The Internet is a major source of threat to the health and well-being of your Macs and the network to which they are connected. You face two fundamental types of threats: viruses and hackers. Although viruses receive more media attention, defending against viruses is easier than defending against attacks from hackers. However, with some relatively simple activity, you can protect yourself from both threats. Defending Your Mac from Virus AttacksNo matter what level of computer user you are, because of the extensive media hype about viruses, you are likely to be keenly aware of them. Although many viruses are relatively harmless, some viruses can do damage to your machine. Part of practicing smart computing is understanding viruses and taking appropriate steps to protect your machine from them. CAUTION Under previous versions of the Mac OS, there were many fewer viruses on the Mac platform than for Windows or other operating systems. And, as of the release of Mac OS X, version 10.4, this is still the case. However, because Mac OS X is based on Unix, Unix viruses can be a threat to machines running Mac OS X. Until this threat is more fully understood, Mac OS X users would do well to pay additional attention to virus threats. Understanding the Types of VirusesAlthough there are many types of individual viruses, there are two major groups of viruses of which you need to be aware:
Covering the multitude of viruses that are out there is beyond the scope of this book and, besides, there is no real need to become an expert on the viruses that exist. It is more important to understand how to protect yourself from these viruses and be able to recover from an infection should one occur. Preventing Virus InfectionI hate to use this cliché, but when it comes to viruses, an ounce of prevention is indeed worth a pound of cure. The main way to avoid viruses is to avoid files that are likely to have viruses in them. Following are some practices to help you "stay clean":
Identifying Virus InfectionEven with good preventive measures, your Mac might occasionally become infected. Hopefully, you will find out you have been infected by being notified by your antivirus softwarethat means it is doing its job. But if you suddenly notice that your computer is acting peculiarly, you might have become infected. What does acting peculiarly mean? Viruses can have many different effects on your computer; some of the more common effects are the following:
Using Antivirus SoftwareAlthough the best defense against viruses is being very careful about the files you transfer onto your machine, you should also obtain and use a good antivirus application. Good antivirus applications generally perform the following functions:
NOTE Most viruses are identified by their code. The antivirus software knows about the virus's code through its virus definition file. As new viruses appear, this virus definition file needs to be updated so that the new viruses will be recognized as being viruses. You can usually obtain an updated virus definition file from the website of the manufacturer of your antivirus software. Most programs automate this process and can update the virus definition at intervals you set. NOTE One of the important things to look for in an antivirus program is that it can detect and repair macro viruses. Macro viruses are easy to create and spread, and some of them are quite nasty. As with previous versions of the Mac OS, there are several major antivirus applications, including Norton AntiVirus for Mac and Virex. These applications provide most of the features in the previous list, and they work well. You should obtain and use one of these applications to protect your Mac against viruses and to repair your Mac should it become infected. If you have a .Mac account, you can download a free copy of Virex. When you download and install Virex, you can keep its virus definitions current and access other virus resources as well. To get more information about Virex and to download it (if you have a .Mac account), visit www.mac.com and click the .Mac tab.
Defending Your Mac Against Net HackersIf you have a broadband connection to the Internet such as a cable or DSL modem, being attacked by hackers is a much more real threat than are viruses. And with a broadband connection, you will be attacked, daily if not hourly or even more frequently. Hackers are continuously looking for machines they can exploit, either to do damage to you or to use your machine to do damage to others (such as using your machine to launch a spam attack). Most of these attacks are carried out by applications, so they can be both automatic and continuous. CAUTION Never expose a machine containing sensitive or production data to a broadband connection without protecting that machine from network attack. Doing so makes everything on such a machine vulnerable to exposure to a hacker, and the machine itself can be used to carry out attacks on other networks and machines. There are two fundamental ways you can prevent your Mac from being hacked through your broadband Internet connection: Use a server/hub to isolate the machines on your network from the outside world or use a software firewall to protect each machine on the network from attack. Using a Server and Firewall to Protect Your NetworkYou can isolate the machines on your network from attack by placing a physical barrier between them and the public Internet. You can then use a Dynamic Host Configuration Protocol (DHCP) server that provides network address translation (NAT) protection for your network, or you can add or use a hub that contains a more sophisticated firewall to ensure that your network can't be violated. A benefit to these devices is that you can also use them to share a single Internet connection.
