blackadder
8th Jun 2000, 10:37
This arrived in my box this morning.
I hope some of you find it usefull.
___________________________________
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Virus Security 101
By Paul Myers <[email protected]>
Copyright 2000 Paul Myers. Reprinted with Permission.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
If anyone had any doubt about the ability of viruses to
wreak havoc, Melissa should have cured that. But, of course,
it didn't.
Viruses can do all sorts of interesting things. They can
send email to everyone in your address book. They can email
your entire address book to someone else. They can make your
computer do all manner of odd things. They can wipe out your
data files, or even format your hard drive.
They can even plant RATs in your system.
RAT is short for Remote Access Trojan. These nifty little
virtual gizmos are the cracker's equivalent of the remote
control.
Note: Cracker is the right word. A hacker, despite
the media's misuse of the word, is not a malicious
person who'll try to abuse strangers. Hacker is a
term of respect. Crackers are the creeps who play
these nasty games.
So, how does your computer get viruses?
It's amazingly easy, actually. Any time you run code that
you got from someone else, you run *some* risk of getting a
virus. With commercial software obtained directly from the
manufacturer, the risk is minimal. Still there, but minimal.
There are other ways, but these account for the vast
majority of cases:
* Loading files with macros without checking for viruses.
This is probably the most common these days. There are
thousands of macro viruses out there that are spread through
sharing of Word documents, Excel spreadsheets, etc.
* Downloading and running many games that are distributed
through private sites. (The major download sites are usually
pretty safe.)
* Opening infected emails in an HTML capable mail reader
without having disabled ActiveX and the like. (Yes,
Virginia, you CAN get a virus just from reading an email
on a PC. If your system is set up wrong.)
* Running programs that are sent to you as attachments.
* Downloading and running pirated software. (If that's how
you got it, you deserve it!)
Have you ever done any of those?
So, how do you NOT get viruses? It's pretty easy, actually.
Just use some simple, common sense steps.
1. NEVER run programs that are sent to you as attachments,
unless you know and trust the sender, AND KNOW THE PROGRAM
IS BEING SENT BEFOREHAND. Even then, be suspicious. Your
friends won't deliberately send you an infected file, but do
you know how secure their system is?
If you weren't told the program was coming, don't run it, no
matter who sent it. There are new viruses out all the time
that attach themselves to emails as their method of
propagation. The "senders" usually don't even know the
attachment exists.
2. For Word, Excel, and any other software that uses macros,
get paranoid. Go to the Macros menu item, and select the
Security option. Set it to high, and refuse to run any
macros except from those sources you designate as "Trusted."
Mac users should not be smug about this - macro viruses are
cross platform.
The vast majority of users won't be affected by this at all.
Most of us don't use macros in our documents.
3. Ask people who need to send you documents to use .rtf
(Rich Text Format) instead of .doc format. In most cases
this will give exactly the same results and appearance. And
RTF files can't spread viruses.
If they don't know how to do this, explain it. When they
save the file, they simply choose Rich Text Format from the
"Save as type" options instead of accepting the default .doc
format.
Another advantage is that RTF files are generally readable
on any platform. Handy for dealing with people who may not
have exactly the same programs that you use.
Oh yeah... Send documents in this format yourself whenever
feasible. ;)
4. Turn off the ability of your HTML capable email software
to run ActiveX or other code without asking first. And then
only allow it when you know the sender. (Hint: How many
people do you know who write email containing ActiveX or
other scripting... ?)
5. Get a good anti-virus program.
Update it regularly.
Run it all the time.
Good anti-virus software is no longer a paranoid's
indulgence. It's a necessity.
You'll want to set it to the highest security you can live
with. If you get huge amounts of email and have a slow
machine, you may not want to tell it to scan every email
that's downloaded, but you'll probably want every other
option checked.
Yes, it will slow things down a small amount. In most cases,
you'll never notice it. If it gets too bad, you can disable
the less important options, like scanning inside zip files.
You don't need to scan your drives every time you boot up
the machine, of course. But do it occasionally to be safe.
Updating your Anti-Virus (AV) software frequently is a must.
There are tens of thousands of viruses out there, and more
developed all the time. It does you no good to have the
software if it's not current.
Even with the best AV software, you still want to keep other
security measures in place. These programs don't work on a
virus until the developers know the virus exists. And
frequently they don't know until shortly AFTER a major
outbreak.
Melissa was a great example of this.
Two of the better anti-virus programs are:
Panda Anti-Virus, from http://www.pandasoftware.com/
Norton Anti-Virus, from http://www.symantec.com/
I don't recommend McAfee. It's entirely too much trouble
when there are more convenient options that provide the same
protection.
With any anti-virus software, you can encounter occasional
problems. It's an unfortunate but necessary part of the way
the programs work. Some legitimate commercial programs may
be treated as viruses, some hardware will have trouble, etc.
Usually these programs will mention the potential trouble
somewhere in their documentation. If you try installing
software from commercially purchased CDs or from trusted
download sites and have trouble, try the install after
turning off the AV program.
A good anti-virus program is a necessity. (Have I mentioned
that yet?)
....
[Editors Note: Using a program other than Microsoft Outlook
(or as many people now call it, lookout!) for your email will
also help you avoid many virus problems.]
....
There's at least one "virus" that can affect your system
without you downloading anything, opening any programs, or
reading any infected emails. All you need to do is run a
computer that's connected to the Internet that has a shared
drive which doesn't require a password for write access.
Isn't that fun? Just being connected can be a security risk!
This one scans the Net looking for machines with the right
vulnerabilities, and writes itself to the system when it
finds one. The effects of this virus sound like something
from one of those hoaxes that are forever going around.
* It spreads without any action on your part.
* It can delete everything in your C:\Windows directory and
sub-directories, and C:\.
* It uses your modem to dial 911....
Yeah. Can you believe that last one? The cretin who wrote
this needs to be thrown in jail for life. Tying up emergency
services like that could result in deaths.
Fortunately, this is found in a very limited area so far.
The only "sightings in the wild" have been in the Houston,
TX area. And yes, it's confirmed. See:
http://www.symantec.com/avcenter/venc/data/bat.chode.worm.html
Or the FBI's advisory, at:
http://www.nipc.gov/advis00-038.htm
This is the first virus that propagates this way. You can
bet it won't be the last. And future ones will exploit more
and more obscure weaknesses in common PC setups.
....
A Final Tip:
If you use Netscape, turn off any type of Scripting in Mail
and News.
....
I hope you find this information useful. Put it to work, and
you can save yourself a lot of headaches down the road.
....
This article was written for TalkBiz News, a free email
newsletter for small business owners. To subscribe, send any
email to mailto:[email protected]
[Editors note: This article was excerpted from Data Security 101
For Small Businesses by Paul Myers. If you'd like to get a copy
of the entire article - which contains a lot of useful
information on backing up, RATs, firewalls, and more - send an
email to mailto:[email protected] and you'll receive it via
autoresponder.]
I hope some of you find it usefull.
___________________________________
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Virus Security 101
By Paul Myers <[email protected]>
Copyright 2000 Paul Myers. Reprinted with Permission.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
If anyone had any doubt about the ability of viruses to
wreak havoc, Melissa should have cured that. But, of course,
it didn't.
Viruses can do all sorts of interesting things. They can
send email to everyone in your address book. They can email
your entire address book to someone else. They can make your
computer do all manner of odd things. They can wipe out your
data files, or even format your hard drive.
They can even plant RATs in your system.
RAT is short for Remote Access Trojan. These nifty little
virtual gizmos are the cracker's equivalent of the remote
control.
Note: Cracker is the right word. A hacker, despite
the media's misuse of the word, is not a malicious
person who'll try to abuse strangers. Hacker is a
term of respect. Crackers are the creeps who play
these nasty games.
So, how does your computer get viruses?
It's amazingly easy, actually. Any time you run code that
you got from someone else, you run *some* risk of getting a
virus. With commercial software obtained directly from the
manufacturer, the risk is minimal. Still there, but minimal.
There are other ways, but these account for the vast
majority of cases:
* Loading files with macros without checking for viruses.
This is probably the most common these days. There are
thousands of macro viruses out there that are spread through
sharing of Word documents, Excel spreadsheets, etc.
* Downloading and running many games that are distributed
through private sites. (The major download sites are usually
pretty safe.)
* Opening infected emails in an HTML capable mail reader
without having disabled ActiveX and the like. (Yes,
Virginia, you CAN get a virus just from reading an email
on a PC. If your system is set up wrong.)
* Running programs that are sent to you as attachments.
* Downloading and running pirated software. (If that's how
you got it, you deserve it!)
Have you ever done any of those?
So, how do you NOT get viruses? It's pretty easy, actually.
Just use some simple, common sense steps.
1. NEVER run programs that are sent to you as attachments,
unless you know and trust the sender, AND KNOW THE PROGRAM
IS BEING SENT BEFOREHAND. Even then, be suspicious. Your
friends won't deliberately send you an infected file, but do
you know how secure their system is?
If you weren't told the program was coming, don't run it, no
matter who sent it. There are new viruses out all the time
that attach themselves to emails as their method of
propagation. The "senders" usually don't even know the
attachment exists.
