Viruses: Understanding Them Helps Fight Them
Sunday, 14 March 2004
What goes into the creation of a virus? How can we fight them?

I advocate a three-pronged approach to protecting your PC: keep Windows updated, fight viruses with antivirus software, and protect you Internet connection with a firewall.

Computer users are in the midst of a heavy attack on the virus front. Since the wrath of Blaster last fall, things had been fairly quiet. Then in late January, the first taste of MyDoom took the world by storm. By some counts, one in 12 e-mail messages contained the mass e-mail worm. Since that initial salvo, the attacks have been coming faster and more furiously than other infections.

Viruses and worms are now tracking by their “variants” which are the moral equivalent of “strains” that the medical community talks about. One key to remaining diligent about your virus fighting is to understand the severity and breadth of this latest round of assaults.

Cultivated Viruses

In a recent New York Times article, Clive Thompson dug into the underbelly of the virus writing community. It turns out that most viruses that are written never get released to infect our computers. Virus writers will often create viruses to test their abilities and knowledge about computers. Some of these writers will post their code for others to see. It’s here that the maliciousness starts. Rather than just admire the work of these writers, unscrupulous punks who aren’t sharp enough to write their own viruses steal this code and modify it. More often than not, these folks are young kids who get a kick out of passing someone else’s work off as their own, earning them the derisive nickname “script kiddies.”

Occasionally, a virus spreader will modify their original release and re-spread it. Other times, another spreader will modify a previous release and re-release it.

Once released into the open, some of these viruses spread like a bad strain of influenza, while others fizzle. In the past, variations came out slowly and inconsistently. In the seven weeks or so since MyDoom first appeared, eight variations have surfaced. Similarly, 11 variants of Beagle (also known as Bagel) have cropped up in the last ten weeks.

Keeping Up With The Kiddies

So what can you do to keep up with the “script kiddies”? First of all, remember the cardinal rule of e-mail: don’t open attachments unless you are absolutely sure you know what’s in them. That said, the next most important safeguard is to keep your antivirus software completely up to date. Symantec’s Norton Antivirus and McAfee’s VirusScan automatically check for updates. It’s OK to let them check when they plan to, but I’d also recommend forcing your software to look for updates at lease once a day during heavy attack periods.

Also make sure that your antivirus subscription is updates. Antivirus software vendors charge you an annual fee that allows you unlimited access to virus definition updates. I’ve found it’s particularly important to check your subscription if you have a brand new computer. Some new units come with free copies of antivirus software, but they have a limited subscription period (around 45 to 90 days). It’s easy to dismiss the software’s message that asks you to pony up a little more cash after just a few months.

If you are out of date and suspect that you’ve been infected (you didn’t open that attachment, did you?), don’t despair. My favorite virus site is Symantec’s Antivirus Research Center or SARC (www.sarc.com). They have a free on-line scanner that lets you check your computer. They also have an inventory of virus removal tools for the latest flavor of attacks.

Another feature of SARC is their list of virus hoaxes. Once in a while, these e-mail messages come through that look like a virus warning, asking you to remove a certain “unused” piece of software. SARC is a good place to see if such messages are legitimate.




Digg!Reddit!Del.icio.us!Google!Live!Facebook!Technorati!StumbleUpon!Yahoo!Free social bookmarking plugins and extensions for Joomla! websites! title=