Combating Viruses
Combating Viruses, Beyond The PC
By now most users are aware of the need to implement
antivirus software on individual systems. But a large
percentage of the hardware and software used to provide
something for those users to use resides outside them. What
are they and what can be done to protect them from virus
attacks?
Computer viruses attack servers - web, file, ftp and e-mail,
along with routers and other network gear - along with
individual PC's.
Servers are usually substantially the same as PC's only with
more memory, disk space and processors. Web servers house
web pages and programs for Internet users, e-mail servers
store, send and receive e-mail, and file and ftp servers
make possible storage and distribution of all manner of
files for other systems. Routers are simply specialized
computers, with proprietary operating systems, for routing
network traffic.
Most operate much like an individual's system and are
subject to the same kinds of attacks. They can therefore be
protected by many of the same means - regular use of
reliable antivirus software and being firewall guarded to
shut down vulnerable entry points on the Internet.
What else can be done?
Since servers and routers provide services to multiple,
sometimes thousands, of user systems they're more frequently
attacked. Users can help administrators of these systems by
keeping their own systems clean and refraining from passing
on viruses to others across them. Administrators can help
themselves by forgoing the temptation to use them as
personal computers with full e-mail clients, word processing
software, and fully enabled browsers.
Users can help administrators and themselves by being more
careful in browser selection and configuration. Most could
profit from better self-education in how to minimize the
'target area' for hackers by changing browser settings.
Users and computer professionals have made strides in
voicing concern over security vulnerabilities in Internet
Explorer. Adopting other browsers in greater numbers will
help to get the message across.
Users and administrators should avoid using bootable CD's
and DVD's that haven't been virus scanned after being burned
with desired software and files. Sometimes the process that
creates them propagates viruses, just as floppy disks did
some years ago.
FTP servers, used to store and provide sending and receiving
of files over networks, should become a thing of the past.
Vanilla ftp (File Transfer Protocol) can't be secured since
passwords are passed in clear text (unencrypted) over the
network where they can be picked up by sniffers. Sniffers
are software and/or hardware used to spy on networks. Secure
FTP versions should be used instead.
Users should take an active role in encouraging
administrators to lock down systems. Most admins do a very
good job with limited time and resources, but security is
usually well down their list of priorities. Users who show
an interest can alter that in a constructive way by showing
that they care. Very few servers have a thorough check by a
skilled security expert at any time in their serviceable
lifetimes. That would change if users didn't passively
assume by default that everything is fine until things go
sour.
The Future
Microsoft and other large vendors are making strides in
designing hardware and software which is better protected
'out of the box'. Just as one example, one common virus
exploit is called a 'buffer overrun'. Memory is used by all
programs and it's divided into areas called buffers of a
certain size.
Hackers use a well-known technique for causing malicious
program instructions to 'overflow' those buffers providing
them with more access than the legitimate program intended.
A large percentage of security fixes involves securing these
buffers. Hardware and operating system designers are
addressing this by making 'buffer overrun' a thing of the
past, through fundamental design changes.
Much more sophisticated ideas are on the drawing board. Once
they become a reality, everyone will benefit.
ADVERTISING:
Google Adsense (Jasa Pembuatan Website dan Account Google Adsense -Murah)
