Viruses & Worms

Protecting yourself from computer viruses, worms and trojan horses

What is a computer virus?
A computer virus is a malicious program designed to spread throughout your computer by hiding itself in your files. In addition to spreading itself, a computer virus may also have harmful side effects such as deleting data from your harddrive.

What is a computer worm?
A worm is a malicious program written with the sole purpose of spreading itself from computer to computer. Unlike a virus, which spreads to as many files on your harddrive as possible, a worm exploits security holes to spread itself to as many computers as possible. Many worms are used as carriers to drop off viruses and trojans.

What is a trojan horse?
Taken from the Greek tale that involved a hidden army within the belly of a large wooden horse at the gates of Troy, these programs behave in much the same way. What appears to be an innocent program, music file, video clip, etc. may hide a virus-like program that uses stealth to install and conceal itself. Once installed, the trojan allows an attacker to take control of your computer. The attacker can then use your computer to commit crimes that will be traced back to you.

Top 10 tips for keeping your system virus, worm and trojan free:

1. Always run the latest anti-virus software from the vendor of your choice on every machine that you plan to attach to the Internet. Not all anti-virus software packages are created equal, so we suggest you research the subject before making your selection.
    
2. Keep your anti-virus software up-to-date with the latest 'scanning engine' and 'identification' file updates available from the anti-virus software vendor. Most anti-virus suites have the option to perform daily updates and scans. We strongly recommend these features be used. If your software has the ability to monitor all file and memory activity in real-time, we recommend enabing it.
    
3. Be certain to use good password practices when configuring accounts and network services on your LAN. Systems with 'administrator' accounts should never have a 'default' or 'blank' password. Doing so allows an attacker to easily enter your system, access shares, and change your passwords. We encourage all users to use complex passwords with a series of random numbers, digits, and symbols. Passwords should be updated/changed regularly. If you are sharing files with other computers on a home network, be sure to protect them with strong passwords.
    
4. Run a full virus scan on your system regularly. Most anti-virus software allows you to automate this process with reminders for missed scans. You should check your anti-virus software's documentation to ensure you have configured the software to scan everything (inside archives, all drives and directories, etc).
    
5. Regularly install critical update patches to your operating system, web browser, email clients, and any other software that may access the network. Most current operating systems have the ability to automatically download and install such updates if configured to do so. You may update a Microsoft Windows system from the Start menu by clicking the Windows Update link. Failure to install critical updates makes your system far more vulnerable to infection by viruses, worms, and trojans.
    
6. Never run an attachment directly from your email client. First, save it to your hard disk drive and run a virus scan (with the latest anti-virus definitions) on the file itself. If your anti-virus software has the option to check email on download, enable this feature. Be wary of files that appear harmless but contain hidden executable extensions.
    
7. Never fully trust that an email has been sent from the person who appears in the 'from' or 'reply-to' fields of an email. Since all emails can be forged, you should look for content that identifies that the email was actually sent from the person it claims its from (a signature file, PGP key, personal note, etc.)
    
8. Educate and monitor others in your household whom use your computers and/or Internet connection. A local area network can be quickly compromised though execution of malicious code on one machine. Always follow good security practices when designing your local network. We recommend the use of a broadband gateway/router device.
    
9. Be wary of any files you download from unknown sources. (web sites, file sharing networks, ftp sites, IRC, Usenet, etc.) Make all possible effort to determine that these files are virus free before executing them. Obtaining software directly from a legitimate vendor is generally the safest option. Be certain that you typed the URL properly to avoid being misdirected to compromised software.
    
10. If minors use your Internet connection, monitor their download habits and chat conversations. Quite often, installation of trojans is performed simply by talking someone into opening a malicious file, rather than by exploiting a security hole in the computer. Educate anyone who is going to be using your Internet connection of potential security risks.