If someone rang your doorbell and wanted to come into your living space to sell you something or to use your telephone, you’d need to make a decision whether or not to let them in. If they were a neighbor or someone you knew, you’d probably let them in. If you didn’t know them but believed their story and found them to be otherwise acceptable, say they were neat and clean and not threatening, you’d probably also let them in, but you’d watch them closely while they were in your space.
What are you doing here? You are profiling this person and then deciding what to do based on that profile. It’s your responsibility to be concerned about who enters your living space. Further, if you have children, you’ve probably also taught them how to deal with strangers who come to your door.
Anti-virus programs work much the same way. These programs look at the contents of each file, searching for specific patterns that match a profile – called a virus signature – of something known to be harmful. For each file that matches a signature, the anti-virus program typically provides several options on how to respond, such as removing the offending patterns or destroying the file.
To understand how anti-virus programs work, think about scam artists – people who visit your home to try to get you to buy a phony product or service, or to let them in. Once inside, they may try to steal your valuables or try to harm you in some way.
There are a variety of ways you might find out about a specific scam artist lurking in your neighborhood. Perhaps you see a television report or read a newspaper article about them. They might include pictures and excerpts of the story the scam artist uses to scam their victims. The news report gives you a profile of someone you need to be on the lookout for. You watch for that person until either the story fades away or you hear that they’ve been caught.
Anti-virus programs work much the same way. When the anti-virus program vendors learn about a new virus, they provide an updated set of virus signatures that include that new one. Through features provided by the updated anti-virus program, your home computer also automatically learns of this new virus and begins checking each file for it, along with checking for all the older viruses. However, unlike scam artists, viruses never completely fade away. Their signatures remain part of the master version of all virus signatures.
Suppose a scam artist was at your front door. What would you do? Perhaps you’d not encourage them to come in nor buy their product but, at the same time, you’d try not to upset them. You’d politely listen to their story and then send them on their way. After you closed the door, you may call the police or the telephone number given in the report that initially brought them to your attention.
With viruses, you often have the chance to react to them when they’ve been discovered on your home computer. Depending upon the specific characteristics of the virus, you might be able to clean the infected file. Or you might be forced to destroy the file and load a new copy from your backups or original distribution media. Your options depend upon your choice of anti-virus program and the virus that’s been detected.
In your living space, you look at those who come to your door and you look at what you receive in the mail. These are two of the ways that items can get into your living space, so you examine them, sometimes closely, sometimes not.
Viruses can reach your computer in many ways, through floppy disks, CD-ROMs, email, web sites, and downloaded files. All need to be checked for viruses each time you use them. In other words, when you insert a floppy disk into the drive, check it for viruses. When you receive email, check it for viruses (remember to use the KRESV tests described in Task 3 - Use Care When Reading Email with Attachments). When you download a file from the Internet, check it for viruses before using it. Your anti-virus program may let you specify all of these as places to check for viruses each time you operate on them. Your anti-virus program may also do this automatically. All you need to do is to open or run the file to cause it to be checked.
Just as you walk around your living space to see if everything is OK, you also need to “walk” around your home computer to see if there are any viruses lurking about. Most anti-virus programs let you schedule periodic exams of all files on your home computer on a regular basis, daily for example. If you leave your computer turned on over night, think about scheduling a full-system review during that time.
Some anti-virus programs have more advanced features that extend their recognition capabilities beyond virus signatures. Sometimes a file won’t match any of the known signatures, but it may have some of the characteristics of a virus. This is comparable to getting that “there’s something not quite right here, so I’m not going to let them in” feeling as you greet someone at your door. These heuristic tests, as they’re called, help you to keep up with new viruses that aren’t yet defined in your list of virus signatures.
An anti-virus program is frequently an add-on to your home computer, though your newly purchased computer might include a trial version. At some point, say after 60 days, you must purchase it to continue using it. To decide whether to make that purchase or to look elsewhere, use these steps for evaluating anti-virus programs:
The Demand test: Can you check a file on demand, for example, when you want to send an attachment as part of the KRESV tests?
The Update test: Can you update the virus signatures automatically? Daily is best.
The Respond test: What are all the ways that you can respond to an infected file? Can the virus checker clean a file?
The Check test: Can you check every file that gets to your home computer, no matter how it gets there, and can those checks be automated?
The Heuristics test: Does the virus checker do heuristics tests? How are these defined?
These tests – the DURCH tests – help you compare anti-virus programs. Once you’ve made your selection, install it and use all of its capabilities all of the time.
Intruders are the most successful in attacking all computers – not just home computers – when they use viruses and worms. Installing an anti-virus program and keeping it up to date is among the best defenses for your home computer. If your financial resources are limited, they are better spent purchasing a commercial anti-virus program than anything else.
Use a Checklist to help you think anti-virus issues.
Example: Operating an Anti-Virus Program.
Sunday, July 29, 2007
Task 1 - Install and Use Anti-Virus Programs
Screenshot of a spyware infected computer...
Do you know if your computer is infected with spyware? The symptoms of a spyware infected computer may belong in one or more of the several categories below:
- Computer running unusually slow
- Popups appearing randomly and out of nowhere even when you did not click anything.
