– From the New York State Society of CPAs –
– Suffolk Chapter Newsletter –
– October 2003 Issue –


We Interrupt Your Regularly Scheduled Article To Bring You
Five To Survive: Malicious Software Safeguards…

Mblast or Lovesan as it is also know, and Sobig.f (both worms) – two names that meant nothing to most of us as recent as several months ago, now can strike terror in the hearts of all network-administrators – or at least annoy the heck out of them.

What better time to re-visit Five-Steps you and your clients can take to prevent, as best as anyone can, the fear of computer viruses from being anything other than unfounded.

Gimmee Five!
Not wanting to make a major production out of this (miss you Gerry, hope all is well, and no one really wants to just, know what time it is – an inside joke), the five-steps to surviving in today’s oft-infected environment are as follows.

  • Keep your operating system up-to-date.
  • Run your virus scan program regularly.
  • Update your virus definition file often.
  • Use a personal firewall program.
  • Set-up your programs correctly.

What’s In A Name?
Much – but we are going to ignore all that. So whether we are talking about a virus, a worm, a Trojan horse, adware, spyware, a dialer, attachments, active content, or any other type of threat – for us, they are all infections.

For those who may want more detail, the current buzz-word for infections is malware ("malicious software"). And, check my favorite site: WhatIs?Com .

Operating System (“OS”) Updates
Every once in a while (no it is not everyday, it only seems that way) someone finds an OS hole to exploit. Soon afterwards (no it is not a life-time later, it only seems that way), your OS vendor makes available a fix. It is up to you to install that fix – and do so in a timely fashion. To assist you, there are websites that will identify and install just those fixes needed by your system. To learn more about what one vendor, Microsoft, offers go here .

Virus Scanners – Pick & Use – I/II
A virus scan program can be run as often as you like, either manually or according to a schedule set by you. If it finds an infection, it will remove it for you. And as great as this is, if you happen to have a network with tens or hundreds of computers, the “you” in each case will be the individual users. And they will, of course, always run the program, regularly – or, maybe not.

To Be Pushed Or To Pull
You can go get needed data, which is pulled it from its source. Or, you can use Push Technology, the prearranged updating of selected information through periodic transmissions. Push technology ostensibly "pushes" information to the user rather than waiting until the user specifically requests it. In actuality, most of the push is triggered by user or administrator pre-selection and arrives only as the result of your requests.

Virus Scanners – Pick & Use – II/II
Using Push Technology, you can have your networked computers “automatically” scanned.

Consider this, your major virus scan vendors provide “Push” based services that send the needed data to each of your computers from the vendor’s system, or to your network servers – which in turn pushes the data to your system’s computers. Isn’t technology grand?

Virus Definition Files – Update
And the way your virus scan program knows about the myriad of infections (71,000+) is – yes, its virus definition data files. Such files must be kept current if they are to permit the scanning programs to be as effective as they can be. How to do this – push or pull technology or a combination of both. Your choice.

Personal Firewall – Keep It On
A personal firewall is used to protect an Internet-connected computer from intruders. This is especially useful for "always-on" connections such as DSL or cable modem. Often compared to anti-virus applications, personal firewalls work in the background to protect the integrity of the system from malicious computer code by controlling Internet connections to and from a user's computer, filtering inbound and outbound traffic, and alerting the user to attempted intrusions.

Set-up Programs Properly
You should set all your programs (email, newsgroup reader, personal information manager, spreadsheet, and word processing, etcetera) so that, no attachment is opened, no script is run, no data is exchanged, unless you explicitly request it. And it’s a good idea if it makes you say “yes,” twice.

But Where Are The Vendor Details?
Having run out of article-room, let me point you to a favorite of mine that will provide you with all the detail you could want – The LangaList. The first issue I would suggest is 2003-08-25, and the first article is “Batten the Hatches,” where you can learn the vendor details behind: (1) How to easily set up a multilayered defense for your PC using free or low-cost software; (2) Safe ways to test your PC's defenses to make sure they're up to snuff; and, (3) How to weigh the risks and benefits of applying security patches to your PC.

Me, I run Microsoft XP Pro, McAfee Virus Scan, and Zone Alarm Pro Personal Firewall.

Be well…and see you around the ‘Net.

Walter C. Schmidt, CPA “Our 21st”
[wcs note: I was the Chapter's 21st President, '92-'93]
 - walts@dorsai.orghttp://www.dorsai.org/~walts/
 - Microsoft MVP – Windows XP Media Center
 - Associate Expert – Microsoft Expert Zone


  Walter C. Schmidt, CPA                escher                                  page 1 of 1