Advice for Avoiding Worms

By Larry Seltzer  |  Posted 2004-03-05 Print this article Print

One positive implication of this is that you can pretty safely ignore the details in these stories. When it comes to meaningful advice one can discern from them, it amounts to these points:
  • BE VERY SKEPTICAL OF ANY ATTACHMENT IN E-MAIL. This doesnt mean that you shouldnt trust any attachment at all, but unless you know the sender and were expecting the file, you should scrutinize it and not open it unless you can determine that its legitimate.
  • Keep your antivirus software and firewall up to date. They arent perfect, but they help a lot.
  • If your mail client can block all executables, let it. Most worms, including NetSky, will be blocked just by this. If not, find some other way to do it. Its just not worth being able to mail executables around. Incidentally, both Outlook and Outlook Express have done this for years, and therefore their users have been immune to these worms.

Some administrators are going to the extreme these days of stripping all attachments from e-mail. This isnt exactly cutting off your nose to spite your face, because it really would solve the problem, but its quite unkind to users unless you give them a reasonably convenient way to safely exchange files with outsiders. The existing solutions for users to exchange files are no bargain either. Peer-to-peer networks have become the alternate infection venue of choice for worm writers.

I trust myself with these things more than I trust the average user, but I have yet to see a worm attack arrive on my computer that I didnt immediately recognize as a worm attack. You can just tell that they werent written for you by a real human being. Clearly other people are being fooled, and repeatedly, I suspect, because if youre going to fall for one of these I assume you could fall for all of them. And its from those people that we need to protect ourselves.

On a sad note, believe it or not, Friday was the 10th anniversary of spam. Yes, all began when an immigration law firm posted an advertisement for help with the 1994 Green Card Lottery to all manner of irrelevant newsgroups (the example is from fr.comp.os.linux). I remember this incident. There was outrage at the time that now seems really quaint. How dare someone break netiquette in the pursuit of commercial gain!

As Netcraft describes in their account of the anniversary, the wrong lesson was quickly learned. Spammers saw that there was no enforcement and the rules were merely suggestions. Usenet lost all usefulness within a few years, and e-mail is heading in the same direction.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. Check out eWEEK.coms Security Center at for security news, views and analysis.

Be sure to add our security news feed to your RSS newsreader or My Yahoo page:   More from Larry Seltzer

Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel