UPDATE – This website offers a test of your system to verify whether or not you are susceptible to Conficker. It’s simple – if you see all six pictures, you are golden. If not, well, you may have some cleanup to do.
Alas, tomorrow is the big joke day. It is also a big day of concern for IT folks everywhere, for it is a day that dormant trojans and viruses sometimes decide to show up and cause problems. For whatever reason, malware that you collect and gather over the year is sometimes set to activate or ‘phone home’ for instructions around April 1 every year in which they start doing bad things. There is always a threat of something like this happening and rarely does something happen exactly on April 1, but it does seem like an appropriate opportunity to visit the topic. Given the recent chatter and serious potential of damage by the Conficker worm, today may be the last chance you have to avoid having to rebuild your machine from scratch or worse yet, fighting for your money or identity to be returned to you.
Yes, this is serious stuff. Things like Conficker are good for because they raise our consciousness from time to time and help us to stay on our guard. The problem is that we need to be more diligent and better at making sure we are protected before something can happen.
Read on for some steps that you need to take TODAY to help your chances of not having a problem related to the April 1 warnings.
I will cover the following checklist of steps you can take today and moving forward to help protect yourself –
-
- Update your OS
- Use and update security software – AntiVirus, AntiSpyware, & Firewall
- Update your applications
- Use common sense and a little paranoia when receiving links and files from others, no matter how ell you know them
- Separate business/banking/financial activities from entertainment – use free virtual machine software or multiple physical computers
How does it happen?
You see, when you visit booby-trapped or otherwise nefarious websites, download pirated software, participate on a peer-peer sharing network, open bugged e-mail attachments, etc, you can get ‘infected’ without even knowing it. AntiVirus and AntiSpyware are not guarantees that your system will be free of malware. It is even realistic that you can get infected by doing everything right and not doing anything that you think is a forbidden activity.
I am completely paranoid on this subject and just assume that certain machines of mine have to have something on there that I don’t want. I will talk about how you segment different PC’s for different functions.
But what can you do about it?
There are several elements to the integrity of your PC; patches and updates, your personal computing habits, and smart segmenting of your activities.
Patches and Updates
Obviously. you have to have an operating system and you have to have applications that run on it in order to have a useful computer. A lot of malware that are out there take advantage, or exploit, a known issue with the OS or application code. This is why you constantly hear about Microsoft and other companies releasing patches. It is CRITICAL that you stay up to date with patches and software updates. Generally speaking, if a major vendor publishes a security patch, you should install it immediately. For example, the Conficker Worm used an exploit that was discovered last September. Microsoft released a patch for it in late October and anyone who installed that patch is safe from this particular one. If you are behind on your patches, or if you are not sure, it’s time to act.
Now is the perfect opportunity to make sure you have the latest patches for your Operating system. The easiest way to get started:
- If you are using a Microsoft Windows OS – visit http://windowsupdate.microsoft.com/ to get things going.
- If you are using a Linux system, you can use the built-in Software Update tool to see what is available.
After you install updates and reboot, go back and check for more updates. You may have to repeat the cycle of checking, installing, rebooting, and checking again several times before you are fully up to date.
Once you get yourself up to date, I encourage you to set up machine to at the very least check for and notify you of new updates. I understand the argument of not just allowing updates to be automatically applied, but you want to at least KNOW when a critical patch is available. I personally allow the updates to be installed as soon as they are made available. I think in all of my years doing IT support, maybe two MS patches broke things after the fact, versus the countless vulnerabilities that have been fixed and holes patched up.
Now that your OS is patches, what can you do about applications?
This one is a little tougher and requires more legwork on your part. Major vendors like Adobe, Apple, Logitech, etc often include automatic update utilities for their products but if you are like me, those get immediately disabled as startup services to help optimize performance. I have found a pretty good freebie from the experts at Secunia that is a pretty thorough and complete way to automate the process.
Check out the Secunia Personal Software Inspector (PSI). You can download it here, or you will find it on my downloads page. PSI is a little overkill with it always wanting to be running and checking on things, so I install it about once a quarter, run it through its paces, then uninstall it once I am all patched up. It may be just as easy to disable it and then re-enable it when you need a checkup.
AntiVirus and AntiSpyware come up all the time, so I won’t bore you again here. Simply put, you want at least one AV app, one AS app, and a firewall (NOT the default Windows firewall!). If you have all of these things, make sure everything is up to date as of now and make sure the scheduled updates are working!
If you are unsure about any of this, the following freebies will give you good protection –
- Comodo Security Suite – This will give you a good AntiVirus product AND one of the best personal Firewall’s out there.
- SpyBot S&D (AntiSpyware) – A great AntiSpyware application
- AVG Free (AntiVirus) – One of the leading free AV apps
- Windows Defender (AntiSpyware) – This is included with Windows and is free if you don’t have it already.
- Windows Firewall (Firewall) – The XP firewall only offers one-way protection and is essentially junk. In Vista, you need to turn on two-way protection, but I still don’t think it is as good as Comodo.
And please do not ever install an AntiVirus application that appears to you as a pop-up while you are browsing the internet! With the number of great apps out there and reasonably priced products from major vendors like Symantec and McAfee, you shouldn’t have to look too far for a reasonable solution.
