PDA

View Full Version : Good Internet Security practices



Darklighter
19 March 2004, 08:23 AM
This is less a rant than a lecture - although there's a rant in here.

Lately, I have been receiving a lot of e-mails with suspicious attachments. I've dealt with them, and my system remains clean. However, they are proliferating because others fail to employ good anti-virus security measures. This is not a criticism of anti-virus programs. It is a criticism of those who fail to do some very basic things to ensure they aren't facilitating the spread of viruses.

Here are some basic, common sense things any person can do to prevent the spread of internet viruses.

1. Scan all attachments for viruses. If the scanner can't do the scan for some reason, don't open the attachment.

2. Are you using Outlook or Outlook Express? Disable that preview pane. It's opening any mail you click on automatically, and you don't want to do that.

3. It has an attachment, and you don't recognise the sender. Do you open the attachment? NO!

4. You receive an e-mail from an official-looking source exhorting you to do *something* (for whatever reason - reply, forward, etc.), such as something masquerading as 'admin@yahoo.com'. It has an attachment. What do you do? This one is a little tougher, but you don't open the attachment. A good clue as to whether or not the e-mail is for real is the spelling and grammar. No organisation worth a darn is going to send something that reads like it was written by a 10 year-old with a grade one reading level. If it is from your ISP, switch providers, because your current provider is sloppy and unprofessional, and won't be in business long. This precaution is best employed by people who are functionally literate!

5. You don't have a virus scanner, or your updates subscription has expired. What do you do? Find a free one. I can help with that. Panda has a free virus scanner that runs in your web browser. Here's the link: Panda ActiveScan (http://www.pandasoftware.com/activescan/com/activescan_principal.htm)

6. Practice common sense, for the love of Pete! If you don't know the sender, and the grammar and/or spelling in the title is bad, and it has an attachment... DELETE IT!

OK, that's the end of the rant/lecture.

MassassiC
19 March 2004, 11:15 AM
Don't forget to keep up-to-date with Windows Update (http://windowsupdate.microsoft.com) which has security updates which fix the holes that all the latest viruses are trying to abuse.

This step is so-often overlooked by people it's amazing (believe me, I know... I'm in the business of having to tell people to do it)

Korpil
19 March 2004, 11:48 AM
I have been using McAfee Online for several years and it works for me... latest version does not require you to be online to perform a scan... and for 30 bucks a year, c'mon, it's worth it!

but if you require a fast and free scan, here's the link
http://us.mcafee.com/root/mfs/default.asp?cid=9059

dragonseye
19 March 2004, 01:43 PM
Some good adivce there, Darklighter. :)

With number four of your list, I've seen that e-mail in my bulk folder with yahoo. Even supposedly came from yahoo as a mailer deamon error that I supposedly sent an e-mail on a day I wasn't even on the computer. Using some critical thinking skills and common sences is a good idea when dealing with e-mail, no matter what. (You can tell for one it wasn't sent from yahoo because you can block the address- something that yahoo doesn't allow you to do with their official announcement e-mails.)

Another good idea is to have an extra e-mail for all of your on-line sign ups (for message boards and mailing lists, etc.) It doesn't 100% prevent virus', but it should help a little bit with keeping track of things. Also helps to keep all of the spam to one e-mail address.

wolverine
19 March 2004, 11:13 PM
A few tips of my own.
Even when downloading attachments, do so to a Floppy. Then if you know a standalone does have a virus checker on(and you dont) put the floppy in the standalone to be checked.. If all clear, then you can place it on your computer.

I second the use of windows updates. But that also goes for things, such as virus definitions. Had a guy at work corrupt his stand alone with dial up, cause he thought he was protected. Last definition update was 9/99...

Ignore spam mail. I know it sometimes feels great to respond to one and give 'em he**, but all that does is confirm that your email addy is a good one.

And lastly, if you DO find yourself afflicted with a virus even after all this, clean your PC up before you go on line again....

Kanner Ra'an
20 March 2004, 07:53 AM
Good advice Darklighter. Its stupid that we have to deal with this stuff in the first place. What drives people to create virus is beyond me. But i sure helps if people dont help spread em. Though i have had a friend actually contain the virus and e-mail it right back. I wonder if that works...

wolverine
21 March 2004, 04:11 AM
I cannot remember when it was last year, but i remember a story in the Indianapolis area (just before gencon) about someone who was arrested for making a virus that did nothing but target spammers and shut down their email... Personally i wuold have let him continue.

JediJester
26 March 2004, 12:31 PM
The gripe I have is all those virus warnings that are circulated via messengers or email that are rumors or hoaxes. I get at least one email a week from friends saying "be on the lookout for an email named BLAH or with an attached file named BLAH". 90% of the time, these things are complete rubbish or even dangerous hoaxes (telling you to delete a file on your system that is a virus when in reality it is a file necessary for your operating system to function properly).

If you hear of a "new virus that is spreading like wildfire", do a quick check for it on a virus reporting site (there are dozens of them out there). Just about any anti-virus program site (such as McAfee) has pretty good lists of current viruses and hoaxes. There are even sites like http://www.trendmicro.com/vinfo/ that actually report the virus hoaxes.

Passing on unsubstantiated virus warnings scares people unnecessarily and may even desensitize them to the real warnings.

Jedi_Staailis
26 March 2004, 01:05 PM
Agreed. And honestly, all it takes is a few basic precautions to basically avoid ever getting a virus. I'm on a college campus network which almost operates like a big LAN, and it's virus proliferation heaven. Yet I've never gotten a virus, because I spend a few minutes downloading updates when they're needed and keeping my secuirty software up to date and running.

In addition to virus scanning software and patches/updates, I'm a big fan of spyware killing software and firewalls to further improve security. Some really nice ones are available for free, such as Lavasoft's (http://www.lavasoftusa.com/) Ad-Aware and Zone Labs' Zone Alarm (http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp).

Vanger Chevane
26 March 2004, 02:44 PM
Originally posted by Jedi_Staailis
In addition to virus scanning software and patches/updates, I'm a big fan of spyware killing software and firewalls to further improve security. Some really nice ones are available for free, such as Lavasoft's (http://www.lavasoftusa.com/) Ad-Aware and Zone Labs' Zone Alarm (http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp).
Exactly. Most of the junkware is predicated on the fact most Windon't users have no clue what goes on behind the GUI.

Make it difficult for them to get their junk on your system & funtioning, they just move one to an easier victim.

Even thought I have a good hardware firewall on my net connect at home, I run the free ZA for outgoing program control. That way if I do inhale something I don't want, I find out about it before it can really do anything.

Get the free Ad-aware & run it. You'd be surprised after the first run at the amount of tracking cookies, data miners, and even harmful Malware you already have on your puter.


Also don't forget to run an update & full scan of your Antiviral at least once a week, & defrag Monthly. :D


A decently maintained system doesn't crash nearly as much, and doesn't serve as a breeding ground for junkware & virii. ;)

Ravager_of_worlds
29 March 2004, 09:19 AM
now if only the human species was as forthcoming and unified towards regular viruses...

i'd say the virus writers are the same jerks who walk on people's lawns as a "shortcut" or who vandalize public property... because they are so bored with their life and can't bring themselves to do something constructive with their free time for the betterment of the species. computer viruses are completely human in origin and we can't blame anyone but ourselves for this increasingly toxic internet.

the spyware and malware thing just really irks me to no end. i second Ad-Aware and even Emerald Pop-Up Blocker. Both have free versions and return control of your computer to you. Like a king with a guillotine, the masses are put back in line with a few simple (and free) pieces of software.

johnnyputrid
29 March 2004, 10:23 AM
This may only affect a few of us, but if you're a military service member, familiy member, or civilian employee stationed at any Army post with a Directorate of Information Mangement, they'll provide you with a free copy of Norton anti-virus software for your home system and will help aqcuire updates as needed.

I'm not sure if the other services do this, but I don't see why they wouldn't. The Army recognizes that service members get e-mails and attachments from family members, and they encourage you to use anti-virus software. This is good. Especially since most corporations (and the Army can be considered a corporation in a sense) all contract their operating software. Normally a large company uses the same AV software in all its systems for streamlining and cost. There's no reason they can't help out their employees, and provide them with the same software they use, but unfortunately it usually boils down to cost and unconcern with their own employees.

wolverine
29 March 2004, 12:04 PM
Originally posted by johnnyputrid
This may only affect a few of us, but if you're a military service member, familiy member, or civilian employee stationed at any Army post with a Directorate of Information Mangement, they'll provide you with a free copy of Norton anti-virus software for your home system and will help aqcuire updates as needed.

I'm not sure if the other services do this, but I don't see why they wouldn't. The Army recognizes that service members get e-mails and attachments from family members, and they encourage you to use anti-virus software. This is good. Especially since most corporations (and the Army can be considered a corporation in a sense) all contract their operating software. Normally a large company uses the same AV software in all its systems for streamlining and cost. There's no reason they can't help out their employees, and provide them with the same software they use, but unfortunately it usually boils down to cost and unconcern with their own employees.

I can confirm this. When i upgraded my computer a month ago, i was given a CD with norton corporate (norton 2000), and norton firewall on. It also had mcafee stuff, but for some reason i had mucho problems with them a while back...

coldskier0320
31 March 2004, 10:02 AM
Also, college students: check out software situations at your school. I know Pitt students get new microsoft stuff as it comes out, with no cost, its all in base tuition. It may not be anti-virus stuff, but its pertininent to the topic.

Admiral_Atredies
1 April 2004, 06:07 PM
My tip? Easy, get a Mac. :D

Seriously, though these really don't apply to my trusty iMac, I know a few people who've been having trouble with a lot of in-valid mail laely. I'm sure you guys know what your talking about so I'll pass the word along. :)

And on the note of the various military/student privelages, I also know of some fols in the teaching business that have gotten some anti-virus prgrams for a signifigant discount.