Ans: We use computers for everything from banking and investing to shopping and communicating with others through email or chat programs. Although you may not consider your communications "top secret," you probably do not want strangers reading your email, using your computer to attack other systems, sending forged email from your computer, or examining personal information stored on your computer (such as financial statements).

Ans: Intruders (also referred to as hackers, attackers or crackers) may not care about your identity. Often they want to gain control of your computer so they can use it to launch attacks on other computer systems.

Having control of your computer gives them the ability to hide their true location as they launch attacks, often against high-profile computer systems such as government or financial systems. Even if you have a computer connected to the Internet only to play the latest games or to send email to friends and family, your computer may be a target.

Intruders may be able to watch all your actions on the computer, or cause damage to your computer by reformatting your hard drive or changing your data.

Ans: Unfortunately, intruders are always discovering new vulnerabilities (informally called "holes") to exploit in computer software. The complexity of software makes it increasingly difficult to thoroughly test the security of computer systems.

When holes are discovered, computer vendors will usually develop patches to address the problem(s). However, it is up to you, the user, to obtain and install the patches, or correctly configure the software to operate more securely. Most of the incident reports of computer break-ins received at WorldLink could have been prevented if system administrators and users kept their computers up-to-date with patches and security fixes.

Also, some software applications have default settings that allow other users to access your computer unless you change the settings to be more secure. Examples include chat programs that let outsiders execute commands on your computer or web browsers that could allow someone to place harmful programs on your computer that run when you click on them.

Ans: i) Email Spoofing: Email “spoofing” is when an email message appears to have originated from one source when it actually was sent from another source. Email spoofing is often an attempt to trick the user into making a damaging statement or releasing sensitive information (such as passwords).

Spoofed email can range from harmless pranks to social engineering ploys. Examples of the latter include: email claiming to be from a system administrator requesting users to change their passwords to a specified string and threatening to suspend their account if they do not comply email claiming to be from a person in authority requesting users to send them a copy of a password file or other sensitive information ii) Email-borne Viruses: Viruses and other types of malicious code are often spread as attachments to email messages. Before opening any attachments, be sure you know the source of the attachment. It is not enough that the mail originated from an address you recognize. The Melissa virus (see References) spread precisely because it originated from a familiar address. Also, malicious code might be distributed in amusing or enticing programs.

Never run a program unless you know it to be authored by a person or company that you trust. Also, don't send programs of unknown origin to your friends or coworkers simply because they are amusing -- they might contain a Trojan horse program.

iii) Unprotected Windows Shares: Unprotected Windows networking shares can be exploited by intruders in an automated way to place tools on large numbers of Windows-based computers attached to the Internet. Because site security on the Internet is interdependent, a compromised computer not only creates problems for the computer's owner, but it is also a threat to other sites on the Internet. The greater immediate risk to the Internet community is the potentially large number of computers attached to the Internet with unprotected Windows networking shares combined with distributed attack tools.

iv)Another threat includes malicious and destructive code, such as viruses or worms, which leverage unprotected Windows networking shares to propagate. There is great potential for the emergence of other intruder tools that leverage unprotected Windows networking shares on a widespread basis.

v) Denial of Service: Another form of attack is called a denial-of-service (DoS) attack. This type of attack causes your computer to crash or to become so busy processing data that you are unable to use it. In most cases, the latest patches will prevent the attack. It is important to note that in addition to being the target of a DoS attack, it is possible for your computer to be used as a participant in a denial-of-service attack on another system.

Ans: i) Use virus protection software: We recommend the use of anti-virus software on all Internet-connected computers. Be sure to keep your anti-virus software up-to-date. Many anti-virus packages support automatic updates of virus definitions. We recommend the use of these automatic updates when available.

ii) Use a firewall: We strongly recommend the use of some type of firewall product, such as a network appliance or a personal firewall software package. Intruders are constantly scanning home user systems for known vulnerabilities. Network firewalls (whether software or hardware-based) can provide some degree of protection against these attacks. However, no firewall can detect or stop all attacks, so it’s not sufficient to install a firewall and then ignore all other security measures.

iii) Don’t open unknown email attachments: Before opening any email attachments, be sure you know the source of the attachment. It is not enough that the mail originated from an address you recognize. The Melissa virus spread precisely because it originated from a familiar address. Malicious code might be distributed in amusing or enticing programs. If you must open an attachment before you can verify the source, we suggest the following procedure:

• make sure your virus definitions are up-to-date (see "Use virus protection software" above)
• save the file to your hard disk
• scan the file using your antivirus software
• open the file

For additional protection, you can disconnect your computer's network connection before opening the file. Following these steps will reduce, but not wholly eliminate, the chance that any malicious code contained in the attachment might spread from your computer to others.

iv) Don’t run programs of unknown origin: Never run a program unless you know it to be authored by a person or company that you trust. Also, don't send programs of unknown origin to your friends or coworkers simply because they are amusing -- they might contain a Trojan horse program.

v) Keep all applications (including your operating system) patched: Vendors will usually release patches for their software when a vulnerability has been discovered. Most product documentation offers a method to get updates and patches. You should be able to obtain updates from the vendor's web site. Read the manuals or browse the vendor's web site for more information.