To learn how to install and use a DHCP server or firewall, p. 973. NOTE One of the easiest and best ways to protect machines on a local network from attack and to share an Internet connection is to install an AirPort base station. These devices provide NAT protection for any computers that obtain Internet service through them, and for most users, this is an adequate level of protection from hacking. Using a Software Firewall to Protect Your NetworkYou can also install and use a software firewall; a software firewall prevents unexpected access to your Mac from the Internet. Software firewalls can be quite effective and might be the best solution if you have only a single Mac connected to the Internet. CAUTION Unlike a hardware firewall or NAT hub, a software firewall must be installed on each computer attached to your network. A software firewall works by blocking access to specific ports on your Mac; these ports are linked to specific services. If hackers can access these ports on your machine, they can use them to attack your machine directly to launch attacks on other computers, servers, and networks (such as denial-of-service attacks, in which a system is overloaded by repeated requests from many machines). Because Mac OS X is based on Unix, it has built-in firewall protection. You can enable this firewall to protect a Mac from Net attacks by doing the following:
Only the services you allow will be permitted to access your Mac. All others will be denied. This provides more than adequate protection for most Mac users. TIP You can use the New button to add new services to your Mac. In the resulting sheet, choose the type of service you want to add and enter port numbers, if appropriate. Click OK to add the service. You can gain more specific control over the firewall if you choose to. However, configuring this firewall directly requires a fairly complete understanding of Unix and firewalls and requires more energy and time than most Mac users will care to spend on it. For most situations, using the built-in firewall is a better option. Defending Users from Online AttacksIn addition to protecting your Mac itself from attack, you can also protect individual users from various kinds of danger by blocking specific types of access for individual accounts. For example, you might want to control the kind of email a child who uses your Mac receives. You control various types of access via the Accounts pane of the System Preferences application. Limiting Email Access of Others to Your Mac's UsersYou can determine from which email addresses a user can receive email to shield that user for unwanted emails. Set this up with the following steps:
TIP You can change the settings for the Mail filter by clicking the Configure button and using the Configure sheet. To remove an address, select it and click the Remove button (the -). Any email addressed to the user from addresses not on the list you configured will be rejected. If you enabled the permission email option, a permission email will be sent to the address you configured. If permission is granted via that email by clicking the Always Allow button, the email from the unlisted address will be allowed, as will future emails from the same address (it will be added to the list of allowed email addresses). TIP You can prevent additional emails from the same address by clicking the No Longer Allow button in the permission email. NOTE When the Mail parental control is active for a user account, you will see the status message Parental Control on in the Mail window title bar. Limiting the Chat Access of Others to Your Mac's UsersiChat is a great way to keep in touch with others via text, audio, or video chatting. However, you might want to limit the access a user has to chat sessions, especially if you have young children who like to chat. You can use the Parental Controls tools to limit the chat access a user account has by performing the following steps: NOTE Before a person can be added to the approved chat list, that person should have an address card in your Address Book.
To learn how to add people to the Address Book, p. 400.
When this control is configured, the user will be able to chat only with people on the allowed list. CAUTION The Parental Controls work only with Mail, iChat, and Safari. Other applications that perform the same functions will not be limited by these controls. Limiting the Websites Your Mac's Users Can AccessThe Web is often a great place to be, but it can also be a dangerous or disgusting place to be as well. You can protect users by limiting the websites they can visit by doing the following steps:
The user will only be able to access web pages for which you have configured bookmarks. If the user attempts to access any other pages, such as by entering a URL, that access will be blocked. |