Viruses, Hackers, and Spyware. How to protect yourself

		Web-Friend
		The "Bad" Guys

Help >> articles >> Viruses and Hackers..

Viruses | Firewalls | Spyware

The frequency of inquiries regarding the recurring threats and problems on the Internet has led me to believe that it would be helpful to my 'web friends' to discuss some of these problems and offer a few viable solutions.

Current Virus News and Updates

It IS important to protecting ones self while using a computer. Viruses, Hackers, Script-Kiddies, and all the bad guys out there that would do harm to your computer are everywhere. Some things can be very damaging to your computer: Viruses can delete files, hackers can retrieve personal information you have on your computer, malicious web-sites can load things that read and send them your passwords as you are working, and in some cases a malicious user can actually access your computer and delete files that could render your computer unuseable.

While these are the worst case scenarios, and most of the "behind the scenes" stuff that takes place as you surf the net are only targeted advertising, demographic data collection, or simple pranks, you should be aware of the potential problems, and protect yourself from these "bad guys".

The following may be valuable reading if these are items that concern you (and they should).

Viruses:
If you have a major problem with your computer, viruses are one of the first things a computer technician will investigate. As of late -2002 a virus known as "Klez" caused more wide-spread damage than any other virus to date.

They come in many shapes and sizes. The most common way of transmitting a virus these days is through e-mail. Without going into detail, there are boot sector viruses (they load as soon as the PC is turned on), Trojans (hide them selves inside other programs), poly-morphic (they recreate themselves with new names to avoid detection from anti-virus software), and your simple virus that activates at a given time, or when it is run.

A great many of the newer viruses (Klez, I Love You, etc.) not only infect your computer, but they copy your address book (all the people you communicate with via email), and send a copy of the virus to them.

There are web-sites that can create virus like activity on your PC. Some of the ways that this is done is to have certain "scripts" embedded into the web page so that your computer executes a set of commands you didn't want or expect (or even notice that the page was doing it). They can download "cookies" (small text files that collect and distribute information) to record what sites you visit, and collect information you may not want to disclose. They can also upload files and data to your computer.

The biggest thing you can do to protect yourself against this type of attack is to get an anti-virus program and use it. There are many available, and most major companies do allow you to download a trial version that you can test out for free (usually for 30 days.) A couple I highly recommend are.

* Norton norton.com, or symantec.com - Online scans: Security Check
* McAfee Mcafee.com, or nai.com,
* PC-Cillin antivirus.com - Online scans: housecall.antivirus.com
* AVG grisoft.com

On-line scans will not protect your computer in the future, it only scans your computer at that moment. It is also a known item that many viruses can and will find ways to avoid these 'online scans'.

While Norton seems to have the best part of the anti-virus market at the moment, McAfee and PC-Cillin do make good products. It's more a matter of preference, and compatibility with your current system than anything else.

The big thing about using an anti-virus program is to remember to keep it updated! At the very least you should update the programs files twice a month. The brand you use is not nearly as important as KEEPING YOUR PROGRAM UPDATED!. This is much more important than the brand of anti-virus software you use. I know this seems to be getting redundant, but the lack of attention to updating an anti-virus program is a computer techs most often

Several rules of thumb,

When you first get a new computer, create a new boot disk* (you'll need your Windows 9x CD so have it handy). Close the write protect tab on the disk once your created it, then put it in a safe place. You may need it in an emergency.

NEVER open up an attachment from someone that you don't know.

If you use Outlook or Outlook Express for your email program, close the preview pane. (In the menu ribbon at the top ... "View ... Layout") The reason for this is that email can be read as "html" code. (web page commands). These can contain scripts or commands that will 'add' things to your computer without you being aware of it.

A common practice is for one of the "Bad Guys" to send a file, claiming that it is from Microsoft, and it will update, or fix your computer ... NO! Microsoft does NOT send out updates or patches to anyone. If you want to update your "Windows" ... go to
Microsoft's Update site and update the files you want.

If cost is an issue on anti-virus programs, then try one of the free anti-virus programs at: "www.grisoft.com", or "www.free-av.com". While they may not be as fancy or well known as the store bought versions, they will protect your computer.

