Computer Security

By joining our community you will have the ability to post topics and access other forums reserved for members. Registration is quick, simple and absolutely free. Join our community today by clicking here.

Elite Baiter Joined: 02 Jul 2006 Posts: 1702

Computer security is something every baiter should have.

The three main areas are:
Anti Virus
Firewall
Third party anti-spyware.

There are many products to choose from, and many retaillers to get them from, including direct from creators.

They range from completely free, to free trial to paid versions. With security the important things to consider:
Always try before you buy, everyone has different levels of computer knowledge but with security the software has got to not only be able to do the right job, but also be intuitive enough so your not left confused.

overtly complex software in many cases would leave a novice user frustrated, and in some cases also inefficiently protected, hence its best to try several brands before you identify one your comfortable with.

another issue is too basic and the software may not offer enough protection.

Some programs dont play nice together, for example kaspersky and superantispyware. but antimalware sits comfortably alongside kasper.

System resources, a sad fact is some solutions will slow a pc down, so by using free trials you can try all the leading brands.

If your current system fails:
https://www.grc.com (shields up test)

Then you need to review your security.

(any trial or free software should be tested, if it fails its not currently going to protect you to a high enough degree. )

Rootkits the papers would have you think this type of virus is indestructable, thats far from the truth, even grisoft had/has (havent checked in a while for avg) a way to scan for these newer type of infections.

Things to be aware of, I havent listed any brands (other than the example above purely to demonstrate some programs dont work together at the time tested, these change so you will need to do a bit of trial and error) the reason i havent mentioned main brands is purely that everyone will have there trusted favourite, but it may not be suitable for everyone.

One last point, there are FAKE antivirus programs out there, theres probably also a few none of us have ever heard of, the nets a big ol place, but safety first, if your not sure ask, ill try to put links to all the real ones i know of, and im sure others will help maintain a good list. (if its not on the list, doesnt mean its bad, but i wouldnt personally risk download until someone identifies what it is.)

[ Windows PC]
www.kaspersky.com (kaspersky (pronounced casper ski)
www.avast.com (avast)
www.avira.com
www.mcafee.com
www.comodo.com >firewall
http://www.agnitum.com/news/outpost-firewall-free.php >firewall
http://www.safer-networking.org/index2.html >spybot
[ list will be expanded, its in no particular order, and only lists firewalls/av/anti spyware, users will need a combination of firewall/av/antispyware)

[ Linux based PC / servers ]
spamassasin
clam av for linux

[ Mac's ]

( i havent obscured the links because i need people to be able to read the real links.)

www.filehippo.com - lots of av links and other useful things like anti-spyware etc.

Posted: Fri Jul 01, 2011 4:46 pm

avast and spybot search & destroy work for me

Posted: Fri Jul 01, 2011 6:31 pm

Quote:

https://www.grc.com (shields up test)

Is that a site where you can test if your pc security works?

I run:

avast (free)
spybot - search & destroy
SuperAntiSpyWare (free)
Malwarebytes Anti-malware (free)
AdvancedSystemCare 4

Edit: In answer to MY question : Yes it is Rolling Eyes

I tried it and got these results

Posted: Fri Jul 01, 2011 6:52 pm

Quote:

Is that a site where you can test if your pc security works?

It checks your ports for visibility on the www

Posted: Fri Jul 01, 2011 7:44 pm

I’m on a Mac, but I still have anti-virus and firewall software. I figure it's best to play it safe.

I’ve had no problems with my system at all so far as viruses or anything, though Firefox has twice been hijacked to go to another site. That is a flaw in Firefox and not necessarily the Mac, though. Thankfully, it’s a low-level threat and I know how to get my browser back.

Elite Baiter Joined: 02 Jul 2006 Posts: 1702

@conga soz i woke up at 3am lol, only just seen your post. (ive added spybot to the list tho Very Happy

)
@ dwatina, that information might be helpful for other mac users, browser hijacks are common, knowing how to reverse them is good Very Happy

Yup grc tests your firewall, on todays net, much of the malware is simply probing about, its not necessarily down to where the users been to pick up some nasties, by testing the firewall is making you secure means "some" of the threat is reduced.

