Threats of Computing in a Virus-Filled World. or, how I stopped worrying and learned to love the worm…. Dr. John Johnson, CISSP. The Joys of Computing in 2003. 65,336 PC viruses discovered to date 4,129 IT vulnerabilities in 2002 [ http://www.bullguard.com/antivirus/news_184.aspx ]
or, how I stopped worrying and learned to love the worm….
Dr. John Johnson, CISSP
2003 CSI/FBI Computer Crime Survey, www.gocsi.orgbased on 47% of the 530 responses that could quantify these losses
HOAXES & CHAIN LETTERS
TROJANS, BACKDOORS & ZOMBIES
Take a deep breath. It’s not so bad.(It could be a lot worse!)
What does this mean for the corporation?
What does this mean for the home user?
- BUY a copy of a good antivirus program (like Symantec, McAfee, Trend, Panda...)Available for all platforms. If you like the online scanner below, you can purchase a commercial version from their site for around $30 with a 1- year subscription.
- Keep it updated AT LEAST once a week. Try to set it to autocheck at a convenient time so you don't forget. The paid subscription lets you auto-update. If you don't pay after it expires, you can still get virus updates manually from the vendor website, in most cases.
- Here is a link to a page I made to check on the latest virus news:
- Here are some links to FREE ONLINE resources for scanning your PC.
+ Symantec (PC):
(you can perform a virus scan, or check for vulnerabilities)
+ Trend Micro (PC): http://housecall.trendmicro.com/
+ Panda (PC):
+ McAfee (PC): http://us.mcafee.com/root/mfs/default.asp
-There is nothing worse than having a TON of junk mail in your inbox when you check it. You may not check mail every day, which makes it even more of a chore to deal with the glut of SPAM.
- When you get junk mail, you will generally know it is not from someone you know. If you are in doubt, just DELETE the message. Don't take the risk of opening unsolicited email.
- Even though you can sometimes opt out of SPAM mailing lists by following the instructions at the bottom of the message, more often than not you are letting the SPAMMER know you are there, and they will send you more SPAM. So, don't reply to SPAM.
- Until there is some miracle way of opting out of it altogether, you will need to invest in a SPAM blocking program. While there are filtering options in some email systems, they are weak and it is worth a few bucks to buy a program that will filter SPAM and have a subscription to keep updated with new filters. Here are some options:
+ McAfee/Spamkiller (PC, $30): http://us.mcafee.com/root/package.asp?pkgid=156
+ Matterform/Spamfire (Mac only for now, $25/$40): http://www.matterform.com/
+ CoffeeCup PC - haven't tried, but good reviews, $30): http://www.tucows.com/preview/295552.html
+ SpamWeed for POP3(bayesian spam filter, should learn and improve over time - haven't tried but looks good, $30): http://www.tucows.com/preview/318216.html
Dealing with Ad-Ware/Malware (the stuff that gets installed when you download another program or visit a website that reports on what you do)
- This is primarily a PC problem, so these tools are
exclusively for the PC.
- Here are links to a couple FREE software packages that you
can use to scan for any adware that might be installed on
your system (i.e. Gator, etc.):
+ Ad-aware (PC, FREE):
+ Spybot (PC, FREE): http://www.safer-networking.org/
There are several vendors that have tools to block pop-ups. Always be careful that you don't install spyware in the process of downloading a neat toolbar to block pop-ups. Here are some I like. They may also have additional functionality, like Google searching, etc. (Mozilla might be the only pop-up blocker for classic MacOS users.)
+ Google Toolbar (PC, FREE): http://toolbar.google.com/
+ You might also try running Mozilla, instead of Internet Explorer: http://www.mozilla.org/
+ On MacOS X, use Safari, it will block pop-ups:
+ CoffeeCup Pop-up Blocker ($20):
It is vital that your PC remain patched from critical security vulnerabilities. This Windows site will check your computer for missing patches, you should keep the security patches updated, but may decide not to install other large patches that are not "critical security patches".
[Note: Most new operating systems offer the ability to auto-patch your system, you may decide this is your best option, and that way you won't forget.
FOR MAC USERS: You can also use the control panel to look for "software updates" on the Mac... this site is for the savvy MacOS X user. In general, the Mac is much less vulnerable to viruses than the PC.]
Some of the recent "blended" threats, like Blaster, will infect ANY unpatched computer that is vulnerable if left long enough on the Internet. Even if you have the latest antivirus. Remember that antivirus is NOT a 100% solution anymore.
+ Microsoft(PC): http://windowsupdate.microsoft.com/
+ Apple(MacOS X) Security Updates: