Jake's Tech Talk - Security

Jake's Tech Talk
Security

With our new world of full-time, high-speed connections come a whole new set of problems. There are people out there who want to use your computer for their own purposes. A new type of malicious software, similar to viruses in effect, is the RAT, or Remote Access Trojan. This is a program designed to let another user take over the operation of your computer. It is the type of technology that was used to enlist large numbers of computers in launching the famous Denial of Service attacks on Yahoo, ZDNet, Amazon.com, and others in early February. The key to prevention here is to be alert. Many of these clients are actually installed by the victims themselves. A common strategy is to send emails to large groups of users with an executable attachment. The attachment has to be run to install the program, though. This leads to my one line of advice in this area:

If you get an email with an attachment that has an .exe file type, DON'T OPEN IT.

At the very least, call the sender to find out if they did indeed send you an attachment of that type BEFORE you open it. Be a little suspicious of even emails from people well-known to you if the subject line seems a little out of character for them. Sometimes, they've been infected with a virus or worm program that sends out messages to people in their address book, attempting to spread the virus or worm further. This can be done without them even knowing it's happening, in some cases. The Pretty Park worm does exactly that, using Microsoft Outlook or Outlook Express, every 30 minutes.

We are currently evaluating some methods of adding extra layers of security to our systems, including the use of programs called firewalls, which are designed to restrict accesses to only authorized people.

Update: Since my single line of advice above was written, there have been new ways devised to attack you via your email. Attachments are still the weapon of choice, but the extensions now include .vbs and .shs. Be very cautious with opening attachments in general. The advice about checking with the sender before opening an attachment is even more appropriate now. There's something else you can do to help yourself. Change the file view configuration on your system so that you see the entire file name.

In some systems, known file extensions are not shown in the folder listings, allowing files with double extensions to go unnoticed. For example, with file listings left in the Windows default mode, a file infected with the LoveLetter worm is listed as myfile.jpg. Unfortunately, the real name of that infected file is myfile.jpg.vbs.

To change the default view, open My Computer, then click on View, Folder Options, View. There are two items to modify. The button marked "Show All Files" should be checked. The button marked "Hide file extensions for known file types" should NOT be checked. Once these changes are made, click OK to set the new default view.

With a minor addition, my single line of advice still holds:

If you get an email with an attachment that has an .exe, .vbs, or .shs file type, DON'T OPEN IT.

Go to the AgComm Computer Support Page
Go to the AgComm Department Home Page