What’s in a (File) Name?

What's in a file name 2 One of Bill’s security recommendations (among the many that he tries to pound into the heads of his readers), is to disable the hiding of file extensions for known file types.

In this, my second article on Bill’s Blog, I will explain why this is important and how it can protect you.

This can get a bit complicated for the novice user, so I’ll try to make it easy to understand.

Firsts things first. What is a file extension? File extensions tell the operating system what type of file it is dealing with, which in turn determines what application is opened when you double click the file.

Adobe PDF documents have a PDF extension, MP3 audio files have the MP3 extension, video files use a number of extensions such as AVI, MPE, MPEG, WMV, and so on. Windows keeps track of what file extensions should be opened with which application, if you rename a file and delete its extension, Windows no longer knows what type of file it is and will not be able to open it.

When working with Windows, almost all files have an extension, this is the 3 or 4 characters after the LAST “.” (dot or period) in the file name. Why is the word LAST in upper case? Because file names can have more than one “.” in them, and this is where your ability to see these extensions can save you.

For example, consider this file named “Invoice.doc”. For many people they would immediately know this is a standard Microsoft Word document. If your PC is set to hide known file extensions then your computer would display the file in a Windows Explorer window, or email attachment, as “Invoice”, hiding the 3 digit extension.

The problem here is, a Trojan can come in as an email attachment as a compressed file, or an executable called Invoice.doc.exe. Remember, only the digits after the LAST “.” are important to the file type, so even though you see Invoice.doc, the file actually has an exe extension, making it an exe or program.

If you have your PC set to hide extension, you would see the file name as “Invoice.doc”, even though the actual extension (which is hidden by Windows) is exe. Another trick is to give the file an icon that makes it look like it’s a Word document to fool unsuspecting users even more.

So you can see, if you disable hidden extensions, you will be able to see the actual file extension, not the one the Trojan wants you to see, and you will be able to better determine if the file is in fact what it is claiming to be.

To unhide these hidden extensions;

1. Go to start>Control Panel

2. Click on >Folder Options

3. Now go to >View tab> Then uncheck the box “Hide extensions for known file types” >click Apply>then OK. That’s it done.

Now you can see the file extensions on all file types.

What's in a file name

Guest Writer: This is a guest post by Dave Brooks a professional techie from New Hampshire, USA. Dave has now become a regular guest writer who’s last article “Let’s Talk About Backups” was a huge hit.

Pay a visit to Dave’s site at Tech-N-Go, and checkout the Security Alerts.

About these ads

4 Comments

Filed under Don't Get Hacked, Guest Writers, Interconnectivity, Malware Advisories, Online Safety, System Security, trojans, Viruses, worms

4 responses to “What’s in a (File) Name?

  1. Another great piece, Mr. Brooks. Thanks.

    If I may add, if you come across a file type (extension) that you don’t recognize, the website FILExt will tell you. Simply enter the “.abc” and FILExt will tell you the program that created it, and recommend how to open it.
    http://filext.com/

  2. Pingback: WHAT’S IN A (FILE) NAME? | DAMN TROJAN

  3. Bill,

    Great article and great instruction… A is imperative that anyone learning to use a computer that they learn about file extensions. I have found it is one of those things that people have a hard time grasping; but, it comes in time.

    Rick

  4. Glad you mentioned that Paul, I had meant to put that in the article but it slipped my mind, thanks!