Why Use Antivirus Software?

This is a really simple question to answer – you need to use antivirus software to protect your own computer, and to prevent your computer from being used to pass on infections to other machines without your knowledge. If you use the internet and you don’t take precautions, you’re going to get infected. And you’ll infect others, including those you care about most like your friends, family, and business contacts because their information is in your email address book and other files on your computer.

If you don’t care about infecting others, let’s look at the economic argument for a moment. You have a computer that must have cost at least $600, and perhaps as much as $4,000. On top of that you’ll have a monitor for which you paid between $250 and $1000, and you’re running software costing at least $500 dollars. If you have business or specialist packages installed then I’m guessing you may have invested $5000 in software alone. You will probably pay upwards of 25 dollars a month for your internet connection. And if you store personal data on your PC, it is probably worth more than money to you.

So you’ve got equipment worth something like $1400 if you’re computing on the cheap, right up to (and beyond) $10,000 if you flex your wallet a little. Think of this as being the same in price as an acceptable older used car right up to the pretty good used car you could buy for ten thousand dollars.

Now imagine that the car had all the locks removed and could be started without a key – and of course you could paint “STEAL ME” on it for good measure. That makes a lot of sense..yea right!

Having a computer that does not have up-to-date antivirus and firewall protection is pretty much exactly the same. You are simply asking for trouble!

This kind of trouble doesn’t need to be invited twice, because viruses, worms, Trojans and all the rest, are designed to find unprotected computers and attack them. They don’t seek out protected computers! If they find one, they simply move on.

NOTE: Firewalls are one good way to keep the net-nasties moving on, you can learn more about them at: http://www.antivirus-report.com/freeware-firewall.html

Remember, computer viruses are designed, they don’t just happen by accident. Because human intelligence is behind the viruses they develop quickly, use surprising and unexpected tactics, and they hit us where we are weakest.

So if you can afford over $1500 on a computer and $300 a year on internet connections, you can definitely afford another $50 to make your computer safe (and prevent it from being used to spread viruses and Trojan horses behind your back).

If you’re not convinced about the cost argument, consider the case of David L. Smith – the self-confessed author of the infamous Melissa worm. When he was sentenced to 20 months imprisonment and a fine of $5,000 in New Jersey, the court adjudged Smith’s worm to have caused more than £55 million pounds worth of damage!

Against the cost we stand to lose, the risk of losing our priceless personal files, and being blamed by friends and relatives for infecting their machines, the top antivirus software programs cost as little as 2 months internet connection. They all include constant and unlimited automatic updates that keep your system safe and clean.

And if you weren’t convinced by the good citizen argument that you should protect your computer to stop others getting infected, then it might be worth mentioning that there is a movement to make people not using antivirus software legally responsible should their machine be used as part of an attack (even if they did not know about it). (Note: I’m not personally a part of such a movement, but it does have its merits!)

So, be a good citizen whilst protecting your wallet and your sanity by installing good antivirus software and keeping it up to date.

To learn more about effective, easy to afford and use PC protection tools, visit http://www.antivirus-report.com<

By: Eric Koshinsky

An HTML version of this articles is available by auto-responder at: /virus-spreaders

+++++++

Note:

If you manage a website with similar content to https://www.articlestop10.com/got-virus, we are interested in exchanging links with you. Please visit http://www.antivirus-report.com/link-to-us.html for more details.

+++++++

Note II:

We have a 100% brandable version of the antivirus report available to anyone who wants to add an effective broad appeal revenue source to their portfolio. It is available at no expense ( F.R.E.E. ) here:

Got Virus?

GOT VIRUS? Your Data is NOT lost forever!

In the wake of so many computer viruses running wild, “Hope is not lost”!

With the recent release of such viruses as: mydoom; netsky; mofei, lovegate and many more destructive viruses, there is an affordable solution to recover your lost files from your hard drive.

Selecting a Data Recovery Service Company can be a challenging and confusing undertaking to say the least. Why Take a Luxury Cruise ?

ECO Data Recovery located in Palm Beach Gardens, Florida has come to the rescue of many individuals, small business and large corporations around the world. When down time means lost revenue and it seems like there is no light at the end of the tunnel, you can always count on ECO Data Recovery to get you up and operating asap.

These days you never know when your computer system will go down due to viruses, sabotage or natural disaster. We suggest that everyone back-up their files regularly. Nobody ever wants to think about their hard drive crashing or a virus taking over their computer, so backing up your files is the last thing on your mind.

Often time is of the essence. We know that when your business is down, fast is never fast enough, therefore, ECO offers an expedited service for time sensitive situations.

As technology advances, so do the skills of what we refer to as “Hackers”. These “Hackers” are responsible for many of the damaged files we have recovered. As the “Hackers” skills evolve, so must our teams of engineers. We understand that there will always be some hacker out there with the goal of causing “chaos”. Eco Data Recovery will be there to undo the damage they may have done and get you up and running in the fastest time possible. A Beginner’s Guide to Avoiding Viruses.

Viruses are not the only cause of lost files!

When a hard drive is making an awful noise, more often then not you have a hardware problem. ECO Chief Engineer, Sean Flanders, warns “If you hear strange noises emanating from your computer, shut it off immediately before further damage is incurred”.

