|
|
|
|
What is a firewall?A firewall is software that protects your computer against hackers. Many hackers are trying to gain access to your computer in order to look at your files, find out your passwords, change important files in your computer, set it up as an FTP server, browse files on that system, take screen shots, capture real-time screen information, open and close programs, edit information in currently running programs, show pop-up messages and dialog boxes, hang up your dial-up connection, or edit registry information. You can run a scan for security risks at Norton, a subsidiary of Symantec. Their firewall software can be purchased from their website or at computer stores. It is best to run it in conjunction with anti-virus software. This is software that scans for viruses or other dangerous software that has been placed maliciously on your computer, for example from e-mail attachments. The scan for security risks described above will also check for your vulnerability for viruses. Symantec also sells anti-virus software. Once firewall or anti-virus software is installed on your computer you should keep it updated periodically with the latest threats. this can be done by clicking a link on the software to connect to the appropriate website. Once a recent version of anti-virus and firewall software has been installed on your computer you should collect the periodic updates from the software company and run a virus scank at least once a week. You will then be properly protected from risks like the new Klez worm. The threat from a worm called Klez A recent mutation of the Klez worm -- labelled by antivirus companies as Klez.G or Klez.H -- is running rampant throughout the internet, swamping mail servers and disabling application software on the computers it infects. In May 2002 experts stated that "Klez.H" was the most pervasive e-mail virus in history, estimating that it has infected hundreds of thousands of computers within hours of first being spotted in mid-April 2002. Why, when most people are wary about e-mail attachments, is Klez so successful at wrecking people's computers? Because, unlike most worms, this one doesn't require the user to launch an attachment. When it arrives on a system that's running Outlook or Outlook Express, the worm activates immediately when the message carrying it is viewed or previewed. It does this by exploiting a series of security holes in Microsoft's mail clients... and in Internet Explorer, which Outlook and Outlook Express use to render e-mail on the screen. While the bugs were noted in a Microsoft security bulletin last year (see link below), Microsoft didn't warn end users directly. (The bulletins are read almost exclusively by system administrators.) As a result, the overwhelming majority of Windows systems are still unpatched. Most current virus checkers are capable of detecting this and other variants of the Klez worm, so long as they contain up-to-date virus patterns. Unfortunately, users resist paying antivirus vendors for updates. (McAfee, which ran into financial troubles, has sought to increase revenues by ending support for Version 4 of its ViruScan product. Because many users are unwilling to shell out cash for upgrades, their antivirus software has remained out of date, paving the way for virus epidemics.) Once activated, the Klez worm gathers addresses from the user's address book, database of e-mail messages, browser cache, and data files. It then mails itself to those addresses, picking a bogus address from the same list to place in the message's "From:" header. (Unless one looks at other headers which are hidden by Outlook, one can't tell the true origin of the message.) Because of the false return address, the worm not only hides the identities of infected parties (preventing others from warning them) but causes people to accuse the wrong person when they are infected. When Klez spreads, it will sometimes send with itself a copy of a randomly selected data file from the infected computer. This file may contain personal or business information that the victim would not want to be made public. It also attempts to disable antivirus software on the victim's machine, so that even if the victim belatedly downloads a new pattern file it will not help. Finally, Klez infects victims' systems with a program-infecting virus called "Elkern." The virus does not harm data, but does encrypt and rename program files, replacing them with a copy of itself. Each program that is run after the machine is infected will run just once... and not thereafter. Symantec has published a removal tool for Klez, but alas, it cannot always restore all of the files encrypted by the worm to usable condition. Victims will almost certainly have to reinstall software after disinfecting their systems. How vulnerable is your computer? Symantec statistics on the vulnerabilty of computers that they have checked are listed below. You can run a scan for security risks on your own computer at Norton, a subsidiary of Symantec. These are the results of the checks that Norton have completed recently.
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||
Send mail to
webmaster@repair-my-computer.co.uk with
questions or comments about this web site.
|
