Stop Viruses and Worms

A virus is a computer program that propagates itself by modifying or
exploiting other programs to copy it to other files or systems. They usually
move from computer to computer by attaching themselves to files or to disks.
The most common method of infection is through e-mail attachments or through
files downloaded from the Internet, although viruses can also be transferred
via floppy disk or Internet Relay Chat (IRC) communications. Many viruses
delete or corrupt a selection of files or the whole file system on computers
infected with them. Recently, there has been in increase in the number of
network worms detected on the Internet. Worms are like viruses but use
network vulnerabilities rather than user actions to propagate themselves
from system to system.

To protect yourself:

• DO NOT open any e-mail attachments or files if you're unsure or
  suspicious about who sent them


• DO NOT open any e-mail attachments or files unless you know what
  they are, even if you know the sender. Some viruses send themselves
  automatically to the e-mail addresses in infected users' address books
  


• BE VERY CAREFUL about downloading files from the Internet. If
  you're unsure about the source - don't do it


• If you do not have anti-virus software, it is HIGHLY RECOMMENDED
  that you obtain and install anti-virus software on your computer and set
  it to check all files as they come into your computer


• Keep the anti-virus software actively monitoring your computer
  at all times


• UPDATE your anti-virus software, every two weeks at a minimum,
  according to instructions from the vendor. It's important to do this
  because the vendor's master virus databases are frequently updated to
  include the unique "signatures" of new viruses.


• Check the hard drive at least every month for viruses that were
  not detected by the anti-virus monitor.


• Be aware of hoax viruses. They have the same nuisance effect as
  many of the viruses they claim to be warning about. For example, they
  are often a warning message about a virus, telling you to alert everyone
  you know and citing an authoritative source as issuing the warning.
  
  
  

  Install a personal firewall

  
  

  Whenever you're connected to the Internet you are at risk from
  hackers attempting to break into your computer. To add to the
  potential embarrassment, they might also use your computer to attack
  others. Installing a "personal firewall" makes this a lot less
  likely. A firewall is a software or hardware device that controls
  online access to and from a computer.

  
  

  To protect yourself:

  
  

  
  
  • DISCONNECT from the Internet when you're not using it
    
  
  
  • Have personal firewall software installed and running on
    your computer. There are good firewalls available for free on
    the Internet. To find one, use any search engine to search for
    "personal firewall"
  
  
  • If the firewall you choose can, set it to block
    everything else except services and/or applications you'll be
    using to communicate over the Internet, for instance your Web
    browser and e-mail software.
  
  
  • Keep up to date with software patches for your
    computer's operating system, any Internet applications and the
    firewall software.
  
  

  
  
  
  
  
  

  Protect your files

  
  

  If other people have access to your computer, consider
  restricting access to the files you want to keep private.

  
  

  To protect yourself:

  
  

  
  
  • Turn the computer off when you're not using it
  
  
  • Set-up login accounts and file permissions, so only
    authorised users can access the system. Unix and Windows NT/2000
    have these security functions built in. If you run Windows
    95/98/Me, you can buy products to provide this protection.
    Configure the access restrictions to individual files or
    folders, so other users can only access the files you want them
    to.
  
  
  • If you do not need to allow people on other computers to
    share your directories and printers ensure that those functions
    are disabled (e.g. Microsoft File Sharing and Printer Sharing).
    
  
  
  • For laptop computers, consider setting a BIOS password
    so only authorised users can start the computer.
  
  
  • If information privacy is imperative you should also
    consider using a file- or disk-encryption system on the
    sensitive files. Alternatively, you could retain the only copies
    of those files on removable media and store the media in a safe
    place.
  
  

  
  
  
  
  
  

  Choose effective passwords

  
  

  Passwords mean protection. So when you choose a password, don't
  pick one that other people could easily guess such as your name,
  your partner's name or the brand name of the monitor.

