Fight Viruses With Common Sense
By Walt Dimmock
This year’s onslaughts of viruses are employing two attack methods that are preventable with end user education, and plain common sense. Newly discovered viruses get a lot of positive press in the IT community. The publicity would include everything from number of infected computers, symptoms, payload, method of transmission, and other facts. However, rarely do these same articles ever address prevention of infections.
Discussion will center on two common breeches of security: “social engineering” and the compromising of passwords.
The recent attacks by the Lovegate and SoBig viruses are good examples of the use of “social engineering”. Social engineering is the use of trickery that leads the receiver of email to believe it is safe and that it is from someone they know.
Alternatively, it may be business related and needs immediate attention. A common subject entry for Lovegate is, “I’ll try to reply as soon as possible. Take a look at the attachment and send me your opinion.” The SoBig’s subject lines may include:
The body of the email will simply be, “see attachment”. In most cases, just viewing the email will launch the virus. If you are expecting a reply that may contain one of these subjects, be cautious and check whom the sender is.
With all the virus publicity, the media never stresses what not to do. They may mention in passing, do not open email attachments from unknown senders. However, you would think that common sense would tell most end users not to open potential infected email. It reminds me of the old comic routine from Saturday Night Live, In that routine there is a dangerous Land Shark loose in NYC, and everyone is warned no to open their doors to strangers. Nevertheless, the Land Shark uses a subject such as “telegram” or other familiar calling, tricking the occupant to open the door. Common sense would tell you not to answer the door!
Compromising of Passwords
The simpler the password is, the easier it is to compromise it. Viruses, such as Lovegate, attack systems and tries common passwords to access the system or files. It will use combinations such as abcdef, 12345, and other common variants.
For security, the password should be 7 to 8 alphanumeric characters using combination of capitals and lower case letters. Once the virus has access, it can install Trojan horses and other remote utilities such as ‘key logger’, giving a remote user control over your pc.
In conclusion, use common sense to help prevent infections of your pc. Do not be a victim of ignorance. Remember, a virus cannot exist without the aid of ignorant end users.
Walt Dimmock is President/Owner of WaltBren Computing, LLC, and editor of the bi-weekly WaltBren Computing Ezine http://www.waltbren.com/ezine/. The bi-monthly ezine features articles dealing with many current issues. Articles include: Internet Marketing, Web Development, fighting Sp@m, viruses and other issues. Also, he is Webmaster and Consultant, and you are invited to visit his website: http://www.waltbren.com.
For more information, email: firstname.lastname@example.org
To report broken links, problems or comments, please email:
Site Quality Checked
This Page Last Updated:
October 09, 2004