Safe Computing at Home

The Ohio State University at Lima

Technical Bulletin #2003012301

 

 

 

 

Viruses

 

More than 62,000 virus threats exist today. Keep in mind that the majority of all viruses are delivered to your computer via email, as zipped or executable attachments. (That's how ExploreZip and a half dozen other viruses spread all over the place.) They infect your system when you unzip or run the attachments, not when you open your mail. So the first preventative step you can take is to be very careful about opening strange attachments.

 

If you get a message headed "Here's that file I promised you" when you weren't expecting a file and don't know the person who sent it, you should hear loud alarm bells. Finding an attachment on a note that shouldn't have one isn't an invitation to open that attachment. Curiosity killed the cat, and it could kill your computer, too.

 

Microsoft Outlook and Outlook Express have been targets of several nasty viruses, which access the address books and address lists, then send copies of themselves out to every address listed.  The insidious nature of these macro viruses is that the email message that is sent by the virus is sent out under your name, so the recipients may not view the message or the attachment as suspicious.  Consider switching to an alternative email program, such as Eudora or Netscape Messenger (part of the Netscape Communicator package.)

 

Watch where you get your software. When the Chernobyl virus struck back in April, 1999, more than a half million systems in Europe and Southeast Asia were reported to have been infected. Only about 10,000 computers in the United States were hit. Why the huge difference? According to some experts, the bulk of the infections were possibly the result of the virus being piggybacked on pirated software CDs, and software piracy is much more rampant outside of North America.

 

However, legal software disks and CDs have been known to carry viruses--just ask the folks at Cult of the Dead Cow (cDc). When they handed out the first copies of Back Orifice 2000 at a computer show, the CD was found to have been infected with the Chernobyl virus. But something like that is a rare occurrence. If you don't accept or pass along bogus copies of software, you'll probably avoid acquiring and spreading about 40 percent of the viruses in the world.

 

Lastly, think before you shove a floppy disk or a CD-R disc into your computer. As a floppy passes through many hands and many computers, it has a greater and greater chance of becoming infected by a virus--one that will now infest your system. And homemade CD-R discs with no traceable point of origin are potential viruses waiting to happen.

 

As a faculty member of OSU, you have access to McAfee Anti-Virus software (for Windows), Virex (for Macintosh), and Eudora (for both) for your home computer.  You can access this software at:

 

http://osusls.osu.edu/

 

Information on virus threats, protection, and removal can be found at:

 

http://vil.nai.com/

http://securityresponse.symantec.com/

Virus Glossary

 

· Back Door: A feature built into a program by its designer, which allows them to gain full or partial access to your system.

 

· Hoax:  This is usually an email message that warns of a non-existent virus.  This can do harm by spreading fear.

 

· Macro:  A saved set of instructions that users may create or edit to automate tasks within certain applications or systems. A Macro Virus is a malicious macro that a user may execute inadvertently and that  may cause damage or replicate itself.

 

· Trojan  Horse:  A program that either pretends to have, or is described as having, a set of useful or desirable features, but actually contains a damaging payload. Most frequently the usage is shortened to "Trojan".  Trojan Horses are not technically viruses, since they do not replicate.

 

· Worm:  A virus that spreads by creating duplicates of itself on other drives, systems, or networks.

 

Hackers

 

Viruses aren’t the only dangers lurking on the Internet.  Hackers can disable your PC, watch what you type, browse your personal files, and use your system as a base to attack others.  You can protect your system from hacker intrusions by installing a firewall product.  Firewalls filter all the network traffic to and from your computer, and allow only the specified types of traffic in or out.  Unfortunately, OSU does not site license any software for this problem, so you would have to purchase the software yourself.  However, there are a few things you can do to minimize the chances of being hacked.

 

  1. Turn it off!  Shut your computer down when you are not using it.  This is especially pertinent if you have a broadband connection, such as RoadRunner.  By leaving your system on 24/7, you leave your system open to port scans and direct attacks.  Turning your system off not only protects you from these scans, it also gives you a new network address when you turn it back on, further reducing the chances that an attacker can locate your system.
  2. Turn off unnecessary utilities.  If you don’t need a personal web server running on your home computer, disable it.  You may not even know it’s there.  Check your Windows Components.
  3. Keep your system updated.  Use Windows Update to install security patches, or Software Update on Mac OS X.
  4. Be wary of Instant Messenger programs.  These are predicted to be prime targets for hacking activity in 2003.
  5. Never trust attachments.  Follow safe computing guidelines.

 

Personal Firewall Products

 

Microsoft Windows XP (built in basic firewall)

Apple MacOS X (built in basic firewall)

McAfee Personal Firewall

Norton Personal Firewall 2003

BlackICE PC Protection