US-CERT Cyber Security Tip ST06-009 -- Coordinating Virus and Spyware Defense

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                      Cyber Security Tip ST06-009
                 Coordinating Virus and Spyware Defense

   Using anti-virus and anti-spyware software is an important part of
   cyber security. But in an attempt to protect yourself, you may
   unintentionally cause problems.

Isn't it better to have more protection?

   Spyware  and  viruses  can  interfere  with your computer's ability to
   process  information  or can modify or destroy data. You may feel that
   the  more  anti-virus  and  anti-spyware  programs you install on your
   computer,  the safer you will be. It is true that not all programs are
   equally  effective,  and  they  will not all detect the same malicious
   code.  However, by installing multiple programs in an attempt to catch
   everything, you may introduce problems.

How can anti-virus or anti-spyware software cause problems?

   It  is  important  to  use  anti-virus  and anti-spyware software (see
   Understanding Anti-Virus Software and Recognizing and Avoiding Spyware
   for  more  information). But too much or the wrong kind can affect the
   performance  of  your  computer  and the effectiveness of the software
   itself.

   Scanning  your  computer  for  viruses  and  spyware  uses some of the
   available  memory  on  your  computer.  If  you have multiple programs
   trying to scan at the same time, you may limit the amount of resources
   left  to perform your tasks. Essentially, you have created a denial of
   service  against yourself (see Understanding Denial-of-Service Attacks
   for  more  information).  It  is  also possible that in the process of
   scanning  for viruses and spyware, anti-virus or anti-spyware software
   may  misinterpret  the virus definitions of other programs. Instead of
   recognizing  them  as  definitions,  the  software  may  interpret the
   definitions  as  actual  malicious code. Not only could this result in
   false  positives  for  the  presence  of  viruses  or spyware, but the
   anti-virus  or anti-spyware software may actually quarantine or delete
   the other software.

How can you avoid these problems?

     * Investigate   your   options   in  advance  -  Research  available
       anti-virus  and anti-spyware software to determine the best choice
       for  you.  Consider  the  amount  of  malicious  code the software
       recognizes,   and  try  to  find  out  how  frequently  the  virus
       definitions are updated. Also check for known compatibility issues
       with other software you may be running on your computer.
     * Limit  the  number  of programs you install - Many vendors are now
       releasing   packages   that   incorporate   both   anti-virus  and
       anti-spyware  capabilities  together.  However,  if  you decide to
       choose  separate  programs,  you  really  only need one anti-virus
       program  and  one  anti-spyware  program. If you install more, you
       increase your risk for problems.
     * Install  the  software in phases - Install the anti-virus software
       first  and  test  it for a few days before installing anti-spyware
       software.  If  problems  develop,  you  have  a  better  chance at
       isolating  the  source and then determining if it is an issue with
       the software itself or with compatibility.
     * Watch  for  problems - If your computer starts processing requests
       more  slowly,  you  are  seeing  error messages when updating your
       virus  definitions,  your software does not seem to be recognizing
       malicious  code,  or  other  issues  develop that cannot be easily
       explained, check your anti-virus and anti-spyware software.
     _________________________________________________________________

     Authors: Mindi McDowell, Matt Lytle
     _________________________________________________________________

     Produced 2006 by US-CERT, a government organization.
  
     Terms of use
 
     <http://www.us-cert.gov/legal.html>
  
     This document can also be found at
 
     <http://www.us-cert.gov/cas/tips/ST06-009.html>
 

     For instructions on subscribing to or unsubscribing from this
     mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
     
     
     

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRRridexOF3G+ig+rAQL1Fgf+NuwTIvZwBUau4GoTOdNsZ4XufognCUOz
TIcRKJeNhr5gKHjQIGHsQlQyIwcp7dE2KZ/c4pMXYadQKWP90VNZdgCe5yvcGSHZ
yGpotA0EiFfvILSrsjfudLJDviDt3wNYizuuJFU764qWNvjvuPvUKh/ypSSX//PC
JabTtxhM4FFdX5CxWPppVOj2HITuUculxuLLSRis/13wdV0YUMgwK3VixJD7kGRl
otcc1/PgDbU+qbQGhY9KyCjAapiYQBTIlB/nJl+1HZ4twbYmTtzIVozdWvB71NFe
jZVceVsKFUHViqGbZOW7xn/O0t5eKeoSScj1V9evWN4/vnT+Z0zv5g==
=5HRT
-----END PGP SIGNATURE-----

[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux