It has usually been planted in an innocuous place that may be hard to find.

Sources: Crackers create virus code as a hobby; often just to show that they can do it. They seldom benefit personally from the activity. They embed the code in an e-mail attachment or a file designed to be downloaded from the Internet. If you open the attachment or execute the downloaded file, your system can (will?) become infected.

Potential Damage: They can hijack your e-mail address book and send messages containing and (potentially) spreading the virus to people whose names are there, cause your system to function erratically (reboot frequently, cause programs to open or close without your intervention, etc.). At worst, they can erase or corrupt data on your hard drive. They may lurk in your system until a certain date and then become active.

Defenses:

  1. Use a Firewall
    1. Software
      1. ZoneAlarm (http://www.zonelabs.com) Free, Pro Version $39.95
      2. Sygate (http://www.sygate.com) Free, Pro Version $39.95
      3. Outpost (http://www.agnitum.com Free, Pro Version $39.95
    2. Hardware: built into routers used on networks

    They provide a "wall" around your computer. If a program on your computer wants to access the Internet, it asks permission You can grant permission for one-time only or permanentl, or you can refuse permission. If a remote computer seeks to access yours, the firewall will notify you and ask if you want to allow the access. In other words, no information gets into or out of your computer without your express permission. You can test to see how well your firewall is working at https://grc.com/x/ne.dll?bh0bkyd2.

  2. Use Windows Update. Microsoft regularly makes available software updates to the Windows operating system designed to repair or block security leaks You can configure your computer to download these updates automatically. (Open the Control Panel and choose System, Click on the Automatic Updates tab and put a check mark in the box labeled "Keep my computer up to date") Or you can perform the updates manually http://windowsupdate.microsoft.com. If you use Microsoft Office, you should also check for Office Updates (http://office.microsoft.com/officeupdate/.

  3. Check the File Extensions on your e-mail attachments. File Extensions are the two, three or four letter tags that appear after the period (.) in the file name If your computer doesn't display these tags (extensions), in Windows 98 and ME Run Windows Explorer Open the View menu and choose Folder Options Click on the View tab Remove the check mark on "Hide file extensions for known file types" by clicking on it. In Windows XP and 2000 you'll find the settings on the Tools menu.

  4. Never open questionable e-mail attachments. Never open e-mail attachments received from someone you know without checking for viruses first and never open e-mail attachments received from someone you don’t know under ANY circumstances.

  5. Don't automatically preview e-mail. Some recent viruses can infect your system when you simply look at the contents of the e-mail message. To turn off the Preview screen in Outlook Express Open the View menu and choose Layout then In the lower half of the dialog box, click on "Show Preview Pane" to remove the check mark. Note: This is not possible in AOL

  6. Always use Anti-Virus Software. Some of the most popular are:
    1. Norton AntiVirus (http://www.symantec.com) $49.95
    2. McAfee ViruScan (http://www.mcafee.com) $34.95
    3. Kaspersky Anti-Virus (http://www.kaspersky.com) $49.95
    4. AVG 6.0 (http://www.grisoft.com) Free.
    These typically provide for updating of the virus definitions for one year following purchase After that, you must renew your subscription or buy a new edition of the software

  7. Maintain up-to-date virus definition files. These are like dictionaries of viruses. If a new virus has been released since the last edition of the dictionary, it will not be recognized by your anti-virus software. The software can be configured to do this automatically on a pre-determined schedule, or you can do it manually. The Anti-Virus software is typically (by default) set to scan all of your files and all incoming e-mail constantly. If it detects a virus, it will offer to delete the file containing it or to quarantine it. Try deleting first. If that doesn't work, try quarantining (this instructs the software to attempt to put a barrier between the virus code and the rest of your computer so that the computer cannot be further infected.

Spyware

Definition: Spyware is an analysis and tracking program that has been placed on your computer without your knowledge. It reports your activities to advertising providers' web sites for storage and analysis. The advertising providers often sell this information to others.

Source: Spyware is most commonly found embedded in pop-ups on a web page. When you visit the pop-up, the spyware is automatically downloaded to your computer (much like a cookie). There is no way to tell, in advance, which web pages contain spyware. Spyware can also sneak into your machine if you use file-sharing services such as Kazaa, Morpheus or Grokster.

Potential Damage: Spyware can send any information about you that is contained in your computer to the advertising provider including your name and address, the web sites you visit, the products you purchase, etc. And, by logging your keystrokes, it can accumulate information on you social security, credit card and bank account numbers -- in other words, identity theft. Spyware can also hijack your home page and substitute its own, add sites to your Favorites list and launch unwanted browser windows.

Defenses: There is really very little you can do to prevent your computer from being infected with spyware.

