As great as a tool, the internet
is, it is also full of potential threats to your security and
the data you store in your computer. There are many types of
threats that exist and in many different forms.
As a first step we will try to
explain (albeit very briefly) what each type of threat is.
- Viruses : Viruses include
a wide variety of threats but as a general rule a computer
virus is considered as a program that can replicate itself
to different machines and has the ability to cause harm on
the computer that it is installed on. Viruses can infect computers
wither via the execution of a file containing the virus code
or via some vulnerability (exploit) in the operating system
of target computer.
- Trojans : These programs,
known as Trojan Horses, usually come inside another application
that many times is not even related to the Trojan itself.
A trojan is a program that primarily grants some type of remote
access to a computer to an outside party. Trojans are also
known as backdoor programs because in effect they open up
a door to a system allowing a malicious hacker to take either
complete control of the machine or use it covertly without
the knowledge of the person whose machine has been compromised.
- Keyloggers : Programs that
like trojans usually come bundled inside a different application
and almost always run covertly on the infected machine. Keyloggers
record all keyboard keystrokes and the information associated
with the application or webpage that those keystrokes were
made for. For instance if your computer is infected with a
keylogger and you visit your favorite webmail website, the
keylogger, will record your username and password as you enter
them into the fields provided by the website to log in. After
collection of the information, the keylogger will send this
information over the internet to some pre-specified address.
- Spyware/Adware : These are
programs that can be installed in a system much the same way
as any virus, but also come bundled in an ever increasing
number of shareware/free applications. The main purpose of
these programs is to record user activity on the internet
(and subsequently mail this information to some collection
agency) or to force the display of advertisements on the infected
computer. Many of these programs do not carry any immediate
harmful payload, but even those can easily destabilize the
performance of any computer. Other spyware programs contain
additional trojan/backdoor programs, making them an even greater
- Diallers : Nasty little programs
that can take over your modem and initiate calls to dubious
calling services that charge you by the minute or second for
the time you are connected. If you are using a dial up connection
(PSTN/ISDN) to connect to the internet you should ask your
telephony provider to provide you with an itemized report
of all your calling charges and then make sure to examine
this report to determine if any unwanted calls have been made
from your number. Diallers are treated mostly as viruses in
terms or fixing them.
- RootKits : Rootkits are similar
to trojans. They difer from most viruses in the respect that
they do not try to spread to other computers. Their foremost
function is to grant unrestricted access to a compromised
machine and hide their presense from any detection tool. Most
rootkits are created in such a way as to hide within the operating
systems core, and even make sure to shut themselves down in
order to avoid detection during scans. Unfortunately there
are very few tools that provide adequate detection of such
programs and since many Kernel-mode rootkits can even hide
the processes from the machines active process list, their
detection is even more dificult.
F-Secure has a comercial product (currently in Beta - and
available to download) : F-Secure
Also there exists an excellent freeware tool by SysInternals
This programs results can be a bit complicated to understand
for the non technical user.
Both these programs are meant for Windows NT - 2000 - or XP
(win98 is not supported).
The first step in securing your
PC is and always should be to keep your operating system uptodate.
Microsoft's various windows operating systems offer an online
updating service, which should either be set to automatically
check for newer versions or the user should manually make it
a habbit to check for newer version on a very regular basis.
There are security holes that no measure of protection will
patch unless the operating system is updated.
Related Links : http://windowsupadte.microsoft.com
As a second step it is imperative
to have a firewall installed in your computer. A firewall is
a shield between your system and the outside world (i.e the
internet), which can filter what data can move in or out of
your system. The best solution is to have a hardware firewall.
A hardware firewall is much more dificult to fall victim to
an exploit or virus that manages to infect your system, but
hardware firewalls are more complicated to configure and may
not be best suited for users without extensive knowledge in
computers. Today, many modems come with a built in firewall
which helps protect the computer connected. Alternatively you
can install a software firewall which is a program that can
do the same job, software firewalls however are vulnerable to
a malicious program that manages to get itself installed in
Related Links : http://www.zonelabs.com/
Thirdly you should have an antivirus
running on your system. The antivirus installed should have
realtime scanning capabilities, which essentially means that
it scans memory, processes, programs and mails while the computer
in operating and not just when you manually initiate a virus
scan of the computer. Also the antivirus program needs to be
updated on a very regular basis, an antivirus tool that is not
getting updated is almost as bad as not having one. The best
antivirus tools have automatic updating tools that scan on regular
intervals or even every time you connect to the internet for
updates from their respective vendor's websites. Keep in mind
that different antivirus tools have different capabilities and
sometimes it may be good practice to have more than one available.
However please note that it is not advisable to have two antivirus
tools protecting your system in real-time, rather have one as
your primary antivirus tool and real-time protection, and also
keep (an updated) second antivirus tool available with which
you can run manual scans on a regular interval (like once a
Trojans are not always detected by antivirus tools and it may
be necessary to have an additional anti-Trojan tool.
As antivirus tools (even the best of them) can only scan for
viruses they know about, and in some cases use heuristic analysis
to determine if an unknown file is a virus, they tend to miss
on some new viruses which can make their way to your computer.
It is imperative to never open an attachment even if it comes
from someone you know well, unless you know what it is that
you are receiving. Here is a list of very dangerous file extensions
which you should shy away from almost always. Remember that
its not worth risking a virus infection just to simply see what
the attachment is.
If your Operating system and software is up to date the risk
of getting a virus due to an exploit in the browser or mail
client is rather minimal.
Related Links : http://www.grisoft.com/
Another Very important step in
protecting your surfing experience is to protect your browser
from the multitude of exploits that exist in various (albeit
mostly dubious websites) that have been known to install malicious
programs or highjack your homepage location. There are several
tools that can help you protect your browser from such threats,
but you will need also to manually adjust your settings to implement
better security measures by going into your browsers internet
options and under security sellect the highest level of security.
Related Links : http://www.javacoolsoftware.com/
Avoid using pirated copies of
software as many virus and trojans come bundled inside pirated
copies of software, where hackers have reverse engineered their
own software inside the pirated copy.
Another source of danger is file-sharing
networks, if you choose to use such networks it is highly advised
to take the time and familiarize yourself with each of these
networks that you will be using and basically educate yourself
to the point where you are able to tell which files may be dangerous,
before downloading them. Diving into using any filesharing network
without the necessary knowledge almost guarantees that you will
run into probelms with viruses.
As a lst tip always remember
to update.... update everything, your operating system, software
you use, antivirus or other protection measures. Keep your programs
up to date is the most important part in preventing malicious
programs from making your life dificult.