How
do You Combat Viruses, Beyond the PC? By now most users are aware of the need to implement antivirus
software on individual systems. But a large percentage of the hardware and software
used to provide something for those users to use resides outside them. What are
they and what can be done to protect them from virus attacks? Computer viruses
attack servers - web, file, ftp and e-mail, along with routers and other network
gear - along with individual PC's. Servers are usually substantially the
same as PC's only with more memory, disk space and processors. Web servers house
web pages and programs for Internet users, e-mail servers store, send and receive
e-mail, and file and ftp servers make possible storage and distribution of all
manner of files for other systems. Routers are simply specialized computers, with
proprietary operating systems, for routing network traffic. Most operate
much like an individual's system and are subject to the same kinds of attacks.
They can therefore be protected by many of the same means - regular use of reliable
antivirus software and being firewall guarded to shut down vulnerable entry points
on the Internet. What else can be done?Since
servers and routers provide services to multiple, sometimes thousands, of user
systems they're more frequently attacked. Users can help administrators of these
systems by keeping their own systems clean and refraining from passing on viruses
to others across them. Administrators can help themselves by forgoing the temptation
to use them as personal computers with full e-mail clients, word processing software,
and fully enabled browsers. Users can help administrators and themselves
by being more careful in browser selection and configuration. Most could profit
from better self-education in how to minimize the 'target area' for hackers by
changing browser settings. Users and computer professionals have made strides
in voicing concern over security vulnerabilities in Internet Explorer. Adopting
other browsers in greater numbers will help to get the message across. Users
and administrators should avoid using bootable CD's and DVD's that haven't been
virus scanned after being burned with desired software and files. Sometimes the
process that creates them propagates viruses, just as floppy disks did some years
ago. FTP servers, used to store and provide sending and receiving of files
over networks, should become a thing of the past. Vanilla ftp (File Transfer Protocol)
can't be secured since passwords are passed in clear text (unencrypted) over the
network where they can be picked up by sniffers. Sniffers are software and/or
hardware used to spy on networks. Secure FTP versions should be used instead. Users
should take an active role in encouraging administrators to lock down systems.
Most admins do a very good job with limited time and resources, but security is
usually well down their list of priorities. Users who show an interest can alter
that in a constructive way by showing that they care. Very few servers have a
thorough check by a skilled security expert at any time in their serviceable lifetimes.
That would change if users didn't passively assume by default that everything
is fine until things go sour. The FutureMicrosoft
and other large vendors are making strides in designing hardware and software
which is better protected 'out of the box'. Just as one example, one common virus
exploit is called a 'buffer overrun'. Memory is used by all programs and it's
divided into areas called buffers of a certain size. Hackers use a well-known
technique for causing malicious program instructions to 'overflow' those buffers
providing them with more access than the legitimate program intended. A large
percentage of security fixes involves securing these buffers. Hardware and operating
system designers are addressing this by making 'buffer overrun' a thing of the
past, through fundamental design changes. Much more sophisticated ideas
are on the drawing board. Once they become a reality, everyone will benefit. |