A Free Educational Resource Created by Carnegie Mellon University to Empower You to Secure Your Part of Cyberspace

Malware

Programs that are designed to harm your computer

Malware (short for “malicious software”) is any software designed to harm your computer, such as viruses, worms, Trojan horses, and rootkits.

  • A computer virus is a program that attaches itself to an application or "host file" and then spreads by making copies of itself. Some type of human action (e.g. opening an attachment) is always required for a virus to take effect. Once a virus gets onto your computer it might modify, delete, or steal your files, make your system crash, or take over your machine.

  • A computer worm is like a virus, but it infects other computers all by itself, without human action and without a host file. It usually infects other computers by sending emails to all the names in your email address book.

  • A Trojan horse is a program that tricks you into running it by appearing useful or harmless. However, once it is run it damages your computer, usually by providing "back door" access to the computer. This allows hackers to control or use your computer, destroy or steal files, install viruses or spyware, or run arbitrary programs.

  • A rootkit is a program that allows an intruder to gain access to your system without your knowledge by hiding what it is doing on the system. The intruder can then install difficult-to-detect back doors into your system to seize control.

There are a couple of different ways your computer can be infected with malware from online gaming:

  • Downloading infected game files off the Internet
  • Downloading infected game software patches
  • Attackers downloading infected files onto your game server

When you play games online you can get malware from clickable links that download the harmful files onto your computer. That’s why it’s important only to click on links and download files from trusted sources. When you install additional game modules or new games on your computer, make sure that every piece of software you install comes from a trusted source.

When you host a game, you let other people connect to your computer. A malicious user could use this opportunity to upload infected files or malicious software onto your computer. He could even execute some code to exploit the flaws in the game software you are running and take over your system.

Keep in mind that when you host a game server on a public computer, you are exposing a computer that is not yours to malware attacks. We recommend you get permission from the system administrator of the public computer or the public network you are using before hosting any game.

Protective Measures

Practices

  • Only play games from trusted sources: This lowers your chances of getting malware through security gaps in software. Respectable providers are also more likely to give you a satisfactory response if you do have problems with the software.

  • Patch your gaming software: Patches are updates that software makers release to fix security gaps in their software. Most gaming software will need some patching after its initial release. Make sure that you are running the latest software on your server to make it as secure as it can be.

  • Download patches from official Web sites and servers: Some Web sites offer game software patches or updates that have been modified from the original and contain malware. Download patches only from the software publisher’s Web site or any official mirror sites they may provide.

  • Be sure to scan all games that you have downloaded: Anything downloaded to your system could potentially contain a virus, so it is a good idea to scan downloaded game files for any malware. This may make downloading take longer, but it will keep your computer safe. If you are not able to scan during installation, then do a scan later with your anti-virus software.

  • Conduct regular anti-virus scans: Be sure to scan all files that you have received from other people. All major anti-virus software can be set to automatically scan files when they are transferred, but it's a good idea to also scan your computer manually on a regular basis. You should do this at least once every two weeks, or when you suspect a problem.

  • Only communicate with trusted sources: Do not assume that everyone who is chatting or communicating online has good intentions. Do not automatically trust the information given to you by someone, even if the other party has a familiar name, or is someone you personally know. He or she may be infected with a computer virus, or somebody else might be impersonating them. Always make sure you are talking to the person you know. If you have just started chatting with a new and unknown person, do not click any links that he sends you and do not accept any files from him.

  • Do not host any games: When you host a game server that announces your address on the Internet, you make it easy for an attacker to find your IP address. Most popular games have many public servers that are hosting games. If you have no special requirements, you should play on one of these public servers, rather than hosting a game of your own.

  • Keep your hosted game private: If there is such an option for your game, host a private game and only give the necessary information, such as IP address and log-in password, to your friends. This reduces the chances that attackers will become aware of your server.

  • Know who is running the server you play on: If you connect to an external game server, make sure you know who is running it. Some game servers are run by individuals rather than game companies. Connecting to their servers lets these people read your IP address, which they could use in a DoS attack.

Settings

  • Set your anti-virus package for "Real-time Protection": Anti-virus software should provide the option of real-time protection, which means that it actively checks files that come into your system while you work. Although this might not be necessary for mobile devices, it does lower your chances of contracting a computer virus, so check if your brand supports this configuration. If it does, activate it.

  • Set your anti-virus package for the types of files you want it to check: To set the types of files the anti-virus software will check, click on Start, then Programs, and start your anti-virus package. Usually, the program gives you the option of choosing between a few scanning methods. Symantec, for example, offers:

    • Scanning all files: All files on the computer will be checked regardless of the extension or file type.
    • Scanning by file type: The package will check all files of the chosen type, regardless of the potentially deceptive file extension. This is especially important in catching files with a double ending such as ".gif.doc".
    • Scanning by file extension: This scan is the fastest, since only files with the chosen extension will be checked.

