Vendors
By Type
Anti-virus
McAfee
Trend Micro
Command
Norton
Firewall
Zone Labs
Sygate Personal Firewall
Security
Gibson Research
Basic Virus Information.
Updated - May 3, 2011
it's private by ChangeDetection Designed for 600 X 800 or greater.
Latest CIAC Bulletin
Zone Alarm Vulnerability!
We all know there are people out there - very talented people - that choose to use that talent to write programs and scripts that we have come to know as computer viruses or Trojans, which destroy or change files and in some cases, destroy hardware on others machines just for the fun of it. Some of these authors have been caught but generally, most are talented enough to create their viruses with impunity. The unfortunate fact is some of these jokers are more talented than the people trying to locate and stop them.
The second problem we have is our own well-meaning friends passing along virus alerts. This one's fairly simple to control. If you get a virus alert from a friend - DON'T pass it along and become part of the problem. DO ignore it or pass it to a computer professional and ask them to check it out for you. You can check most out yourself at the Dept. of Energy Computer Incident Advisory Capability [CIAC] pages. This page is linked to CIAC Internet Hoax and Chain Letter page, which has recorded every hoax to come over the Internet since Feb, 1995. Following instructions found in a virus alert can have you damage your file system beyond repair or have you remove a needed file that your operating system needs to run properly. As a very minimum, passing along a virus alert uselessly consumes Internet bandwidth, slowing systems. ****The links referencing CIAC above are now dead. The CIAC has now merged into a new Federal Agency US-CERT.
We have a third problem with hackers. These people use their talent to literally break into other peoples - and company's - computer systems. They do it because they can. Generally, they have no idea who the system they have broken into belongs to, that's not important. What's important to them is they can hack their way into your system and they're certainly going to leave their mark. Once access is gained, they will do something spectacular, or at least make it very certain your system has been compromised.
The problem is obvious but the solution, as obvious as it seems to most of us, is a little harder for us to work with. Don't download attachments - period!
"WAITAMINUTE! I have to send files to my colleagues". Of course you do. However, email attachments are NOT the way to do it. Email is for text, not pictures, HTML [Hyper-Text-Markup-Language] and absolutely not for transmitting documents, drawing files or executable files. FTP [File-Transport-Protocol] is for those tasks. Some time ago, software vendors chose to listen to demands of their clients, for the capability to send and receive file attachments within email. Those of us in the industry at that time consistently warned of the dangers in doing this and consider such use of email abuse. This "abuse" of email capabilities is clearly a case of "be careful what you ask for - you may get it". Now, years later and following untold amounts of damaged hardware and lost or corrupted files, Microsoft is taking steps to withdraw it's position on allowing attachments in it's email client products. That capability will no longer be a default setting in the next iteration of Outlook or Outlook Express. Don't know how to turn off HTML E-Mail encoding? Want more information? Click here.
Of special note here is the AOL/Netscape collaboration. The difficulty in turning off HTML messaging for AOL users is directly related to the spyware created by that collaboration. I have warned users to avoid AOL and Netscape [versions 4 and above] for years citing privacy/harvesting issues and systemic problems created with the installation of those programs. In 1999 and 2000, several class-action lawsuits were brought against AOL/Netscape for these issues. Click here to read about those issues. They countered with a request for arbitration to keep it out of the courts and out of the news. They lost that request. They then asked for and received a change of venue to make a second request for arbitration in CA. In October of 2002, they lost that request as well. They are going to have to go to court over the issue. That's the gist of the legal side of this issue. Unfortunately, during these proceedings they have been allowed to continue these practices. Nothing has changed in how they are doing business on your computer.
The basic solution is that each individual user must be responsible for their own systems safety. Each individual user must use the tools available to them to protect themselves from both hackers and virus authors, and more importantly, get into the habit of using them regularly. There are a number of tools available to you - many either free or very low cost - that when used properly, can protect your system when used with a little common sense.
WARNING: Using a "preview" pane to preview email opens that email.
There will always be some security concerns when downloading and executing certain types of binary files.
Those file types include...
