Ghiath
Now, it’s common on Internet or even at work for those of you who work close to IT people to hear these words. Damn I got infected with a virus or a worm or a spyware. So, what do these words mean exactly? and how do we minimize the infection?
First I will start with defining these words:
Malware: refers to a large variety of software which all has one thing in common: it is unwanted software which someone else wants to run on your computer. This software “infects” your computer, making it behave in a way which you do not approve of. Malware can include:
- Viruses: which are computer programs that can copy itself and infect a computer without permission or knowledge of the user.
- Worms: which are self-replicating computer program. It uses a network to send copies of itself to other nodes (computer terminals on the network) and it may do so without any user intervention. Unlike a Virus, it does not need to attach itself to an existing program. Worms almost always cause harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer. are usually destructive in some way – these can delete files, wreck the operating system, etc.
- Trojan Horses or Trojans: which are software which purports to do a certain type of action, but in fact, performs another. The trojan is not harmful by itself but it usually opens a backdoor in the infected machine for an attacker.
- modern viruses and worms, which give control over your computer to an attacker – they can then use your computer to send spam or launch attacks on other computers
- Spyware: which monitors what you do on your computer – this can lead to credit card or identity theft
- Adware: which shows you unwanted advertising – this typically shows up as pop-up ads or an unwanted homepage
- a combination of the above
How do I secure my PC?
There are three major steps to securing your PC.
- Keep your software up-to-date
- A major source of malware infections is outdated software, especially Windows itself. Malware can install itself on your PC by taking advantage of bugs in your operating system, browser, or other software. These bugs are typically fixed as soon as possible, but your software must be updated to take advantage of these fixes.Windows has a built-in system for automatically updating itself, called “Windows Update”. Windows XP also supports a newer, more comprehensive version called “Microsoft Update”, which you can upgrade to when you run Windows Update. You should not only have Automatic Updates turned on, but you should go to Windows Update at least once a week to make sure that everything is working as it should.When Windows pops up a message in the System Tray (down near the clock in the Task Bar) that says “updates are ready to be installed”, do not ignore that message. It is not uncommon for people to ignore that message for months, and then wonder why their system got infected.Is it recommended that if you have a computer capable of running it, that you upgrade to Windows XP with at least Service Pack 2. Windows XP with SP2 is more secure and better-supported than any previous Windows version. Future updates to Windows XP should continue this trend.Individual non-Microsoft pieces of software may or may not automatically keep themselves up-to-date. Some software will pop up a warning, suggesting that you download and install the new version. Others will not. It is very important to keep your web browsers, email software, java runtimes (if installed), and instant messengers up to date. Bugs in any of these pieces of software can let malware install itself on your PC. You should make a habit of checking for new versions of any software you use regularly.
- Use a firewall
- A “firewall” is a piece of software or hardware that sits between your computer and the Internet, protecting your computer from attacks. You should never connect a computer to the internet without a firewall of some sort.A hardware firewall is preferred. The inexpensive “routers” that many companies sell make fine firewalls. This includes the routers (wired and wireless) from companies like Linksys or D-Link, and the Apple Airport base stations (which work fine with PCs).These routers shield all of the PCs that connect to them from incoming attacks from the Internet. They do not protect you from malware that you get from having bad browsing habits.A software firewall, like the one built into Windows XP, is not as good as a hardware firewall. But it is much better than nothing, and will probably be adequate as long as you follow the first step and make sure your PC remains as up-to-date as possible.WARNING: The built-in Windows XP firewall is turned on by default in Windows XP Service Pack 2. It is not turned on by default in previous versions of Windows XP, and versions of Windows that pre-date Windows XP do not have a built-in firewall at all. If you connect a Windows PC to the internet without a firewall (hardware or software), and the system is out of date, the computer is in very serious danger of becoming infected by something malicious within an hour or less.This means that if you are re-installing Windows, or are setting up a new PC, do not connect it to the internet until you are sure that a firewall is in place. If you do not know what version of Windows XP you have on your PC, or do not know if the firewall is turned on, keep it disconnected until you are sure. This is one thing that makes a hardware firewall superior to a software one; you know that it is on at all times, regardless of the state of your PC.
- Use anti-virus software
- There is no such thing as a perfect piece of anti-virus software. All anti-virus software relies on detecting malware once it has already arrived on your PC, and preventing it from running. It is much better to not let that malware onto your PC in the first place.However, having some sort of anti-virus software running on your PC at all times is yet another level of security, and the more security the better. Some anti-virus software also comes with a software firewall (such as “Norton Internet Security”).Anti-virus software must be updated regularly in order to be effective. Most anti-virus software will automatically get its updates from the Internet.
