|
This page is here to help protect faculty, staff,
and students against threats from computer viruses,
worms, and other forms of malicious code. Note that
suggestions regarding external services and products
are provided for your convenience, and should not be
regarded as endorsements or guarantees of
reliability. The following topics are presented
here:
1. What
is a virus?
Virus: A program
or piece of code that is loaded onto your computer
without your knowledge and runs against your wishes.
Most viruses can also replicate themselves. All
computer viruses are manmade. A simple virus that
can make a copy of itself over and over again is
relatively easy to produce. Even such a simple virus
is dangerous because it will quickly use all
available memory and bring the system to a halt. An
even more dangerous type of virus is one capable of
transmitting itself across networks and bypassing
security systems.
Since 1987, when
a virus infected ARPANET, a large network used by
the Defense Department and many universities, many
antivirus programs have become available. These
programs periodically check your computer system for
the best-known types of viruses.
Some people
distinguish between general viruses and worms. A
worm is a special type of virus that can replicate
itself and use memory, but cannot attach itself to
other programs.
Definition used
by permission of
Webopedia.com. 1
2. What
do viruses do?
"Most
viruses are comparatively harmless, and may be
present for years with no noticeable effect: some,
however, may cause random damage to data files
(sometimes insidiously, over a long period) or
attempt to destroy files and disks. Others cause
unintended damage. Even benign viruses (apparently
non-destructive viruses) cause significant damage by
occupying disk space and/or main memory, by using up
CPU processing time, and by the time and expense
wasted in detecting and removing them."
Many viruses are
disguised in e-mail attachments with an interesting
name. When a curious computer user receives the mail
and clicks on the attachment, a malicious program is
executed. For example, the "Anna Kournikova" VBS
virus infects Microsoft Outlook users who do not
have the latest virus protection software. Mail
arrives with the subject line: "Here you have :0"
and contains an attachment named
annakournikova.jpg.vbs. When a user opens the
attachment, the virus attempts to modify the
registry in order to copy itself into the Windows
directory. The virus will then attempt to send
infected mail messages to the addresses in the
Windows Address Book. By causing congestion through
self-propagation, the virus can also cause mail
server performance problems. (Note that the subject
line and attachment name may change as the virus
spreads.)
Macro viruses
are becoming an increasing threat for users of
Microsoft Office products such as MS-Word, MS-Excel,
and MS-PowerPoint. See Anti-Virus Resources for
Microsoft Office for information on how to protect
your system from macro viruses.
3. How
should I protect myself?
Install
virus-protection software. See software suggestions
below. Make sure to update the product at least once
a week. Because an increasing number of viruses
cannot be "cleaned" by simply running the "latest"
virus checker if you are already infected;
preventing infection is the wise course of action.
Beware of e-mail
attachments. Do not open any e-mail attachment
unless you are expecting the file and know it is
from a reliable source, especially if you are using
Windows.
Back up your
files. On a regular basis, back up your files
(somewhere other than on your machine). This can
save hours, days, even years of work should you lose
data because of a virus problem.
Make a rescue
disk. If you own an IBM-type system create a
bootable floppy disk, put the antivirus software on
it, and set the write-lock tab. This may be useful
later.
Stay informed.
Keep up with the latest news about viruses. Virus
news sources are listed below.
Don't spread
rumors. Do not pass along rumors or unverified
notices regarding computer viruses. This does more
harm than good. Read about hoaxes below.
Get help. If you
receive mail that you believe contains a virus, or
think your machine may already be infected with a
virus, contact ITSS at (225) 771-4987 or (225)
771-5814. Help Desk locations and hours are
available on the ITSS page.
4. I
think I received a virus in my e-mail. What should I
do?
First, never
open an attachment unless you are absolutely sure it
is from a reliable source. Infected e-mail messages
often invite you to click on an attached file. Don't
be tempted! The attachments are most likely viruses
that will infect your computer. In some cases it's
easy to see that the message is just "junk" mail.
But messages often appear to originate from an
"official" source such as Microsoft, Southern
University Law Center, or Admin@sulc.edu. Just
remember that official sources such as SULC, ITSS,
and Microsoft Corporation never send patches or
fixes as e-mail attachments. If you are in doubt
about any message you receive, contact ITSS at (225)
771-4987 or (225) 771-5814.
