About Cleaning the Heads Yep, there’s a theme here. An important aspect of backup reliability is proper maintenance of your tape drives. Every time you back up to tape, little bits and specs of the tape rub off onto the read and write heads inside the tape drive. Eventually, the heads become too dirty to reliably read or write data. To counteract this problem, you should clean the tape heads regularly. The easiest way to do this is to use a special tape-cleaning cartridge. To clean the heads with a tape-cleaning cartridge, you just insert the cartridge into the tape drive. The drive automatically recognizes that you’ve inserted a cleaning cartridge, and performs a special routine that wipes the special cleaning tape back and forth over the heads to clean them. When the cleaning routine is done, the tape is ejected. The whole thing takes about 30 seconds. Because the maintenance requirements of each drive differ, you should check the drive’s user’s manual to find out how and how often to clean the drive. As a rule of thumb, clean the drives once a week. The most annoying aspect of tape-drive cleaning is that the cleaning cartridges have a limited lifespan. Unfortunately, if you insert a used-up cleaning car- tridge, the drive accepts it and pretends to clean the drive. For this reason, you should keep track of the number of times you’ve used the cleaning car- tridge and replace it when you’ve exceeded the number of uses recom- mended by the manufacturer. Backup Security Backups create an often-overlooked security exposure for your network. No matter how carefully you set up user accounts and enforce password policies, if any user including a guest can perform a backup of the system, that user can also make an unauthorized backup. In addition, your backup tapes or removable drives are vulnerable to theft. As a result, you should make sure that your backup policies and procedures are secure by taking the following measures: ⻬ Set up a user account for the user who does backups. Because this user account will have backup permission for the entire server, guard its password carefully. Anyone who knows the username and password of the backup account can log in and bypass any security restrictions you’ve placed on that user’s normal user ID. 211

Chapter 15: How to Sleep Well at Night Or, Backing Up Your Network Data

⻬ You can counter potential security problems by restricting the backup user ID to a certain client and a certain time of the day. If you’re really clever and paranoid, you can probably set up the backup user’s account so the only program it can run is yep the backup program. ⻬ Use encryption to protect the contents of your backup tapes. ⻬ Secure the backup tapes in a safe location, such as, um, a safe. 212 Part III: Network Management For Dummies Chapter 16 Major Annoyances In This Chapter 䊳 Protecting your network from virus attacks 䊳 Dealing with dysfunctional e-mail 䊳 Blocking spam 䊳 What to do if you get blacklisted T his chapter covers some of the most common annoyances that modern network administrators must deal with. In particular, you’ll learn tech- niques for dealing with virus threats and fixing e-mail problems. Contending with Virus Threats Viruses are one of the most misunderstood computer phenomena around these days. What is a virus? How does it work? How does it spread from computer to computer? I’m glad you asked. What is a virus? Make no mistake — viruses are real and they’re here to stay. Now that most of us are connected to the Internet, viruses have really taken off. Every computer user is susceptible to attacks by computer viruses, and using a network — especially one that’s connected to the Internet — increases your vulnerability because it exposes all network users to the risk of being infected by a virus that lands on any one network user’s computer. Viruses don’t just spontaneously appear out of nowhere. Viruses are com- puter programs that are created by malicious programmers who’ve lost a few screws and should be locked up. What makes a virus a virus is its capability to make copies of itself that can be spread to other computers. These copies, in turn, make still more copies that spread to still more computers, and so on, ad nauseam. Then, the virus patiently waits until something triggers it — perhaps when you type a particular command or press a certain key, when a certain date arrives, or when the virus creator sends the virus a message. What the virus does when it strikes also depends on what the virus creator wants the virus to do. Some viruses harmlessly display a “gotcha” message. Some send e-mail to everyone it finds in your address book. Some wipe out all the data on your hard drive. Ouch. A few years back, viruses moved from one computer to another by latching themselves onto floppy disks. Whenever you borrowed a floppy disk from a buddy, you ran the risk of infecting your own computer with a virus that may have stowed away on the disk. Nowadays, virus programmers have discovered that e-mail is a much more efficient method to spread their viruses. Typically, a virus masquerades as a useful or interesting e-mail attachment, such as instructions on how to make 1,000,000 in your spare time, pictures of naked celebrities, or a Valentine’s Day greeting from your long-lost sweetheart. When a curious but unsuspect- ing user double-clicks the attachment, the virus springs to life, copying itself onto the user’s computer and, in some cases, sending out copies of itself to all the names in the user’s address book. After the virus has worked its way onto a networked computer, the virus can then figure out how to spread itself to other computers on the network. Here are some more tidbits about protecting your network from virus attacks: ⻬ The term virus is often used to refer not only to true virus programs which are able to replicate themselves but also to any other type of program that’s designed to harm your computer. These programs include so-called Trojan horse programs that usually look like games but are, in reality, hard drive formatters. ⻬ A worm is similar to a virus, but it doesn’t actually infect other files. Instead, it just copies itself onto other computers on a network. After a worm has copied itself onto your computer, there’s no telling what it may do there. For example, a worm may scan your hard drive for inter- esting information, such as passwords or credit card numbers, and then e-mail them to the worm’s author. ⻬ Computer virus experts have identified several thousand “strains” of viruses. Many of them have colorful names, such as the I Love You virus, the Stoned virus, and the Michelangelo virus. 214 Part III: Network Management For Dummies ⻬ Antivirus programs can recognize known viruses and remove them from your system, and they can spot the telltale signs of unknown viruses. Unfortunately, the idiots who write viruses aren’t idiots in the intellec- tual sense, so they’re constantly developing new techniques to evade detection by antivirus programs. New viruses are frequently discovered, and the antivirus programs are periodically updated to detect and remove them. ⻬ A virus hoax can be just as dangerous as an actual virus. A virus hoax is an e-mail that warns you that you may have a virus, and that you should check to see whether a particular file exists on your computer to see. If you find the file, you’re then instructed to delete it or to perform some other action to remove the virus. Trouble is, the file you’re told to look for is actually a file that is present on all Windows systems, and the file or files you’re told to delete turn out to be files that are essential to Windows’ operation. You should educate your users to never trust virus alerts that arrive via e-mail. ⻬ Spyware and adware, though not technically viruses because they don’t self-replicate, are a troublesome type of software that can sneak onto users’ computers as they visit various Web sites. These programs monitor how you use your computer and are often responsible for those annoy- ing pop-up ads that seem to appear out of nowhere. In some cases, these programs can completely take over your browser, making your computer virtually unusable. For information about programs that can help deal with spyware and adware, search the Web for spyware or adware. Antivirus programs The best way to protect your network from virus infection is to use an antivirus program. These programs have a catalog of several thousand known viruses that they can detect and remove. In addition, they can spot the types of changes that viruses typically make to your computer’s files, thus decreasing the likelihood that some previously unknown virus will go undetected. It would be nice if Windows came with built-in antivirus software, but alas, it does not. So you have to purchase a program on your own. The two best- known antivirus programs for Windows are Norton Antivirus by Symantec and McAfee’s VirusScan. The people who make antivirus programs have their finger on the pulse of the virus world and frequently release updates to their software to combat the latest viruses. Because virus writers are constantly developing new viruses, your antivirus software is next to worthless unless you keep it up-to-date by downloading the latest updates. 215

Chapter 16: Major Annoyances