In the past few days, many people in the Anti-Malware community seem to be discussing user education again. Based on these discussions, I felt it a good time to update an older work and re-release it, in hopes that it helps educate our user community.
Ten Rules of Common Sense Anti-Virus
- Buy and keep up-to-date, Anti-Virus Software. If you fail to keep it up-to-date, you might as well not have anything at all.
- Just because you trust a person with your house key, doesn’t mean they practice safe computing. If you don’t know why they are sending you a file, don’t double click on the attachment, ask why it was sent. Beware of sensational headline news links on social networks. A healthy dose of paranoia will save you time, energy and frustration.
- Recordable CDs and removable Hard Drives are cheap, your data’s not. With a CD Burner or 1.5G hard drive costing below $150 and the CDs less than $.25 each, there’s no reason not to make regular backups of your information. This goes easier if you store your documents in the “My documents” folder. If you say, “my data’s not important”, then why are you wasting space and saving it in the first place? If it’s important enough to save, it’s important enough to back up.
- You don’t trust your family doctor to treat cancer, why do you trust a general practitioner to destroy your data to cure a virus? Most Computer shops will use Anti-Virus Software to cure your PC of any infection. Unfortunately, Viruses have become the fall guy for any and all PC Problems Technicians can’t explain. Be very cautious when you are told you’ll have to reformat your computer to remove the virus. THERE has NEVER been a case where the virus was so unrecoverable that the drive needs to be reformatted. In some cases this will NOT remove the virus. Now there may be times when you will have to reinstall a program or the operating system (Windows, Linux, MAC OS) because of corrupt files, but this does not require a reformat, and the recent high use of malware called root kits DO need to have your operating system reinstalled to return it to a trustworthy installation. So be cautious when you hear “You have a virus we have to wipe the entire system”, if a virus has already “wiped the system” you can’t boot into your OS, and that is a different story.
- Learn the basics of the computer. You already know (if you drive), that you have to put petrol (gas), change the oil, check the tires and have the vehicle serviced periodically, or it stops running. You don’t have to be an expert on the internal combustion engine; you can do the simpler tasks yourself and let a mechanic take care of the more complex items. The same applies to your computer. Understand things like directories (folders) and how to tell where you’re saving your files, learn how to “change the oil” by updating your anti-virus, and put gas in it by defragging and running scandisk. By having a basic understanding of your computer, you will also better know when something is wrong, and can call the “auto Club” when the “tire goes flat”. Schedule the automated system updates the security patches released by your Operating System Vendor (i.e. Microsoft), also reduces your vulnerability to some viruses and malware.
- Install and use a “Personal Firewall” (also called Host Intrusion Prevention, or HIPS), many are built into modern Anti-Virus programs, and are bundled with all versions of Windows and Linux. Granted they are not perfect, granted some easy to defeat for a determined attacker, but, when used in conjunction with current anti-virus, they will increase your protection immensely. If you are on broadband, either DSL, or cable, consider investing in a “router” with built in firewalling. There are several, and run less than $200. Even if your provider doesn’t permit sharing of the connection, you don’t have to violate your agreement; you can put the router between your cable/DSL Modem and your PC, and still be in agreement, but be a LOT more secure. Just remember to keep your eye on the manufacture’s site to apply any updates, and not allow unsecure remote “updates” you may be shooting yourself in the foot if you do.
- If someone tells you they think you have a virus, don’t ignore them. You owe it to yourself and your friends to at least update your Anti-Virus Software and do a system scan. As hard as we try, sometimes things do get past, and it’s always better to check and be clean than to remain infected.
- Don’t believe everything you hear. While it’s nice to warn your friends and family about the latest threat, first make sure that you’re not sending them a hoax. Spending a few minutes checking out sites like http://www.vmyths.com or http://www.snoops.com can quickly save you some embarrassment and make you look like a guru when you tell someone else they are sending along a hoax. Second, before you mass mail out the alert, be sure your “audience” wants to hear it from you. Many people already subscribe to a vendor’s alert list and may not want the extra mail, be polite and ask (you only have to ask once), before putting someone on a mailing list.
- Not all cute things are safe. While Flash movies, games, and other little “Nifty” programs are often enjoyed by everyone, it is not the best or safest to send it in email. This can cause aggravation for people that are on slow connections and helps viruses spread. If you have something you feel your friends will enjoy, or find useful, provide a web link to the original source. This gives your friends the option to download it, or not and also is safer as the originator, if they are reputable, is less likely to have an infected or corrupted version on their site. Likewise, if someone sends you a file, politely tell them you’d prefer a link to the original, if they can provide it. Of course if someone ASKS you to send them the file, this is a different matter.
- Don’t share your hard drive. If you do need to provide some file and print sharing, don’t give the keys to the kingdom, use a password where you can, and ONLY give the minimum that you have to a directory (folder) is much better than giving all of C$. If you have to give a C$ administrative share (like in companies that use SMS) limit the number of people who can use it.