Virus and Trojan Horse Security
It's sad but true- there are a lot of jerks who use the internet. And some of them just can't resist the temptation to get up to some no-good activity. As a result of this, it's essential that all users take steps to protect their computers from illegal, unauthorized intrusion.
There are basically two categories of attack you should protect against.
- VIRUS - This wide group of programs can come in many forms and have many methods of attack. The most common way of contracting these through programs attached to emails - NEVER open an email attachment unless you (1) recognize the sender, AND (2) are expecting the attachment. These are basically programs that install themselves to your computer. These programs can erase your hard drive, remove the operating system and cause a multitude of ills to your system.
- TROJAN/WORM - These programs also reside on your computer once contracted, but go one step further, and contact the creator of the program. Often this contact will be in the form of sending your address book to them for further attacks on others, sending information on your passwords, banking or credit card information, etc.
Generally, there are four areas where you're often open to attack.
- EMAIL - This is probably the most common method of attack, and it usually consists of an executable program attached to an email that will automatically install itself. In most cases, simply reading the email will not cause you to have the virus-- opening the attachment WILL. These are clever programs, and often come from people or organizations you may be familiar with. As stated above, some virus' will harvest email address from the files of infected machines-- so if you have a friend or associate who has contracted a virus, it's possible you'll receive one that appears to be from them. It's not. Some crooks also send automatic programs cruising around the internet gathering email address that are displayed on web pages. This is why often you may see a virus email with a very legitement looking return address from a business or website.
- WEBSITES - Some websites are run by a few of these virus maker's and they embed malicious code in the code of the site. It will run automatically when your browser logs onto the site, often installing a virus program of some sort on your computer. These are getting more and more rare, but still some people are taken in by clever criminals. Recently there have been flurries of emails to people asking them to verify their account at PayPal, or telling them to download an emergency 'security' update from Microsoft, or some such tale. These emails contain clickable links to sites that have malicious scripts on them.
- YOUR INTERNET CONNECTION - Another common method of distributing virus. Many virus makers have programs that will scan all over the internet, randomly looking for an open, uprotected "port" through which they can access a computer. Contrary to some "scare" ads on the Web, someone simply having your IP# does NOT open you up for attack- it's a bit more sophisticated than that. As part of the way the Internet system works, your IP# is transmitted to EVERY connection you make, and it cannot be suppressed, so don't spend a lot of time worrying about someone else possibly "having your number".
- FILE TRANSFERS - These would include accepting files from others on Instant Messenger systems such as AOL, MSN, Yahoo, ICQ, etc. While these are fun systems to play with, you really have no idea who is on the other end- even if you think you do in many cases. Also in this category would be many of the "file sharing" sites. These are open ground to those who wish to pass virus' around, often sending them along with your favorite mp3 file or other software you may have "shared."
But the good news is that there are some guys out there in white hats fighting the forces of evil. These people are the ones who try to stay one step ahead of the virus makers by designing virus protection software. And there is some pretty good stuff out there these days.
To be as safe as possible, you should have programs in place that
- Scan all of your incoming email (outgoing too is nice!)
- Block any malicious scripts that attempt to do anything that even appears to be harmful to your system
- Scan any new files you may have acquired for virus
- Put a "firewall" block on your internet connection.
- Performs regular automatic scans of your entire system- just in case something snuck in somehow- say on a disk you acquired that did not come through the internet.
- Maintains an updated list of any and all new threats that come out (and some come out almost everyday it seems)
These programs can be had individually, or combined into a "suite" of coordinated programs working together. While there are many out there, all with good features of their own, our favorite is Symantec's "Norton Internet Security." This package contains a set of programs that will automatically scan all of your incoming and outgoing email, automatically deleting any infected files. It has an excellent script blocker and firewall. It can scan individual files or disks. It will automatically log on to the internet at least once each day and download an updated list of the current threats to your computer. And it can be configured to scan your entire system on any schedule you set up- once a day or once a week.