As more and more people get online and as
more get high speed internet connections, the need for a basic
knowledge of PC (Personal Computer) security is great. Just as you learn
to lock your door at night you need to learn to lock that computer
also. Here are some statistics showing why you need good security
practices. There is an estimated 53,000 different viruses floating
around the net right now. Just one of those can infect millions
of computers as the infamous "I Love You" virus did.
45 million users are estimated to have fallen victim to that particular
code. The most disturbing statistic which I think is too low is
that there is a 1 in 4 chance that you have some form of virus
or worm on your system right now as you read this. Let's learn
a little more about these nasty little programs.
is simply a program that can "infect or "contaminate"
other programs by modifying them to include a copy of itself.
Malicious viruses are typically detrimental to data or system
integrity. A worm is different
as it is an independent program that replicates itself crawling
from machine to machine across network connections ( etc. the
Internet ). It often clogs networks as it spreads and multiplies.
A worm can me acquired e-mail or, as in the case of the "Code
Red" worm, can be completely automated and propagate throughout
the net without the user ever opening an attachment or knowing
their PC was infected.
OK now that we know what these things are,
let us discuss how people get "infected". Probably the
most widely known way is through e-mail attachments. DO NOT
OPEN ATTACHMENTS!!! Don't even open ones from people you know.
Many of these viruses look for the "contacts list" in
the infected computers e-mail program and automatically sends
itself to all those e-mail addresses listed. So if your friend
Sue sends you e-mails often she probably has put you in her contacts
list. If Sue gets infected her computer will send you the virus
e-mail without her knowing anything is happening. The point is
do not trust anyone. When you do receive an attachment e-mail
the sender asking if they sent this to you. If this one act was
followed most e-mail viruses would be stopped dead in their tracks.
A close second in the ways to get infected
is growing rapidly. If you use a napster-like filesharing service,
whether it's Kazaa, Morpheus, or whatever, you can easily unintentionally
download a virus. Here's one way it happens. Someone will write
a virus and name it something people are likely to search for
in a filesharing program. Let's say you are wanting that new song
"so and so" sings. You go online log into Kazaa and
search for the song. You select one, complete the download, and
try to click on your new song to give it a listen. Nothing happens,
no music plays. You just figure oh well, and then go download
another version of the song. You are unaware but the file you
downloaded first happened to be a trojan
horse named whatever.mp3.exe. Many times Windows is set not
to show file extensions so you wouldn't see that it is in fact
a .exe (executable) file not a .mp3 (music) file. Once the Trojan
is executed it installs a backdoor on your machine. This backdoor
is like a hacker only entrance that you will not even know exists.
Once they waltz into your computer they can either view, delete,
add files, or add more viruses to infect others.
This leads to the last way I'll talk about
getting infecting, the worm. The worm is apply named as it is
asexual and quickly crawls from machine to machine across
a network. Worms usually take advantage of a program currently
running on your system. In the case of the "Code Red"
worm it exploited vulnerabilities in Microsoft's IIS server on
Windows NT/2000 systems. The worm would install itself, copy itself,
and then, from your computer, scan the Internet for more vulnerable
machines to infect. It would then crawl to that machine over the
Internet and start the process over again. The purpose of this
worm was at a certain date and time it would stop spreading itself
and turn it's focus on one particular website or IP address and
then launch a denial of service attack.
A denial of service attack is like getting thousands of people
to circle the block of a business you have a grudge against. All
the traffic would overwhelm the store and shut it down temporarily.
Ready to learn how to protect yourself and/or keep yourself from
being a participant in all this madness?
The number one thing you should do is have
an up to date antivirus program. I recommend Norton
Anti-virus, but no matter which program yo use it needs to
be updated at least weekly. One good thing about Norton's product
is that it can automatically go online and download the last virus
definitions. Next I would tell you to update your software often.
As much as I dislike Microsoft they did do something right by
make "Windows Update" available. These virus writers
love to teach big companies like Microsoft a lesson by exploiting
one or more of the many security holes Microsoft products have
in them. When you update your software you are downloading patches
among other things that close these holes to the viruses. Don't
get this confused with upgrading software. Upgrading is installing
a newer version of a piece of software. Updating is just usually
fixing problems that have been found in your existing software.
Updating is usually free. The Windows Update program is located
in your Start Menu for those of you who have never used it. I
would also recommend doing this weekly. Finally and especially
for those of you on always on high speed connections, install
a firewall! When you're on
dail-up modems it's like living in the country you can leave your
door unlocked and probably get away with it. However, when you
get broadband it's like moving to the big city with your driveway
leading directly to the freeway. You better lock your door! Hackers
love unprotected cable or DSL users! I recommend Zone
Alarm. It's free and about the best out there.
In closing, hackers and people who write
viruses and worms are not really interested in getting into your
computer to look at your personal files. The only time they would
have anything to gain from that is if you had top secret information
or you your financial data on your home PC. These people normally
just want to either prove to their buddies that they can write
a virus and see how far it goes on the net, or they want to use
your computer to help attack others. Just use your common sense
List to safe and secure computing: