169 lines
7.2 KiB
Plaintext
169 lines
7.2 KiB
Plaintext
|
Introduction to Viruses & Virus Hoaxes
|
|||
|
|
|||
|
Jennifer Vesperman
|
|||
|
|
|||
|
jenn@linuxchix.org
|
|||
|
|
|||
|
2002-02-24
|
|||
|
Revision History
|
|||
|
Revision 0.1 2002-02-17 Revised by: MEG
|
|||
|
Converted from text file. Modified wording.
|
|||
|
Revision 0.2 2002-02-23 Revised by: MEG
|
|||
|
Incorporated Jenn's comments.
|
|||
|
Revision 0.3 2002-02-24 Revised by: MEG
|
|||
|
Conforming to LDP standards. Added abstract
|
|||
|
|
|||
|
|
|||
|
In this article, the author describes what computer viruses are, a general
|
|||
|
method for identifying the presence of a virus, and what virus hoaxes are.
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
Table of Contents
|
|||
|
1. Introduction
|
|||
|
1.1. Copyright Information
|
|||
|
1.2. Overview
|
|||
|
|
|||
|
|
|||
|
2. Virus Checkers
|
|||
|
3. Virus Hoaxes
|
|||
|
4. Links
|
|||
|
|
|||
|
1. Introduction
|
|||
|
|
|||
|
1.1. Copyright Information
|
|||
|
|
|||
|
Copyright (c) 2002 by Jennifer Vesperman. This material may be distributed
|
|||
|
only subject to the terms and conditions set forth in the Open Publication
|
|||
|
License, v0.4 or later (the latest version is presently available at [http://
|
|||
|
www.opencontent.org/openpub/] http://www.opencontent.org/openpub/).
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
1.2. Overview
|
|||
|
|
|||
|
Computer viruses are hostile programs written to create havoc and mayhem.
|
|||
|
They can only do damage if you, or some program acting on your behalf,
|
|||
|
actually runs the virus program. To be absolutely safe from viruses, never
|
|||
|
run any programs. Of course, that makes the computer rather pointless.
|
|||
|
|
|||
|
To be reasonably safe, be very careful what programs you run. Buy or download
|
|||
|
programs from trusted sources, use an up-to-date virus checking program
|
|||
|
regularly, and definitely before running any newly installed programs.
|
|||
|
|
|||
|
Be aware of programs which don't look like programs! Microsoft Word documents
|
|||
|
can have mini-programs in them, called 'macros'. These mini-programs can
|
|||
|
spread in Word documents. To be safe from macro-viruses, never open someone
|
|||
|
else's Word document - have the other person export them into another format
|
|||
|
that doesn't include macros. RTF, or Rich Text Format, is a good one to use.
|
|||
|
|
|||
|
Email used to be safe, because you had to actually download and save, then
|
|||
|
manually run, any programs which came in your email. Microsoft decided to
|
|||
|
enable Outlook to automatically run programs, 'to make email easier to use'.
|
|||
|
Unfortunately, they made this the default setting. To keep your email safe,
|
|||
|
turn this off! There is a link at the bottom of this article telling you how.
|
|||
|
|
|||
|
Java programs on web pages are usually safe, because Java is designed so that
|
|||
|
web page applets can't write to or read from your own hard drive, only the
|
|||
|
hard drive on the computer that actually hosts the web page. (Minor
|
|||
|
exception: web pages can ask your web browser to write 'cookies' onto your
|
|||
|
hard drive. Because your web browser actually does the work, I can't imagine
|
|||
|
anyone figuring out how to write a 'cookie' virus. I *think* it's impossible
|
|||
|
- but I'm learning to say 'nothing's impossible'.)
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
2. Virus Checkers
|
|||
|
|
|||
|
Several companies make programs you can use to search your computer and
|
|||
|
locate or remove viruses from the computer. They can scan the existing files,
|
|||
|
or scan files as they are added - most do both.
|
|||
|
|
|||
|
These programs are only as good as their databases - which are usually
|
|||
|
up-to-date the day the program is installed (or the package is sealed), but
|
|||
|
which age. For this reason, most of these companies provide regular updates
|
|||
|
for free on their web pages. Read the instructions which come with your
|
|||
|
particular program, and follow them carefully.
|
|||
|
|
|||
|
Be aware that there is always a lag period during which your computer is
|
|||
|
vulnerable to any new virus. The period consists of
|
|||
|
|
|||
|
<EFBFBD><EFBFBD>*<2A>The time between when the virus is released, and when it is first noticed
|
|||
|
|
|||
|
<EFBFBD><EFBFBD>*<2A>The time between when it is noticed, and when detection and repair
|
|||
|
software is created
|
|||
|
|
|||
|
<EFBFBD><EFBFBD>*<2A>The time between when the software is created, and when you download it
|
|||
|
to your hard drive
|
|||
|
|
|||
|
|
|||
|
You're only protected after the third stage. But it's better to be protected
|
|||
|
then, than not at all.