When a drive is still grasping to life (barely spinning) many times people try the cheapest solution and attempt to run a data recovery software utility. This is a major mistake! “Attempting to utilize recovery software can make your data hard to salvage if not impossible in some cases. “These programs may write data on the drive which then overwrites your original data, making data recovery almost impossible”, states Brian Cain, VP of sales at ECO.

Take heed in the words of Charles Roover, President of Eco Data Recovery, “Be aware of the fate that could befall your computer and/or network and take precautions. Back-up your files often! Nobody likes to think about losing their data, however, when you have a disaster, we’re there to rescue you!”

Over the past 10 years ECO Data Recovery has saved many individuals and companies by retrieving their lost data! We’re only a phone call away!

Dirty Little Computer Viruses and How To Protect Yourself.

Whether you have learned your lesson from a past experience with a nasty computer virus or have been pressing your luck by surfing the web and downloading various files or opening those email messages sent to you by people you don’t know without any real understanding of just how vulnerable you really are each time you log onto your computer you now have the opportunity to discover what steps you can take to avoid such an annoying and many times destructive infestation.

Listed below are some of the guidelines you can follow in order to keep those nasty viruses from making a mess out of your computer and your life.

•Purchase and install a well respected antivirus software program and be sure to set it up so that it automatically runs when the computer starts up each time. A Beginner’s Guide to Avoiding Viruses.

•Make sure to keep your antivirus software up to date by either using the automatic update feature that many come with or make it a habit to manually check at least once or twice a week for updates on your own.

•Set your antivirus program to scan for potential viruses each time you open a word-processing document like the ones that get sent through email. Viruses found in word-processing documents are called Macro Viruses.

•When purchasing software make sure to only buy from vendors that are well known and from ones you trust.

•Resist swapping data with the use of floppy disks or other mobile storage devices between various computers. If exchanging programs between computers is unavoidable just make sure to scan the storage device(s) for viruses before transferring data from one computer to the next.

•If using floppy disks to transfer data make sure to format them before using them for the first time.

•Never use pirated software. This is both illegal and a very good way to invite an unwanted computer virus.

•When downloading software from the internet do so as little as possible. There are many neat programs available on the internet, but unfortunately there are many viruses that go along with them also.

•If you must download programs from the internet ALWAYS scan them for viruses BEFORE opening them up to install on your computer.

•Probably the most important and neglected method of disaster recovery are periodic backups of all important files found on your computer. Should a virus happen to get through your lines of defense you may need to replace the virus corrupted files with fresh ones that have been kept for such an occasion.

Finally, it is not guaranteed that if you follow the above steps that you will not be the victim of a computer virus,but you can sure bet that if followed you will greatly reduce the chance of being an unsuspecting recipient of such an unwanted program.

An Easy way to Deal with Email Viruses and Worms.

If you feel intimidated when someone tries to teach you something new on the computer, this article is for you!

In the course of my career, I’ve worked with many people who I knew were smart but were convinced that they couldn’t learn how to do new things on a computer. At some point, they’d convinced themselves that they weren’t one of those “computer people”. I would try to teach them how to do something that would make their work a lot easier or faster, and I could see them shut down immediately. “I can’t do stuff like that. I’m just not good at it.”

In a few cases, my colleagues were simply amazed that I knew how to do things like upload photos to the Internet or how to start a new folder in Windows. Some would tell me that I must have some special gift for technology. I would just laugh and tell them that nothing could be further from the truth! I have a degree in psychology. I’m not a math and science type of person, and if it weren’t for the patience of my tech-minded husband and friends, I never would have learned how to do these things. Web Site Design: How Do You Want To Communicate?

The fact is, computers are such a part of our lives, that you can’t afford to think of yourself as not a “computer person”. The reason I think that a lot of people are intimidated when learning about computers is that so much of the instructions and directions are full of jargon and assume that people have as much technological knowledge as people who work with computers for a living.

I’m convinced that if I can do it, anyone else can do it too. All it takes is an open mind, confidence, and someone to explain things to you step by step in plain English.

———————

Aside from using anti-virus software, there is another way to keep some email viruses or worms from driving you crazy and clogging up your inbox. While the “Sobig” virus seems to have died down, there are sure to be some like it in the future. If you would like to prevent these bogus Emails from reaching your inbox, you can set up rules in Outlook or Outlook Express to send them directly to the delete folder.

Although the Sobig virus seems to be under control, it might be good practice to do this now. That way when the next big virus comes around, you’ll be able to filter it out right away. It might seem like its difficult, but I know that anyone can do this. If you’re smart enough to do your taxes and balance your checkbook, you can do this, trust me. A Direct Response Minisite Can Be A Sticky Situation!

If you’re using Outlook Express, go to Tools, then select “message rules” and then “mail”. A box will pop up with buttons on the right side of the window. Hit the “new” button. Another box pops up with three windows. In the first box, click the box next to “Where the subject line contains specific words”.

In the second box, click “delete it”. Now in the third box it should say, “Apply this rule after the message arrives/Where the Subject line contains specific words/Delete it.” Click on the words “contains specific words”.

