Safety check!

The internet has revolutionised the way we work and play over the past decade. But, as with all good things, there is a flipside to protect yourself against, and the most vulnerable victims are home users. We show you how to secure your system and keep your PC virus free.

  • E-Mail
By  Vijaya George Published  December 29, 2002

I|~||~||~|The internet has come to mean different things to different people. For the young, it has brought information and entertainment to their finger tips; for the corporate sector, it has come to mean quicker and more effective means of conducting trade; for shoppers, it has enabled the purchase of goods not available locally; for the expatriate population, it is the cheapest and most effective means of communicating with loved ones back home; and for many others, it has come to have many other special benefits. However, all these benefits have been accompanied by one key issue that clamours for attention — security.

Security is no longer an entity that only concerns the corporate world. As more home users join the internet bandwagon to chat, gather information, send e-mail, share music files and so on, the risk of attack from viruses or Trojans and their subsequent damage to the hard disk is closer home than we think. The notion that no malice can be directed towards the average home user, who perhaps, can give the miscreants nothing of monetary value, is a misguided notion. Virus attacks spread indiscriminately and the time and money spent repairing the damage — if it can be repaired— is better spent securing your systems.

Moreover, while you may not consider tasks you are carrying out on your PC top secret, you probably do not want strangers to read your e-mail or send e-mail on your behalf from your computer, use your computer to break into other systems, or examine personal information stored on your computer such as financial statements. An unprotected PC is an open invitation for hackers, crackers, script kiddies and other miscreants with a lot of time on their hands. These people keep a lookout for new holes with which they can enter your system.

||**||II|~||~||~|Some of the most common methods used by intruders to gain control of home PCs include:

Trojans
With a Trojan, an intruder tricks you into installing programmes without your knowledge. These allow intruders easy access to your computer and allow them, in turn, to change your system configurations, or infect your computer with a computer virus.

Remote programmes
On PCs using Windows, intruders gain remote access to your computer through three tools, namely Back Orifice, Netbus, and SubSeven. These remote administration programmes, once installed, allow other people to access and control your computer.

Denial of service
Such an attack causes your computer to crash or to become so busy processing data that you are unable to use it. Incidentally, your computer can also be used to crash other systems on the network. You can avoid this by keeping a look out for the latest patches and downloading them.

Virus attacks
Another threat includes malicious and destructive code, such as viruses or worms, which spread through unprotected Windows networking shares.
Symantec recently released a report profiling the top five viruses that have wreaked havoc on millions of PCs.

W32.Klez.H@mm
Discovered: April 17, 2002
Submissions in 2002: 297,196
W32.Klez.H@mm had the largest number of submissions in 2002. The threat is a modified variant of the destructive mass-mailing worm W32.Klez.E@mm, and is capable of spreading by e-mail and network shares. W32.Klez.H@mm infects and destroys files.
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.h@mm.html

W32.Bugbear@mm
Discovered: Sept. 30, 2002
Submissions in 2002: 47,761
Due to an increased rate of submissions, Symantec Security Response upgraded this threat from a Category 3 to a Category 4 on Oct. 2, 2002. W32.Bugbear@mm is a mass-mailing worm that also spreads through network shares. It has keystroke-logging and backdoor capabilities. The worm also attempts to terminate the processes of various antivirus and firewall programmes.
http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear@mm.html

W32.Klez.E@mm
Discovered: Jan. 17, 2002
Submissions in 2002: 43,190
W32.Klez.E@mm is a smart, stealth mass-mailing e-mail worm that attempts to copy itself to network shares. The worm uses random subject lines, message bodies and attachment file names. It also attempts to disable common antivirus products and has a payload that fills files with all zeroes. The damage is high.
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.e@mm.html

W95.Hybris.worm
Discovered: Sept. 25, 2000
Submissions in 2002: 38,577
W95.Hybris.worm is a dropper file that the W95.Hybris.gen worm copies to a hard disk when an infected e-mail attachment is opened. It can also be detected in the original attachment that is received from an infected computer. This persistent worm topped the charts as the worst worldwide threat in 2001.
http://securityresponse.symantec.com/avcenter/venc/data/w95.hybris.worm.html

W32.Magistr.39921@mm
Discovered: Sept. 3, 2001
Submissions in 2002: 29,506
32.Magistr.39921@mm is a large scale e-mailing worm that leverages Windows and Eudora address book files, Outlook Express Sent Items folders and Netscape Sent Items files to spread. The worm causes system instability by overwriting hard drives, erasing CMOS and flashing the BIOS. Its payload also has the potential to release confidential information, since it can automatically send Microsoft Word documents to others. http://securityresponse.symantec.com/avcenter/venc/data/w32.magistr.39921@mm.htm

||**||III|~||~||~|Threats through e-mail
1. Sometimes an e-mail message appears to have originated from one source but is sent from another. This kind of spoofing could be just a prank or it could be a trick to get people to release their passwords unwittingly. So, if you are at your work place, for instance, and an e-mail claiming to be from the management or administrator requests you to change your password, double check if the routine is unusual. If, for instance, the e-mail requests you to change to a specific password or asks for it, there’s reason to suspect foul play.
2. Viruses spread easily through e-mail messages in the form of attachments. Before opening any attachments, be sure you know the source of the attachment.

