By: Darren Miller
Original URL (The Web version of the article)
http://www.defendingthenet.com/newsletters/WhyDoIStillGetViruses.
htm
Viruses & Anti-Virus Software
Many people have Anti-Virus software installed. Many of the
major Anti-Virus software company's now promote what they call
"Security Suites" or packages. These Security Suites contain
everything from Anti-Virus, Firewall Protection, SPAM and Pop-Up
blockers, and Ad-ware protection. Quite often, once the software
is installed people find out that things they use to be able to
do on the Internet are no longer possible. So what happens is
portions or all of the software they purchased to protect their
computer get disabled. The result, an ineffective software
program that you paid good money for! Worst than that, most
people have no idea exactly how the Anti-Virus portion of the
package should be configured. Leaving it up to the default
configuration to defend their computers. Most of the manuals
that come with these software packages seem to be written for
those who understand the intricate workings of computers along
with every computer acronym ever invented!
Most everyone who owns a computer knows about viruses. Years
ago, viruses were more of an annoyance than anything. But as
time passed those who develop viruses became more astute at
their trade and started developing viruses with malicious
intent.
It's amazing that we regularly find computers without any
anti-virus protection at all. Typically, those who do not, find
out rather quickly how important virus protection is. In
addition to the many computers we find without virus protection,
we find many computers do not have the anti-virus software
configured and running properly to protect them from even the
most basic type of infection.
What is a Virus?
------------
A virus is a type of program that can execute on your computer
and has the ability to replicate itself. Computer viruses, like
biological viruses, spread quickly and in many cases , are quite
difficult to stop and destroy. They can attach themselves to
many types of files. As these files are transferred between
multiple computers each computer along the away becomes infected
and has the ability to continue spreading the infection.
What is a Trojan?
------------
A Trojan is software that can perform unauthorized tasks on your
computer. More often than not, these tasks are malicious in
nature. The biggest difference between a trojan and a virus is
that Viruses have the ability to replicate whereas a Trojan
typically does not. If your computer becomes infected with a
Trojan it can cause;
Damage to your computers software, Operating System, and data;
Your system can become unstable and exhibit unexpected behavior;
The security of your system becomes compromised; It could lead
to the unauthorized access of your computer;
Beware programs and software in pretty packages (for free
usually). Remember what happen to the Trojan's of Greek
Mythology!
What is Malware?
------------
The word "Malware" is short for "Malicious Software". It refers
to any software or programs with malicious intent such as
viruses, Trojans, worms, droppers, and kits. Just as a note, not
all Malware should be considered a virus but the majority can be
considered as such.
What can a Virus do to me?
------------
There are many malicious actions a virus, worm, or general
Malware can take. Just a few examples are;
Change or delete important data on your computer such as
documents, music and video files, and possibly destroy all data
on your computer; Search for important information such as
contact lists and use this information to replicate itself by
sending everyone in your contact lists an e-mail with the
virus/worm attached;
Spread amongst all your computers in various methods such as
e-mail and file sharing; Disguise itself as a legitimate part of
the Operating System - making it very difficult to detect and
destroy; and just about anything else malicious you can think up!
Virus Life Cycle
------------
Creation - In the past it took significant skill to create a
virus. However, anyone with even basic skills can create a
virus. In fact, there are virus creation labs freely available
on the Internet. This can allow anyone to create interesting and
potentially malicious code;
Replication - If one of the main goals of the virus developer is
the replication or spread of the virus, many viruses will lay
dormant and wait for a certain event to take place like a date
something similar. This allows the virus to replicate to many
systems before it activates; Activation - Once certain
requirements or conditions are met, the virus will activate
itself and execute the code that causes damage to your computer.
Not all virus cause damage. Non-damaging virus usually do not
need activation; Identification - Once the virus has infected
computers and activated themselves in the wild (on your
computer), they are isolated and documented and sent to the
anti-virus companies; Recognition - The anti-virus companies
then develop the code necessary to detect the virus, update
their virus signature patterns, and make them available to their
customers. This process can be rather quick or can take days or
months; Destruction - If enough people are protected by
anti-virus software that can detect, isolate, and destroy the
virus, it can be stopped from spreading;
Based on current information and statistics no virus has yet to
be completely eradicated!
How do I Protect my Computer?
------------
The most obvious thing that you can do is install anti-virus
software. In fact, this is not so much an option as it is a
requirement. That is if you want to be protected and not A) lose
everything you have on your computer, B) spread viruses to your
friends, family and associates, C) be a productive part of the
public network (Internet) community.
In addition, you need to make sure that your anti-virus software
is functioning properly;
Make sure that your anti-virus subscription is not out of date.
In some cases, if your subscription is out of date, the product
ceases to function or can no longer download new virus patterns.
Preventing it from detecting the latest viruses; If you receive
an unsolicited piece of e-mail do not open it. Delete the e-mail
right away; Many e-mail clients have the ability to give you a
preview of the e-mail before actually opening it. If your e-mail
client is configured this way, turn it off. This can actually
allow the virus to activate the moment you highlight the e-mail;
If you receive e-mail from a friend or associate that you were
not expecting, or one that has an odd subject line like
"Subject: The pictures I promised you!" or "The program you
requested", contact your fiend and ask them if they actually
sent it; Configure you anti-virus software to check for virus
pattern updates on a frequent basis. Checking once a week is
probably not good enough. At the very least, configure it to
check at least once a day. Our systems check more frequently
than that; Make sure your anti-virus software is configured to
perform a scheduled scan of your computer. Many people rely on
the "real-time" scanning which is suppose to catch viruses in
real-time as you select and open files. This is not 100%
accurate and nothing substitutes for a thorough manual scan of
"all" your system files Don't rely on anti-virus software alone.
Make sure that you are using some sort of anti ad-ware and
spy-ware software. These programs can catch a plethora of
malicious software that your anti-virus software may miss.
Conclusion
------------
All it takes is one bad experience with a damaging virus to make
you realize how vulnerable you and your computers are. Be
diligent in your defense against Malware and your computer /
Internet experience will be more enjoyable. The same goes for
small and medium sized business. Those who have been down for a
day or days as the result of a virus will know exactly what I am
talking about.
About the author:
About The Author
------------
Darren Miller is an Information Security Consultant with over
sixteen years experience. He has written many technology &
security articles, some of which have been published in
nationally circulated magazines & periodicals. If you would like
to contact Darren you can e-mail him at
Darren.Miller@ParaLogic.Net. If you would like to know more
about computer security please visit us at http://www.defe
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment