Keep Viruses, Worms, and Spyware Off Your System

Viruses and worms, the brainchildren of attention-deprived thrill-seekers and bored intellectuals, remain a threat. Now we also have to worry about self-propagating commercial software, such as spambots, getting onto our PCs. On today's "Call for Help" I'll talk about the things that put your system at risk and tell you how to protect your PC, personal data, and privacy.

Malicious code 101


Strictly speaking, viruses are programs that, when run, infect other programs to contain a possibly modified version of itself. Worms don't require any user intervention to execute and copy themselves. Lately the distinction between viruses and worms has blurred with recent "virus alerts" describing worms.


Viruses and worms generally contain a propagation mechanism, a trigger, and (possibly) a payload that performs some unfriendly act. The propagation mechanism can take on any of several forms, including multiple forms. A couple of the most common ways they spread include the following.



Click this attachment -- Unsuspecting users execute an email attachment containing the virus. The virus uses local PC resources, for example, its ability to send email, to email a copy of itself to multiple recipients. The message often dupes others into executing the attachment virus code with misleading messages, subject lines, and file names.


Key loggers -- Some recent viruses install keystroke-logging software. The software collects data as you type, including information about your usernames, passwords, and credit card numbers, and then emails the information to an external email address. Because the software runs on a local machine, it can completely ignore any SSL encryption websites use.

Besides spreading themselves around like the plague, many viruses and worms install additional software on infected PCs. Some insure the infection remains on the system while others modify what users can do on the system, preventing you from deleting, editing, or emailing files.


Fend off an attack


We're starting to see some security technologies that proactively protect the PC desktop user a bit, but there's a long way to go. I'm a big believer in using a three-layered approach to protect yourself from malicious code.


Protect the network -- Use personal firewall software. Better yet, buy a hardware router. Linksys and Netgear have good inexpensive options.


Secure your operating system -- Run current antivirus software and configure it to auto-update. Configure it conservatively, making sure it quarantines anything it finds suspicious.


Please stop opening email attachments -- Be an informed and skeptical email user. Don't click email attachments and execute them. If you receive an email with an attachment that you weren't explicitly expecting, delete it without opening it.

Help! I'm infected


Most commercially available antivirus software includes virus removal or quarantining capabilities. If your system gets completely hosed, you can take some pretty draconian, yet effective steps. Re-load your operating system, applications, and user data (which you backed up before infection, of course).


Ken Van Wyk is co-author of "Secure Coding: Principles and Practices."


"Secure Coding: Principles and Practices"

cut & paste from TechTv-click here