Executables [.ade, .adp, .bas, .bat, .chm, .cmd, .com, .cpl, .crt, .exe, .hlp, .hta, .inf, .ins, .isp, .js, .jse, .lnk, .mdb, .mde, .msc, .msi, .msp, .mst, .pcd, .pif, .reg, .scr, .sct, .shs, .url, .vb, .vbe, .vbs, .wsc, .wsf, .wsh]Files found inside of compressed files [the .zip, .arj, .rar extension]
Macros and Trojans found inside of Documents and picture files [the .doc, .xls, .gif, .jpg, .bmp, etc.]
8/7/2001 - PDF files added.
1/8/2002 - Shockware files added.
6/14/2002 - JPEG Infector Information
9/14/2004 - New JPEG Graphic Flaw
Sometimes these type of files contain viruses or Trojans. You should use extreme caution and discretion when downloading these types of files, especially if they come to you unsolicited or from an individual or company you do not know. OPEN OR EXECUTE THESE FILES AT YOUR OWN RISK. In many cases, simply viewing an html email can execute these exploits on your system.
WARNING: Using a "preview" pane to preview email opens that email.
At this time, this warning does not apply to the file types .mp3, .mov, .avi, and .mpg but that only means at this time. Try to keep in mind Trojans like Backdoor-G2.svr.gen and Backdoor-Sub7 get updated regularly and are normally distributed disguised as .jpg and .bmp picture files. I have personally dealt with these viruses on a clients infected server. Take my word for it, the result from this Trojan is serious. There are other viruses out there that can literally kill your machine. There are a lot of them but one little honey is W32/Magistr@MM. First discovered in March of 2001, this one DOES damage hardware. KNOW what you're downloading and looking at. Scan, Scan, Scan everything you download or put in your machine. Don't download attachments - period!
McAfee AVERT (Anti-Virus Emergency Response Team), the leading anti-virus research organization, gives you current information of all changing viruses and Trojan horses. Each updated profile gives you comprehensive details on virus characteristics and indications of infections. Visit their Recently Updated Viruses page. Added 10/9/2002 Reminder: even the most trusted can appear to have sent you a virus infected file. I received this message this morning [the link opens a .jpg of the message]. Obviously this did not come from McAfee but unsuspecting users may believe it came from them and the attachment is safe.
Visit the Virus Detection and Prevention Tips page from McAfee.
Visit the FBI's National Infrastructure Protection Center.
"Seven Tips" from NIPC.
Although I personally recommend McAfee [from Network Associates] Anti-Virus software and Sygate [Firewall], the players in the virus protection field are linked at the left. Trend Micro is also very competent and has a REAL-TIME Threat virus map. There are other players in these fields that I haven't listed, like the BlackICE Defender Firewall. I am often admonished by "loyal users" of other anti-virus and firewall products because I don't recommend the product they spent their money on. I don't list these other products because they simply don't work as advertised, on all operating systems or as effectively as others. ADDED 02/11/02 The problems I referred to here about BlackICE is now public. The link takes you to Internet Security Systems recent letter to their customer base. Perhaps the problems will now be solved and the product will be improved. When I have tested their software and found it working properly, I'll remove this warning.
I'm often heard "knocking" Instant Messenger services from MS, Yahoo, AOL, etc., because to function, it has to have open ports on your system. Those open ports are doorways to your data. It seems others are now recognizing that fact. The link takes you to ZDNet's Tech Update. 01/03/2002 This link takes you to CNN's Sci-Tech site
Those of you that have heard me comment regarding the Google Toolbar, many of you wanting it on your systems, now have additional information available regarding the problems I claimed it created for the security of your system. At this time, I haven't had time to look at the "fixes" but still caution you regarding using this "toolbar" on your enterprise network systems. Read the latest here.
Is your email Bugging You? It could be. Every message you read could tell the sender if a message is being read and/or forwarded and can disclose information about your system. Web pages you view can do not only the same thing, but even more. Use the link and find out more. No - I really don't just make this stuff up......<G> Your best defense is not to use any preview and don't open email from those you don't know. The side benefit of this is you don't read SPAM.
More Great news regarding who - and how - others are doing business on your machine, and how you may be allowing it. Here's a link to PC World's article on "Phishers", and how they can affect you.
How do you report SPAM? Try this.
Did I mention not to open attachments?
Site Design
© 1992 - 2005 PC Solutions, Inc. Clovis, NM
steve@nmpcs.com
.