JC1o1 Posted April 25, 2005 Share Posted April 25, 2005 Guide to Internet Security --------------------------------------------------------------------------------------- Lets start off with some Definitions.. Virus: Any program that replicates itself. Trojan: A program or script that comes in a form that hides its true identity and purpose, or slips in by a hidden method. Hijacker: A program or script that changes system settings, can change internet settings, and reroute web pages. Spyware: Small programs which attempt to monitor your habits on the internet. While some spyware will attempt to stay hidden from detection, some will make it's presence known through popup advertisements related to your websurfing habits. While spyware companies claim the software is harmless, infected consumers suffer annoying advertisements, slowdowns, crashes, and other problems. Worm: A virus that attempts to replicate itself though networked computers using shared files/drives, or vulnerabilities in the operating system. Keyloggers: Programs that log keypresses, could be used to steal passwords. Downloaders: Programs that use security flaws to download unwanted programs in the background. Virus's can use downloaders to update themselves. Phishers: Email that comes with the purpose of stealing information. The email is normally disquised as coming from a respectable business, and may contain a link for you to "update your account".. Don't do it, it's a trick. If you have a question whether or not the email is real, then call the business and ask. Malware: Software designed specifically to damage or disrupt a system. Can also be software that features deceptive licenses and tricks the user into installing unwanted programs alongside purposely installed software. Some useful tools... Spybot Search & Destroy http://www.safer-networking.org/en/download/index.html (Antispyware) Make sure to enable Tea Timer protection to prevent system setting changes. Also, make sure to use the innoculate feature to block access to known spyware websites. Adaware http://www.lavasoftusa.com/ (antispyware) HijackThis http://www.spywareinfo.com/~merijn/downloads.html (hijacker/spyware/virus detection tool) Useful for posting a log for experts to diagnose your machine. CWShredder http://www.spywareinfo.com/~merijn/downloads.html A small utility for removing CoolWebSearch (aka CoolWwwSearch, YouFindAll, White-Pages.ws and a dozen other names). Spybot S&D and Ad-aware tend to forget essential parts of the hijack, so until they update, you can use this to completely remove the hijack. This program is updated to remove the new variants once they come out. (keep it in case you ever need it) LSPfix http://www.cexx.org/lspfix.htm Fixes internet connection broken by spyware removal. Keep it in your arsenal. Winsock fix for XP http://members.shaw.ca/techcd/WinsockXPFix.exe Fixes internet connection broken by spyware removal. Keep it in your arsenal. Procrecon http://www.webchitect.com/ProcRecon/download.html (useful for stopping running virus/spyware programs, has a extremely useful feature of attempting to stop all unneccesary programs running with one button press) Spyware Guard http://www.javacoolsoftware.com/spywareguard.html SPYWAREBLASTER http://www.javacoolsoftware.com/spywareblaster.html WinPatrol http://www.winpatrol.com/ Using these Tools should remove and prevent the majority of spyware infections! Now let's go on to misconceptions about security. A common misconception about security is that a firewall is all the protection you need. This is not true. A firewall will only protect against worms, and hackers attempting to access your machine through openings in your OS and network settings. It does not protect against virus's that you download and install, spyware, trojans, or hijackers. While it is useful and necessary, it's usefullness is highly exaggerated, it will not fully protect you. Nevertheless, make sure you use one! Another common misconception is that antivirus programs will remove or delete a virus. This isn't what antivirus programs are built for. Antivirus programs are built to detect the presence of a virus, and aid in preventing a virus from infecting your machine, they are not built to remove every virus once a virus is installed. While some antivirus programs will remove a virus, they will not remove every infection. If your PC has contracted a virus, and your antivirus program reports it, you need to annotate any information your antivirus program gives you and search for more information on it's removal until you know the virus is removed. Another misconception is that your fully protected! No matter how well you secure yourself, there is nothing that will fully protect you short of isolating the machine away from network connections and people. HOW TO SECURE YOURSELF: 1: Run a firewall to protect against worms and hackers. I put this first as it's the simplest step, but as I said before, in terms of security it's not going to keep you safe by itself. What firewall you use is up to you. My personal recommendation is ZoneAlarm. http://www.zonelabs.com/store/content/home.jsp (freeware version available) 2: Run a antivirus. Although it probably won't remove all virus's, it should let you know where the virus is at and when to get help. What antivirus program you decide to use is completely up to you. My personal recommendation is any Trend Micro antivirus product such as PCcillin. http://www.trendmicro.com/en/home/us/personal.htm (AVG antivirus is highly rated and available in freeware form) http://free.grisoft.com/ 3: Secure your browser. This is where it gets a bit complicated. There are many ways to do this, and many programs that will aid in doing it. One of the best approaches is to run a alternative browser, such as firefox, which may not be as targeted by hackers as often as Internet explorer for exploits. I will relate this mainly to Internet Explorer, as it is the most common browser used. I highly recommend you enter your internet security settings by clicking tools/internet options/security tab, and setting your security to at least the medium level. Whenever you send credit card information, look for a picture of a lock on the bottom status bar of the browser. Don't send the information if the lock is not there or shows the lock open. My personal recommendation is to use portable firefox on a USB drive. http://johnhaller.com/jh/mozilla/ 4. Secure your OS. It's important to run a update for your OS as new vulnerabilities and exploits are discovered. The same is true for all your programs. Schedule time to keep your software up to date. 5. I also suggest you use a startup manager. A startup manager will aid you in getting to know what is starting up when you boot your machine. A good startup manager will also aid you in removing unwanted startup programs, and can make your machine more responsive while booting. My personal recommendation is Startup Delayer. http://www.r2.com.au/software.php?page=2&show=startdelay 6. Watch your e-mail. If your email application allows it, then disable images in your email. Never open an attachment without virus-scanning it first. Never respond to request for personal information through a embedded link. Use spam filters.. I recommend using spampal for pop email clients. http://www.spampal.org/ 7. Secure your wireless network. While I won't go into depth on this, a good read is here: http://www.practicallynetworked.com/suppor...less_secure.htm 8. Secure your network. Don't needlessly share folders and files within your network. Use logins and passwords. But .. still I'm infected, what do I do? If you can, run your antivirus , and antispyware tools from safe mode. If not, run procrecon (see link above) to shut down un-needed programs and run the mentioned tools (run them multiple times, sometimes one virus can hide another, sometimes virus's are programed to hide from one tool and not another). If all else fails, don't give up, here are a couple of places that can aid you. http://housecall.trendmicro.com/ (online virus scan) http://www.helponthe.net (can diagnose hijackthis logs, virus's and give further aid) --------------------------------------------------------------------------------------- +===+===+===+===+===+===+===+===+===+===+===+===+ --------------------------------------------------------------------------------------- You can also Download the PDF Version of this guide here: http://www.techtators.com/main/files/Guide...et_Security.pdf or Attachment --------------------------------------------------------------------------------------- NJoy ;) and Be safe :happy: -- JC1o1 -- Guide_To_Internet_Security.pdf Link to comment Share on other sites More sharing options...
soldier1st Posted April 25, 2005 Share Posted April 25, 2005 very nice guide,more n more need to be educated about this stuff,it does happen. Link to comment Share on other sites More sharing options...
Soham Posted April 25, 2005 Share Posted April 25, 2005 put xoftspy, but well done thanks for the guide Link to comment Share on other sites More sharing options...
DealsAroundUs Posted August 5, 2005 Share Posted August 5, 2005 Very handy, nice work. Link to comment Share on other sites More sharing options...
Recommended Posts