No More ILOVEYOUs
hese days, computers constantly suffer the assaults of viruses, hackers, crackers, Trojan horses, and now, a new species of ground dweller: the polymorphic worm.
So what can be done to protect systems from attackers? Digging a foxhole, surrounding systems with concertina wire and disconnecting from the network might sound like attractive options-but they're certainly not pragmatic.
Government computer users can take some basic steps to ensure their desktops are not ravaged by cybervandals and the virus du jour.
Effective desktop security starts with antivirus software. "If you don't have antivirus software on your system you're nuts," says Marcus Ranum, president and chief executive officer of Network Flight Recorder Inc., a Rockville, Md., intrusion detection company.
But antivirus software can be suspect in the networked world. "Antivirus software has to be updated," says Chuck Roth, vice president of federal sales and marketing at Network Associates Inc. "And sometimes, nobody's paying attention to the updates."
Beyond updates, however, basic configuring of the software can come into play. "Systems administrators and users should set their virus software to maximum security settings," says Scott Bair, manager of IT operations at the Transportation Department. "Plus, the antivirus software should be set to look at every file that users are trying to open."
Yet, like a good general, "it's always good to have multiple lines of defense," says Dave Kroll, director of marketing for Finjan Software Inc., a San Jose, Calif., company that specializes in "sandboxing technology." Finjan's free sandboxing program examines the code of every attachment to see what actions it will initiate. If, for instance, an attachment sets out to delete files, SurfinGuard would not run the program. Finjan claims SurfinGuard causes performance degradation.
Users can also consider employing a personal firewall. Personal firewalls, such as NFR's BackOfficer Friendly or the free ZoneAlarm, monitor incoming and outgoing network traffic similar to the way network firewalls do.
"When a new program attempts to make connection off of a machine, the personal firewall asks the computer if the application is allowed to talk to the Internet," Ranum says. "Firewall software will also pop up and say a machine has been scanned." Port scanning is a common tool hackers use to detect clear and open paths into a network.
But in an environment where systems administrators remotely update and manage an agency's desktops, a personal firewall could cause some problems, Bair says. "The personal computer is a corporate tool," he says. "We should never put the corporation at risk just for individual convenience."
Bair advocates a standardized desktop configuration that prohibits users from loading their own programs. "We give users some choices but we don't allow them to install programs," Bair says. This could help agencies avoid dangerous programs innocently downloaded from the Internet.
Part of this strict regimen is disabling a number of features that accept programs that are popular with hackers and virus writers. "A lot of features in Windows that are enabled by default ought to be disabled," Blair says. This includes disabling support for Java and ActiveX, two Web development languages that run tiny applications.
Bair also recommends turning off host scripting, the feature that enables Visual Basic scripts to run. The "Love Bug" virus that invaded the world's computers in May was such a script.
But central management might not be for all agencies and all users. "You have to strike a balance between central management and the workstation managed by the end user," Bair says.
There is something all users should keep in mind. "The single most effective tool you can have is to be good and paranoid," Ranum says.
Translation: Be suspicious of attachments, especially those that are unexpected. Also, security experts warn against downloading programs from unvetted or suspicious Web sites. "Getting people to figure out what they are risking is really important," Ranum says.
A New Look for the Blue Pages
In a reflection of the federal government's drive to provide more services online, officials last month revamped the Web site for the Blue Pages, those directories of phone listings for federal services.
The Blue Pages is taking to the Web its goal of presenting services in an easy-to-find fashion. "The site will be state of the art and will have pointers to services at other agencies," says Bonnie Seybold, program manager of the Federal Directories Branch at the General Services Administration's Federal Technology Service.
The initiative, which began with the National Partnership for Reinventing Government, is now managed by FTS and produces more than 400 phone guides that are published in phone books throughout the country.
In Blue Pages directories, for instance, passport is a main listing rather than a heading under "State Department." "Some people don't know that the State Department takes care of passports," says Seybold. "The Web site will offer users friendly, major headings for them to go through. Agencies will also be able to access the site to make their changes online. Right now, everything is paper-based.
"Our goal is to reach 97 percent of households," Seybold says. "But considering that only 40 percent of citizens have access to a computer we have to do both the Web and print directories. The Blue Pages put the people in touch with the products and services they pay taxes for-when people see the Blue Pages, they are amazed what is available to them."
NEXT STORY: Keep on Measuring Customer Satisfaction