Beware smart worms

Opinion

Beware smart worms

Viruses and worms are becoming more common and more intelligent. Most companies already have anti-virus software, but this needs to be supported by good, safe computing practice. There are a few precautions you can take to further reduce the chance of infections on your network.

Prevent downloading
Implement a strict policy on downloading from the Internet. Employees could be inadvertently putting your network in jeopardy by opening attachments or downloading executables. Everything must be virus-checked. If you are not sure what the file is, don't open it. The policy should also prohibit forwarding hoax virus warnings and chain letters, as these can be as troublesome as viruses themselves. It can be embarrassing for your organisation if an employee forwards these to contacts or customers.

Unwanted file types such as .vbs, .exe, .chm and .scr files may contain hidden viruses. You should prevent them from entering the network. Viruses also hide their true identities by using "double extensions". Well-known viruses such as Love Letter (which was a .txt.vbs file) and Anna Kournikova (.jpg.vbs) caused problems as they seemed to be risk-free. Set up your network to stop any double extension file from entering via the e-mail gateway.

Change defaults
Turn off Windows Scripting Host if you don't need it - many worms rely on scripting, but chances are most of your users don't.

Keep up to date
It is worth subscribing to an e-mail alert service that warns you about new viruses emerging. Also make sure that you are up-to-date on any new security loopholes, patches or software issues, which are often exploited by virus writers. Subscribe to a vulnerability mailing list (like the one operated by Microsoft at www.microsoft.com/technet/security/bulletin/) then you can apply fixes where appropriate before new viruses come along.

With these simple guidelines in place, you can seriously reduce your networks' risks of exposure.

Jason Holloway is UK country manager at F-Secure.
www.f-secure.com/

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

This was first published in October 2002

 

COMMENTS powered by Disqus  //  Commenting policy