Some applications will automatically check for available updates, and many vendors offer automatic notification of updates via a mailing list. Look on your vendor's web site for information about automatic notification. If no mailing list or other automated notification mechanism is offered you may need to check periodically for updates.

vi) Make regular backups of critical data: Keep a copy of important files on removable media such as ZIP disks or recordable CD-ROM disks (CD-R or CD-RW disks). Use software backup tools if available, and store the backup disks somewhere away from the computer.

vii) Disable scripting features in email programs: Because many email programs use the same code as web browsers to display HTML, vulnerabilities that affect ActiveX, Java, and JavaScript are often applicable to email as well as web pages. Therefore, in addition to disabling scripting features in web browsers (see "Disable Java, JavaScript, and ActiveX if possible", above), we recommend that users also disable these features in their email programs.

viii) Turn off your computer or disconnect from the network when not in use: Turn off your computer or disconnect its Ethernet interface when you are not using it. An intruder cannot attack your computer if it is powered off or otherwise completely disconnected from the network.

Ans: i) Use virus protection software: We recommend the use of anti-virus software on all Internet-connected computers. Be sure to keep your anti-virus software up-to-date. Many anti-virus packages support automatic updates of virus definitions. We recommend the use of these automatic updates when available.

Ans: A Trojan horse is a simple but malicious computer program that is camoflagued as or snagged inside a authentic software. The term comes from the classical myth of the ‘Trojan Horse’. They may look useful or interesting (or at the very least harmless. For eg. It might claim to be a game) to an unsuspecting user, but are actually harmful when carried out, it might go as far as erasing your whole hard drive. Often the program is simply known as ‘trojan’.

Ans: A worm is a small piece of software that uses computer networks and security holes to duplicate itself. A copy of the worm searches within the network for another machine that has a particular security hole. It copies itself on to the new machine using the security hole, and then starts copying itself from there to other systems and it does so without any interference. In general, worms damage the network and consume bandwidth, while viruses infect or corrupt files on a targeted computer. Viruses generally do not affect network performance, as their activities are mostly confined within the target computer itself.

Ans: The following are some good ways of stopping your computer from getting a computer virus infection:

Turn off the feature that allows automatic opening of email attachments, never open attachments from unidentified sources or attachments you are not expecting.

• Always scan diskettes, CD's and any other removable media before using them.
• Always scan files downloaded from the Internet before using them
• Do not install any unapproved software on your computer.
• Make sure that your virus pattern files are updated.
• Make sure that your computer is patched with the latest security updates.
• Scan your computer on a habitual basis.

Ans: Always keep in mind that just because your computer is acting strangely or one of your programs doesn't work right, this does NOT mean that your computer has a virus. Extreme measures such as formatting your hard drive should be avoided. They usually don't fix a virus infection, and may end up doing more harm than good, unless you're very knowledgeable about the effects of the particular virus you're dealing with.

• If you haven't already installed a reliable anti-virus program on your computer, do that first. Many problems which are thought to have occurred due to a virus infection are actually caused by software configuration blunders or other problems that have nothing to do with a virus.
• If you do get a virus in your machine, follow the directions in your anti-virus program to clean it. If you have a backup of the corrupted files, use those to restore the files. Check the backups before you re-install them to make sure they aren’t infected as well. For further assistance, check the web site and support services of your anti-virus program.

Ans: Please follow the links below for more information about Latest Virus Threats, Security Advises, Virus Definitions and Removal Tools :

• http://www.sarc.com
• http://www.mcafee.com
• http://www.pandasoftware.com
• http://www.grisoft.com
• http://www.trendmicro.com
• http://www.eset.com

Ans: Please follow the links below for more information about Latest Virus Threats, Security Advises, Virus Definitions and Removal Tools :

• Norton Antivirus (Intelligent Updater, Mar 31, 2010)
• AVG Scanner (Priority Update, Mar 31, 2010)
• McAfee Antivirus (Dat file, Mar 31, 2010)
• McAfee Antivirus (EXE file, Mar 31, 2010)
• Avira Antivirus (ZIP file, Mar 31, 2010)