This is where you tell the program what words to look for in the subject line. It’s very important to remember that this is case sensitive, meaning that if you put “abc” in, it will only delete emails with “abc” in the subject, and not “ABC” or “Abc”. For the Sobig virus, there were seven subject lines that were commonly used. If you would like to read more about this, go to http://www.webpro.com/iq/SobigF.asp The subject lines are:

  • That movie
  • Wicked screensaver
  • Your application
  • Approved
  • My details
  • Details
  • Your details
  • Thank you

It’s a good idea to copy and paste the phrases above to make sure the capitalization is exactly the same. (copy=control C, Paste=Control V)

Enter the first phrase into the box and then click on the “add” button to the right. That phrase will appear in the box below. You can add as many phrases as you’d like, clicking “add” after each one. When you’re done, hit “ok” Then hit “ok” again. Marketing in a Tough Economy – Do’s & Dont’s.

At this point, we are back to one box open with buttons on the right. Be sure to click the “apply now” button if you want the rule to apply to the email that is already in your inbox as well as any future emails.

When you are done with that, click the “ok” button and you’re finished.

If you use Outlook, the process is a little different.

First go to Tools, and then choose “Rules Wizard”. Click on the “new” button on the right. It should say at the top of a new box “What type of rule would you like to create?” There will be a list of types of rules: you want to choose “Check messages when they arrive”, which is at the top so it should already be highlighted. Simply click on “next”.

The next box asks you “which conditions do you want to check?” with a list of choices, each with an empty box next to it. Scroll down until you get to “with specific words in the subject”, and click the box in front of it.

Once you click it, you’ll notice that “with specific words in the subject” appears in the box below. Click on the “specific words” in the lower box here to specify which words the program should look for.

A new box will pop up that says, “search text” at the top. Enter one of the phrases you want to filter out and click “add”. You may enter as many phrases as you’d like, clicking “add” after each one. When you’re finished, click “Ok”. You’ll be taken back to the previous box. Click “next” at the bottom.

At this point, you have two choices. You can either specify that these emails go into your delete file to be reviewed later, or you can specify that they be permanently deleted from Outlook so that you never see them. At this point, either click in the box next to “delete it”, which simply moves it automatically to the delete folder, or click “permanently delete”, which means that you will never see the email at all and won’t be able to get it back.

Click “next” again and you’re now at the exceptions box. I can see no reason to use the exceptions when dealing with the Sobig viruses and others like it. There might be a temptation to make an exception for people who are in your address book or close friends. But remember, a virus will take over someone else’s address book and send you emails without the person ever knowing. Anyone in your address book could send you an infected email without knowing it. I recommend that you hit “next” without selecting any exceptions at this point.

In the next box, the program would like to know the name of the rule you’ve just created. You might want to call it “viruses #1” or something similar. Click finish after naming your rule. At this point you have another choice: you can apply the rule you just created to the mail already in your inbox, or you can choose to have it apply only to the incoming mail from now on. Choose either “run now” or “ok”.

You’re finished. That wasn’t SO hard, was it? You might even want to set up some more rules to help you organize your inbox or to filter out spam or unwanted email.

——————-

Some more information about attachments and viruses/worms:

Email viruses and worms almost always are transmitted through attachments. Remember after the Anthrax scare in the US a couple of years ago when everyone was very picky about what mail they accepted and opened? Anything that looked suspicious or didn’t have a return address wasn’t opened.

Think about attachments in the same way. If you get email from someone you don’t know, don’t open the attachment! If the email doesn’t say anything personal to you or use your real name, don’t open the attachment. You can always send an email back to that person asking them about who they are or what the attachment is for if you’re in doubt. Build Your Business with Strong Brands – not a Mountain of Cash!

What you need to know about the difference between spam and viruses:

Recently online I’ve seen a couple of people referring to the emails they get from viruses as spam. If you want to impress your friends and coworkers with your technological savvy, you need to know that spam is unwanted and unsolicited email you get for a commercial purpose. The intention of the email is commercial. Someone wants you to buy something, be a part of their program or visit their website.

Email you get because of viruses is technically not spam. Although it is unwanted, its intention is not to advertise or market anything, it’s simply a nuisance created by someone with too much time on his or her hands!

Also keep in mind that viruses commonly get into people’s address books and send out automatic emails to everyone on the list. Your friends and relatives are not sending you infected email on purpose.

All About Computer Viruses.

Your computer is as slow as molasses. Your mouse freezes every 15 minutes, and that Microsoft Word program just won’t seem to open.

You might have a virus.

Just what exactly is a virus? What kind is in your computer? How did it get there? How is it spreading and wreaking such havoc? And why is it bothering with your computer anyway?

Viruses are pieces of programming code that make copies of themselves, or replicate, inside your computer without asking your explicit written permission to do so. Forget getting your permission down on paper. Viruses don’t bother to seek your permission at all! Very invasive.

In comparison, there are pieces of code that might replicate inside your computer, say something your IT guy thinks you need. But the code spreads, perhaps throughout your office network, with your consent (or at least your IT guy’s consent). These types of replicating code are called agents, said Jimmy Kuo, a research fellow with McAfee AVERT, a research arm of anti-virus software-maker McAfee Inc.

In this article, though, we’re not talking about the good guys, or the agents. We’ll be talking about the bad guys, the viruses.

A long, long time ago in computer years, like five, most viruses were comprised of a similar breed. They entered your computer perhaps through an email attachment or a floppy disk (remember those?). Then they attached themselves to one of your files, say your Microsoft Word program.

When you opened your Microsoft Word program, the virus replicated and attached itself to other files. These could be other random files on your hard drive, the files furthest away from your Microsoft Word program, or other files, depending on how the virus writer wanted the virus to behave.

