Technology Technology Middle Technology Right
Nav Top
Nav Left

Home | Technology Home |Policies|Tutorials|HowTo|
Nav Bottom

Search:
Directory Search

Site Search
Computer Viruses (and worms)

Back to Software Tutorials

Read on for how to protect your home computer in general... for specifics on what to do about the "Sasser" worm, also read this from Microsoft,

A computer virus or worm is a program that infects your computer files and often has damaging side effects such as: hard drive erasure, use of all available memory, corruption of the boot sector and many other consequences.  (The difference between a computer virus and a computer worm relates to how they are spread-- references to viruses and means of protecting against them generally apply to worms as well.)  Viruses are most commonly found in files that are passed between users or when downloading things from the Internet. E-mail is a common medium for transporting viruses as they can be contained in attachments.   Once the attachment is activated or executed, the virus is invoked. Use caution when opening attachments, even if they are (or appear to be) sent from people you know. Worms can infect unprotected computers directly through a network connection without requiring a file transfer or email opening.  There are four things that you should do to protect your computer from viruses and worms:

  1. Buy and properly install a virus detection application to continuously protect your computer.
  2. Keep your virus application up-to-date by installing the current virus definition files regularly. Note: this will require a paid subscription; do not rely on the limited “free” updates that come with a new computer having a pre-installed antivirus program.
  3. Install a personal Firewall (see details below).
  4. Update your operating system with latest security patches frequently.  For Windows, go to MS Windows update page.  Most versions of Windows can be set to automatically check for and/or apply updates -- this is recommended if you have a broadband internet connection (like DSL or cable modem).

Firewalls:  A firewall is a program or hardware that protects your computer system(s) from unauthorized access by other computers over the internet (this is how "worms" get in to your computer).  If you have a high-speed modem (such as DSL or Cable modems) connected to your computer through an Ethernet cable (which is the most common configuration for high-speed internet access setups), then the easiest and best way to protect yourself is to install a device called a router in between your modem and your computer.  A router is designed to share a connection among more than one computer and create a local area network among those computers, but in the process of doing this it also provides firewall protection from the internet -- even if you only connect one computer to it.  This will also allow you to add computers to your home later and easily have them share your internet connection as well as printers and files.  For more details on routers and home networking in general, see this excellent tutorial prepared by CA parents on the Technology Committee.  If you do not have an Ethernet connection from your modem to your computer, then you should install or activate a software firewall.  Windows XP comes with one built-in, but it may not be activated.  To find out how, read this article from Microsoft.  NOTE: if you use VPN software to access remote networks, you must not enable the Window XP firewall since it is not compatible with VPN.   In this case, there are a number of other software firewalls that you can get-- some free ones, such as Zone Alarm which is compatible with VPN.

Email spoofing:  One new twist in viruses that first appeared with the "Klez worm" in early 2002, and is used by the "SoBig" series of viruses coming out in 2003 is that they engage in something called "e-mail spoofing." A virus which employs this tactic makes the messages it sends out appear to come from different addresses from the one on which it originates. It finds these addresses on the infected computer, or sometimes from web pages.  So if you receive a virus-infected e-mail do not assume that it came from the user listed in the e-mail's header -- especially if your antivirus software identifies it as Klez, SoBig or some variant of them.  In particular, if the From address is one at Cary Academy, you can be pretty sure that it did not originate there due to the high level of antivirus protection we employ.  If the school actually does get infected by an email-spread virus, we would probably become aware of it almost immediately due to the flood of messages that would quickly swamp our servers.  Another consequence of this spoofing or header faking is that you may receive virus notification messages from antivirus systems at other locations saying they received an infected email from you, when in fact you did not send the email.  If you are confident that your computer is virus-free, and you did not send an email to that address, you can just ignore and delete such notifications.

Hoaxes and more info:  If you hear of a virus or get a virus message while opening or downloading a file you can check its validity by visiting: http://www.symantec.com/avcenter/.  If you get a warning in your email about a virus-- especially if it did not come from a computer professional-- please do not forward it to others without checking it out to be sure it is not one of the many hoaxes that are routinely circulated. The web site referenced above includes a section listing virus hoaxes in addition to descriptions of actual viruses.

 

 last updated: Monday, 10 May 2004

 
 

Cary Academy
1500 N. Harrison Avenue
Cary, North Carolina 27513
Phone: 919-677-3873
Fax: 919-677-4002
Copyright (c) 2001-2006 Cary Academy Cary, NC, USA. All rights reserved.
webmaster@caryacademy.org