Peruse the chat-alogue
Lastly, internet chat applications, such as instant messaging applications and internet Relay Chat (IRC) networks, allow information to be transmitted bi-directionally between computers on the internet. Chat clients provide groups of individuals with the means to exchange dialogue, web URLs, and in many cases, other files as well. This often includes the exchange of executable code as well. By limiting the chat client’s ability to execute downloaded files and exercising caution in the exchange of files with unknown parties, you can check damage.

The solution
All this, however, emphasises how important it is to secure your systems. No doubt anti-virus software cannot give you a 100% guarantee that they can protect your systems but they will at least make it difficult for people looking for holes to enter into your system. In most cases, the average anti-virus will keep out a majority of the hackers and such a solution is sufficient for the average home user.

||**||IV|~||~||~|Many options that are outside the scope of this workshop are available to the business world, which will (depending on the nature of their trade) place several checks and balances in terms of both hardware as well as software on different levels to keep hackers out. However, we are concerned here only with the possible solutions and dos and don’ts that a home user must practice to secure his system.

To start with, the biggest myth about an anti-virus software is that it is expensive. Budget need not be a concern anymore. With so many anti-virus products in the market vying for customer approval, such solutions are getting cheaper while becoming more comprehensive and up-to-date.

As a result, the market has several reasonably-priced solutions from companies such as Symantec (Norton Anti-virus solutions), Network Associates (McAfee), Trend Micro etc. Your choice of software should be dictated by your requirements. For a person who only uses the PC to work on Word or Excel and rarely accesses the internet, a normal anti-virus solution will do just fine.

However, if you have a DSL or ADSL connection or are constantly connected to the internet, making purchases online, storing confidential information such as personal details and financial statements, downloading and sharing files, and chatting more than three times a week, a more comprehensive solution is essential to ensure that your system is secure. In such a case, a firewall might come in handy.

Most people tend to think that a firewall is only for the corporate world. Not so. A firewall acts a barrier between your PC and the internet or, to give you a more precise definition from whatis.com: “it is a set of related programmes, located at a network gateway server, that protects the resources of a private network from users from other networks. (The term also implies the security policy that is used with the programmes.)

An enterprise with an intranet that allows its workers access to the wider Internet installs a firewall to prevent outsiders from accessing its own private data resources and for controlling what outside resources its own users have access to.” There are several firewall applications that can be configured automatically.

Parental control
As a parent you may be concerned about the kind of sites your child visits and you might want to limit his access to the internet. In such cases, there are several parental control software measures available.

Privacy control
Likewise, if you hold a lot of confidential information on your PC that you would not like other people to access, you might want to opt for some privacy control.

||**||V|~||~||~|Most companies today offer such comprehensive solutions for the family that include anti-virus software, firewall, parental and privacy control as well as spam and ad blocks, and a whole year of live updates. The whole package will cost you approximately $60. Subsequent live updates will be available on renewing your subscription online each year, and should cost you between $10 and $20. For those of you who will be happy with just anti-virus software, budgets should work around to $20 less.

Some points to note for those who plan to purchase newer versions of anti-virus software:
1. Check system requirements on your box. Remember that if an anti-virus is constantly running in the background while you are working on your PC, it will slow it down. Upgrade your PC before installing a heavy software package.
2. When loading an anti-virus software, it might ask you whether you want to boot from the CD-ROM or the hard disk. If you are sure that you do not have a virus on your system, load from the hard disk and keep the scanning for another time. If you are loading the software on your PC because you think there is a virus, boot from the CD-ROM and let it scan for viruses. This could take you anything from 30 minutes upwards depending on how fast your PC is.
3. Some anti-virus software operate only with recent versions of Internet Explorer. For instance, Norton Internet Security 2003 comes with the Internet Explorer browser. So, if you are using an older version of Explorer or using only Netscape, you will have to install the browser first from the CD.
Most configurations are automatic and clicking on Next will get you all the way to the end. Likewise with McAfee. Most anti-virus software include one-year live updates. But always keep your eyes open for news of other virus on the Web and keep yourself up-to-date. You never know when it’s going to come in handy.

||**||VI|~||~||~|Firewall for the Windows XP user
If you are a basic user but connected to the internet all the time and have Windows XP on your PC, you could use the Internet Connection Firewall (ICF) that comes bundled with XP. This firewall acts as a protective boundary between your network and the outside world. You can use it to restrict what information is communicated between the Internet and your home network (if you have one). But ICF also protects a single computer connected to the internet with a cable modem, a DSL modem, or a dial-up modem.

However, ICF is not for advanced users who might want to have more options in terms of configuring their firewall. If your network uses Internet Connection Sharing (ICS) to provide Internet access to multiple computers, you should use ICF on the shared Internet connection.
However, ICS and ICF can be enabled separately. You should not enable the firewall on any connection that does not directly connect to the internet, and ICF is not needed if your network already has a firewall or proxy server. Additionally, if you are using a firewall provided with another anti-virus solution, ensure that you disable ICF.

To enable or disable Internet Connection Firewall
Go to Start, Control Panel, double click Network Connections.
Choose what you want to protect — Dial-up, LAN or High-Speed Internet connection.
Under Network Tasks, click Change settings of this connection. On the Advanced tab, under Internet Connection Firewall, select one of the following:
To enable
Select the Protect my computer and network by limiting or preventing access to this computer from the Internet check box.
To disable
Clear the Protect my computer and network by limiting or preventing access to this computer from the Internet check box.
||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code