This virus code could contain hundreds or thousands of instructions. When it replicates it inserts those instructions, into the files it infects, said Carey Nachenberg, Chief Architect at Symantec Research Labs, an arm of anti-virus software-maker Symantec. Corp.

Because so many other types of viruses exist now, the kind just described is called a classic virus. Classic viruses still exist but they’re not quite as prevalent as they used to be. (Perhaps we could put classic viruses on the shelf with Hemingway and Dickens.)

These days, in the modern era, viruses are known to spread through vulnerabilities in web browsers, files shared over the internet, emails themselves, and computer networks.

As far as web browsers are concerned, Microsoft’s Internet Explorer takes most of the heat for spreading viruses because it’s used by more people for web surfing than any other browser.

Nevertheless, “Any web browser potentially has vulnerabilities,” Nachenberg said.

For instance, let’s say you go to a website in IE you have every reason to think is safe, Nachenberg said.

But unfortunately it isn’t. It has virus code hidden in its background that IE isn’t protecting you from. While you’re looking at the site, the virus is downloaded onto your computer, he said. That’s one way of catching a nasty virus. Unconventional Yet Effective Weight Loss Measures.

During the past two years, another prevalent way to catch a virus has been through downloads computer users share with one another, mostly on music sharing sites, Kuo said. On Limewire or Kazaa, for instance, teenagers or other music enthusiasts might think they’re downloading that latest Justin Timberlake song, when in reality they’re downloading a virus straight into their computer. It’s easy for a virus writer to put a download with a virus on one of these sites because everyone’s sharing with everyone else anyway.

Here’s one you might not have thought of. If you use Outlook or Outlook Express to send and receive email, do you have a preview pane below your list of emails that shows the contents of the email you have highlighted? If so, you may be putting yourself at risk. How to Use Public Speaking to Attract Clients?

Some viruses, though a small percentage according to Nachenberg, are inserted straight into emails themselves.

Forget opening the attachment. All you have to do is view the email to potentially get a virus, Kuo added. For instance, have you ever opened or viewed an email that states it’s “loading”? Well, once everything is “loaded,” a virus in the email might just load onto your computer.

So if I were you, I’d click on View on the toolbar in your Outlook or Outlook Express and close the preview pane. (You have to click on View and then Layout in Outlook Express.)

On a network at work? You could get a virus that way. Worms are viruses that come into your computer via networks, Kuo said. They travel from machine to machine and, unlike, the classic viruses, they attack the machine itself rather than individual files. 17 Magic Words That Can Make You a Fortune.

Worms sit in your working memory, or RAM, Nachenberg said.

OK, so we’ve talked about how the viruses get into a computer. How do they cause so much damage once they’re there?

Let’s say you’ve caught a classic virus, one that replicates and attacks various files on your computer. Let’s go back to the example of the virus that initially infects your Microsoft Word program.

Well, it might eventually cause that program to crash, Nachenberg said. It also might cause damage to your computer as it looks for new targets to infect.

This process of infecting targets and looking for new ones could eventually use up your computer’s ability to function, he said.

Often the destruction a virus causes is pegged to a certain event or date and time, called a trigger. For instance, a virus could be programmed to lay dormant until January 28. When that date rolls around, though, it may be programmed to do something as innocuous but annoying as splash popups on your screen, or something as severe as reformat your computer’s hard drive, Nachenberg said.

There are other potential reasons, though, for a virus to cause your computer to be acting slow or in weird ways. And that leads us to a new segment – the reason virus writers would want to waste their time creating viruses in the first place.

The majority of viruses are still written by teenagers looking for some notoriety, Nachenberg said. But a growing segment of the virus-writing population has other intentions in mind.

For these other intentions, we first need to explain the “backdoor” concept.

The sole purpose of some viruses is to create a vulnerability in your computer. Once it creates this hole of sorts, or backdoor, it signals home to mama or dada virus writer (kind of like in E.T.). Once the virus writer receives the signal, they can use and abuse your computer to their own likings.

Trojans are sometimes used to open backdoors. In fact that is usually their sole purpose, Kuo said. Avoid Gaining Weight This Holiday Season …while still enjoying the festivities.

Trojans are pieces of code you might download onto your computer, say, from a newsgroup. As in the Trojan War they are named after, they are usually disguised as innocuous pieces of code. But Trojans aren’t considered viruses because they don’t replicate.

Now back to the real viruses. Let’s say we have Joe Shmo virus writer. He sends out a virus that ends up infecting a thousand machines. But he doesn’t want the feds on his case. So he instructs the viruses on the various machines to send their signals, not of course to his computer, but to a place that can’t be traced. Hotmail email happens to be an example of one such place, Kuo said.

OK, so the virus writers now control these computers. What will they use them for?

One use is to send spam. Once that backdoor is open, they bounce spam off of those computers and send it to other machines, Nachenberg said.

That’s right. Some spam you have in your email right now may have been originally sent to other innocent computers before it came to yours so that it could remain in disguise. If the authorities could track down the original senders of spam, they could crack down on spam itself. Spam senders don’t want that.

Ever heard of phishing emails? Those are the ones that purport to be from your internet service provider or bank. They typically request some information from you, like your credit card number. The problem is, they’re NOT from your internet service provider or your bank. They’re from evil people after your credit card number! Well, these emails are often sent the same way spam is sent, by sending them via innocent computers.

Of course makers of anti-virus software use a variety of methods to combat the onslaught of viruses. Norton, for instance, uses signature scanning, Nachenberg said.

