• Cisco
    1.jpg
    Cisco a partner with us provides:
    Firewalls, Switches, Routers and so much more products
  • Finjan
    2.jpg
    A product of M86 Security that >>Offers secure web gateway solutions for the enterprise market. >> Provides a unified web security solution combining multi-layered security with productivity...
  • M86 Security
    3.jpg
    Our partner that offers content filtering engines like >>Mail Marshal >> Web Marshal
  • McAfee
    4.jpg
    Offers a wide range of security products like: >>Data Loss Prevention >>Endpoint Protection >> Network Protection >>USBEncryption ... & so much more products
  • Symantec
    5.jpg
    One of our partner that offers a wide range of security products like: >>Backup Exec
  • Others
    6.jpg
    More of our partners: Net IQ, Access Data, Microsoft, SAP, VeriSign, TippingPoint, eSoft, Redhat & Cyberoam

 

AntiVirus / Endpoint security

AntiVirus is a software program specifically designed to protect a computer from viruses and other malicious code. It works through a variety of different methods to identify and clean, quarantine or delete viruses. The most basic method is that of virus signatures. A virus signature is like an ID for a virus and it allows the AntiVirus Software to recognise a particular virus and then take action to eliminate it. However this method only works for viruses that have been identified, and are therefore old. The problem is that new viruses are constantly being written, and this is what it is important to ensure that you have maximum protection against. There are several ways of doing this. Firstly, there is Heuristic scanning. Heuristics allows the AV Software to look for parts of computer code that could potentially be malicious

You can't see them and you may not necessarily know when they have struck--until it's too late. There are many types of viruses, and other malicious code. They can cripple your computer and network and wreak havoc on your personal files. At last count there were more than 65,000 virus threats on the loose. They are looking for you, so be sure to find them first!

The first and most obvious step is to install a good Anti-Virus software. The next step is to ensure that your Anti-Virus software is always up to date with the latest virus definitions. Telkom Kenya have also done this, because they are using McAfee’s ePO, or ePolicy Orchestrator which ensures that the software is up to date and configured correctly, automatically.

HOWEVER…

There are several other steps that YOU the user can take to help ensure that Telkom stays Virus-Free!

  • Never open email from people who you don't recognise.
  • If an email has an odd or funny sounding subject line, do not open it.
  • Never open an email attachment unless you know what it is, and you are expecting to receive it.

Do not open attachments that do not seem relevant, e.g. Screen Savers, games etc. Virus writers try to make their attachments seem interesting so that you will want to open them.

DON’T get caught out!

  • Download only from sources with which you are familiar.

Virus Hoaxes – Harmless pranks, or menaces in their own way?

There are a lot of viruses out there. And then there are some viruses that aren't really out there at all. Hoax virus warning messages are more than mere annoyances.

After repeatedly becoming alarmed, only to learn that there was no real virus, computer users may get into the habit of ignoring all virus warning messages, leaving them especially vulnerable to the next real, and truly destructive, virus. In addition to this, when they are forwarded, as suggested ‘to everyone in your mailbox’, they block up mail servers and take up space on your leased line. Imagine if someone was trying to send an urgent email, and it had to wait behind a queue of 500 hoax virus-warning messages! If there is a new high Risk Virus Alert, ProTec will email Telkom IT Department, and let them know.

The next time you receive an urgent virus-warning message, check it against the list of known virus hoaxes in the later section. If you receive any other Virus warnings from any other sources, and you are not sure if they are a hoax or not, please forward them to your systems administrator, but no one else. They can send them to us, and we will notify you whether it is a hoax.

There are several common themes to hoaxes.

  • The source will often be quoted as Microsoft, Intel, or ‘a friend of mine got this’. Occasionally it will also be stated that either McAfee or Symantec released the information, but usually in combination with another source.
  • The virus is usually described as ‘Deadly’, ‘The worst ever discovered’, or Lethal’.
  • It will usually state that the virus “will destroy your Hard Drive’ or ‘wipe everything on your computer as soon as you open it’.
  • It will normally ask you to ‘forward this to everyone in your address book’ or ‘send this to all your friends’. In addition it will often include the reassurance that ‘ I would rather receive this 25 times than not at all’.

Please see below for some sample hoax messages.

Be aware that the people who create viruses can use known hoaxes to their advantage. A good example is the AOL4FREE hoax. This began as a hoax warning about a non-existent virus. Once it was known that this was a hoax, somebody began to distribute a destructive trojan horse (a trojan horse differs from a virus in that it does not reproduce itself) in a file named AOL4FREE, attached to the original hoax virus warning! The lessons are clear:

  • Always remain vigilant.
  • Never open a suspicious attachment.

What is a Virus?

