SOFTWARE ENGINEERING

Final Examination

Case 1: World Wide Host Revisited

1. For me, in order to avoid virus attacks to computer files, we need to scan first before we open
computer files. I think, we can secure the computer files and to avoid virus attacks.

Here are some practical tips to avoid getting infected (again). For more general security information, please
see our main security help page.

 Never execute programs unless they are from a trusted source.

 
 Never open e-mail attachments unless you know who they're from, especially attachments with the
extensions .exe, .ink and .vbs.
 
 Update your antivirus and security software on a regular basis.

 Install patches and security updates for your operating system and software as they become
available.

 Beware of homemade CDs and floppy disks. If you plan to use these disks in your computer, scan
them with your anti-virus software first.

 Never accept programs transferred by instant messaging applications.

 NEVER download blindly from people or sites which you aren't 100% sure about. In other words,
as the old saying goes, don't accept candy from strangers. If you do a lot of file downloading, it's
often just a matter of time before you fall victim to a trojan.
 Even if the file comes from a friend, you still must be sure what the file is before opening it,
because many trojans will automatically try to spread themselves to friends in an email address
book or on an IRC channel. There is seldom reason for a friend to send you a file that you didn't
ask for. When in doubt, ask them first, and scan the attachment with a fully updated anti-virus
program.
 Beware of hidden file extensions! Windows by default hides the last extension of a file, so that
innocuous-looking "susie.jpg" might really be "susie.jpg.exe" - an executable trojan! To reduce the
chances of being tricked, unhide those pesky extensions.
 NEVER use features in your programs that automatically get or preview files. Those features may
seem convenient, but they let anybody send you anything which is extremely reckless. For
example, never turn on "auto DCC get" in mIRC, instead ALWAYS screen every single file you get
manually. Likewise, disable the preview mode in Outlook and other email programs.
 Never blindly type commands that others tell you to type, or go to web addresses mentioned by
strangers, or run pre-fabricated programs or scripts (not even popular ones). If you do so, you are
potentially trusting a stranger with control over your computer, which can lead to trojan infection or
other serious harm.
 Don't be lulled into a false sense of security just because you run anti-virus programs. Those do
not protect perfectly against many viruses and trojans, even when fully up to date. Anti-virus
programs should not be your front line of security, but instead they serve as a backup in case
something sneaks onto your computer.
 Finally, don't download an executable program just to "check it out" - if it's a Trojan, the first time
you run it, you're already infected!