(Here is a more complete Free AV roundup)
Personal Habits
This one is tough because it isn’t just patch it and move on. Even the most diligent of persons can get fooled into going to bad places. More and more, we are seeing a new breeding ground of traps with social networking sites – FaceBook, LinkedIN, MySpace, etc. This is a clever move by the bad guys because social networks imply a certain level of trust. If I receive a link from someone I personally know and that I have explicitly authorized/approved/accepted, then my guard is down and I am more likely to blindly follow the link.
But this is very different from when you get a virus-laden e-mail from that same friend, right? Not really. The only difference is that this is new and we are not accustomed to it yet. You all probably know to be careful about opening e-mail attachments because it has been a big deal for so many years now.
I am here to tell you that social networking sites are becoming dangerous places!
EXAMPLE – I use Facebook. I am really happy with its ease of use and customization (versus MySpace) and I have reconnected with so many people from the past that I may otherwise have lost forever. What I do not enjoy about Facebook is the constant barrage of hugs, kisses, beers, flair, survey’s, 25 things about me, mafia wars, etc. I don’t have time to get lost in all of that, so I have been pretty good about just using the e-mail and status features. That works for me. But lately, I have been getting odd e-mails from trusted friends in my network. I am very good about smelling something fishy and I want you to be, too.
I got a notification that ‘so-and-so’ found a picture of me on the web and thought it was great. It included a link. Now, ‘so-and-so’ was a person I knew in college, but not someone that I would think would go out of his way to send me a link to a picture of myself. I Google’d the domain name, and low and behold it was a known malware site. The next day, ‘so-and-so’s’ status read something to the effect of, “I did NOT send any of you that link, I was hacked’.
The point is, no matter how well you know someone, trust someone, and like someone, use caution when clicking links that come to you unsolicited. Yes, it does take the fun out of some of it, and you need to decide what risks are worth it. In my Facebook example, I stick to sending personal e-mails and occasionally updating my status or writing on someone’s wall. Anything else, and especially anything that sends a link to me, I don’t bother with. The applications aren’t monitored very well and because they seem fun, they are a perfect way to infect you or steal from you. And that’s what it is all about about – stealing either your money, your identity, or control of your computer which is big business in and of itself.
So what can you do?
- Verify any link that doesn’t seem appropriate – Google the text of the message sent to you; Google the domain name in the link and see what happens – don’t go to the site, enter www.suspicioussite in the search bar and see what comes up.
- Look at the link and compare it to where it is really sending you – Hover your mouse over the link and look on the bottom-left are of your browser window (IE and FireFox) to see if the text in the link match that info down below. That info down below is where you will really go if you click. If they don’t seem to match, think twice before clicking.
- Surf wisely – I understand if you want to download free software and music, look at porn, or research some other underground or off the beaten patch topic. These types of sites often come with the risks. They are perfect places to hide booby traps because they use your sense of adventure, or better yet, your sense of wanting to get something for free, to play on your emotions to get you to visit their site. Very few people have your best interest in mind. I’m sorry to sound so cynical, but how much junk mail, flyers on your car, spam e-mail, and free samples are NOT trying to get money out of your hands?
- Stay patched – the section above talks about patching your OS and using proper security software.
- When in doubt, Google it – Again, Google is great resource for determining if something is good or bad. Before you click, install, buy, or act on anything that has come to you, do a quick Google search. A lot of people are getting burned by a pop-up called AntiVirus 360 they are getting while browsing the web. This pop-up claims that your machine is infected and offers to sell you an AntiVirus product. After you have given them a credit card and then installed the Trojan-laden software you just purchased, then real fun begins when you realize that you need to remove it and try and get your money back. A five-second Google search of AntiVirus 360 would have steered you clear.
- Use your head – Ask yourself this – would it be worth the trouble to rebuild your PC, deal with a bank or credit card company to get your money back or repair your credit score, or even try to prove your innocence to police just to see that naked picture of Brittany Spears, if that picture really is at the end of that link? If you want to see a naked picture of Brit, at least try and find it yourself without clicking a link that magically appeared in your inbox.
Smart Segmenting
To this point, I’ve just been repeating basic steps that we have been hearing for years and offering solutions for handling them. But now, I’d like to offer some ways in which you can really help your chances of avoiding dangers.
Use more than one PC- Whether it be in the form of physical machines, virtual machines, or a combination, I would not mix the business of banking, work, and productivity with the entertainment aspects of your PC. If you just have one PC of modern specs (dual/quad core, 2-4gb RAM, and free disk space), you could create a virtual machine to handle one function or the other. I have created a Windows XP template that I can deploy and use for a while. Once I reach the point at which I think it would be better to start over, I just delete it and redeploy a clean image from the template.
If you have multiple PC’s, you can set one up as business and one up as play. Even an older machine is a great candidate for a secure machine – most banking or personal business is done through the web, so an older machine running Linux makes a great (and free) secure platform for your online transactions.
You could just as easily create a Linux virtual machine to handle safer browsing and use the host machine for entertainment.
The point is, any bit of segmenting you can establish between function is going to be better than not doing it at all. One physical machine dedicated to business with a virtual machine dedicated to play is better than a single machine for both. Two physical machines in which one is business and one is play is better yet. A Linux OS is going to be inherently more secure than a Windows OS, so maybe you use that for any online transaction or banking management.