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
3. Virus Hoaxes
|
|||
|
|
|||
|
There's something easier than writing a program to make computers mess
|
|||
|
themselves up. It's writing a letter to make humans mess computers up.
|
|||
|
|
|||
|
Virus hoaxes are just that - hoaxes. They're letters which pretend to be a
|
|||
|
virus alert, or some other sort of computer security alert, and which aren't.
|
|||
|
They're worded to frighten people and get them to forward the message to
|
|||
|
'everyone they know' - or at least to a lot of other people.
|
|||
|
|
|||
|
This forwarded email can slow down or even stop a mail server, fill peoples'
|
|||
|
mailboxes, and, of course, frighten them and cause them to lose time and
|
|||
|
waste time and energy on something which is just a hoax.
|
|||
|
|
|||
|
You can't really defend yourself against receiving virus hoaxes except by
|
|||
|
educating everyone you know. But you can avoid sending hoaxes on. In a
|
|||
|
corporate environment, just forward the virus alert to the IT department.
|
|||
|
It's their job to know which ones are hoaxes and which are real.
|
|||
|
|
|||
|
If you're not in a corporate environment, and you feel you must pass on a
|
|||
|
virus alert, don't just forward the one you received. Write your own.
|
|||
|
|
|||
|
First, check with a list of virus hoaxes. Links to several of them are at the
|
|||
|
bottom of this article. If the forwarded email is a hoax, send the URL of the
|
|||
|
hoax page to the person you forwarded the mail to you, with a gentle note
|
|||
|
saying 'hey, you were hoaxed'.
|
|||
|
|
|||
|
If it's not a hoax, your mail should include:
|
|||
|
|
|||
|
<EFBFBD><EFBFBD>*<2A>The URL of a reputable site which contains verified information about the
|
|||
|
virus - the actual URL of their page for that virus is best. Links to
|
|||
|
virus information sites are at the end of this article. You can probably
|
|||
|
find this information at the same place where you checked whether the
|
|||
|
message was a hoax.
|
|||
|
|
|||
|
<EFBFBD><EFBFBD>*<2A>The date you send the message, and a guess at an expiry date (a 'don't
|
|||
|
pass this on after date ' date). Make the expiry date no more than a
|
|||
|
month after the date you send it - if it's dangerous, it'll be all over
|
|||
|
the papers anyway. And after a month or so, most peoples' virus-check
|
|||
|
software will have that virus in the database.
|
|||
|
|
|||
|
<EFBFBD><EFBFBD>*<2A>Why you think it's worth passing it on to the people you're sending it
|
|||
|
to.
|
|||
|
|
|||
|
|
|||
|
Don't write a sensational letter. Just write something calm and helpful.
|
|||
|
People in this culture have learned to ignore sensationalism anyway.
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
4. Links
|
|||
|
|
|||
|
<EFBFBD><EFBFBD>*<2A>A beginner's guide to viruses
|
|||
|
|
|||
|
<EFBFBD><EFBFBD>*<2A>[http://www.symantec.com/avcenter/hoax.html] Symantec's list of virus
|
|||
|
hoaxes
|
|||
|
|
|||
|
<EFBFBD><EFBFBD>*<2A>[http://vil.mcafee.com/hoax.asp] McAfee's list of virus hoaxes
|
|||
|
|
|||
|
<EFBFBD><EFBFBD>*<2A>[http://www.f-secure.com/virus-info/] F-secure's anti-virus centre
|
|||
|
|
|||
|
<EFBFBD><EFBFBD>*<2A>[http://www.symantec.com/avcenter/] Symantec's anti-virus centre
|
|||
|
|
|||
|
<EFBFBD><EFBFBD>*<2A>[http://www.mcafee.com/anti-virus/default.asp?] McAfee's anti-virus
|
|||
|
centre
|
|||
|
|
|||
|
<EFBFBD><EFBFBD>*<2A>[http://rr.sans.org/email/sec_outlook.php] Securing Microsoft Outlook
|
|||
|
|
|||
|
|