From the Kenosha News on 5-27-07

What really protects your computer from viruses?

      There are many misconceptions about what it takes to protect a computer from virus attacks.  The components of a good, strong defense system include the following:

      Anti-virus software.  Anti-virus alone will NOT prevent viruses.  Its main purpose is to notify you if you have a virus or detect if a file on a disk or in an e-mail is infected before you save it to your computer.  The brand or version of anti-virus is less important than its proper use.  After you install anti-virus, first make sure that “Auto-Protect” (or whatever term your product uses) is turned ON.   This is the option that will check for viruses whenever you insert a disk or RAMdrive or download a file.  If that option is turned off, viruses will only be detected with you do a scan, which is almost always too late.  Second, make sure that your anti-virus is configured to download updated virus definitions at least weekly; daily is better.  If your subscription has expired and you are no longer getting new definitions, your software will not detect recently released viruses. 

      System updates.  The real tools to PREVENT viruses are updates (patches) to your system and software.  Nearly all viruses are written to exploit vulnerabilities in your operating system or other software.  The updates released by the software manufacturers (e.g. Microsoft) correct these vulnerabilities.  For example, the Blaster virus – which hit colleges particularly hard in the fall of 2004 – exploited a vulnerability in the Windows operating system.  The update/patch to fix that “hole” had been out for at least two months before most computers were infected.  Users who kept their patches up to date didn’t get the Blaster virus.  My strongest advice is to configure your system to automatically download and install any system updates daily.  Yes, there is a risk that an update will “break” some other software you use, but that is a very small chance compared to the likelihood of getting a virus if you don’t install updates.

      Firewall software.  While networks usually use a firewall device, personal computers usually use firewall software.  I have never used anything “fancier” than the firewall software built-in to Windows XP.  Understand, however, that firewalls only block non-essential “ports” (not physical connections but different protocol types used by various network applications) whereas most viruses use common ports that you wouldn’t want to block.  For example, a virus might exploit a vulnerability in RealPlayer.  If you set up your firewall to block ports 554 and 7070, you would prevent those viruses, but you would also prevent RealPlayer and QuickTime (and any other application using Real-Time Streaming Protocol) from working.  That’s why most viruses use ports and protocols that are very common – because they won’t be blocked at your firewall.

      Anti-virus and cleaning tools.  If a virus is detected on your computer, your anti-virus may be able to remove it.  You might, however, need to start your computer in Safe Mode.  If your anti-virus can’t remove the virus, look for a “cleaning tool” – a packaged executable that removes the virus – on your anti-virus’ web site.  For more info on cleaning tough viruses, check out my previous article at http://www.sabbarpublications.com/newsarchive/news1-23-05.html.

by Carol Sabbar from the Kenosha News on 5-27-07