CompTIA Network+ Certification Exam Tutorial: Virus
Attacks And Antivirus Programs
by: Chris Bryant, CCIE #12933
Whether you’re preparing to pass the Network+ or Cisco CCNA
certification exam or not, you must not underestimate the importance
of antivirus programs and virus definition updates. With all the
attention we pay to viruses and their prevention, I feel a little
silly even saying that. But….
If there's one thing you must have working at full capacity in
your network, it's the antivirus programs.
If there's one thing that is commonly overlooked when it comes
to updates, it's the antivirus programs.
In today's world, your network must be protected from both internal
and external antivirus threats. By implementing and executing an
aggressive antivirus strategy, you can greatly reduce your network's
chances of being hit with a virus. Literally hundreds of millions
of dollars in productivity are lost every year due to virus attacks,
along with a few jobs. Make sure both your network and career are
protected!
You may be asking yourself what this has to do with the CompTIA
Network+ certification exam. To earn this important computer certification,
you’ve got to display knowledge of threats to your network
and how to stop them – and viruses are at the top of that
list.
Before we discuss how to stop viruses, let's discuss exactly what
a virus is. All of the following are bad, but they're not all viruses.
Just as a human virus is spread through contact, so is a computer
virus. A virus is a program that gets onto a computer without a
user's knowledge and then performs an action that can range from
mischievous to destructive. For a virus to be spread, there has
to be some kind of contact between an infected user and another
user - generally, that contact is the forwarding of an email that
has an attachment that contains a virus.
A worm is a type of virus, but a worm can spread on its own without
any "help" from the infected host. Even worse, a worm
can replicate on its own, resulting in many more worms attacking
other hosts. A common worm attack involves the worm sending a copy
of itself to every single user listed in the infected host's email
address book.
A third, more insidious attacker is the Trojan Horse. In history,
the Trojan Horse was presented as a gift to Troy by the Greeks,
and it was filled with Greek soldiers who attacked once the Horse
was taken inside the city's defenses. Today's Trojan Horses attack
in much the same fashion. The program installed by the user may
look legitimate and innocent, but there's another program inside
just waiting to attack the user's computer.
It's a good idea to periodically remind your end users about some
basic steps they can take to help prevent unleashing a virus:
Don't open email attachments from anyone outside the company.
Don't download software and install it, especially what I call
"fun and free" software such as gaming programs, animated
cursors, etc. Most of that software is safe, but a minority of those
programs contain adware and could unleash a virus on your network.
Don't open email from anyone you don't know, especially if the
subject line doesn’t make any sense. Just trash it.
End user education is important, but we have to face facts –
it’s not perfect. That's true for virus protection as well
as network security. I personally wish I had a dime for every password
I've seen written on a sticky note that was attached to the monitor!
As network admins and engineers, we've got to be aggressive in the
fight against viruses and not depend on others.
While we should certainly have an antivirus program on every server
in our network, there is one point of communication that we've got
to be particularly sensitive to, since this is where most viruses
and worms make their way into our network – the email server.
We've got to be particularly vigilant about the email server's
antivirus protection, since this is where users come in contact
the email attachments that can lead to so much trouble. When a host
is receiving email from an email server, the antivirus program on
the client should scan that email even before it's opened.
Attachments are a major source of viruses, and many networks now
have a firewall strip attachments off before they even get to the
email server. Firewalls are devices used to filter traffic, and
a firewall can be set to remove incoming attachments. If attachments
aren't allowed to enter the network, end users can't launch them
and their potential viral payload.
This common configuration also gives you the option to reject incoming
email that has an attachment, along with the option of notifying
the sender that the email was filtered for that reason.
Bottom line: every email attachment is a virus threat.
So how do you best protect your network against viruses, Trojan
horses, and the like? We’ll discuss that in tomorrow’s
CompTIA Network+ certification exam tutorial! Until then, keep studying!
About The Author
Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage
(http://www.thebryantadvantage.com).
Noadware.net
- Spyware/Adware Remover ! . Promote The Top Anti-Spyware Product
On CB! New Recurring Offer With 75% Of Any Current And Future Sales!
Earn 75% Every Year For The Life Of The Customer! Full Tracking
Code Support & Huge Bonuses!
There are literally hundreds of internet marketing techniques which
you can start using to make money on the web. You can opt to sell
other people's products and services by signing up as Affiliate
in companies like -the secrets Alertpay,
Domains Paypal
and Tops 123
secret search opportunity Affiliates.
Or...You even
have the option to earn a monthly residual income by joining a Direct
Sales company who have a Networking or Multi-Level-Marketing compensation
structure. The choice is yours - while the online opportunity to
make money with your website is endless.You can find more on this
topic - Make Money With in this Website.
