AVOIDING COMPUTER VIRUSES By Fred Dixon (Report)
Fred Dixon
If you are reading this and you have never been affected by a computer virus you should consider yourself lucky. With so many computers connected to the Internet, and with so many computers running Microsoft Windows, if you don’t take any precautions against getting a computer virus, it’s only a matter of time before you get one. I’ve been working with computers for almost 25 years. For the past two years, I’ve been helping friends and relatives remove viruses from their computers. Getting a virus is like getting sick, it’s usually easier to prevent than to cure. In this column, I want to offer in an ounce of prevention
How viruses spread
The beauty of e-mail is that you can send anyone e-mail (you do this when you use Outlook, for example). The curse of e-mail is you can’t stop anyone from sending you e-mail. In a similar manner, the beauty of the Internet is that your computer can connect to any other computer (you do this when you use your web browser, for example). The curse of the Internet is anyone can connect to you. Viruses spread by two ways: through e-mail, which I’ll call ‘e-mail viruses’, and by being connected to the Internet, which I’ll call ‘direct connection viruses’. Let’s look at e-mail viruses first since these rely on us to help the spread.
E-mail viruses
E-mail is the easiest method. Anyone can send you e-mail, even an automated program (such as virus itself). If you receive an e-mail and unwittingly open an attachment, and that attachment is a virus, it can install itself on your computer, scan through your Outlook address book, and e-mail a copy of itself to all your friends. To avoid e-mail viruses, remember the following rule:
Rule: #1: If you don’t run virus scanning software, then never open an attachment.
Today, most e-mail viruses rely on humans to propagate, so if you never open an attachment, you can’t be fooled. Rule #1 is the complete lockdown: you are not opening any attachment.
However, if you are familiar with Microsoft Word, Excel, or PowerPoint, and you have asked someone to send you a document, and you receive the e-mail, AND you recognize the attachment as a Word (.doc), Excel (.xls), or PowerPoint (.ppt) file, then it’s usually OK to open the attachment. It’s sort of like just having talked to a friend, the friend says they will drop by at 2:00 PM, you hear the doorbell ring at 2:05 PM, AND you hear the voice of your friend outside – then it’s OK if you open the door. Why are documents less likely to cause viruses? Documents don’t execute directly; instead, they require another program (such as Word) to read and display them. In contrast, an executable attachment needs no help to run: when you double click on an executable (.exe), you are essentially saying please run on my computer and do anything you want.
So, at the risk of over emphasizing – and it’s hard to do when it comes to computer viruses – if a friend calls you and says she is going to send you a resume, and you shortly receive an e-mail with an attached resume.doc, it’s OK to open it. If a friend sends you a file called OpenMeJoke.doc and you were not expecting it, don’t open it. It’s probably a list of jokes (we all receive them), but unless you are feeling lucky today, it’s best not to open it. If a friend sends you a file called OpenMeJoke.exe, don’t open it. It’s a virus, and if you do, you are giving it complete permission to do anything with your computer and your data. But what if my best friend is sending me OpenMeJoke.exe – shouldn’t I trust him/her? This leads to the next rule.
Rule: #2: Never trust the sender when receiving an attachment.
This rule is not a reflection on your friend, it’s a reflection of two facts: first, as we already stated, your friend may have a virus and not know it (in which case the virus sent the e-mail, not your friend), and second, it’s possible for to forge an e-mail and make it look like its came from someone else.For example, here’s an e-mail that I have received over forty times:Notice that it has an attachment called PACK.exe (Rule #1 says never open any attachment). But wait, it looks like it’s come from Microsoft, isn’t it OK? No, rule #2 says never trust the sender, because someone is trying to make the e-mail look like it came from Microsoft. You may have recently received an e-mail from your internet service provider (ISP) saying please install a patch. The e-mail too is forged and also a virus. Today, every software company and ISP has said they never send out patches as attachments. E-mail is simply not safe. This leads to the next rule.
Rule #3: Run a virus scanner.
For less than $100 a year, you can run a virus scanner on your computer. It will constantly monitor your computer to ensure it’s healthy and will scan all incoming e-mails for virus. I recommend that everyone run one: it’s so easy to setup compared with the effort to clean your computer once it’s infected.Personally, I recommend Norton Anti-Virus, but the other major brands are all good. Running any virus scanner is far better than running none.
Direct connect viruses
Here’s the bad news: these viruses are nasty in that they do not require any intervention to spread, you just have to connect to the Internet.How do they do it? Basically, when you connect your computer to the Internet, there is software on your computer that is listening for incoming data. Much of this software runs under the covers, but if someone discovers an error in the software, such as improperly handing an incoming message, it’s possible for someone to exploit this error and install a virus on your computer.Recently, there were two well published virus, the MS-Blast and Sasser viruses, both used a direct connect exploit to install themselves on computers. .Here’s the good news: these viruses are easy to stop. All you need to do is have your computer automatically install the latest critical patches from Microsoft. .
Rule #4: Setup your computer to automatically install the latest critical patches from Microsoft.
It’s easy to do. To do this on Windows XP, go to the Start menu, right-click on the ‘My computer’ icon, and choose ‘Properties’. You should get a dialog that looks like the following:Change the Settings to ‘Automatically download the updates, and install them on the schedule I specify.’ Click OK to close and apply the settings. Doing this will keep your computer up-to-date with the latest fixes and quickly remove any security holes that may allow direct connect viruses to attack your computer. When I go over to a friend’s place to help with her computer, the first thing I check to see is if all the patches have been applied to their computer. I do this by running Windows Update. To run Windows Update on Windows XP, go to the Start menu choose ‘Control Panels’. A window appears; select the ‘Windows Update’ option. Follow the instructions in the web page, and Windows Update will scan your computer to see if there are any critical patches to apply. For complete instructions, Microsoft has lots of information about keeping your computer patched at the following link http://www.microsoft.com/security/protect/
Summary
Remember: its far less effort to protect your computer than to recover it after it’s infected, Don’t open attachments. Don’t trust the sender. Run a virus scanner. And keep your computer patched from Microsoft. Do this, and you will avoid the headache of trying to recover your computer (and your data) after it is infected
Tags: Fred Dixon