 |
FREE PC PROTECTION: (Not an exhaustive list. Your results may vary. Void where prohibited. For entertainment purposes only. No wagering, please. Whattayawantfernuthin'.)
|
Posted on 11/04/2003 10:25:35 AM PST by OESY
Blaster, Slammer, Sobig, Lovsan - if these words are familiar to you, you might have been one of this year's victims of various and vicious PC security attacks. Just Friday, appropriately enough on Halloween, yet another monster reared its ugly head as computer security experts warned of a potentially troublesome new e-mail worm, Mimail.C, slowly spreading among both corporate and home e-mail users.
This latest threat is a variant of the W32.Mimail worm that surfaced in August and comes as an e-mail message with "our private photos" in the subject line and an attached .zip archive file called "photos.zip."
Infection starts if you unpack the file from the attachment and run it. addresses from your PC to mail copies of itself to additional recipients, and it will also send information captured from applications you have open to certain e-mail addresses programmed into the malicious code. Mimail.C so far has been rated a "medium" level threat. But it's only one worm. There have been - and will be - others.
So what's the antidote to a virus-plagued digital world?
The problem for most users is that Windows computers are vulnerable to plagues of biblical proportions: viruses that bring down entire networks, e-mail worms that replicate at lightning speed, Trojan horses that hide inside otherwise innocent programs, hackers that take over computers, and more. This happens even though it was written (by Bill Gates (news - web sites), et al): Thou shalt use a Windows PC to do thy work and it will be good.
As pc virus or worm episodes become more and more common, the need for vigilant protection is ever greater. Big guys like the banks have teams of IT staffers working to protect their networks. But at your home or small office, it's up to you. If you want to take control over your PC's destiny and security, read on.
Fortunately, archeologists have recently unearthed two stone tablets from a garage near Cupertino, California that can help deliver us from such evils. We present their guidelines here, along with interpretations from our brothers and sisters in the PC security choir.
I. Remember thy antivirus software and keep it updated. It's not enough to have the software installed (if you don't have an antivirus package, stop reading right now and get one); you also need to keep up with new viruses as they emerge. "Your antivirus software is only as good as your latest virus definitions set," says Kelly Martin, senior product manager for Symantec's Norton AntiVirus. Programs like Symantec's Norton AntiVirus ($50) and Network Associates' McAfee VirusScan ($35 to $60) can automatically update their virus signature databases, but it costs an additional $20 to $35 for ongoing annual subscriptions.
II. Thou shalt not covet thy neighbor's attachments. You get a message you think is from a friend with what looks like a cool file attached, so you click on it. Next thing you know, you're Typhoid Mary, spewing out infected e-mails to everyone in your address book. That's how the Sobig.F worm spread--and it happened so quickly that millions of copies got out before the antivirus companies could update their databases.
"Never trust an e-mail 'from' address," adds Chris Wysopal, director of research for security consultants @Stake. "And never open an attachment without verifying it was sent by a trusted person, and they meant to send it to you."
III. Avoideth bogus file downloads. Be wary of any Web site that requires you to download software to view a page, unless it's something familiar like a Flash plug-in or Acrobat Reader. The file may contain a virus, a Trojan horse, or some auto-dialer that calls pay-per-minute numbers via your modem and racks up huge charges.
"Do not install software via the Web unless you are absolutely sure what it is and that you trust the company you are downloading it from," warns @Stake's Wysopal.
IV. Smite spyware and pop-ups. Like Trojan horse programs, spyware secretly installs itself when you download software like file-swapping applications; it tracks your movements online and delivers ads based on where you surf. Pop-up ads can also exploit security flaws in Internet Explorer, like the recent Qhost Trojan that hijacked users' browsers after they viewed an ad on the Fortune City Web site. Fortunately, there are tools that can protect you: For example, Ad-aware (free) blocks spyware and StopZilla ($30) takes care of pop-up ads. Some antivirus software and security suites also stop spyware and pop-ups in their tracks.
V. Thou shalt foil spammers. Unsolicited commercial e-mail is more than just a nuisance; it's also a major source of virus infections. In fact, some versions of Sobig are designed to turn infected PCs into zombie machines that can be used to send spam. A good filter like Symantec's Norton AntiSpam 2004 ($40), Network Associates' McAfee SpamKiller 5 ($40 to $50), or Sunbelt Software's IHateSpam ($20) help trap the nasties your antivirus software might miss.