- Webpages you try to enter are redirected to another site
- Fake system errors saying that your PC is infected
Saturday, July 28, 2007
What Should I Do To Secure My Home Computer?
Securing your home computer is not a trivial task. There are many topics to consider and many steps to follow. They take time to learn and do. If you can, read this entire document before you begin to secure your computer. You’ll have a better understanding of the effort and all its facets. This ought to help you when you begin to tackle the tasks described here.
In the next part of this document, we describe two types of activities. Some you can do using the programs that came with your computer: working with passwords and email attachments, running programs, and backing up your work. For other activities, you might need to obtain some specialized programs: applying patches, and running anti-virus, firewall, and file encryption programs. Though some vendors’ products provide these features, we’ll assume your computer doesn’t have any of them so you’ll need to add all of them.
Here then is the list of tasks you need to do to secure your home computer. Their order is based on how intruders attack computers, beginning with the most-often used attack methods. By starting with the lower numbered tasks, you address the biggest problems you face in securing your home computer. Remember that most sections end with a reference to a web site that you can use to find an example of how to do the task on a Microsoft Windows computer.
Stay tuned for the next few posts, as i will be updating the few tasks to keep your computer safe on the internet.
Task 1 - Install and Use Anti-Virus Programs
Task 2 - Keep Your System Patched
Task 3 - Use Care When Reading Email with Attachments
Task 4 - Install and Use a Firewall Program
Task 5 - Make Backups of Important Files and Folders
Task 6 - Use Strong Passwords
Task 7 - Use Care When Downloading and Installing Programs
Task 8 - Install and Use a Hardware Firewall
Task 9 - Install and Use a File Encryption Program and Access Controls
Thinking About Securing Your Home Computer
Before diving into the tasks you need to do to secure your home computer, let’s first think about the problem by relating it to something you already know how to do. In this way, you can apply your experience to this new area.
So, think of your computer as you would your house, your apartment, or your condo. What do you know about how that living space works, what do you routinely do to keep it secure, and what have you installed to improve its security? (We’ll use this “computer-is-like-a-house-and-the-things-in-it” analogy throughout, departing only a few times to make a point.)
For example, you know that if you have a loud conversation, folks outside your space can probably hear you. You also routinely lock the doors and close the windows when you leave, and you don’t give the keys to just anyone. Some of you may install a security system to complement your practices. All of these are part of living in your home.
Let’s now apply similar thinking to your home computer. Email, instant messaging, and most web traffic go across the Internet in the clear; that is, anyone who can capture that information can read it. These are things you ought to know. You should always select and use strong passwords and exercise due care when reading all email, especially the unsolicited variety. These are things you ought to do. Finally, you can add a firewall, an anti-virus program, patches, and file encryption to improve the level of security on your home computer, and we’ll call these things you ought to install.
The rest of this document describes the things you ought to know, do, and install to improve the security of your home computer.
Introduction to Home Computer Security
Your home computer is a popular target for intruders. Why? Because intruders want what you’ve stored there. They look for credit card numbers, bank account information, and anything else they can find. By stealing that information, intruders can use your money to buy themselves goods and services.
But it’s not just money-related information they’re after. Intruders also want your computer’s resources, meaning your hard disk space, your fast processor, and your Internet connection. They use these resources to attack other computers on the Internet. In fact, the more computers an intruder uses, the harder it is for law enforcement to figure out where the attack is really coming from. If intruders can’t be found, they can’t be stopped, and they can’t be prosecuted.
Why are intruders paying attention to home computers? Home computers are typically not very secure and are easy to break into. When combined with high-speed Internet connections that are always turned on, intruders can quickly find and then attack home computers. While intruders also attack home computers connected to the Internet through dial-in connections, high-speed connections (cable modems and DSL modems) are a favorite target.
No matter how a home computer is connected to the Internet, intruders’ attacks are often successful. Many home computer owners don’t realize that they need to pay attention to computer security. In the same way that you are responsible for having insurance when you drive a car, you need to also be responsible for your home computer’s security. This document explains how some parts of the Internet work and then describes tasks you can do to improve the security of your home computer system. The goal is to keep intruders and their programs off your computer.
How do intruders break into your computer? In some cases, they send you email with a virus. Reading that email activates the virus, creating an opening that intruders use to enter or access your computer. In other cases, they take advantage of a flaw or weakness in one of your computer’s programs – a vulnerability – to gain access.
Once they’re on your computer, they often install new programs that let them continue to use your computer – even after you plug the holes they used to get onto your computer in the first place. These backdoors are usually cleverly disguised so that they blend in with the other programs running on your computer.
The next section discusses concepts you need to know, especially trust. The main part of this document explains the specific issues that need your attention. There are examples of how to do some of these tasks to secure a Microsoft Windows 2000-based computer. We also provide checklists you can use to record information about the steps you have taken to secure your computer. Finally, a glossary defines many of the technical terms used in this document. Unless otherwise stated in the glossary, the definitions come from the Webopedia Online Dictionary for Computer and Internet Terms
Whether your computer runs Microsoft® Windows®, Apple’s Mac OS, LINUX, or something else, the issues are the same and will remain so as new versions of your system are released. The key is to understand the security-related problems that you need to think about and solve.