Testing AV is more complex, the industry uses eicar, a standard bit of code that even the worst performing AV will detect, there really only as good as there latest updates, today one will come out top, tomorrow it could be its competitor, and because everyones computer will be running different configurations of software, its an essential bit of software to protect them. I havent added any test for AV for this reason.

Another tool, is belarc advisor, which tells users how to really lock down a box, however lock down is exactly what you get, its a nice tool but bare in mind once you follow its recommendations even software will refuse to install, thats actually good, but too restrictive for novice users as they will struggle to reverse the changes in order to return the pc to enough functionality, but its highly recommended.

On a box - the administrator account should be a completely separate account renamed, turn off net-bios (very few things use it these days, but some things do, so if something isnt working that you need you may need to set it to "manual")

The guest account should be disabled.

Those using routers get a "by default" extra layer of security, simply how routers work, but dont over rely on it to protect you.

Browsers now have things like there own "safe mode" basically it visits a website with all the cool stuff turned off - whilst it adds a bit of protection on sites you dont know, many sites wont work as no code can run.

firefox has a plugin available called noscript, does exactly that prevents scripts from running.

Updates are important too, (users who used belarc will need to temp reduce the security settings as updates will fail if they have reached level 10 - there much more secure, but as above, sometimes you need to be able to install Wink

)

There are also sub programs that need updating too, for example Java and flash. (I call them sub programs simply because there normally used by things like open office or as web scripts such as live chat)

Currently flash is updating quite often, Java you may need to visit java.com to check for the latest software - with java you need to uninstall the old version first, and to make things a bit more complex things like dreamweaver pack there own java, so you might need to do a bit of digging as you may need to update java in several components too. (the latest dreamweaver uses the systems java, previous versions rely on its own bundled java which means you end up with multiple versions - i know its confusing but essential to know)

Some settings are annoying, because to take effect the pc needs to reboot, such as turning off javascript and in some browsers (namely internet explorer) turn off active X too, as said it will want you to reboot, its one of those devil you dont things, its slowly going the right way, theres less reboots, but in the middle of a good session of netting its blinking annoying to have to reboot.

With these you end up with multiple layers of security, it makes it damn hard to pick up a nasty or for some idiot to get contol of your machine, a hard truth however is it will never be 100% its time consuming and for many a steep learning curve, but a good security combination will save many from costly repairs and downtime.

High risk things are filesharing sites / pron sites - even adverts have been known to carry bad code, there are things called pop-up and ad blockers, but dont assume its just those two, in india they hacked the bank site, script kiddies go for the weakest link, (I call them script kiddies because hackers would get in if motivated no matter what you do)
Its why updates are important, if theres a known weakness it takes times for the big names to fix that, in the meantime the pc is reliant on its settings and security to prevent major headaches.

Its unlikely you will ever come across a hacker, unless of course your a business, luckily there few and far between, most malware is finacially motivated these days, so hackers wouldnt target home users in the same way, hence security is all that stands between you and loss.

If you think you might be compromised or have an infection, never ignore it, once a door is open its high risk, also things like banking would be extremely high risk.

When banking a simple virtual keyboard is a good idea, theres actually things called keyloggers, and more recently mouse loggers, but a virtual keyboard will make it damn tough for many script kiddies because if no keys are used to login they cant easily see what happened!

Myths explained:
Emails circulate all the time about viruses etc, there as harmful as viruses themselves, most tell you to beware of some junk, or offer to show you how to "delete" the virus 9/10 they will instruct you to remove something important, ignore email alerts.

Viruses despite being nasty are not all that common, things like msblast come around only once every year or so, most are trojans and things to take control of your pc, years ago the kids would smash your windows, over time this changed to steal your game credits etc, and literally thats what motivates some, if you paid for some credit on a game site, they want it.

another myth is with high security you will never be at risk, in truth if someone is determined enough they will get in, all we can do is make that as hard as possible.

