Dear ALL:
A short introduction and a update on the
issue of virus and security.
My name is John A. Hansen and the new mailing
List Adm. I'm retired ( mostly) with a
Scottish wife, 4 grown children and
7 grandchildren. We live in
Issaquah Wa ( near Seattle) and tracing a
bunch of ancestors. Did you notice that your
number of "dead ends" grows exponentially
with the number of generations you try to
go back :-).
The virus issue is on everyone's mind today
and will be even more so in coming months.
The current famous one is Code Red , but that
is serious mostly for people running servers
for web pages and larger networks etc. However,
there are a couple of baddies out there right now.
One is Sir Cam and the other is Bad Trans.
You can get the details on these by going to
www.sarc.com and looking at their level
4 alerts.
However, there is also more serious virii ( plural)
coming and the gloves are off. There are now at
least several groups of offshore professionals
thieves that have discovered that using viruses
is a easy way to get new fraud victims. The scam works
like this.
These professionals are getting
victims easily and cheaply by using virus
to plant Trojans, "cuckoo eggs" and other
programs ( called malware) to forward "info"
to a site, called a "drop". The specific
info they want is credit card numbers, SSN, bank account
numbers, passwords etc. They use that info for identity
theft and just to ding your account or credit card
for a few bucks.
While the general warning to never ever ever open
an attachment is good, there are other ways
for them to get in. Attachments can be single
extensions ( PDF, jpg, zip etc) and any email
message with the standard html format can easily
have embedded scripts ( you don't even have to open
it , they will do all the work for you !
So get and maintain a set of Antivirus software ....now!
I've included a nicely written overall summary
by BJ Hamilton of the virus and Firewall situation.
I use ZoneAlarm pro as my firewall because I have
a home network and I like to mess around with
this stuff:-) But their freeware program is also good.
I do consistently get pings and probes so I know
it's happening. A freeware version of the Program
is available at
www.zonelabs.com. It's a bit of
a pain to run because you keep getting alerts,
but that's better than not knowing.
I also use the programs mentioned below to test my
security on a regular basis ( once a month) .
There is also the program at
www.pcpitstop.com that does
free online testing of your computer status and security.
Some references for Anti virus software are as follows
and freeware and shareware products are available at
www.tucows.com.
There is also a nice site at
www.webattack.com/freeware
with good programs.
If you have any further questions about viruses,
please consult your anti-virus software vendor or
visit one of these sites:
http://www.mcafee.com/anti-virus/default.asp?
http://antivirus.about.com/compute/antivirus/
http://www.symantec.com/avcenter/
http://www.claws-and-paws.com/virus/
http://www.eicar.com/
http://www.av-test.org/
http://helpvirus.com/
My candidates for review ( from my own favorites file)
http://www.securityportal.com/articles/malware20010129.html
http://securityportal.com/virus/
http://www.antivirus.com/vinfo/vprimer.htm
http://www.sarc.com/avcenter/security/
( see article on email worms)
http://www.sarc.com/
( nice summary of current active "level 4" virus threats
http://www.sarc.com/avcenter/security/Content/2000_05_26_a.html
( good article on embedded scripting and the countermeasures)
Some Newsgroups:
alt.comp.virus
alt.comp.anti-virus
alt.comp.source.code
symantec.support.**** ( specific version of OS)
There is also a good mailing list here at Rootsweb.
The name is virus-discussion-L(a)rootsweb.com.
The list adm is George Elting.
subscribe by sending email to:
virus-discussion-L-request(a)rootsweb.com
My strong recommendation for your protection is to:
A: Get Anti virus Software of some kind.
B: Update it once a week
C: Install a firewall ( software version)
D: Use passwords on access to your computer
E: Do a security check with an Internet site
once a month. It's easy and free
F: Do Not open any message with attachments.
Remember attachments now can be single
extensions, including .pdf etc
In case you receive a message with a virus
or attachments the Virus procedure is
simply as follows. Remember attachments
now can be single extensions, including .pdf etc
A: Send the name of the person to me with copy
to the list for a heads up.
B: Delete the message
I will then remove the infected user.
There are some options if you are unfortunate
and get infected some way. These options
include using the digest mode and posting
to the message boards since many of these lists
are gatewayed from the message boards as well.
If we all work together, we can keep this mailing list
clean.
Best Regards
John A Hansen
jahansen(a)qwest.net
List Adm
-----Original Message-----
From: bounce-ftmtech-l-9376775(a)lyris.genealogy.com
[mailto:bounce-ftmtech-l-9376775@lyris.genealogy.com]On
Behalf Of BJ Hamilton
Sent: Monday, August 06, 2001 9:26 PM
To: Family Tree Maker Discussion List
Subject: Re: virus is getting bad.... I had it, too...
reprinted with permission from BJ Hamilton
JAH
Dear All:
There is quite a bit of emotional rhetoric regarding viruses and network
security. So this is a brief explanation of terms and then a web address
that has outstanding advice as well as explanations and some diagnostic
tools to help you determine how vulnerable your system is. I heartily
recommend you run both his Shields and Probe applications.
Definitions:
1. Firewall - this is normally a computer which protects a local area
network (LAN) by restricting who may access the LAN from the internet as
well as restricting who on the LAN may access the internet and what areas
may be accessed. They may be very sophisticated and expensive running on a
separate computer or they can simply be a utility, which runs on your
personal computer protecting you from the Internet. Consequently they can be
very expensive or on the other hand they can be rather inexpensive. Some of
the personal firewalls will cost around $30-$50. BlackGuard, Symantic and
McAfee (I think) all offer personal firewalls. One firewall that has
received a lot of praise is ZoneAlarm (found at:
http://www.zonelabs.com).
It is free for personal use although they also offer a version, ZoneAlarm
Pro, for about $40 which checks your email for viruses. I use the free
version.
2. Routers and Gateways - These may be computers but tend to be dedicated
machines which sit between networks and forward (or route) all packets
(traffic) to other networks (The internet is just like a big series of
networks and all traffic is forwarded by routers using the TCP/IP
addresses.) Again these can be very expensive devices but within the past
year or two, D-Link, Linksys and SMC have been developed inexpensive devices
for home and small office use. These tend to cost about $130 - $200. They
are rather simple to install and operate. I simply installed mine, provided
it with my ISP ID and Password and did nothing else. It is always on -
protecting all of my computers from external probes because it answers the
Internet address and then routes the packets to the appropriate internal
network addresses. The gateways and routers have no files or programs, which
can be accessed so they act as a protection against anyone attempting to
access my computer. Normally they do not stop your machine from accessing
the Internet.
They also allow multiple users/computers to access the Internet
simultaneously using a single ISP address. Because no one can get your
internal computer address, it acts as a sort of firewall also.
For maximum protection, I use both a gateway and a personal firewall. I use
the firewall because it allows me to control what programs or utilities on
my computer can access the network. I have a list of applications that I
have granted access to the network. If another program attempts to access
the network, ZoneAlarm intercepts the attempt, opens a dialog window and I
can either prohibit the access or allow the access (on a once only basis or
continuous basis).
For those who want more details about security in general, I suggest the
following web site:
https://grc.com/x/ne.dll?bh0bkyd2
( Note by JAH) : This site does a full online security
check on your computer as well. Run both the
"shields up" and "probes" !
This site is provided by Steve Gibson. This web site provides extensive
information in an easy reading manner for the non-technophile. Explore to
your heart's content. I'm going to have to go back and revisit it because he
has done considerable upgrading since I last looked at the site.
Let me know if I haven't answered your question or if you don't understand
my explanations.
BJ Hamilton