Friday, September 16, 2005

PC Pest Control by Preston Gralla: The Essential Malware Combat Manual

Spyware is reporting on your Internet activities, keyloggers are recording your keystrokes, spam is clogging your Inbox—and that's just in the last 10 minutes.
Preston Gralla is an acknowledged maven on the topic of Internet security. In PC Pest Control, he organizes all that knowledge into a readable, imminently-usable book that provides everything you need to know to swat those pests. This is a book for the average computer user who just wants to surf the 'Net in peace.

Gralla starts by explaining the scope of the problem. What can you lose? How prevalent is spyware, virus and phishing activity? The scary truth is there in Chapter 01, "Your PC Is Not Your Own." 80% of home computers infected with spyware and 20% with active viruses is bad enough—but 90% of those with infected computers had no idea they had been infested. Once he has your attention with this catalog of bugs and invaders, Gralla proceeds to tell "Where You're Vulnerable" and how to prevent, monitor and kill these pests. (A helpful list of "selected pest filenames" is found side-by-side with an even more useful list of "selected legitimate filenames" in Chapter 03.)

Once he gets down to specifics, Gralla's first recommendation is to-the-point: "Throw Internet Explorer Out the Window." The most popular browser is a target of convenience for pests for several reasons, and Gralla cites them all. He recommends several alternate browsers, but stresses that it's important to switch if you want to avoid the largest single source of infection. For those who cannot (or simply will not) switch, Gralla provides steps to reduce the vulnerability of the IE browser to attack.

Chapter 06 addresses the pest-potential of "AdWare, Spyware, and Home-Page Hijackers." Gralla pulls together the information on anti-adware and -spyware programs here, and tells us the strongest reason to use more than one such program on your PC: few of them remove even half of the malicious programs once they arrive at your PC. Sometimes, these malware fighters are also a problem. For example, Gralla notes that Microsoft's anti-homepage-hijacking software does block other hijackers from replacing your home page setting with theirs—but it restores the setting, not to your favorite home URL, but to the MSN home page. "One might argue that's a form of home page hijacking," Gralla says.

Chapter 07 provides the skinny on "Viruses, Trojans and Bots," not only defining them in accessible language, but showing how they manage to do their damage. I loved the graphics (used liberally throughout the book), and they really contributed to the explanations in this chapter. (Marching bots creep into the back of the computer, signal "I'm here" and spew eMail. These pictures are worth more than a thousand words.)

In Chapter 08, Gralla describes "Email, Worms and Instant Messaging" pests, and tells us the best ways to avoid becoming infected by them. Here, I found the sidebar notes fascinating. Did you realize that in 2004, one person (a 17-year-old from Germany) wrote the pesky programs that infected almost 70% of infested computers? He wrote (among others) the Sasser worm that infected Gralla's daughter's computer at college.
I've always had good virus protection, so I was baffled when my computer started acting strangely during my freshman year in college. I would be in the middle of doing something—I was writing a school paper, Dad... really—and my computer would slow down and suddenly restart without warning... I discovered that the virus spread through our campus network...

"Spam is, without a doubt, the most prevalent pest on the Internet today." Gralla opens Chapter 09, "Spam, Spam and Spam," with that flat statement. I don't think anyone with an eMail program would disagree—spam costs time and effort, certainly. But then Gralla spells out the hidden costs of spam (up to $2000 per employee for companies whose employees use eMail), not to mention phishing attacks, drive-by downloads and pop-up ads. His information about avoiding spam is revealing—did you realize that some crawlers (harvesting bots that search for eMail addresses) can now read an email address written out like "myname AT myisp DOT com"? Gralla provides two alternatives that still can hide your address in plain sight.

Phishing and a new attack called "pharming" have their own chapter, "Protecting Your Identity and Kids Online." Both of these pests work by diverting you to a Web site where your passwords, credit card numbers, Social Security number, or other identity information can be stolen. Phishing sends you to a site that looks like a safe place to enter your identity information—your online bank, for example, or your PayPal account screen—but is instead a hacker's site where your information goes straight to the identity thief. You can guard against phishing by reading a link before you click. If the link purports to go to "" but reads "," you can be sure it's a phishing expedition.

Pharming is far more insidious, because your browser and protection software don't realize the site has been "spoofed." Your browser will report the link address as what you expected—but your system (or worse, the Web's Dynamic Name Service [DNS]) is spoofed into translating it to a different IP address. Gralla recommends using Spoofstick, Netcraft or ScamBlocker to protect against pharming attacks. All three support Windows IE and Firefox for Windows.

Providing your children with a safer way to use the Internet is a valid concern for parents. Gralla focuses on using the tools that are already available in services like AOL, search engines like Google and Yahoo, and Internet chat software, to shield the kids as they learn to use the computer.

Gralla closes with Chapter 11, on "Wireless and Home Networking Dangers." He covers obvious dangers as well as more-subtle ones. "Would you like a pest with your latté?" points out some of the problems with using public WiFi "hot spots" for your computing. "Hide Your SSID" teaches the step-by-step method to protect your wireless computer from war drivers, hackers who literally drive around looking for private, unsecured wireless networks. With the default SSID setting, Gralla tells us, your wireless laptop or PDA is vulnerable to hosting criminal content (like child pornography) without your knowledge.

An appendix brings the definitions into one convenient place, and lists comon varieties of pests, along with what they do. There's a substantial Index to make tracking back to a solution simple and easy. And don't miss sidebars titled "Is Gov. Schwarenegger a Spyware Girly-Man or Terminator?" and "Congress Passes an Anti-Spam Law—Do You Feel Safe Now?"

There is scarcely a page of this book that doesn't have some informative, enlightening, or downright terrifying information to offer. I recommend it highly.

Please join us at BlogCritics to comment on this review.