  
  

  To protect yourself:

  
  

  
  
  • Select a password at least 8 characters long - a mixture
    of numbers and letters you can remember - but which has no
    meaning to anyone else. This is easier than it sounds. Just
    think of a phrase like "don't forget to lock-up the car" create
    an abbreviation, including a number for letters such as
    "d4g2lutc"
  
  
  • DO NOT use the same password for different systems
    
  
  
  • DO NOT write your passwords down or send them in e-mail
    messages
  
  
  • You should change your password every 2-3 months
    
  
  
  • If you don't like passwords or need a stronger
    authentication system, consider installing a biometric device
    (such as one based on your voice or fingerprint), or a physical
    token system such as smart card or proximity card
    authentication.
  
  

  
  
  
  
  
  

  Surf the web safely

  
  

  Java and ActiveX are programming languages that allow webpages to
  do all sorts of interactive and interesting things through small
  pieces of computer code known as 'applets'. Unfortunately, applets
  can also do damage on your computer if the creator of the webpage
  you are downloading has a nasty streak. For example, an applet could
  include code to delete your files, gather and pass back private
  information, or install a Trojan horse utility to set up a back door
  communications path into your computer.

  
  

  To protect yourself:

  
  

  
  
  • The safest option is to set your computer to ignore Java
    and ActiveX programming languages. Otherwise set your browser to
    ask you each time it is about to run Java and ActiveX code.
    Depending on what you know about the site, you will at least
    have the choice to run it, or not.
  
  
  • Try to only visit sites that are reputable; do not run
    code from unknown sites.
  
  

  
  
  
  
  
  

  Protect the information you're sending

  
  

  When you send information across the Internet it's possible other
  people may be able to capture and read it, or even change it. For
  most communications this probably isn't an issue, but if it is,
  consider using encryption.

  
  

  To protect yourself:

  
  

  
  
  • DO NOT send information that is private or sensitive
    (such as credit card details) to Web sites that do not use
    encryption between your browser and the site. One way to check
    for this is to see if "https" is on the address line or look for
    the key or padlock icon in your browser.
  
  
  • Check to see if your e-mail program includes an
    encryption feature. Alternatively, use an encryption program
    such as Pretty Good Privacy (PGP) to manage encryption of e-mail
    amongst a small group of users. Note - if you encrypt your
    messages, the people you send them to will also need a
    compatible decryption program and cryptographic keys to read the
    message when they receive it.
  
  

  
  
  
  
  
  

  Back it up

  
  

  When you use a computer, there's always a risk of losing the
  information on it. Most common risks are from a virus, your computer
  hard drive crashing, or a power failure. To reduce the impact if
  such an event occurs you should make back-up copies of important
  data files as soon as possible after they have been created or
  changed.

  
  

  To protect yourself:

  
  

  
  
  • Use accessories such as rewriteable CD drives and zip
    disks for copies of your important files - they're easy to use
    and relatively cheap.
  
  
  • Back-up daily or at least weekly - and check that the
    back-up has worked properly !
  
  
  • Protect back-up disks from damage and unauthorised
    access.
  
  

  
  
  
  
  
  

  Wipe all old files

  
  

  Before you lend or dispose of your computer, or get it serviced,
  make sure there's no private information left on it.

  
  

  To protect yourself:

  
  

  
  
  • At the very least DELETE all the files that you don't
    want others to see, empty all the temporary directories, and
    then empty the recycling/trash bin
  
  
  • OR reformat the hard disk - note that this will also
    remove the operating system and application software as well as
    the data files. The software will have to be reinstalled before
    the system will be usable again.
  
  
  • Unfortunately, both these methods only modify the file
    cataloguing system, they don't overwrite the files - many
    computer buffs could still recover the information. So, for
    maximum protection, remove or wipe the hard drive using a disk
    cleaning utility. The most thorough cleaning utilities are those
    which overwrite every location on the disk. Those which only
    overwrite sectors of the disk not used by files are less
    thorough but should be sufficient if you delete all your private
    files first
  
  
  • Wipe or destroy CDs or floppy disks and other
    information storage tools, before you dispose of them or pass
    them on. The "MS Format" function can be used for floppy disks
    (DO NOT use the Quick Format option).