From the BlogSubscribe Now

Symantec Threatcon at Level 2

Good morning folks and welcome to my Technology Blog

I love to blog about technology because I love technology and people.  I have to say that sometimes I love technology more because it seems to be more manageable than some folks.  In other words it is easier for me to fix a technology problem than a person problem.  One of my challenges as a professional technologist is to be able to explain technology to a non technical person in a way that they can relate to it , understand it and use it in their jobs.  There are several classes of folks that I work with.  Some are geeks in their own right, some are power users and then there are the folks that should never be allowed near a keyboard and mouse.  These are the type of people that always announce to me that they have no clue what they are doing with a computer and therefore the issue at hand is beyond their comprehension to deal with.  The first two classes of people are a joy to work with and the later class of people remind me that there is a reason why I have the job I do.

I apologize for chasing rabbits when I write, I must get better at this.  As the title of this blog post says Symantec Threatcon is at level 2 and has been for almost a week now.  If you are familiar with the movie that has the super computer that was created back in the 80’s that could simulate a global thermonuclear war through a game then you are familiar with the different threat levels such as Defcon 1, Defcon 2 and so on and so forth.  Those are levels of defensive readiness so to speak.  Symantec has a “Threat Condition” level that they keep posted as they are monitoring the many different threats by spyware, malware, crippleware, viruses and trojans that are being reported in the wild.

One of my jobs as a Network Administrator is to safeguard company data and make sure it is safe and free of virus infections.  That is no small task considering that I have to manage 6 servers and 65 workstations by myself.  We have Symantec Endpoint Protection that monitors for viruses and trojans and most spyware and we also have Counterspy that monitors for spyware and malware.  We have scans that are scheduled every morning between 1 am and 6 am on a daily basis.  Despite this system wide monitoring I still have computers that get infected with some sort of garbage that slips through the cracks and gums up the computer workstations.  To this date I have not had a server get infected and for that I am very thankful.

When one workstation gets infected it interrupts that persons productivity but if  a server were to get infected it would affect the entire company while I take it down and have to clean it.  In years gone by the easiest way for someone to catch a bug on their computer was to download an attachment in their e-mail inbox and then through social engineering be tricked into opening that attachment and release the payload of said virus or trojan.  Thanks to the Internet and a lot of knowledge being shared about this people have gotten a little bit more intelligent and wary about email attachments and therefore the hackers and virus programmers have had to get much more tricky with their methods of delivery.

One of the ways that you can get infected is by visiting a website that is designed to deliver viruses, trojans and maleware to your computer via active X and java scripts.  I am not a web developer or programmer so I am not as familiar with HOW the bugs are actually transferred but I know from experience that it happens with increased frequency.  One of the problems with this method of delivery is that it is almost impossible to know what website is dangerous and what is not.

The important thing is that you take the following precautions.

  • install decent Anti Virus software
  • keep the Anti Virus definition files updated regularly
  • schedule daily scans during your computer idle time
  • install decent spyware detection software
  • keep the spyware detection software definition files updated weekly
  • run regular spyware scans on a daily or weekly basis
  • stay AWAY from FREE File sharing websites and systems such as bit torrent
  • If you must use a program like Bit Torrent download all the files to a removable Hard disk or separate partition of your hard disk and make sure you scan those files for infection
  • partition your hard disk into two separate partitions and have your OS system files separate from your Data files.
  • Do a Daily or Weekly backup of your data
  • If you receive an e-mail with an HTML Link or attachment you are not expecting do NOT open the attachment and do NOT click on the link.  Assuming that the content is safe just because you know the sender can be dangerous and cost you hours of downtime and lost data.
  • educate yourself about viruses, trojans, maleware, spyware etc  The more you know about these productivity and data killers the better you will be able to protect yourselves.

Over the last five years the major Anti Virus vendors have realized that some folks do not use Anti Virus or Counter Spy software because they can not afford to purchase it or they would illegally pirate the software because they refused to buy it.  Microsoft has come out with a product that is free called Microsoft Security Essentials and you can download it for free and install it on your computer and use it.  Avast, AVG and several other companies also have free Anti Virus and Spyware detection.  Spybot Search and Destroy is a good product as well that you can download for free.  The bottom line is this.  You MUST take proactive steps to protect your data and programs from infection.  You also are responsible for being a good netcitizen and by protecting yourself you are also protecting the rest of the folks like me who are on the Internet with you.

Share this:
Share this page via Email Share this page via Stumble Upon Share this page via Digg this Share this page via Facebook Share this page via Twitter