Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Microsoft tops $60 billion in annual revenue
Estee Lauder revamps security in face of regulatory requirements
AMD appoints new CEO as losses continue
Hold off on WiMAX investments, Gartner cautions
EU levels new antitrust charges against Intel
Juniper airs zippier WAN app accelerators
IBM and Sun each claim to develop 'first' 1TB tape drive
Researchers trace structure of cybercrime gangs
Juniper switch proves to be credible choice
Citrix aims to simplify mixed virtual environments
Hunt for the elusive rootkit 'Rustock.C' revealed
One in four businesses block access to Facebook, social networking sites
Insider threat looms large as San Francisco's network crisis plays out
EMC merges home backup with cloud-based storage
Report: Microsoft in talks for a deal with AOL
Sprint, SK Telecom merger rumors flare up again
Security /

Scumware prevention and removal

Related linksToday's breaking news
Send to a friendFeedback

Sign up to receive this and other networking newsletters in your inbox.

By M. E. Kabay
Network World Security Newsletter, 05/29/02

In the first four articles of this series, we have been looking at the problems raised by scumware - software that makes unauthorized changes to Web pages and other documents. In this, the last of the series, I will summarize measures for preventing and removing infestations of scumware.

First, you must decide if you approve of having advertisements and hyperlinks inserted into the views of Web pages that appear on your screen. If you do, there's no problem and you can stop reading this column.

For those who don't like the idea of extraneous links and ads, the most obvious measure for preventing infestation is not to install scumware at all. Unfortunately, this is not as easy as one would like. As we have seen in previous articles, scumware can infest other software and be installed with little or no notice to the user. Nonetheless, before installing freeware, shareware, or adware (products that offer services in return for sending the user targeted ads), everyone would do well to read about the product using an Internet search engine such as Google.

To see if the product you are thinking of installing is a known offender, check the lists of known scumware at Scumware*Links:

www.freegraphics.com/zz-scumware/

Without gritting your teeth too hard, read the end-user license agreement. Look for language, no matter how convoluted or how tiny the point size, that indicates that the product is likely to add to or modify the appearance of Web pages you download. In addition, look for language that threatens to delete or inhibit any of your _other_ programs.

As I was completing this article, Declan McCullagh's admirable PoliTech list published a fascinating glimpse of the mindset of some adware makers. The RadLight adware product comes with a license agreement that reads in part, " You are not allowed to use any third party program (e.g Ad-aware) to uninstall application bundled with RadLight. Such programs will be removed. "

www.politechbot.com/p-03439.html

While you are installing any software, from no matter what source, always keep your firewall active if at all possible. Be sure to configure your firewall to alert you to any attempt to contact an external address from inside your system; although such attempts may occasionally be necessary (e.g., for updates to critical components), in many cases they can be blocked safely. You can always study the issue more closely if necessary by examining the TCP address of the target and doing a reverse IP-block lookup to find out where the critter is trying to connect. Once you know the name of the registrant and the DNS entry for the target, block the transmission without hesitation if you don't know why a module on your system is trying to communicate with a site you know nothing about. You can always reverse your decision later if you determine that the connection is in your interest.

To identify undocumented or forgotten adware, spyware and scumware, several real-time scanners can spot trouble for you. For example, Lavasoft makes Ad-aware, a simple, free and reliable product that scans your system for unwanted intruders and removes these programs from your computer. For details:

www.lsfileserv.com/

RELATED LINKS

NEW! 18-month online Master of Science in Information Assurance offered by Norwich University.

Look for the “Computer Security Handbook, 4th Edition” edited by Seymour Bosworth and Michel E. Kabay; Wiley (New York), ISBN 0-4714-1258-9. Available now at your technical bookstore or from Amazon.

M. E. Kabay, Ph.D., CISSP, is Associate Professor in the Department of Computer Information Systems at Norwich University in Northfield, Vt. Mich can be reached by e-mail and his Web site.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.