Scumware prevention and removal
 
|
|||
 | |||
|
Sign up to receive this and other networking newsletters in your inbox.
In the first four articles of this series, we have been looking at the problems raised by scumware - software that makes unauthorized changes to Web pages and other documents. In this, the last of the series, I will summarize measures for preventing and removing infestations of scumware.
First, you must decide if you approve of having advertisements and hyperlinks inserted into the views of Web pages that appear on your screen. If you do, there's no problem and you can stop reading this column.
For those who don't like the idea of extraneous links and ads, the most obvious measure for preventing infestation is not to install scumware at all. Unfortunately, this is not as easy as one would like. As we have seen in previous articles, scumware can infest other software and be installed with little or no notice to the user. Nonetheless, before installing freeware, shareware, or adware (products that offer services in return for sending the user targeted ads), everyone would do well to read about the product using an Internet search engine such as Google.
To see if the product you are thinking of installing is a known offender, check the lists of known scumware at Scumware*Links:
www.freegraphics.com/zz-scumware/
Without gritting your teeth too hard, read the end-user license agreement. Look for language, no matter how convoluted or how tiny the point size, that indicates that the product is likely to add to or modify the appearance of Web pages you download. In addition, look for language that threatens to delete or inhibit any of your _other_ programs.
As I was completing this article, Declan McCullagh's admirable PoliTech list published a fascinating glimpse of the mindset of some adware makers. The RadLight adware product comes with a license agreement that reads in part, " You are not allowed to use any third party program (e.g Ad-aware) to uninstall application bundled with RadLight. Such programs will be removed. "
www.politechbot.com/p-03439.html
While you are installing any software, from no matter what source, always keep your firewall active if at all possible. Be sure to configure your firewall to alert you to any attempt to contact an external address from inside your system; although such attempts may occasionally be necessary (e.g., for updates to critical components), in many cases they can be blocked safely. You can always study the issue more closely if necessary by examining the TCP address of the target and doing a reverse IP-block lookup to find out where the critter is trying to connect. Once you know the name of the registrant and the DNS entry for the target, block the transmission without hesitation if you don't know why a module on your system is trying to communicate with a site you know nothing about. You can always reverse your decision later if you determine that the connection is in your interest.
To identify undocumented or forgotten adware, spyware and scumware, several real-time scanners can spot trouble for you. For example, Lavasoft makes Ad-aware, a simple, free and reliable product that scans your system for unwanted intruders and removes these programs from your computer. For details:
RELATED LINKS
NEW! 18-month online Master of Science in Information Assurance offered by Norwich University.
Look for the “Computer Security Handbook, 4th Edition” edited by Seymour Bosworth and Michel E. Kabay; Wiley (New York), ISBN 0-4714-1258-9. Available now at your technical bookstore or from Amazon.
M. E. Kabay, Ph.D., CISSP, is Associate Professor in the Department of Computer Information Systems at Norwich University in Northfield, Vt. Mich can be reached by e-mail and his Web site.