    If you have a different brand of antivirus software, consult the manual for instructions on how to configure the settings for real-time scanning and scanning method.

  • Set the game to run a private server: Most game software allows you to run a private server. This means that your server will not announce its presence to master servers or show up in game lists where other players can see your IP address. Require players to use a password to connect to your server. Both of these settings can usually be made when the server is started or a game is hosted.

  • Do not report to a master server: For certain games you may be able to decide whether or not your server will report to a master server. Unless you want random people joining your game, you should set it to not report to a master server. For more information, refer to the manual or contact the game publisher.

  • Set your anti-virus software to make scheduled automatic scans: All major anti-virus packages offer the possibility to set scheduled full scans for viruses and malware. So, for example, every Friday night at 9:00 the anti-virus software will search for viruses and malware installed in the computer. Consult your anti-virus software's manual for more information on how to set this feature.

  • Correctly configure your firewall: When configuring your firewall (see Tools), be sure to read the game manual to find out what ports you need to have open to play online. You might need to open more ports to play games than you would otherwise have open, which creates a security risk. However, you may be able to set your firewall so that only outgoing connections on certain ports are allowed.

Tools

  • Anti-virus software: The popularity of the Microsoft Windows operating system makes it a prime target for hackers and other virus writers, so anti-virus software is crucial for users of this system. Anti-virus software works by identifying files that match definitions of known viruses and keeping them from infecting the system. Make sure that your virus definitions are kept up to date by automatically or manually downloading them from your software manufacturer's Web site. Do not install more than one anti-virus program because incompatibility issues between the programs may end up leaving your system unprotected.

    Two popular anti-virus packages are Symantec’s Norton AntiVirus  and McAfee AntiVirus . AVG , AntiVir  and ClamWin  are free alternatives. The major anti-virus programs, such as Symantec and McAfee, can protect against worms and Trojan horses as well as viruses.

    PDA and mobile phone anti-virus applications normally interact with the full version on a PC and hold fewer virus definitions. New virus updates are automatically transferred from your desktop computer each time you synchronize your PDA. Therefore it is important to keep your desktop computer's anti-virus software updated and synchronize your PDA regularly. Some commonly used anti-virus packages are Trend Micro's PC-cillin for Wireless  and Symantec AntiVirus for Windows Mobile .

  • Firewall: A firewall is like a security guard for your computer that monitors the traffic into and out of your computer. A firewall is your first line of defense against intrusions, especially Trojan horses. One popular firewall is Symantec's Norton Personal Firewall . The Windows operating systems such as Windows XP and Windows Vista  include a firewall that is turned on automatically. This built-in firewall is described in more detail on the Microsoft site .

  • Rootkit detection software: Rootkits cannot be detected by ordinary anti-virus programs because they are very good at hiding themselves. You need special software to detect rootkits, such as RootkitRevealer  by SysInternals and F-Secure Blacklight .

Connect Safely from Different Places

Office

Check with your systems administrator or IT department before installing any software. Concerning the firewall, they might recommend additional ports that need to be open for company-specific software and services to run.

Mobile

You can get malware on your mobile device by clicking on links in chat rooms, forums, and web browsing applications, or by downloading infected software. When you install new software on your mobile device, make sure that every piece of software you install comes from a trusted source. Although there are not as many viruses for PDAs as there are for PCs, the risk of getting infected still exists. Mobile phones do not suffer tremendously from malware, and currently manufacturers are responsible for releasing patches to fix security gaps.

On the road

You face a greater risk of becoming infected with malware when you use an unsecured or public Internet connection at a hotel or cyber cafe

It is especially important to scan your computer for malware after it has been connected to a public Internet connection. If your anti-virus application allows you to perform manual anti-virus scans, perform a scan as soon as you get home from a trip where you used your laptop computer on a public network. Scan your computer before you connect it to your home’s Internet connection to avoid infecting other computers with any malware you may have encountered.

If you are using a public computer, ask the system administrator about the gaming software installed and the settings on that computer before attempting to modify its configuration. Keep in mind that if you host a game server on a public computer, you are exposing a computer that is not yours to malware attacks. Get permission from the system administrator before hosting any game.

Ethical Issues

The intentional distribution of malware is clearly unethical, since it disrupts and sometimes disables computers and can cause financial and productivity losses. Accessing hacker sites and trying out their tools is at best unwise, and using these tools against computers other than your own without permission is likely to be unethical or illegal, depending on the nature of the tools.

Legal Issues

Intentional distribution of malware is considered illegal worldwide. Famous malware programs like Code Red and the Melissa virus caused several million dollars in losses, and each started in a simple malware application. The creator of the Melissa virus was prosecuted under Title 18, United States Code, Section 1030  and sentenced to 20 months in prison and a $5,000 fine.

Privacy Issues

If you collect information when you are hosting games, be careful of how much information you collect and how long you store it for. If malware is able to access that data, you may not be able to recover it or stop the malware from sharing that information.

My home page