VI. Keep thy operating system patched. E-mail-borne worms and other scourges like to exploit security holes in your software--namely Windows and other Microsoft programs. These days Microsoft issues so many critical updates to fix these flaws that many users ignore them. Don't. Last January, the Slammer worm exploited a vulnerability that Microsoft had fixed more than six months before. But thousands of infected computers--including some at Microsoft--didn't have the patch installed. Run the Windows Update program once a week and whenever Microsoft issues a warning.
"Until we see automated patch management software, users will simply have to stay up to date," says Thor Larholm, senior security researcher at PivX Solutions.
VII. Maketh a rescue disk and keep it handy. When things go bad, a boot or rescue disk is your first step to recovery. At minimum, you'll want to put the basic elements of your operating system on a floppy disk or Zip media, so you can bypass the hard disk at start-up. To find out how, read "Hardware Tips: Create Your Own Emergency Boot Disk." A better idea: Use your antivirus program to create a rescue disk you can use when your system gets infected. Label it with a date and store it near your system where you won't lose it.
VIII. Be not taken in by false claims. There are more hoaxers than hackers on the Internet, and more bogus "e-mail virus alerts" than actual viruses. Even real virus threats are typically blown out of proportion by the media. A phony warning could cause you to delete harmless files and then forward the message to others, clogging e-mail servers and causing virus-like damage in the process. When you get one of these e-mails (or see yet another breathless news story), check it out first. Type the name of the alleged virus into a search engine to see if any of the major security vendors have issued an alert, and visit the virus hoax pages at F-Secure and Hoaxbusters.
IX. Honor thy firewall. A firewall is like a bouncer for your computer--it checks every ID at the door and won't let anything in or out until you give the thumbs up. So a hacker can't access personal information on your hard drive, and a Trojan horse keystroke logger (a stealth program that monitors the characters you type) can't steal your passwords and transmit them over the Net. Symantec and Network Associates both offer personal firewall packages for $35 to $50, while Zone Labs offers a no-frills version of its ZoneAlarm software firewall for free. But a better deal is an Internet security suite that combines antivirus, firewall, ad blockers, spam fighting, and other useful apps; most cost between $60 to $80. For a review of suites from Symantec and Network Associates, read "Extra-Suite Virus and Spam Protection."
X. Maketh backups and keep them holy. Simply put: Back up your data files at least weekly (daily if you're running a business). Even if you fall victim to a virus or hacker attack, you'll escape with only minor damage. Fail to keep a recent backup though, and you'll go straight to hell--at least, that's how it will feel.
Contributing editor and award-winning journalist Daniel Tynan writes PC World's monthly Gadget Freak column.
AOL® You've Got Pictures!
Date: 11/03/03 11:03:09 PM Eastern Standard Time
From: DeeDaBee7
Hello Member
Someone has just sent you pictures using AOL You've Got Pictures!
Members (sic) Services
America Online, Inc (sic)
To view the pictures and find out who the sender is please click here.
The next screen asks for your screen name and password.
AOL recommends you report the e-mail as Spam.
Actually, dumping Outlook email program for Mozilla's email client will save you from a lot, since Outlook will just run attachments without asking for permission.
|
FREE PC PROTECTION: (Not an exhaustive list. Your results may vary. Void where prohibited. For entertainment purposes only. No wagering, please. Whattayawantfernuthin'.)
|
1) Completely ignore everyone who wants to sell you something.
2) Install the free AVG antivirus program http://www.grisoft.com/us/us_dwnl_free.php
3) Install the free Zone alarm firewall and ignore every scare attempt to get you to upgrade. http://www.uant.net/firewall/freezonealarm.html
4) Never open a file attachment without carefully looking at the suffix to see if it’s something that you know is safe and is “really” from who you think it is.
Lots of other Ten Commandments of Computer Security out there. Looks like lots were written before this article.
Hehehehehehehehe. : )
Yeah, eMachines seem to be a night-and-day experience among some folks. Me, I've got five of them and all have worked flawlessly. Not even a hiccup. Of course, nearly all run Linux, so that could be the reason they all work so well! : )
Sides, with what Dell and Compaq charge for one of their boxes, I could buy two or three equally-equipped eMachines. Fiscal conservatism in action! ; )
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.