Signature scanning is similar to the process of looking for DNA fingerprints, he said. Norton examines programming code to find what viruses are made of. It adds those bad instructions it finds to its large database of other bad code. Then it uses this vast database to seek out and match the code in it with similar code in your computer. When it finds such virus code, it lets you know!

A Beginner’s Guide to Avoiding Viruses.

“Aaaaaahhhhhh! I’ve been invaded by a virus!” Getting virus means getting sick and no one in their right mind wants to be ill. Well, now that computers have become our close friends, it’s a shock to learn that foreign bodies too can invade them with malicious intent. No, your computer doesn’t get a runny nose or diarrhea. This is a sickness that stops your friend from functioning properly, sick in bed, incapacitated.

Well in Nature viruses occur from a power outside of our control. But, with computers it’s different, humans, mean or ignorant humans are creating these viruses. Why? Usually these are disgruntled people who want to wreak some havoc on others or companies that they feel have done wrong to them. In any case we have to be in the know and prepared to deal with these debilitating scourges. Continually Trying But Still Falling Short Of Your Business Goals?

There are many ways to approach the protection of your computer. First of all there’s the step of awareness. Be aware of how viruses are transmitted. You can catch them from a disc but in most cases it is through your email system. Check your email carefully. Be very wary of anything that has an attachment. Check whom it’s from and look at the title of the mail, is it something you were expecting? Even if it’s from someone you know, be careful as their computer could be infected and the virus being transmitted without their knowledge.

Next, read the cover message, you can’t catch the disease without actually opening the message. Look at the name of the attachment; remember viruses are written to entice you. Beware of free offers and generally anything from people you don’t know, as well as messages that sound irrelevant to your contact’s usual style. Delete them straight away. Delete, delete, delete. This will ensure you of a lower risk of infection. You can even send the message back to the sender without opening it to make sure it is valid.

Now for the heavy protection: Virus scanning and virus protection software, and rescue discs are all readily available and easily utilized. Some are free, and others are obtained for a very small charge. Most software manufacturers offer subscriptions for updating services, which automatically download protection to the latest viruses.

There are two main types of virus scanning software: one searches through your entire computer files looking for recognizable viral signatures, the other scans your incoming and outgoing emails. Alerts will show you when a file needs to be erased or repaired. If you do receive a virus that none of the software can repair you can send a copy of it to a company like Symantec who will be happy to develop a cure for it.

The main message here is not to get too worried about your good friend Mrs. PC getting ill or sick. The humans are on top of the case and they seem much better adapted at fixing their technology than they are at beating the viruses that attack our physical bodies. If only we could cure human virus and illness as easily as we solve the problem of computer sickness.

Virus Spreaders

Sometimes I wonder just what the world’s coming to…

For some among y’all out there who read this column each week, you might’ve noticed a little while back that it didn’t run for a week or so. As a result, I’ve had some people write and/or call and ask me just what was going on? Some thought I had decided to stop writing the column, some speculated that I had signed some kind of deal with “a big city newspaper” which meant that I couldn’t write for my current ones anymore, and one person asked if I’d just “had enough?” For the record, the answer to each of those questions is a definitive “no.”

I have a great time writing this column each week. It allows me to write about almost anything that pops into my mind, and I love having that kind of freedom. As a result, I seldom have a clue each week as to what I’m going to write about until I sit down in my chair and get to work. So, with that having been said, let me get right into the reason that “Free Wheelin’” went missing for a week or so. It vanished for a while due to the fact that some sweetheart out there in internet land sent me a virus.

That’s right, a computer virus. One of those malicious little programs that’s designed to wreak havoc on your computer. Viruses cost businesses and individuals tons of money each year, and for what? It makes no sense at all unless I give some thought as to just what type person sends out these viruses. It must be some super sloppy, maladjusted eighteen year old haint times three computer whiz whose closest contact with a woman comes through the serving line at his school’s cafeteria, or some super-nerdy, pocket protector wearing geek who’s mad at world because he doesn’t yet possess a working personality. And, because these people would rather be anti-social than take a good, long look in the mirror we all have to pay for it. No one ever said that life would be fair, huh?

Why Take a European Cruise ?

Fortunately, I’m pleased to report that I got out of my situation without too much damage. I did have to pay someone to reformat my hard drive, but I kept back-up copies of most of my stuff so I really didn’t get hurt too badly. I also went out and bought some better anti-virus software, which hopefully will screen most of these cyber pests in the future. In the end, though, almost anyone can get nailed with a computer virus, and I’ve been far luckier than most – the people that fixed my computer told me that a lady brought in one a week earlier that had over two thousand viruses on it! It’s a wonder that the “On” switch on her computer even worked with all that mischief lurking around on her hard drive.

In the end, I guess there are just some people out there who are sort of like walking cases of jock itch, they contribute nothing to the world and try and tear down those of us that do. People like the woman who walked up to my son recently at his job as a cashier at a well-known supermarket chain and presented him with over six hundred dollars worth of live lobsters and steaks. And what did she attempt to pay for all that food with? Food stamps. I kid you not, food stamps. Fortunately, the two food stamp cards she presented for payment had both expired, but, even with that happening, she proceeded to put down a dollar and some change in the hope that Will would be stupid enough to accept that for full payment. He politely told the lady that she was about six hundred some odd dollars short, to which she replied, “Well, I’ll go someplace else and check my luck there.”

