bluekat-ga:
This question is very much related to your other question regarding
the anti-virus software itself.
Unauthorized or undesired access to a PC that is connected to a
network or the Internet is usually achieved by exploiting either poor
security practices, or design problems in the operating system and/or
software being used on the PC.
Most of the time, you and your computer are rarely being directly
targeted. Rather, the virus or worm author is simply looking to get
their virus or worm onto the maximum number of PCs possible in the
shortest amount of time. So, if your PC becomes infected, it isn't
because someone is out to get you, you are simply collateral damage.
Getting into the PC is accomplished through several means. In the
past, when people used floppy disks to move files back and forth
between computers, viruses usually were transmitted via floppies.
These days, the most common path is through an e-mail attachment
(which is also the most common way that people exchange files now...
you see the trend). Viruses and worms are also transmitted through
"Trojan Horse" files traded through file-sharing networks such as
KaZaA. In this method, virus or worms place themselves in the shared
files directory of an infected PC, naming themselves after a popularly
traded file. Victims download these files thinking that they are the
actual file being sought; upon opening the file, the virus is
unleashed.
Another mechanism that is starting to become more prevalent, and
therefore a growing concern, is through a bug in a popular web browser
such as Internet Explorer. For example, recently it was revealed that
it is possible to trick Internet Explorer into displaying a false
website while appearing for all intents and purposes to be a
legitimate website (including the address displayed in the Address
field). Other documented problems with Internet Explorer will allow
the operator of the false website to download and execute programs
(such as viruses) on the computer without the knowledge of ther user.
To date, no major attempt has been made using this approach, but
security researchers know that it is now possible.
By default, your PC can be probed through a network or Internet
connection to reveal which services are running, details about your
machine and its network settings, and ways to exploit your security.
An effective firewall can prevent this.
The message here is that, no matter how cautious you yourself are in
using your computer, there are enough methods for a virus to get into
your computer that you need to equip yourself with every possible tool
to prevent infection.
If you wish to find out how visible your computer is to others on the
Internet, pay a visit to Steve Gibson's website at:
http://www.grc.com/default.htm
and scroll down to the Shields UP! link. This will lead you to the
port test tool that will show you what an educated hacker can see
about your PC.
Since your questions both question the value of purchasing and
maintaining antivirus and firewall software, I will suggest a more
economical approach.
First, consider using the free version of Zone Alarm, the leading
personal firewall. You can download this free version from:
http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp?lid=zadb_zadown
Second, consider using the free version of AVG Antivirus, from
Grisoft. This free antivirus software is regularly updated for the
latest virus signatures:
http://www.grisoft.com/us/us_dwnl_free.php
Please let me know if you require any clarification, and definitely
consider downloading and installing the two programs listed above if
you choose to no longer purchase and maintain the antivirus and
firewall programs that you may already be using.
Regards,
aht-ga
Google Answers Researcher |
Clarification of Answer by
aht-ga
on
23 Dec 2003 23:06 PST
To learn more about this topic, you may also read the information found at:
http://antivirus.about.com/c/esntl.htm?PM=ss10_antivirus
In particular, you may want to read about the impact of the Blaster
virus, which hit the world hard this summer. For this virus, it was
not even necessary for the user to do anything "wrong", other than
leaving their computer connected to a network or the Internet, without
a proper firewall in place.
http://antivirus.about.com/library/weekly/aa072903a.htm
It is due to the expectation that further such exploits are possible,
that antivirus and firewall programs are necessary.
Regards,
aht-ga
Google Answers Researcher
|