Kevin's Opinion on Malware Scanners

• Kaspersky, this is The Big Dog, I use this on XP and Vista, uses less system resources, checks third party software for current updates, more expensive, less user friendly
• Norton, excellent, I use this too, good cost/performance, very user friendly
• McAfee, good, relies too heavily on Internet connection, good cost/performance
• Microsoft One Care, good, works well on routine Windows Registry errors, use their free online scanner avoid the expense.
• Spybot Search and Destroy, good for spyware/adware, free
• Malwarebytes Anti-Malware, good for spyware/adware, free
• Avira AntiVir, mediocre but it's the best of the freebies

There are a number of ways your computer can be attacked and or compromised while it is on the Internet. The most common methods are E-mail borne viruses and Trojans. Recent worm attacks have compromised many web sites which can infect your system if you visit them and download the executable virus/worm. So, what is the difference between a trojan, a virus, and a worm?
A Trojan is most commonly a server program which gets installed on your system and allows some unauthorised user to access your system from the Internet. Back Orifice and Sub Seven are common trojans. They work exactly the same as the popular PC-Anywhere, in fact Back Orifice was designed to compete with PC-Anywhere (so the creators say). Trojans do not replicate.
A Worm is a program that actively searches a network for systems with exploitable holes, gains access to the system via these holes, installs itself there and moves on allowing the new version to proceed in the same fashion. Nimda was a recent example of this, it exploited a security hole in Microsoft IIS Web Server to install itself on web servers.
A Virus actively replicates by modifying program and data files so that when executed the virus can again replicate and/or cause damage.
Worms and Viruses can carry a "payload" which causes actual damage to a system by deleting or corrupting files. Activity by the worm or virus can cause system slowdowns and errors particularly when you connect to a network and it actively begins replicating, usually by e-mail. Your e-mail program does not need to be running to accomplish this, most viruses come equiped with a SMTP (mail) program. A Trojan is controlled by a user who is looking for specific information or more typically is a "Script Kiddie" who is simply looking to make someone else miserable having no care about who it is.
Crackers typically will attack systems with a permanent IP Address such as Wireless Clients. If you access The Internet with our Wireless Service you should have a firewall installed to prevent hackers from compromising your system. Here again "Script Kiddies" are the number one problem, out there just trying to make you as miserable as they are. A real cracker would have no reason to hack into your system unless you are important enough to warrant his attention. Dial-up clients have little to fear from hackers because your IP Address changes each time you dial in but a trojan installed on your system can announce your IP Address to a potential Hacker so that he can find you if he needs to. Zone Alarm has a free client firewall program you can download and install.

Knowing that e-mail is the primary and prefered method of delivery we simply pass all of our incoming e-mail through our Server Side Scanner which scans for and quarantines Viruses. This is a Free service for all CS&T clients. We can also filter out Junk Mail, a most useful service which is becoming quite popular with our clients. We charge $2 a month for junk mail filtering. The remaining entry methods are best dealt with by installing a Virus Scanner on your system and keeping it up to date, this typically is Norton Antivirus, McAfee, or Trend scanners, expect to pay about $40 initially then about $40 a year to keep it updated. And finally you can come here and use our Online scanner to periodically scan your entire system, it is less convenient but certainly less expensive than the other methods.
The decision is yours to make as to how you will defend yourself against the jerks of The Internet Community. Cost is certainly a factor but just remember the old "Ounce of Prevention is Worth a Pound of Cure" trueism. It is much more expensive to have a virus cleaned up after you are infected than it is to have prevented getting it in the first place.

While there is no sure way to prevent being compromised here are a few rules I follow to minimize the risk.

• Never download programs from unknown sources or web sites.
• Turn on your Status Bar. Watch what you are clicking on. Your Browser Status Bar will inform you of the actual name of the file you are about to click on.
• Never execute files or open e-mail attachments with the extensions "exe", "com", "lnk", "bat", or "vbs" unless you are certain about what it is. Those type files are executable programs. Right Click on them, save to your hard drive and then scan the file before running it if you are uncertain.
• Never open mail from unknown sources. I filter all of my mail with the Server Side Filters and only let through those addresses who I expect and know.
• Update Virus Scanner Data files at least once a week, more often if you can. I check for updates once a day and have seen multiple updates come out in one day.
• Scan your system at least once a week, more often if you are very active on The Internet.
• Wireless users should install and keep updated a Firewall.
• Never accept file transfers from unknown sources while chatting or on IM. If you must accept a transfer scan it before opening it.
• Never provide personal information unless you know exactly who you are dealing with.

Be wary while on The Net, "Social Engineering" is the term used by scam artists and frauds to gain the trust of someone to scam or fraud. Don't be "Socially Engineered" into releasing passwords, user names, e-mail addresses, phone numbers, Social Security Numbers, Credit Card Numbers or ANY personal information. Telling someone your passwords may seem like the right thing to do at the time but consider this, someone other than yourself who claims to need your password should already have the authority to get it elsewhere so why should they be asking you? Here's what I mean, you get a call from someone posing to be an employee of your bank and asks for your ATM PIN number, or someone calls posing as your ISP and asks for your e-mail password. This is ridiculous, those people should have no use for your password if they are truely who they say they are. Don't ever give out your passwords and if you must give it out, change it immediately. An example, we install new equipment and are having trouble, we call the vendor who usually wants in the system to have a look, I change the password to a new one, tell him that one then change it back when they are done. Don't be "Socially Engineered", don't divulge private information.