Change passwords reguarly and never use the same password for multiple accounts, never use pet names, relatives names or common words, and if asked online probing questions ask yourself why they need to know - a common trick is to get a user to say there postcode, that can be used by some to circumvent password recovery, by entering the postcode they can "recover" lost passwords and reset them, change the email etc stealing an entire online account, so the end user also needs to know there part of security, be careful what you make available, especially innocent things like date of birth (facebook is a prime example "upcoming birthdays" and events.

Never post things like "im on holiday/vacation" burglars even use google earth - you can request to have your home obscured on google earth, its a good idea to do so.

Posted: Sat Jul 02, 2011 11:45 am

^^^^^
Excellent points.
Only one I would change.

Quote:

Viruses despite being nasty are not all that common, things like msblast come around only once every year or so, most are trojans and things to take control of your pc, years ago the kids would smash your windows, over time this changed to steal your game credits etc, and literally thats what motivates some, if you paid for some credit on a game site, they want it.

If you are defining viruses as prank/destructive elements, then yes, in the last 5 years they have dropped to very minimal levels. But if we encompass the term 'virus', to be included in malware, especially worms, then they are VERY VERY VERY active and common, and they are what most scripts download. Worms/Viruses can be seen as the propagator for the exploits, trojans, and hijackings.

The only real difference between the term virus and worm, is that old school viruses had to be mostly executed and spread by your ignorance, worms spread themselves.

Game hackings are common, but the main aim of worms (and trojans) is to steal data and turn your PC in to a zombie for a bot net.

These are just the stats from Feb this year:

http://www.securelist.com/en/analysis/204792166/Monthly_Malware_Statistics_February_2011

My two cents STFA from PDFs and Flash content that are from a source that could be considered untrustworthy. As you mentioned adverts containing malware, I'd aslo include that ad-blocker does not block most flash which is what a large amount of those adverts are heading for. Make sure your flash settings are not set to allow any flash to drop a cookie on to your pc without asking first.

Elite Baiter Joined: 02 Jul 2006 Posts: 1702

Hi B_Y, yep i was grouping viruses by type.

The good thing about todays security is many of the products are free, such as the ones above, theres a good range of choice for users, but there only as strong as the weakest link.

How to change passwords Windows 7:
Goto start button
on the top is your icon, once clicked you will get a new window open
You will see it automatically offers: Make changes to your user account
one option is "passwords"

Choose one, and then job done, make sure you have a separate administrator account, and when online you have a "user" account, both should be password protected.

Tips on passwords:
Generally passwords should be 6 - 32 letters long, some sites dictate 6,8 or more, with passwords the longer the better.

To make an illegible password depends on the website, nearly all allow a number and letter combination such as 123ABC
but others allow things like 123!abcD (a mixture of different case and non standard characters - these are even stronger)

Not many would remember a 32 combination password, so there is a way,
lets use eater as an example.

419eater.com
and a phrase:

Quote:

I love baiting and really slapping the hell out of my lads daily, a crying lad is a brilliant day.

We take the first letter from each word.

Ilbarsthoomldacliabd - now you wouldnt remember the letter sequence, but you should be able to remember the phrase that makes the sequence

Now because its 419eater.com we do some clever things to make it more secure.

The eater domain has 12 characters including the full stop so we add
12Ilbarsthoomldacliabd

Now its getting stronger
I added a comma after daily, so we can add something to there too,
12Ilbarsthoomld419EATERCOMacliabd

And now to make it really tough we use a "!"
12Ilbarsthoomld419EATERCOM!acliabd

Now that is a password lol, obviously dont use the above phrase, but its actually very obscure, and its not going to be easily cracked.

Yet heres a shocker - it could still be guessed! Hence change the pass phrase every 30 days.

