Computing Security Links


Is that a virus or a hoax?

Good sites to check whether a virus is real or just a hoax / urban legend include Stiller Research, McAfee, and Norton (Symantec).

Other good government / university resources include CERT* at the Carnegie Mellon S/W Engineering Institute, the Computer Security Resource Center run by the NIST, the CIAC Hoaxbusters, and the University of Michigan Virus Busters.

*Note: CERT delays public announcement of security holes and viruses by up to 45 days - so while they are accurate, they are not necessarily current...

Is your computer vulnerable to attack?

Various free email newsletters which deal with various computer security problems are available. For listings of security holes in widely-used software, see Security Focus - they have an anti-virus site here. For a newsletter dealing with cryptography as well as computer security issues, see Crypto-Gram.

Gibson Research (run by Steve Gibson of SpinRite fame) provides a service known as Shields Up which provides an interactive analysis of the vulnerability of your computer to some forms of attack / probing. His site also provides a lot of useful information on the topic (see the Shields Up Frequently Asked Questions page, as well as the links at the bottom of that page.)

For a little more protection against unwanted intrusion, personal firewalls (similar in function to those used by most major corporations these days) can be used. This is especially important if you access the Internet via DSL or a cable modem with fixed IP addressing (as opposed to dial-up access, or cable / DSL access via dynamic IP addressing). In addition, some widely-used software likes to "phone home" to the vendor with private information it has gathered on your computer. Protection against these forms of unauthorized access (both incoming and outgoing) is available from such vendors as Zone Labs; their ZoneAlarm is simple to install and use - and free for personal and non-profit use!

See also the Home PC Firewall Guide for a good introduction and overview to this topic, with reviews and recommendations on a variety of software for computer security.

Brian Lewis of the Sarasota PC Users Group has a good series of introductory articles on basic computer security topics here, here, here, and here. They're getting a little dated, but still provide good information.

Another relevant (and short) article from the Berkeley Computing & Communications information technology newsletter can be found here.

For protecting your computer against viruses, worms and Trojans, here is list of 10 Anti-Virus Rules from SecurityFocus.

What about SPAM?

Check out UXN Spam Combat Site for a lot of useful tools. Some more basic advice is provided at the spam.abuse.net site; scroll down to the Practical Tools to Boycott Spam section. For a legal opinion on how to fight spam, check out Technical and Legal Approaches to Unsolicited Electronic Mail by David Sorkin. If this is all too serious, take a different look at SPAM of the canned variety, and check out some SPAM Haiku here and the relocated SPAM-ku archive site.

SpyWare/Malware

Spyware is software that is surreptitiously installed on your PC for various reasons. A good site with explanations and guidance (including recommendations for freeware/shareware products that do a good job is Spyware Info. Spyware can be installed without you even being aware of it, via ActiveX controls on webpages - so a good spyware blocker or, second best, a good spyware detection and removal program, is worth the effort of installing and running regularly. Another good site is Kevin's Resource Center Anti-Spyware Tutorial.

Many of the common urban myths circulating about viruses and spyware actually point at legitimate components of the Windows operating system or other applications and say - "That's a virus!" or "If you see this file on your system, you're infected - delete that file!" So how do you know? Well, check the sites listed above - and you can also go to ProcessList.com and look up the file in question to see if it's part of the O/S or a well-known application. This site also provides information to help you evaluate whether the copy of the file you have is correct or possibly corrupt.

One of the latest types of malware to hit PCs are rootkits. For more discussion and some free tools, see the Microsoft Sysinternals site. In particular, RootkitRevealer is a handy utility to have.

Other

For a look at the other side, check out Hacking Exposed (2nd ed). This book provides a perspective on how hackers go about exploring (and exploiting) a site - and can provide a background for those who want to stop them. A book review is here.


Return to the home page of Tim, Sandy, Clara and Lucy

Last web page update was December 22, 2006.

Copyright © 2000-2006 - Copyright and contact details.