So, for all you deadbeats, virus spreaders, bad check writers, child support non-payers, and the like, if I had my way I’d put you all in jail cells with Perry Como music playing in the background twenty four hours a day, serve you Spam sandwiches for breakfast, lunch, and dinner, and then assign guards to sit outside your cells who’ve just eaten large Mexican dinners. And that’s just for starters – don‘t even ask me what y’alls daily recreational program would consist of. The way I see it, every dog has his day, and it’s more than time for some of you bottom feeders out there to stop having yours…

Malware – It’s Getting Worse.

The recent MyDoom Worm successfully infected enough victims in order to shut down SCO’s web site, followed by new variants that targeted Microsoft’s web site. This paper isn’t intended to discuss the motives of the author, instead it will help you understand how worms enter your network, how you can block them before they even reach your internal network, and how to act in case they get in.

Latest Malicious Code Events

Yet another worm is in the wild. As usual the media quickly picked up the story and turned it into another “ILOVEYOU” industry. But why do I use the word industry? Basically, because such large scale security implications for the Internet usually create a “marketing window” opened for security companies and anti-virus vendors who quickly start capitalizing on them by placing sponsored links or offering clean-up tools on their web sites, and as long as information and removal tools are free for an accident like this, there’s nothing wrong with that. But there’s something else to consider, it keeps happening again and again, and still nothing changes. The scenario repeats itself, over and over again; another worm is in the wild, exploiting a recently discovered vulnerability in a popular software, or relying on nothing more than peoples’ naivety. The recent MyDoom Worm successfully infected enough victims in order to shut down SCO’s web site, followed by new variants that targeted Microsoft’s web site. This paper isn’t intended to discuss the motives of the author, instead it will help you understand how worms enter your network, how you can block them before they even reach your internal network, and how to act in case they get in.

Why it’s getting worse?

Sense of anonymity

A couple of years ago the Internet was quite an anonymous environment, even the novice Internet user knows that once connected he/she can send anonymous e-mails, chat or visit web sites without having to worry about his/her privacy. Malware authors are believed to be advanced computer users, and with minor exceptions they’re aware of how the Internet works, thus they believe they can be anonymous while doing their job. What motivates them the most is the lack of cooperation, even understanding between law enforcement officials and the ISPs worldwide. Another factor that deserves serious attention is the lack of computer crime laws in the author’s home country, no matter what you do, you won’t get busted. Out of my personal observations of such countries, I can say that malware authors or hackers try to maintain a balance and preserve this situation for as long as possible by not damaging or attacking their country’s computer networks, although they’re aware that laws are going to be implemented sooner or later. All of these and many other factors only contribute to the increasing number of malware authors around the world.

Increasing “How To Hack” resources

The Internet can’t be controlled, but it can be proactively monitored. During the past two years, a large number of countries joined the Internet (and more are expected to join), which soon they’ll start creating local hacking scenes, papers on how to hack and how to code a virii/worm. It’s part of the Internet and no matter how scary it may sound to the novice Internet user, this information is out there for free. You can’t stop its dissemination, but you can monitor where it starts to disseminate from. Does the originating country has computer crime laws etc.?

How do worms hit your network?

E-mail

The majority of Internet Worms spread through the Internet’s most popular (and most abused) communication service – the e-mail. The company’s e-mail is one of the first entry points for malicious software and social engineering attacks, so its security should be reasonably discussed.

You’re strongly advised to keep the confidentiality of your company’s e-mails as protected as possible, thus you’ll significantly limit the amount of malware entering your network. Establish an e-mail policy pointing out that the company’s e-mail, should be used for business purposes only, not for personal use, it should not be used for posting in USENET groups and forums. You might also regularly search the Internet for exposed company’s e-mails, or hire a company to do this.

Instant Messaging Software

Are such programs allowed on your network? Then they represent a threat to your entire anti-malware strategy, because they only go through the desktop’s anti-virus software, let’s not mention the level of trust established between the staff member and the other party, it’s much different than the one established through e-mails. If such software is allowed, receiving attachments of any type should be forbidden. But honestly, does the use of Instant Messaging Software making your staff more productive?

Peer-to-Peer Networks

Extremely dangerous in the hands of an inexperienced staff member due to the fact that the majority of worms spread on such networks as well. Block the installation and use of such programs because they’re in no way going to do any good for your company, but waste time and bandwidth.

Hostile Code at the Desktop

Once a malware reaches the desktop, it should have successfully passed all the previously discussed protection measures. Now it’s up to the staff member’s vigilance and awareness. HTML, JavaScript and ActiveX should be disabled in the user’s client, thus limiting the execution of hostile code. All e-mails should be read in “Offline” mode as well.

Content Filtering

A large number of attachments that are dangerous and unrelated to any of your business functions can be blocked at the server level. Who needs to receive .exe .com .bat or .vbs from a fake e-mail, an e-mail that doesn’t’ even resolve properly? Blocking a worm that’s spreading in the wild, can be done by matching the MIME encoded attachment for the most popular extensions. These are often provided by anti-virus vendors, or system administrators can analyze received messages to accomplish the task.

