Team Asylum Security Copyright (c) 1999 By CyberSpace 2000 http://www.cyberspace2000.com/security Source: Don S. [don@cyberspace2000.com] Advisory Date: 06/21/99 Release Date: IMMEDIATE Internet Viruses Advisory ------------------------- ** Introduction With the recent media coverage over viruses and destructive macro scripts being distributed through the Internet, we decided to write a simple and effective guide to prevent infection. ** What are viruses? Computer viruses are sets of instructions that are programmed by hackers to destroy, manipulate, or steal information. There are harmless viruses which are used for pranks, but the majority of these programs are destructive and could cost you thousands of dollars if you are infected. The definition of viruses has become very broad because of the constant changes in the methods of executing the virus code. Perhaps the most dangerous kind of virus is not the one that destroys, but the one that hides and waits. These types of viruses are called trojans. Trojans are types of viruses that stay within your system for long periods of time until a specific event or date (i.e.: Halloween) activates them. Some trojans open backdoors or holes in your system for hackers to exploit. Granted that a destructive virus can cost thousands of damage in software and data files; however, with trojans hackers can steal sensitive information such as credit card information, passwords, and other private info. ** How many viruses are out there? The anti-virus developers can give you a better round estimate. In early 1990s, the viruses in public distribution were around 20-30,000. Now, with virus making kits and other new public tools, it is even easier now to develop viruses than in the past. There are also hobbyists around the world that develops viruses for their own testing purposes. So the true answer is, no one really knows. ** How does one get infected? Computer viruses need execution before it can infect your system(s). For instance, downloading a virus named bug.exe will not infect you unless you run it. Storing it on your hard drive will do nothing until you run that program. These days, there are many ways you can "execute" a virus. It could be as simple as double-clicking it or viewing a web site with malicious Java or ActiveX code. Recent events have shown us that many viruses are being transmitted through the Internet. Specifically, we should address the Melissa macro virus and the Explore.Zip virus. These viruses try to deceive the victim by pretending to be someone they know, when actually the virus takes usernames from the previous victim's address book. However, there are many ways you can avoid infection even with this type of deception. Virus shields, and virus scanners are a great help, but if your virus scanner is not updated, it is basically useless against new kinds of viruses. ** Where do I get a virus scanner? There are numerous virus scanners out there, some with specific and unique functions, and some with basic virus scanning abilities. We would like to recognize three different virus scanners out on the Internet: - McAfee (http://www.mcafee.com) - AntiViral Toolkit Pro (http://www.avp.com) - Norton's Anti-Virus Center (http://www.symantec.com/avcenter/) ** Conclusion Viruses are mere programs, but they can cause havoc. They can jump from one station throughout the whole network. When virus makers start using deception as a tool for infection, perhaps there is no simple solution to deter infection. However, you can take the following steps to make your odds a little better: - Install a good virus scanner. A virus scanner that can scan e-mail attachments, Internet downloads, and compressed files. - Update your virus scanner. There are viruses made every day. Update your virus scanners on a monthly basis, if not weekly. - Use discretion. No matter where it came from, how it got there, use caution. Before you execute or open the file, take a few seconds and do the following: * Scan it with an updated virus scanner. * Verify its origins. * Ask yourself if you need it? * Did you ask for the file or not? If a new virus is sent to you with a spoofed origin, a few seconds of discretion is probably your first and only line of defense.