rogue, server, software, security, malware, peer-to-peer, p2p, unauthorized, infection, botnet, virus, malware, fraud, services, unwanted,
HOME
PAGE
MEMBER RESOURCES
ABOUT US
FORUMS
PARTNERS
PRODUCTS & SERVICES
FREE RESOURCES
LOGIN
HERE
JOIN
NOW!
You are not logged in. Access is limited. Login or see membership information. • Streetwise Security Zone Community

To see the list of all blogs, including Scott Wright's Security Views Blog and the Streetwise Security Zone Podcast click HERE. You also can subscribe via an RSS reader, or check the "Watch This" box in the left column to receive news by email of new articles.


Watch this Blog Notify me by e-mail any time a new post is made to this blog.

Scott Wright's editorials on a variety of security issues for non-technical business managers and home computer users. Please feel free to comment and help spread the word that managers need to think about their information security risks.

The Virus Time Machine (e-Book)
Product ID: 00000007

... What You Need to Know (and Wish You Knew Before) About Removing Virus and Malware Infections Before you start down the path of trying to fix a virus infection on your computer, you should really understand what's invol ... More »

Non-Member Price: $4.99

November 2009 Posts

Archives
  Scott Wright's Security Views
Blog Entry

The top 5 things everyone should know about servers - especially if you really don't want to

Monday, November 23rd 2009 @ 12:00 AM (not yet rated)    post viewed 1297 times

It used to be that the word "server" was something people could automatically ignore if they were not involved in running computers in production data-centers. But today, you could be running server-like software on your computer, and not even know it. In fact, most unauthorized or unwanted software is set up to act like a server. Here are the top 5 things you should know about servers, especially if you don't want to have anything to do with them:

  1. A server can be though of as any kind of software that can accept a request or command from another program or computer. Just because your computer is a laptop, or even a netbook, doesn't mean you can't be running a server-like program that is listening for commands from a computer somewhere else.
  2. Any time you install a program on your computer, there is the potential that the software may be configured to receive commands from its publisher. In most cases, if you are running the program from a default account with full privileges on your computer, the server can access anything on your computer, and possibly on other computers in your network.
  3. Peer to peer software like file-sharing programs are essentially server programs that accept requests from other computers to search the files in your shared directories. Again, although they are only supposed to look in folders you designate as "sharing folders", the program may have the ability to access any files on your computer.
  4. Malware, viruses and botnets like to set up undetectable servers. If your computer becomes infected, there's a good chance it will install a server of some sort to wait for instructions on what to do next. Perhaps it will receive commands to repackage itself as a different kind of virus that anti-virus software can't detect - so it can live longer. Or it may wait for commands to start sending out Spam from your ISP accounts, or making bank transfers using your account while you are logged in. The possibilities are endless.
  5. The best way to avoid having servers on your computer that are working for other people instead of you is to: (a) only install and use software from reputable vendors, and (b) avoid clicking on links, attachments or pop-up dialog boxes that are not from people you trust or software you know you can rely on.

Once you have an unwanted server on your system it can be very difficult to remove. That's why it's important to always have backups of your important data. You may have to completely wipe and re-install your computer's operating system to be sure your computer is only obeying your commands, and not somebody else's.

I am now offering monthly briefings, tailored to organizations that want to build and sustain security awareness for staff. Just because your security team is too busy to do its own training and awareness doesn't mean you can't have an economical way to address human security risks. Please call or email me at the coordinates below...

Scott Wright

The Streetwise Security Coach

Join the Streetwise Security Zone at:
http://www.streetwise-security-zone.com/join.html

Phone: 1-613-693-0997
Email: scott@streetwise-security-zone.com
Twitter ID: http://www.twitter.com/streetsec

To receive weekly security tips and other notices about helpful content available on this site, please make sure you are on my list by clicking HERE, and entering your name and email address.

 

 

Site Meter

 rate this post: very bad poor average good fantastic!
Comments

ScottWright
Group Administrator		ScottWright said on Monday, November 23rd 2009 @ 1:50 PM:

Another important thing to note about servers is that you can be held liable for any illegal activity that happens because of them. While you may be able to make the case that you are a victim, if you haven't taken reasonable precautions - including having malware protection, IT governance policies and security awareness education - you can find yourself in pretty hot water.