Building awareness among the staff me /stress-fractures-female-athletesmbers

The staff members should be aware of the dangers posed by receiving an e-mail, even from a known person containing attachments and messages that are unknown and unrelated to their business work. Something else they should keep in mind is not to open an attachment that appears to have been bounced back to their e-mail. “I don’t remember sending anything like this, it’s not related to me, or probably it’s a virus” should become their mode of thinking when receiving such e-mails.

The benefits of the e-mail as a tool for communication are indisputable, so are the high number of threats posed by its existence. The fight with malware should start at your ISP, next are your external servers, then it’s the desktop. But the most important aspect, in my opinion, is the awareness that should be built among all the staff members.

Malware will continue to pose a serious threat to your networks as soon as you haven’t taken the appropriate measures to limit them, namely staff education, security awareness programme and close cooperation with your ISP.

Darwinism Meets the Virus and Worm.

Viruses are largely a threat that is contained if one has an anti-virus solution. This begs the question of what then is the next big threat in terms of malware code? The answer to that would be the new, and more lethal worms such as Slammer for one. What would happen though if someone with coding talent were to harness the chaotic world of the worm?

The concept of Darwinism is a simple one; only the fittest survive. Though this is a generalization of Darwinism it does boil down to that statement. How does this apply though to computer viruses, and worms? Well simply put while the latest batch of computer viruses is irritating they are hardly the stuff of nightmare. These annoying virus pests are barely even noticed, if at all, by the people that are infected by them who in turn propagate them. In large part this is due to the simple fact that the people who are infected simply don’t have an anti-virus solution for their computers, and are largely novice computer users. After all it comes down to user education in the first place or lack thereof for their being infected. For the rest of us who are protected with an anti-virus program we simply watch with minor annoyance the number of infected emails hit our email inbox. Streaming into your email inbox these are hardly a threat really, and only really are a waste of our bandwidth.

Are viruses a threat to everyone?

Realistically though the whole virus scene has not really evolved all that much at a technical level. There has been an increased sophistication though in the social engineering aspect of such things as the subject line, and attachment name which contain the virus attachment. This sharpening of the social engineering aspect has already been widely discussed as it impacts virus propagation. I would venture though that the virus versus the anti-virus vendor ongoing battle has almost come down to one of predictability. A new virus comes out, and quickly a signature is added by the vendors.

Can one really say these annoying viruses are a threat anymore if indeed they ever were?

Yes MyDoom, Swen, Bugbear among others spread quickly, but once again only due to users not being protected to begin with. My own opinion on this continuing virus threat is much ado about nothing. There will always be a short period between a new virus and the signature being released, but it is a short time period. Much like the perpetual wholesale scanning of computers on the internet today by script kiddies, and other wannabe hackers it has simply become part of the internet today. Many people I know simply refer to it as white noise, or simply put part of doing business on the web today. So who then in reality is threatened by these viruses? Well simply put those who do not have some software solution to protect them. Also by extension these are the very same people who help propagate the virus.

I myself work in a large WAN corporate environment. We have the normal protection in place for this type of threat. All known trouble attachments are stripped at the mail server and anti-virus also resides at the work station level. Only with some of the more successful viruses have we been impacted. Even then though it was only for about twenty four hours or so till we had a new signature in place from our anti-virus vendor. This threat then from viruses is very much a managed risk. One will never be able to fully protect from zero day exploits or viruses for that matter, but you can however mitigate the threat.

All that being said though how does Darwinism enter into the equation of viruses and worms? Well with the perceived threat of viruses petering out what realistically is going to take its place? That is where the worm comes into play. A person with no programming ability can study Visual Basic for a couple of months, and then write a simple virus. If you recall one of the best known viruses was Mellisa, which was also written in Visual Basic. Many people would argue as well though that writing a worm is just as easy. That assertion though in my mind is very much open to debate. To that end too many people sneer at the programming abilities of others whilst they themselves cannot program a simple “hello world”. Much like the term “script kiddie” is thrown around much too often by people who in reality are one themselves.

The new threat: Worms

Now the worm writer has a much richer harvest to work with. What I mean by that is the person can choose exploit code which has been publicly released, and wrap a delivery vehicle around it. Unlike the virus which will clog your bandwidth the worms payload will quite possibly result in system level, or root access on your system dependent on your platform. We can all agree I believe on this being a far greater threat then the loss of bandwidth. Does any virus in recent memory really come close to say the Slammer worm? Per my perspective the two are not even close. Especially in the case of Slammer which uses a transport protocol of UDP. This made for a lightning fast infection rate as SQL listened on UDP as well for connections.

Now in the case of Slammer once again the vulnerability that it exploited had been known about for some months. A patch had been released by the vendor and yet quite a few months later this worm still tore a hole through the internet. It was of far more serious impact then a simple virus. We need to remember as well that this worm was all based on a publicly known exploit, which had been fixed by the vendor in the form of a patch.

This is where Darwin comes into play. What would of happened though if the worm writer had inserted a zero day exploit into the worm vice a known one? Indeed this would have been a far more lethal and unsavory prospect. To be quite honest it surprises me that it has not happened yet. Why have there not been any zero day exploits folded into a worm? This realistically is the next evolutionary step in the progression of the worm after all, and in reality a rater frightening one.

Tomorrow’s super worm?

To that end I was discussing this with a colleague of mine who also does exploit development as a part of his computer security work. I asked him if my doomsday worm scenario made sense to him seen, as he did exploit development. After some discussion with him we came up with what we both agreed would be a plausible scenario. My train of thought earlier on was simply to make some changes to the CMOS via the worm. What if however as my colleague stated you rather had the worm’s payload encrypt the hard drives of the computers? Not only that but each time the worm spread the encryption seed changed?