To get
assistance with a virus infection, contact ITSS at
(225) 771-4987 or (225) 771-5814. Help Desk
locations and hours are available on the ITSS page.
To report a
virus received through e-mail, follow the reporting
instructions located on the ITSS page.
Please do not
forward e-mail containing a virus, or suspected
virus, to any address other than
virus@sulc.edu.
5.
Where can I find the latest news about viruses?
There are many
ways to find out about the latest viruses; below is
a list of information sources. Some provide general
information, while others are more technical. We
recommend that you review all of them and use the
sources that are most helpful and convenient.
Visit the
Symantec Corporation Virus Information Center for
the latest information.
When a virus or
worm has a significant impact at SULC, an additional
alert may be posted on the ITSS home page.
Computer
Emergency Response Team at Carnegie-Mellon
University (CERT) -
http://www.cert.org/
F-Secure
Corporation Virus News -
http://www.f-secure.com/
IBM Antivirus
Research - Scientific Papers -
http://www.research.ibm.com/antivirus/SciPapers.htm
6. Can I be
notified automatically when there is a threat?
The following
organizations offer virus alert subscription
services.
Computer
Emergency Response Team at Carnegie-Mellon
University (CERT) -
http://www.us-cert.gov/cas/techalerts/index.html
McAfee.com Virus
Information Center -
http://www.us-cert.gov/cas/techalerts/index.html
Symantec
Corporation -
http://www.symantec.com/avcenter/newsletter.html
7. Is
virus protection software available?
SULC has
Symantec antivirus software installed on all
computers in the Law Center. Additional anti-virus
software may be purchased for personal use from
various computer stores.
8. I
installed virus protection; is my computer safe now?
Not necessarily.
You also need to download updates called "virus
definitions" or "DAT files" on a regular basis.
Experts recommend that you download updates at least
once a week and more frequently if you hear that a
virus is spreading. The Symantec AntiVirus software
can be easily customized to automatically download
updates every week at a time that's convenient for
you.
In addition to
virus protection, you also need to make sure your
computer has all of the latest security updates. See
the safe computing page for important instructions.
9. How
do I update my virus protection? How often?
Immediately
after installation of Symantec AntiVirus software
and periodically thereafter you must run LiveUpdate,
a component of the software, to update your virus
definition files. Failure to update your virus
definition files will leave your computer vulnerable
to new viruses. Experts recommend that you download
updates at least once a week, and more frequently if
you hear that a virus is spreading.
10. How
can I tell if it's a hoax?
Hoaxes involve
phony announcements, warnings, or instructions.
One recent type
of hoax involves e-mail that purports to come from
an official source, but is in fact a virus. Often
infected e-mail messages that appear to originate
from an "official" source such as Microsoft, SULC,
or Admin@sulc.edu invite you to click on an attached
file. You should never open an attachment such as
this, because it is most likely a virus that will
infect your computer. Just remember that official
sources such as SULC, ITSS, and Microsoft
Corporation never send patches or fixes as e-mail
attachments.
If you receive
an e-mail message that suggests you forward it to
everyone you know, it's probably either a hoax or a
chain letter. Distributing chain letters is against
University policy, so don't send these messages to
others.
Before
distributing some dire warning to all of your
friends or mailing lists, we recommend that you make
sure it is not a hoax. Here are sources of
information about hoaxes and myths:
Hoax
Encyclopedia from About.com -
http://antivirus.about.com/library/blenhoax.htm
F-Secure
Corporation Security Information Center, Hoax
Warnings -
http://www.f-secure.com/virus-info/hoax/
Hoaxbusters: A
public service of the CIAC Team and the U.S.
Department of Energy -
http://hoaxbusters.ciac.org/
If you are in
doubt about any message you receive, contact ITSS at
(225) 771-4987 or (225) 771-5814.
11.
What other resources are available?
See the safe
computing page for important instructions.
Check Google
groups for Usenet discussion forums on computing and
other issues.
See the Stay
Safe Online Web site for additional tips on computer
security. -
http://www.staysafeonline.info/
12. How
do I get help?
To get
assistance with a virus infection, contact ITSS at
(225) 771-4987 or (225) 771-5814. For locations and
hours, see the ITSS page.
To report a
virus received through e-mail, follow the reporting
instructions ITSS page.
Please do not
forward e-mail containing a virus, or suspected
virus, to any address other than
virus@sulc.edu.
|