These three steps to securing your PC are automatically monitored by Windows XP Service Pack 2 with the “Security Center” tool. This tool can be found in the Windows Control Panel; it will also pop up with a warning if it finds that any of these steps have not been performed. Please take these warnings seriously.
What are good browsing habits?
- Pay attention to what you download or run
- One of the easiest ways to let your system get infected is to download or run something dangerous. Any time you are running new software on your PC, it could be installing something you don’t want.First, do not download or run software from unknown sources. This includes web links or programs sent to you in email or over instant messaging. Even people you trust may be sending you malware, if their own computer is infected; many viruses and worms use buddy lists and address books to send themselves to friends of the original victim. If you are downloading software, make sure that you are getting it from the original source or a trusted “mirror”. Pirated software or “cracks” for commercial software are often dangerous malware in disguise. Software downloaded from pornographic websites (such as “movie viewers”) are almost exclusively malware.Second, do some basic research on any software that you would like to download and use. Many “free” software packages you can download come bundled with malware, especially adware. Software like Eudora has optional advertising built into the program itself, which is safe. That advertising is limited to within the program itself, and goes away if you uninstall it. But many other pieces of software will install advertising software which runs at all times, which causes pop-ups even when you are not using that software, and which does not go away when you uninstall the original software. File-sharing applications are notorious for “bundling” malware, but there are many free and safe alternatives.In short, every time you run a new program on your computer, you are handing control over it to the person who wrote that software. If you do not consider that author trustworthy, do not run that software. Be paranoid and be informed.
- Do not go to dangerous websites
- There are certain classes of websites which are particularly dangerous.
- Free or illicit pornography sites – sites with illegal adult content are run by the unscrupulous anyway, and many “free” adult sites are using stolen content to lure people there
- Sites featuring pirated software, “cracks”, or stolen serial numbers – again, these sites are run by the unscrupulous in the first place
- And oddly, sites with song lyrics – these sites are easy to make show up in search engines, require very little bandwidth, and can steal all their content from other sites
If you must visit these sorts of sites, you must be exceedingly careful.
- Use a secure browser
- A continuing source of malware infections is the Internet Explorer browser. There are several reasons for this.First, Internet Explorer is the most popular browser for Windows, because it’s built in. This makes it a very popular target for attackers.Second, Internet Explorer has a history of critical, dangerous security bugs. These bugs have often let websites install malware onto your PC just by browsing to them, and these bugs have sometimes taken up to a month to be fixed. Many computers out there are still running old, vulnerable versions of Internet Explorer.And third, because Internet Explorer has a feature which lets websites install software, this makes bugs relating to that feature extremely dangerous. It also means that user error can have dire consequences.It is strongly recommended that users of Windows switch to an alternate browser, such as Firefox or Opera. These browsers also have security bugs found in them on a regular basis, but they are still more secure because these bugs are not as dangerous as the ones in Internet Explorer, and they are fixed considerably quicker.If you wish to continue using Internet Explorer, there are two important things to do. The first is to follow the first step in securing your PC: make sure that you always keep Windows and Internet Explorer up-to-date by using Windows Update. It is also important to keep alternative browsers up-to-date, but it is ten times more important with Internet Explorer.
- List of AntiSpyware applications can be found here:
- List of Antivirus applications can be found here:
- I recommend using Spyware Doctor with Kaspersky. In my opinion they are the best of all for personal use.
- Sources:
http://en.wikipedia.org/wiki/Spyware
| 2.5 |
If you enjoyed this post, make sure you subscribe to my RSS feed!
Another thing you could do – clear your browsing history when you are done after every session. This means get rid of the browser cache, the internet history and cookies.
I assume everyone is using Firefox because, well, you should be using Firefox. When you are done browsing, press Ctrl+Shift+Del, select your relevant options with a tick and clear your history.
Why? The browswer cache is a breading ground for malware. You often get worms replicating themselves in your browswer cache first before they spread to other parts of your computer. The reason to clear cookies is because many sites install a cookie on your system that tries to connect back to that site. It could be seen as malware, because it performs functions you did not give consent to and did not ask for. Best to get rid of them.
Firefox will warn you about dangerous sites specifically. Explorer only warns you about content that is not certified by Microsoft to be safe. This does NOT mean that when Microsoft certifies a technology safe, it is safe. On the contrary…
Use the fox!
The Necro Files
Thanks for the tips Garg. I’m a huge Firefox fan but it has only one problem which is memory management. Sometimes it uses more than 300 MB from my RAM.