Ask the Expert

Pre-emptive measures for preventing virus attacks

Virus attacks are subtle: The symptoms I've noticed are general slowing of operation, with little to know increase in processes shown by the task manager, but a noted increase in memory consumption of the winlogon task. What things do you look for?
First, I always make sure my virus checker is up-to-date and my system is patched against known vulnerabilities -- and I don't open attachements of any kind unless I truly know what they are and have examined them with a virus checker first. A little protection keeps me from a lot of problems.

To look for a possible viral infection I also look for increased traffic, or outbound traffic of unknown origin (yes, I run a firewall and read the logs, and also filter outbound traffic). I examine log files for known viral or worm signatures. If files are missing, I'm particularly suspicious. I look for unusual activity of any kind. I run an IDS that warns me when unregistered programs attempt to run, or when unusual programs attempt to access the network. I consider many popups to be mobile malicious code, so I also run software that detects their presence on my system and allows me to remove them. I consider many apps which 'phone home' to check for updates to also be potentially malicious and turn them off, too. In short, I try to be proactive and if I can't prevent infection, I try to be more aware of how to identify and get rid of potential harmful software.

This was first published in August 2002

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: