|
By Bill Hely
"How Safe is Your Success"
is a series of eight articles that address different aspects of a universal
problem which is of particular importance to those who do business on-line.
Most Internet users are at least aware there are dangers "out there", but
few appreciate the real extent of those dangers, the possible (even likely)
consequences, or the best, most practical and least expensive means of
countering them. This series is intended to at least provide some useful
awareness of the situation.
-------------------------
Part 3 - The Anti-Virus Conundrum
One of the most common defenses
I hear from clients when I tell them I have discovered that a virus is
the cause of their "problem" goes like this: "But I'm using an anti-virus.
I've always had one! The man in the computer shop put it on for me".
The Man In The Computer Shop,
by dint of the fact he is "in computers" and speaks all that jargon stuff,
is perceived as an Expert Who Can Be Trusted. I mean, do you argue with
your plumber about pipe diameters and flow rates? Do you quiz your electrician
about safe electrical loads? No. He is the expert and you expect him to
know.
Warning: Do not carry any
of the trust you may place in a qualified specialist tradesperson over
to the computer industry. Look at the computer game as being more akin
to the motor trades. You don't expect the car salesman to be an expert
in tune-ups, or the mechanic to repair a tear in your upholstery. Each
to his own.
Many computer retail sales
people are quite competent when it comes to configuring a PC, but keep
in mind that there is no necessity for them to be other than good salespeople.
Unless you work in a company that has ready access to a professional IT
support person, there is much you will have to do yourself to get your
computer safe. There is also much you will have to become aware of for
it to stay that way.
My favorite saying with respect
to anti-virus protection is this: "An anti-virus program is only as good
as the day it was made". Expected response: "Huh?", which is OK because
then I get to explain.
A virus is just a computer
program and, reduced to basics, a computer program is just a special type
of document containing alpha-numeric characters – called “code”. The publishers
of anti-virus software carefully analyze the code of a known virus program
and determine a “fingerprint” or “signature” that can be said to be characteristic
of that particular virus. That information is added to a database of signatures
of other viruses that have also been analyzed.
The anti-virus program compares
data on the computer’s hard drive (or in memory) with the information stored
in its database of virus signatures. If a match is found, the likelihood
of a virus is high and an alert is issued, or some other pre-programmed
action takes place.
There is also a more complex
detection method called heuristics which, rather than looking for specifically
defined characteristics, looks for “virus-like behavior". If your anti-virus
program offers a heuristics option, do make sure it is enabled. Sometimes
anti-virus programs that offer heuristics don't have that option enabled
by default.
Now if I tell you that new
viruses are being released onto the Internet every day of the week, can
you see how your anti-virus program will soon become useless against an
ever-growing number of viruses for which it will have no characteristics?
So my favorite saying becomes: An anti-virus program is only as good as
the last time it was updated.
If you are to have any chance
at all against the flood of virus-type attacks permeating the Internet,
you absolutely MUST ensure that your anti-virus installation is always
using an up-to-date database.
Don't let the mention of
"database" deter you — that's the province of the programmer. All you need
do is configure your anti-virus program to regularly contact it's developer's
website and download the latest updates. Any anti-virus program worthy
of your consideration will have a built-in scheduler to take care of regularly
connecting to the Internet and retrieving updates. Frankly, it is just
too important a task to be left to the frailties of human memory, so always
use automation when it is available.
As for detection capabilities,
most of the major anti-virus packages are pretty much on a par these days.
For me it's the little extras that count, like ease of configuration, prompt
and helpful support, etc. and of course cost. The specific brand of anti-virus
software you use is up to you. My personal preference is a company I have
been watching, using and recommending for a few years now: Grisoft, makers
of the AVG anti-virus. You'll find them here: http://HackersNightmare.com?res=AVG
If you are a home computer
user you can use this excellent anti-virus program completely free of charge.
The site layout and links change from time to time, but from the link above
look for a reference to "AVG Free". Note that there is also an AVG Trial,
but that's a time-limited trial of the commercial software. As a home user
on a single stand-alone PC you'll be very happy with AVG Free.
Finally, a word about "security
suites". I know I'm inviting criticism for this stance, but I must say
I'm not a fan of security suites for most home or small business installations.
A suite is a software package that offers not only anti-virus but includes
software components that purport to tackle other nasties such as SpyWare,
adware, etc.
In my experience you do not
find the best of each type of protection bundled together. Because a company
may be extremely good at producing an anti-virus product does not mean
they can do as good a job with an anti-adware solution. While the corporate
buyers tend to turn their noses up at free software, the fact is that some
of the very best-of-breed security solutions are just that - free. If the
corporates with their big budgets and in-house IT support prefer to invest
in complex and often costly integrated suites, that's fine. They have the
resources to handle anything that happens.
But for my money there's
a lot to be said for implementing a series of much smaller, less complex,
often free utilities that — matched task for task — can usually out-perform
the equivalent component parts of an integrated suite.
We'll be looking more specifically
at adware and SpyWare threats in the next part of this series, so if you
are not yet a subscriber to this newsletter join now, or risk missing some
very important information.
In the interim, get yourself
a good modern anti-virus scanner and, once installed, be sure to get into
the configuration options and set a daily update schedule. In AVG version
7 you just launch the Test Center, click the Scheduler button, double-click
the "Update plan" entry and select your preferred options. While you have
the Test Center open you might as well double-click on the "Test plan"
entry and set your preferred full-scan time. Mine happens in the early
hours of the morning when it can't slow my work.
-------------------------
Bill Hely is a technologist,
consultant and author living in Brisbane, Australia. For most of the last
two decades his professional focus has been on advising and supporting
small business operators in Information Technology and Office Productivity
issues — and rescuing them when they didn't heed his advice the first time
around. He is the author of several books on technology for the business
operator, including the Bible of Internet and computer security "The
Hacker's Nightmare". For more information on this must-read tutorial
and reference visit: http://HackersNightmare.com
|
