Microsoft Small Business Server 2003 Unleashed

Recently viruses have been making less of an impact in networks and spyware more so. Both types of malicious software, viruses and spyware, could honestly be treated as one category. The industry, however, treats them as two separate types of unwanted software. The reality is that any unwanted software is just that, unwanted software. The antispyware industry is moving from the standalone desktop model to the managed solution model. Currently, of the top-rated antispyware software as ranked by Consumer Reports, only a few have a corporate version.

Best Practice: Choosing the Right Vendor

The typical argument in the community is to choose a vendor who specializes in a particular type of malware, either antivirus or antispyware. However, many products are beginning to overlap, and the two types of malware are beginning to be difficult to distinguish. Bad code is bad code no matter what you call it. The general consensus is still to pick a solution for each "genre" or type of malware.

Some of the high-rated antispyware tools are

  • Microsoft AntiSpyware (beta), free to individual users, but a fee for the corporate version

  • Webroot by Spy Sweeper

  • Computer Associates eTrust Pest Patrol

  • Spybot Search and Destroy

  • Ad-Aware SE Plus

  • McAfee Antispyware

  • Trend Micro PC-Cillin Internet Security

  • Counterspy

Spyware is similar to viruses and has similar symptoms. The Microsoft AntiSpyware website at http://www.microsoft.com/athome/security/spyware/spywaresigns.mspx describes the following symptoms of spyware; also see Table 10.2.

Table 10.2. Symptoms of Spyware on Your System

Symptom

Explanation

I see pop-up advertisements all the time.

Some unwanted software bombards you with pop-up ads that aren't related to a particular website you're visiting. These ads are often for adult or other websites you may find objectionable. If you see pop-up ads as soon as you turn on your computer or when you're not even browsing the Web, you may have spyware or other unwanted software on your computer.

My settings have changed, and I can't change them back to the way they were.

Some unwanted software has the capability to change your home page or search page settings. This means that the page that opens first when you start your Internet browser or the page that appears when you select Search may be pages that you do not recognize. Even if you know how to adjust these settings, you may find that they revert back every time you restart your computer.

My web browser contains additional components that I don't remember downloading.

Spyware and other unwanted software can add additional toolbars to your web browser that you don't wantor need. Even if you know how to remove these toolbars, they may return each time you restart your computer.

My computer seems sluggish.

Spyware and other unwanted software are not necessarily designed to be efficient. The resources these programs use to track your activities and deliver advertisements can slow down your computer, and errors in the software can make your computer crash. If you notice a sudden increase in the number of times a certain program crashes, or if your computer is slower than normal at performing routine tasks, you may have spyware or other unwanted software on your machine.

The difference between spyware and viruses is merely the attack vector. Spyware typically attacks via the web browser. As such, antispyware software's main goal is to freeze the browser settings and look for changes in Registry settings and startups. There is overlap between spyware and viruses, and this blurring of the edges between the two will probably only become more significant in the future. A discussion of the approach of analysis of the Microsoft AntiSpyware product can be found at http://www.microsoft.com/athome/security/spyware/software/isv/analysis.mspx. In that article the categories for spyware are identified as listed in Table 10.3.

Table 10.3. Spyware Criteria

Category

Explanation

Deceptive behaviors

Includes problems with notice and consent about what is running on the user's machine, control over the actions taken by the program while it is running on the machine, and installation and removal of the program from the machine at the user's discretion.

Privacy

Issues in collecting, using, and communicating the user's personal information and behaviors without explicit consent.

Security

Negative impact on the security of the user's computer or attempts to circumvent or disable security, including but not limited to evidence of malicious behaviors.

Performance impact

General impact on performance, reliability, and quality of the user's computing experience (for example, slow computer performance, reduced productivity, corruption of the operating system, or other issues).

Industry and consumer opinion

The software industry and individual users play a key role in helping to identify new behaviors and programs that could present risks to the user's computing experience.

As you can see the characteristics are similar to viruses. Both are unwanted code on your system.

Категории