A virus is a program that infects systems by rewriting files, or by inserting or attaching a copy of itself to a file (including email files). When an infected file is opened, the embedded virus is executed. Often, users don't realise that this is happening in the background. It may replicate itself within one computer, but to infect other machines, it must be passed on in a program, email file or attachment, infected diskette or other "removable media," or across a network. A specific quality to a Virus, as opposed to other malicious code, is that it can replicate and spread without further action from their perpetrator.

What a Virus Can Do?

A virus can do as minimal damage as copying itself and then allowing programs to run normally. Most, however, do far more damage, by delivering a "payload." For example, they could display a certain message on the machine's monitor, perform a deletion or modification to a certain file or files, delete entire files, or even reformat your hard drive.

Types of Viruses

There are several types of viruses that can infect PC Systems including:

  • Boot Sector Viruses – These are usually transmitted by leaving an infected floppy disc in the drive and then rebooting the system. They infect a system’s floppy or hard drive and then spread (by replicating and attaching to any logical disc’s available.
  • File Infecting Viruses – These are actually programmes that must be executed in order to become active. Once they are active, they replicate and attach themselves to other executable files.
  • Macro Viruses – Currently the most common virus, Macros attack specific applications, e.g. Word and Excel, though macro commands, and spread to all the documents in that application.
  • Polymorphic Viruses – These viruses have a built in mutation engine, which changes the virus signature each time it replicates, making it harder to detect.
  • Stealth Viruses – These viruses attempt to disguise their actions, and sometimes are designed to attack anti-virus software.
  • Multi-Partite Viruses – These have characteristics of both boot and file viruses.

Other Malicious Codes

Mobile code is a form of programming that specifies how applications exchange information. It was created by and for Web developers who use it to write applications that Web browsers can automatically download and execute. However, it can also be used as a weapon in computer warfare. Once downloaded onto your system, hackers can transmit data from your computer back to their computers without your knowledge. They can steal your passwords or credit card information, erase or transfer important files, and even render your system inoperable.

Types of Malicious Codes

There are several types of mobile codes which can be used maliciously and that can infect PC Systems including:

  • Java Applets These are auto-executable programs written in the Java programming language. Java applets can perform any number of tasks, and can be embedded in Web pages or sent as email attachments. Since most Web browsers are set to automatically run Java applets, applets which are malicious in nature can be a serious threat. It is possible to change the settings of your Web browser to alert you before executing any Java applet.
  • ActiveX Controls - Sometimes similar to Java applets, but developed by Microsoft, these have total access to the Windows operating system, which makes them very potent, and if malicious, potentially more dangerous than even Java applets.
  • Macros – These are language which, when embedded in files, can automatically execute software commands without user knowledge. Once downloaded or executed, the macros have total access to the user's files, and can perform system modifications specified by the code writer. Many Windows-based macros are written in Visual Basic.
  • Visual Basic Script is a Microsoft scripting language that makes it possible to embed interactive elements in HTML documents.
  • Worms - These are programs that can propagate themselves without requiring user interaction. A good example of this was the ILOVEYOU email worm, which automatically emailed itself to everyone in the recipient's address book. A worm can spread itself to hundreds of thousands of machines very quickly via the local networks and the Internet. Mass Mailers are a form of worm.
  • Zombies – These are computers secretly implanted with a dormant program to be awakened later to aid in a collective attack on another system.
  • Trojan Horses - These are malicious programs that pretend to be benign programs, such as a screen saver, game or other type of utility. It does not replicate itself like a virus, does not make copies of itself like a worm and is usually spread by email or Web downloads.

How does Malicious Code infect your Computer?

Now that you've learned of the different types of code to watch out for, how does it actually get to your machine? Dangerous code can get onto your system and wreak havoc through a number of different channels. Mobile code can travel by itself; it just needs an open pipeline - which is why broadband connections so often fall prey to it. Other types of viruses though, are stowaways. The two best avenues for this type of virus or infected code to travel are through downloads from Web sites, via email or in email attachments.

What is does?

An AntiVirus protects networked computers from malicious codes, worms and Trojans. This program also ensures immediate response to malicious code outbreaks. It also detects and disinfects the viruses that are succumbing to the network.

How it works?

An AntiVirus scans the network to determine if the content coming in from outside is a virus. It also eliminates content that may contain viruses. This product also does an independent testing which certifies their products to detect and disinfect viruses.

What it doesn’t do.

An AntiVirus is not able to protect a user if they open mail that may contain a virus. Most of these situations usually occur as a result of mass mailing. A user does not really know what is in the mail unless they open it. Because of this it is very important that the user be very careful of mail sent to them from the outside.

What would happen if you do not have an AntiVirus?

Lack of an anti virus leaves the network exposed to viruses and also gives easy access to hackers. Having an AntiVirus helps ProTects your system from viruses and hackers.