Note: The create boot disk is not a standard option for Windows XP. Visit the Microsoft.com web-site for more information regarding boot disks for NT, XP, and Windows 2000.

Also: If you want more options for boot disks, visit bootdisk.com.

If you are looking for specific virus info, or more information in general about viruses, try these links below ...

CERT | CSRC | sophos

Firewalls and back doors:
While you are quietly surfing the Internet, your computer may be talking to others without you even realizing it. The PC can talk through something called a "port". Often called the back doors of the computers, they are often left wide open while you are unaware of it.   (ex. ports 21 and 80 are used in a lot of the ftp and http type of transactions)

A computer has thousands of these "doors", and the "Bad Guys" can send out little signals, (in a sense, similar to telemarketers), and if your computer answers, then they can access your PC directly through these ports, and cause you a great deal of grief.

The solution is installing a program called a "Firewall".   Both Norton, and McAfee have these products available, as well as several other programs that specialize in this type of software. Windows XP comes equipped with a very basic firewall as well. (If you are logged in as an administrator, right click your connection (in Control Panel, Network Connections) .. and click on the "Advanced tab"

Black Ice (www.iss.net) was perhaps the first, best known firewall, and today perhaps the most often used.
Zone Alarm (www.zonelabs.com). For the most part you don't need to know much about the program and how it works as the settings are fairly automatic. When first installed, you may get a lot of pop up questions as the program learns what things you want to allow.

Especially if you are on-line for extended periods of time, or have a DSL or Cable connection where your computer is connected to the Internet anytime it is turned on - a firewall is a must have tool.

A few tips:

Stay away from porn sites, and hacker sites that advertise free software (commonly known as warez). These sites are notorious for dumping bad things on unsuspecting computers.

Set your browsers security levels fairly high. In XP / IE 6.x ... "Tools ... Internet Options, then click on the privacy tab. In Windows 9x / IE 5.x ... "Tools .... Internet Options" and click on the "security" tab. In Netscape, ... "View ... Preferences" and choose the Advanced option.

As you look through some of your more advanced options in your browser, look closely at the cookies options. You may want to disable 3rd party cookies, or all cookies in favor of just allowing the main site to view or send them. Some sites (like Microsofts' Hotmail.com) need to have some access to those little files in order to keep loading pages - it's how they know they are sending the page to the right person. This is because you "logged on" with a user name and password - that can be sent back to your computer in the form of a file (called a cookie) - so when you click to see the next page of email, that site knows you are already logged on.

Spyware and Adds:
Lastly we come to those annoying pop-up adds. Many, many sites use these little files called "cookies" to collect information about you, your computer, and the types of web-sites you like to visit. They then target you with the type of advertising that you may be interested in, or even things you may not be interested in. They use a variety of tools, cookies, that report back to them information on what you look at on the Internet, and they even download little programs that monitor and report back to them.

While many of the firewall programs can prevent much of the "pop-up" or "pop-under" adds, they don't always clean out the junk that is already on your computer. Be it a key in your registry, a cookie that relays information, or a behind-the-scenes program that can flood your email with a new "Visa" card, or the "Get your home re-mortgaged", and "Get out of debt" emails that sour the Internet today. Some help can be found in new programs available that are made specifically for removing this type of "targeted advertising" information from your computer.

Two programs that I recommend are
* ad-aware, created by "www.lavasoft.nu".
* Spy-bot, found at major geeks.

Final Notes: There are many companies with many tools available for protecting your computer today. It has been my experience however that at times Anti-Virus program from company "A" does not work well with System Tools from company "B". My suggestion would be that if you use Norton's System Tools, then stick with Norton's anti-virus program as well. If you use McAffee Anti-Virus program and are looking for other system tools, look at their suite of utilities. I have not heard of any problems with the Black Ice, or Zone Alarm firewall co-existing with either Norton's or McAffee tools and A-V software, just the system tools (like the defrag, regcleaner, cleansweep, etc tools that come with their respective companies suite of tools).

Safe and Happy Surfing,
Ched
first posted: 07.02.2002

updated: August 21, 2003

virinfo.html

home | site map | contact

Copyright© Charles H. Davis

All rights reserved

updated: August 21, 2003		virinfo.html
	home \| site map \| contact
Copyright© Charles H. Davis		All rights reserved