We Interrupt Your Regularly Scheduled Article To Bring You
Five To Survive:
Malicious Software Safeguards…
or Lovesan as it is also know, and Sobig.f (both worms) – two names that meant nothing to most of us
as recent as several months ago, now can strike terror in
the hearts of all network-administrators – or at least
annoy the heck out of them.
What better time to re-visit Five-Steps you and your clients
can take to prevent, as best as anyone can, the fear of computer
viruses from being anything other than unfounded.
Not wanting to make a major production out of this (miss
you Gerry, hope all is well, and no one really wants to
just, know what time it is – an inside joke), the
five-steps to surviving in today’s oft-infected environment
are as follows.
your operating system up-to-date.
your virus scan program regularly.
your virus definition file often.
a personal firewall program.
your programs correctly.
In A Name?
Much – but we are going to ignore all that. So whether
we are talking about a virus, a worm, a Trojan horse, adware,
spyware, a dialer, attachments, active content, or any other
type of threat – for us, they are all infections.
those who may want more detail, the current buzz-word for
is malware ("malicious software").
And, check my favorite site: WhatIs?Com .
System (“OS”) Updates
Every once in a while (no it is not everyday, it only seems
that way) someone finds an OS hole to exploit. Soon afterwards
(no it is not a life-time later, it only seems that way),
your OS vendor makes available a fix. It is up to you to
install that fix – and do so in a timely fashion.
To assist you, there are websites that will identify and
install just those fixes needed by your system. To learn
more about what one vendor, Microsoft, offers go here .
Scanners – Pick & Use – I/II
A virus scan program can be run as often as you like, either
manually or according to a schedule set by you. If it finds
an infection, it will remove it for you. And as great as
this is, if you happen to have a network with tens or hundreds
of computers, the “you” in each case will be
the individual users. And they will, of course, always
run the program, regularly – or, maybe not.
To Be Pushed Or To Pull
You can go get needed data, which is pulled it from its source.
Or, you can use Push Technology, the prearranged updating
of selected information through periodic transmissions.
Push technology ostensibly "pushes" information
to the user rather than waiting until the user specifically
requests it. In actuality, most of the push is triggered
by user or administrator pre-selection and arrives only
as the result of your requests.
Scanners – Pick & Use – II/II
Using Push Technology, you can have your networked computers “automatically” scanned.
this, your major virus scan vendors provide “Push” based
services that send the needed data to each of your computers
from the vendor’s system, or to your network servers – which
in turn pushes the data to your system’s computers.
Isn’t technology grand?
Definition Files – Update
And the way your virus scan program knows about the myriad
of infections (71,000+) is – yes, its virus definition
data files. Such files must be kept current if they are
to permit the scanning programs to be as effective as they
can be. How to do this – push or pull technology
or a combination of both. Your choice.
Firewall – Keep
A personal firewall is used to protect an Internet-connected
computer from intruders. This is especially useful for "always-on" connections
such as DSL or cable modem. Often compared to anti-virus
applications, personal firewalls work in the background
to protect the integrity of the system from malicious computer
code by controlling Internet connections to and from a
user's computer, filtering inbound and outbound traffic,
and alerting the user to attempted intrusions.
Set-up Programs Properly
You should set all your programs (email, newsgroup reader,
personal information manager, spreadsheet, and word processing,
etcetera) so that, no attachment is opened, no script is
run, no data is exchanged, unless you explicitly request
it. And it’s a good idea if it makes you say “yes,” twice.
But Where Are The Vendor Details?
Having run out of article-room, let me point you to a favorite
of mine that will provide you with all the detail you could
want – The LangaList. The first issue I would suggest
and the first article is “Batten the Hatches,” where
you can learn the vendor details behind: (1) How to easily
set up a multilayered defense for your PC using free or
low-cost software; (2) Safe ways to test your PC's defenses
to make sure they're up to snuff; and, (3) How to weigh
the risks and benefits of applying security patches to
Alarm Pro Personal Firewall.
Be well…and see you around the ‘Net.
Walter C. Schmidt, CPA “Our 21st”
note: I was the Chapter's 21st President, '92-'93]
- email@example.com – http://www.dorsai.org/~walts/
MVP – Windows XP Media Center
Expert – Microsoft Expert Zone