Добавил:
Upload Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз: Предмет: Файл:
THE DAYS WHEN VIRUSES were the greatest threat....doc
Скачиваний:
5
Добавлен:
03.08.2019
Размер:
484.35 Кб
Скачать

Figure 3-45

Malware Activities

• Display irritating messages and pop-up ads

• Delete or modify your data

• Encrypt your data and demand ransom for the encryption key

• Upload or download unwanted files

• Log your keystrokes to steal your passwords and credit card numbers

• Propagate malware and spam to everyone in your e-mail address book or your instant messaging

buddy list

• Disable your antivirus and firewall software

• Block access to specific Web sites and redirect your browser to infected Web sites

• Cause response time on your system to deteriorate

• Allow hackers to remotely access data on your computer

• Allow hackers to take remote control of your machine and turn it into a zombie

• Link your computer to others in a botnet that can send millions of spam e-mails or wage denial-ofservice

attacks against Web sites

• Cause network traffic jams

How do I know if my computer is infected? Watch out for the

symptoms of an infected computer listed in Figure 3-46.

Figure 3-46

Symptoms of Infection

• Irritating messages or sounds

• Frequent pop-up ads, at times with pornographic content

• The sudden appearance of a new Internet toolbar on your browser’s home page

• An addition to your Internet favorites list that you didn’t put there

• Prolonged system start-up

• Slower than usual response to mouse clicks and keyboard strokes

• Browser or application crashes

• Missing files

• Your computer’s security software becomes disabled and it cannot be restarted

• Periodic network activity when you are not actively browsing or sending e-mail

• Your computer reboots itself frequently

Some malware does a good job of cloaking itself, so victims are unaware of

its presence. Cloaking techniques are great defense mechanisms because

when victims aren’t aware of malware, they won’t take steps to eradicate it.

Many victims whose computers were part of massive botnets never knew

their computers were compromised.

Some hackers cloak their work using rootkits. The term rootkit refers to

software tools used to conceal malware and backdoors that have been

installed on a victim’s computer. Rootkits can hide bots, keyloggers, spyware,

worms, and viruses. With a rootkit in place, hackers can continue to

exploit a victim’s computer with little risk of discovery. Rootkits are usually

distributed by Trojans.

How do I avoid security threats? The Orientation section at the

beginning of this book listed some techniques for safe computing. That list

is worth repeating (Figure 3-47).

• Install and activate security software on every computing device you own.

• Keep software patches and operating system service packs up to date.

• Do not open suspicious e-mail attachments.

• Obtain software only from reliable sources, and before running it use security software to scan for

malware.

• Do not click pop-up ads—to make the ad go away, right-click the ad’s taskbar button and select the

Close option.

• Avoid unsavory Web sites.

• Disable the option Hide extensions for known file types in Windows so you can avoid opening files

with more than one extension, such as a file called game.exe.zip.

What’s a virus hoax? Some virus threats are very real, but you’re also

likely to get e-mail messages about so-called viruses that don’t really exist.

A virus hoax usually arrives as an e-mail message containing dire warnings

about a supposedly new virus on the loose. When you receive an

e-mail message about a virus or any other type of malware, don’t panic. It

could be a hoax.

You can check one of the many antivirus software Web sites to determine

whether you’ve received a hoax or a real threat. The Web sites also provide

security or virus alerts, which list all the most recent legitimate malware

threats. If the virus is a real threat, the Web site can provide information

to determine whether your computer has been infected. You can also find

instructions for eradicating the virus. If the virus threat is a hoax, by no

means should you forward the e-mail message to others.

What if my computer gets infected? If you suspect that your computer

might be infected by a virus or other malware, you should immediately

use security software to scan your computer and eradicate any suspicious

program code.

SECURITY SUITES

What is a security

suite? A security suite

integrates several security

modules to protect against

the most common types

of malware, unauthorized

access, and spam. Security

suites might include additional

features such as

Wi-Fi detection that warns

of possible intrusions into

your wireless network

and parental controls for

monitoring and controlling

children’s Internet usage.

A security suite, like the

one in Figure 3-48, typically

includes antivirus, firewall,

and anti-spyware modules.

What are the advantages and disadvantages of a security

suite? A security suite costs less than purchasing standalone security

modules. In addition, a single interface for accessing all of the security

suite’s features is much less complex than having to learn how to configure

and run several different products.

When installing a security suite you are typically required to uninstall or

disable all other antivirus, anti-spyware, and firewall software on your computer.

Most security suites cannot run concurrently with standalone security

products, and overlapping security coverage from two similar products can

cause glitches. Therefore, one disadvantage of security suites is that you

become dependent on your security package’s vendor, who becomes the

sole protector of your computer from malicious code. In addition, suites

may not have the best individual security components, but you cannot pick

and choose. However, competition between security suite vendors tends to

increase the quality of security offerings

Where can I purchase a security suite? The most popular security

suites include Symantec Norton Internet Security, McAfee Internet Security

Suite, ALWIL avast!, and Trend Micro Internet Security. They can be purchased

in most office, electronics, and computer stores, or downloaded

from the Web.

It is also worth looking into your ISP’s free security offerings. For example,

Comcast provides its customers with McAfee security products, all accessible

through Comcast’s special toolbar. AOL gives its customers a security

package that combines McAfee’s main security products with its own homegrown

security features, such as parental control and spam filters.

A security suite is often pre-installed on a new computer. However, usually

it is demoware, so you have the option of purchasing it after the trial period,

normally 60 days. Typically, there is also an annual subscription fee for continued

use and regular updates. When you renew your subscription, you

might have an option to upgrade to a newer version for an extra $10–$20.

There are also open source versions of antivirus software, which do not

require annual subscription fees.

Is open source security software as dependable as commercial

security suites? Open source security software, like all open

source software, is distributed with its source code. Because the source

code is open for examination, black hats can view the code and look for

security holes. They can potentially plot strategies to disable security protection

or sneak past its defenses. Proponents of open source software,

however, claim that because the code is open, security holes are likely to be

discovered and fixed by white hats before they can be exploited by hackers.

Vulnerabilities have been discovered in both open source and commercial

security products.

Whether open source products such as ClamWin (Figure 3-49) or commercial

security software, each security suite has unique strengths and

weaknesses, which can change as the suites are updated. Before you

purchase a security suite, read current reviews and check user ratings

at consumer Web sites.

Соседние файлы в предмете [НЕСОРТИРОВАННОЕ]