2. For Word, Excel, and any other software that uses macros,
get paranoid. Go to the Macros menu item, and select the
Security option. Set it to high, and refuse to run any
macros except from those sources you designate as "Trusted."
Mac users should not be smug about this - macro viruses are
cross platform.
The vast majority of users won't be affected by this at all.
Most of us don't use macros in our documents.
3. Ask people who need to send you documents to use .rtf
(Rich Text Format) instead of .doc format. In most cases
this will give exactly the same results and appearance. And
RTF files can't spread viruses.
If they don't know how to do this, explain it. When they
save the file, they simply choose Rich Text Format from the
"Save as type" options instead of accepting the default .doc
format.
Another advantage is that RTF files are generally readable
on any platform. Handy for dealing with people who may not
have exactly the same programs that you use.
Oh yeah... Send documents in this format yourself whenever
feasible. ;)
4. Turn off the ability of your HTML capable email software
to run ActiveX or other code without asking first. And then
only allow it when you know the sender. (Hint: How many
people do you know who write email containing ActiveX or
other scripting... ?)
5. Get a good anti-virus program.
Update it regularly.
Run it all the time.
Good anti-virus software is no longer a paranoid's
indulgence. It's a necessity.
You'll want to set it to the highest security you can live
with. If you get huge amounts of email and have a slow
machine, you may not want to tell it to scan every email
that's downloaded, but you'll probably want every other
option checked.
Yes, it will slow things down a small amount. In most cases,
you'll never notice it. If it gets too bad, you can disable
the less important options, like scanning inside zip files.
You don't need to scan your drives every time you boot up
the machine, of course. But do it occasionally to be safe.
Updating your Anti-Virus (AV) software frequently is a must.
There are tens of thousands of viruses out there, and more
developed all the time. It does you no good to have the
software if it's not current.
Even with the best AV software, you still want to keep other
security measures in place. These programs don't work on a
virus until the developers know the virus exists. And
frequently they don't know until shortly AFTER a major
outbreak.
Melissa was a great example of this.
Two of the better anti-virus programs are:
Panda Anti-Virus, from http://www.pandasoftware.com/
Norton Anti-Virus, from http://www.symantec.com/
I don't recommend McAfee. It's entirely too much trouble
when there are more convenient options that provide the same
protection.
With any anti-virus software, you can encounter occasional
problems. It's an unfortunate but necessary part of the way
the programs work. Some legitimate commercial programs may
be treated as viruses, some hardware will have trouble, etc.
Usually these programs will mention the potential trouble
somewhere in their documentation. If you try installing
software from commercially purchased CDs or from trusted
download sites and have trouble, try the install after
turning off the AV program.
A good anti-virus program is a necessity. (Have I mentioned
that yet?)
....
[Editors Note: Using a program other than Microsoft Outlook
(or as many people now call it, lookout!) for your email will
also help you avoid many virus problems.]
....
There's at least one "virus" that can affect your system
without you downloading anything, opening any programs, or
reading any infected emails. All you need to do is run a
computer that's connected to the Internet that has a shared
drive which doesn't require a password for write access.
Isn't that fun? Just being connected can be a security risk!
This one scans the Net looking for machines with the right
vulnerabilities, and writes itself to the system when it
finds one. The effects of this virus sound like something
from one of those hoaxes that are forever going around.
* It spreads without any action on your part.
* It can delete everything in your C:\Windows directory and
sub-directories, and C:\.
* It uses your modem to dial 911....
Yeah. Can you believe that last one? The cretin who wrote
this needs to be thrown in jail for life. Tying up emergency
services like that could result in deaths.
Fortunately, this is found in a very limited area so far.
The only "sightings in the wild" have been in the Houston,
TX area. And yes, it's confirmed. See:
http://www.symantec.com/avcenter/venc/data/bat.chode.worm.html
Or the FBI's advisory, at:
http://www.nipc.gov/advis00-038.htm
This is the first virus that propagates this way. You can
bet it won't be the last. And future ones will exploit more
and more obscure weaknesses in common PC setups.
....
A Final Tip:
If you use Netscape, turn off any type of Scripting in Mail
and News.
....
I hope you find this information useful. Put it to work, and
you can save yourself a lot of headaches down the road.
....
This article was written for TalkBiz News, a free email
newsletter for small business owners. To subscribe, send any
email to mailto:[email protected]
[Editors note: This article was excerpted from Data Security 101
For Small Businesses by Paul Myers. If you'd like to get a copy
of the entire article - which contains a lot of useful
information on backing up, RATs, firewalls, and more - send an
email to mailto:[email protected] and you'll receive it via
autoresponder.]