(a true story, years ago i had a spectrum, one game was ghostbusters, you used to be able to enter 10 or 12 digits as a cheat to get more starting cash to buy equipment - many gamers GUESSED the code! thats a 12 digit sequence, and people still guessed it) The longer the sequence the less likely, but its possible!)

The good thing about this type of password is its strong, but every site will have a different password, so even by gaining access to one of your accounts an attacker would not gain total online presence.

As said some sites are anal, and wont allow much more than alpha numerics, and some say 6 (if there like that NEVER put or allow CC details, id rather they lost customers and increased the security than someone lost even 1p (usa 1cent hehehe) but anyhow ya get the idea,

security the most boring part of todays computing, but the most important.

Posted: Sat Jul 02, 2011 10:04 pm

Quote:

Make sure your flash settings are not set to allow any flash to drop a cookie on to your pc without asking first.

For a complete pc noob, how do you do that for xp? Embarassed

Posted: Sat Jul 02, 2011 10:23 pm

I'm on Linux so don't have that many security issues. I do use some firefox extensions though just in case. You can never have your pantaloons pulled up too tight. Wink

Here are a list of five of my favourites.

Web of Trust (WOT) Web browsing tool.

Ad Block Plus Ad blocker.

No Scipt Protect yourself against XSS and Clickjacking attacks.

Beef Taco Targeted Advertising Cookie Opt-Out.

and

BetterPrivacy Protect yourself against special longterm "Super Cookies."

Posted: Sat Jul 02, 2011 11:45 pm

conga22 wrote:

For a complete pc noob, how do you do that for xp? Embarassed

http://www.howtogeek.com/howto/7302/delete-flash-cookies-to-improve-your-privacy-online/

Smile

much better guide than I can give you.

Posted: Sun Jul 03, 2011 10:21 am

^^Thanks Boris Very Happy

Posted: Sun Jul 03, 2011 1:06 pm

Quote:

Currently flash is updating quite often, Java you may need to visit java.com to check for the latest software -

Quite a few programs need updating regularly to prevent hackers from intruding. I use a free program called secunia that regularly scans my computer for required updates, then tells me they need updating & does it automatically.

Posted: Sun Jul 03, 2011 9:07 pm

D11--I’ll share it here, if that’s okay.

The hijack is “Abuchak.” Firefox 4 got hijacked about several weeks ago after I updated some FireFox plug-ins. I can’t remember which one it was, but it was one of the email ones (it was NOT Webmail Notifier). Anyway--I clicked okay and then all sorts of stuff was asking to be updated and added. I clicked through a few screens, and then the alarms went off in my head. I quit FF and when re-launched, I was directed to abuchak’s main page. From what I can tell it’s not dangerous, but I can’t find a out a lot of info. I did find enough to disable it, and this will work for abuchak. I think it would probably work for other hijack sites, but I don’t know for sure. I found this advice on the net, but have re-worded. I believe it works for Mac and PC users, as I know PC users who had a problem with abuchak as well.

If someone does get hijacked by aubchak:

1) In firefox, open a new tab.
2) Enter “about:config” (minus the quotes)
3) You will get a window tha says “This might void your warranty.” Click “I’ll be careful, I promise”
4) In the filter window enter abuchak

Now here’s where it’s hazy for me, as I already fixed the problem, so this may not be exact...
5) When it appears (mine showed up twice), I think I clicked edit, and then changed the address to http:www.google.com. There is also an option to reset. I changed the address in both places to http:www.google.com and didn’t do the reset. You need to edit each instance of abuchak.

I’m not entirely sure which update was responsible, or if one of them was responsible. I’ve heard that it was a security flaw in FF4, but I don’t know. FireFox has not been too cooperative and I have emailed them 3 or 4 times about it. But no reply. And they will not address it in their forms. It may not be common, so maybe that’s why.

But--I would think this would work for other hijacks as well. But I’d goggle it. Some hijacks are extremely dangerous.

I recommend the WOT and Ad Block Plus plug-ins that windypops recommended. I added WOT after my hijacking. The others he mentioned I don't use except for WOT and Ad Block Plus