Let’s apply this quickly to a real world example of how this could transpire. First off you would need a very talented developer. Unlike my colleague, and others of his caliber there are some developers who do not share their strong sense of ethics. For our case study we will explore the damage such a malicious developer could cause.

This person decides to bring order to the chaotic world of the worm. Targeted deliberately is a pharmaceutical company whose data is stored on computers within the internal LAN. Data such as the new chemical mixture for an anti-depressant drug, which has several billion dollars worth of research and development sunk into it. Our malicious developer finds the weak point in the pharmaceuticals online presence, and gains entry. Now within minutes of initial breach the entire internal LAN is now compromised via this worm. Come morning the staff arrive to find all data on their computers utterly useless. Everyone panics, and then the companies CSO receives an email stating the financial demands of the developer for undoing the damage caused by his worm.

Does my take on the evolution of the worm sound far fetched as shown in the above noted snippet? Let me assure you it is very much a possibility. To the vast hordes of computer users out there today the world of the elite coder may indeed seem surreal. It is a very tight knit community of ethically minded peers who thankfully for us have a clearly defined sense of right and wrong.

Virus Hoaxes.

Have you ever gotten an email message like this?

BIGGGG TROUBLE !!!! DO NOT OPEN “WTC Survivor” It is a virus that will erase your whole “C” drive. It will come to you in the form of an E-Mail from a familiar person. I repeat a friend sent it to me, but called and warned me before I opened it. He was not so lucky and now he can’t even start his computer! Forward this to everyone in your address book. I would rather receive this 25 times than not at all. If you receive an email called “WTC Survivor” do not open it. Delete it right away! This virus removes all dynamic link libraries (.dll files) from your computer.

Again,,, I urge all of you to make sure your virius scanners are up to date daily!!!!!! FG

Sounds very bad, doesn’t it? My, what a horrible virus. It, and others like it, will eat your hard drive, destroy your email, infect every other machine on your network and listed in your address book, and even perhaps give you cookies and make your car break down!

This email and others like it are simply hoaxes? How do I know they are a hoax and not a real warning? Here’s how it works. A virus propagates (reproduces) by automatically sending itself to all of the addresses in your address book. This is a fairly complex piece of code, requiring a little knowledge on the part of the person who created the virus.

Well, instead of writing code to propagate something, why not ask some gullible people to do it for you? That’s what these hoaxes are all about – the “virus” is the email message and the delivery system is human being.

Why will people do this? Sometimes it’s just for a laugh, and sometimes it’s for more insidious reasons. Someone could send out a message which claimed that any message from AOL contained a virus, for example, in an effort to make AOL look bad.

Here is one of the first hoaxes known to have been sent out across the internet. It went out in 1988.

SUBJ: Really Nasty Virus AREA: GENERAL (1)

I’ve just discovered probably the world’s worst computer virus yet. I had just finished a late night session of BBS’ing and file treading when I exited Telix 3 and attempted to run pkxarc to unarc the software I had downloaded. Next thing I knew my hard disk was seeking all over and it was apparently writing random sectors. Thank god for strong coffee and a recent backup. Everything was back to normal, so I called the BBS again and downloaded a file. When I went to use ddir to list the directory, my hard disk was getting trashed again. I tried Procomm Plus TD and also PC Talk 3. Same results every time. Something was up so I hooked up to my test equipment and different modems (I do research and development for a local computer telecommunications company and have an in-house lab at my disposal). After another hour of corrupted hard drives I found what I think is the world’s worst computer virus yet. The virus distributes itself on the modem sub-carrier present in all 2400 baud and up modems. The sub-carrier is used for ROM and register debugging purposes only, and otherwise serves no othr (sp) purpose. The virus sets a bit pattern in one of the internal modem registers, but it seemed to screw up the other registers on my USR. A modem that has been “infected” with this virus will then transmit the virus to other modems that use a subcarrier (I suppose those who use 300 and 1200 baud modems should be immune). The virus then attaches itself to all binary incoming data and infects the host computer’s hard disk. The only way to get rid of this virus is to completely reset all the modem registers by hand, but I haven’t found a way to vaccinate a modem against the virus, but there is the possibility of building a subcarrier filter. I am calling on a 1200 baud modem to enter this message, and have advised the sysops of the two other boards (names withheld). I don’t know how this virus originated, but I’m sure it is the work of someone in the computer telecommunications field such as myself. Probably the best thing to do now is to stick to 1200 baud until we figure this thing out. Mike RoChenle

So what should you do if you receive a warning about some horrible virus? Generally, if these demand to be sent to everyone you know, it’s a hoax. If you are unsure, then check out the following site:

Symantic Antivirus Research Center – http://www.sarc.com

Go to the search page and enter a few words from the message claiming to warn you about a horrible virus. Behold, you will now read about the hoax. In fact, here’s the datasheet on the virus mentioned at the start of this article:

http://securityresponse.symantec.com/avcenter/venc/data /wtc.survivor.hoax.html

In any event, hoax or not, it’s a good idea to just file the email or delete it. Don’t send it on to all of your friends. Don’t do anything dramatic. These things only gain power when people give them power.

In other words, maintain your reason and don’t give in to an emotional response which simply floods email inboxes with junk.