  1. The best defense it to practice safe browsing. Free file-sharing programs (Kazaa, Grokster, Morpheus) are notorious carriers. Many spyware programs are hidden in pop-up ads. Don’t click on them. You can consider using real-time spyware blockers, though they are typically only partially effective.
  2. Before you download any program, browser tool bar, or an ActiveX application, enter its name in your favorite search engine (or go to http://research.pestpatrol.com/Search/SearchPestInfo.asp) to find out if it’s spyware
  3. Use Anti-Spyware Software:
    1. (Ad-Aware (http://www.lavasoftusa.com) Free; Plus version $26.95
    2. Spybot Search and Destroy (http://www.safer-networking.com) Donation
    3. Spy Sweeper (http://www.webroot.com) $29.95
    4. McAfee Internet Security 2004 (http://www.mcafee.com) $69.99
    5. Norton Internet Security Tool (http://www.symantec.com) $69.95)

  4. Keep your Spyware definitions up-to-date. As with Anti-Virus software, theses programs can only detect spyware that they know about so it is important to keep the definition files up-to-date (weekly?) When a spyware program is discovered, try deleting it first. If this is not possible, try to quarantine it.

  5. Some spyware programs embed themselves so deeply in your computer (files and registry) that none of the anti-spyware programs can remove them or the program reports that they are removed, but when you reboot, they reappear. Key-loggers are the most notorious in this respect. If this happens to you, you can try CWShredder (http://www.spywareinfo.com).

Spam

Definition: Spam is nothing more than unsolicited, unwanted e-mail. At best it is a nuisance, at worst it can introduce viruses, worms, trojan horses and/or spyware into your system.

Source: (Smart Computing, May 2004)

  1. Scams (48%) Body-part Scams, Other Sex, Health and Hair scams, Get Rich Quick scams, Loan Shark scams
  2. Pornography (35%)
  3. Gambling and Drugs (12%)
  4. Viruses (2%)
  5. Identify Theft (1%)
  6. Benign (2%)
    7. Spammers usually use false names and false e-mail addresses, so it is difficult or impossible to trace the e-mail back to them.

Potential Damage: Spam e-mail can infect your system with a virus, open you to the possibility of getting caught in a fraudulent scheme or trick you into divulging potentially damaging personal data. It can also overload your server with e-mail and waste one heck of a lot of your time.

Defenses:

  1. Don't give your e-mail address to anyone you don't want to hear from again
  2. Use a false or self-destructing e-mail address when registering on web sites. I like Spam Gourmet (www.spamgourmet.com).
  3. Don't post your e-mail address on a web site
  4. Don't ever unsubscribe from spam
  5. Use a spam filter. Many ISPs provide spam-blocking services, but they are notorious for being too arbitrary (e.g. blocking requested information on breast cancer). Legislation has been proposed (and adopted in CA and UT) which uses a sort of "caller-ID" approach, requiring spammers to give their true addresses. Available software programs used for blocking spam and the level of the individual user some combination of the following approaches:

    1. Black-lists (create a list of addresses you dom't want to hear from and lets through addresses not on the list)
    2. White-lists (create a list of addresses you do want to hear from and block all addresses not on the list)
    3. Challenge/Response (creates both a black-list and a white-list. When an e-mail from an address not on either list arrives, a "challenge" e-mail is returned to the sender. If she/he responds, the e-mail is passed through and the address is added to the white-list)
    4. Beyesian (uses a probability theory approach to analyze the address, subject and content of a message in order to classify it as good or not.  It learns from experience)

  6. Some currently highly recommended Anti-Spam software

    1. Spam Inspector (http://www.giantcompany.com) $29.95 
    2. Spam Eater (http://www.regnow.com/softsell)  $24.95
    3. Qurb (http://www.qurb.com/account/buy_now.php) $29.95
    4. EmailProtect (http://www.contentwatch.com/products/emailprotect.php) $29.99
    5. ChoiceMail One (http://www.digiportal.com/) $39.95
    6. Spam Bully (http://www.spambully.com/download.php) @29.95
    7. MailWasher (http://www.mailwasher.net) Donation, Pro Version $37.00

Summary

  1. Keep Windows up-to-date
  2. Use a firewall (or two)
  3. Be aware of the nature of the traffic between your computer and the outside world (and vice versa)
  4. Be aware of where you are surfing
  5. Don't click on web site pop-ups
  6. Run anti-virus and anti-spyware software on a regular basis and keep the definition files updated
  7. Don't give your e-mail address to anyone you don't want to hear from
  8. Delete all questionable e-mail messages without reading them or opening attachments
  9. If you do plan to open an attachment, check it for viruses first

    		10.  [Previous] [Beginning] [Next]