Practising Safe Hex

Viruses, hackers and crackers
Post Reply
Thrall
Moderator Emeritus
Posts: 3687
Joined: 30 Apr 2003, 02:00
Location: Texas, USA

Practising Safe Hex

Post by Thrall »

Someone once said that the best form of security is not to have a PC – or one must have one, never switch it on. Well, things aren’t quite as bad as that, fortunately. Here are ten hard-won lessons from the front-line trenches about safe hex:

1. Get a decent antivirus program and keep it up-to-date; checking twice daily for updates is sane, not paranoid.

Antivirus programs are retroactive in nature; they only protect you against known viruses. This is too bad if a new virus is released into the wild – and there are currently about 8 new viruses being released each day. Most antivirus vendors claim to have advanced heuristics (a type of artificial intelligence which relies upon suspect behaviour) that may spot new viruses, but the technology isn’t yet accurate enough to rely on.

2. Keep your patches up-to-date.

Windows and the different programs that exist on your computer have vulnerabilities – these are flaws through which a virus or a backdoor can be injected into your computer. Fix the flaw and the threat will bounce right off your PC; think of it as inoculation. Windows users can go to http://windowsupdate.microsoft.com - it’s a free, anonymous scan of your PC which will list the patches available for all Microsoft programs and install them automatically after you’ve downloaded them.

3. Get a firewall and learn how it works.

There are a number of free firewalls available – try http://www.free-firewall.org

Think of your PC as being a castle and the firewall as being the wall around the castle. There are gates in the wall (called “ports” in PC-terms), but with a firewall nothing gets in or out of those gates unless you allow it to. You can set “rules” which permit different programs to communicate with the internet under certain conditions so you’re never bothered again by that particular program eg. sending and receiving email.

You can test your firewall’s effectiveness by going to http://www.grc.com - click the “Shields Up!” icon and see how well-protected you are.

4. Get a spyware-checker and keep it updated.

Spyware is becoming a serious threat to everyone’s privacy. Spyware and adware are small programs that run on your PC without your knowledge or permission; generally-speaking they don’t do any damage, but they report on your online browsing and shopping-habits. Adware foists popup-adverts on your screen, which can be highly irritating.
Two good free anti-spyware programs to use:

a. Spybot Search & Destroy: http://www.safer-networking.org
b. AdAware: http://www.lavasoftusa.com

5. Don't use HTML-email if at all possible - read and send it in plain-text.

Since the ****-worm of a few years ago, it’s become a fact that worms don’t have to be in the form of an attachment to an email – they can be embedded in the code of the email-message itself, especially in HTML-email. It may not be as pretty, but plain-text email is smaller, it’s considered more professional by those in the know - and it’s safer.

Safer? Never mind viruses, most spam emails these days contain web-beacons which report back to the spammer’s database that you’ve viewed the email. A web-beacon is a small image-file, usually a 1x1 pixel – if you view the email in HTML, it tries to download the tiny graphic assigned to your email-address – confirming that your address is active and making you a huge target for more spam.

6. If you have to use MS email-clients like Outlook or Outlook Express, disable the Preview-pane - and set the program itself to "Restricted security" (click on Tools, Options, Security).

7. Disable the default option in Windows called "Hide extensions for known file-types".

Once you’ve disabled that option, you'll spot any files with double file-extensions because these usually contain viruses eg. yourfile.txt.pif.

A file-extension tells you (and Windows) what kind of file you’re dealing with, be it a Word-document (My CV.doc), an mp3 music-file (Alanis.mp3) or a jpg picture (Family.jpg), to name a few. Most users see a .jpg and know enough that a virus can’t infect a picture, so they open the file and get infected. How? Because it wasn’t a picture at all. It was actually family.jpg.exe but Windows shows you just the first file-type, not the last – and the virus runs its infection-routine.

8. Save and scan any attachments before opening them, even from people you do know.

These days, any virus worth its salt will fake the email-address that it came from – that way you can’t warn the person who actually is infected, so the virus has a much longer time in which to spread. By the same token, you may receive warning messages that you’ve sent a virus – sadly, these warning-messages are largely redundant nowadays and are more of a marketing-gimmick than anything.

9. Don't send out virus-warnings if you don't know what you're talking about.

Just because it’s on email doesn’t mean that it’s factual - the rule is: “When in doubt, don’t send it out”. A good site to check out the authenticity of any suspected hoax is http://hoaxbusters.ciac.org

10. Prepare for the worst.

Keep backups of all of your important files - and test them to be sure that they do actually work before storing them somewhere safe. Everyone is equally vulnerable to a new virus during the window-period (that’s the time between a new virus being released into-the-wild and the time that your antivirus program will recognize it), so backups are sensible, not boring. And if the backups you’ve so painstakingly made don’t work when you need them, it’s too late.

Finally, keep yourself informed. Your security is your problem - don't let it become everyone else's.
Be polite, professional and have a plan to kill everyone you meet.

My Iraq pics
Soap
Registered User
Posts: 942
Joined: 14 Apr 2004, 02:00

Post by Soap »

10. Prepare for the worst.
I have the Sober Virus, is that bad?? :P :P :P
J/K it's just the Sobig :lol:
Thrall
Moderator Emeritus
Posts: 3687
Joined: 30 Apr 2003, 02:00
Location: Texas, USA

Re: Practising Safe Hex

Post by Thrall »

Thrall wrote:...Your security is your problem - don't let it become everyone else's.


:twisted:
Be polite, professional and have a plan to kill everyone you meet.

My Iraq pics
lancelot
Registered User
Posts: 7162
Joined: 13 May 2003, 02:00
Location: Cape Town

Post by lancelot »

Excellent post Thrall, will print it out and distribute it to all in the office! :)
Thrall
Moderator Emeritus
Posts: 3687
Joined: 30 Apr 2003, 02:00
Location: Texas, USA

Post by Thrall »

Thanks, lance 8)
Be polite, professional and have a plan to kill everyone you meet.

My Iraq pics
the_nominator
Registered User
Posts: 1315
Joined: 29 Apr 2004, 02:00
Location: North Carolina, USA
Contact:

Post by the_nominator »

Finally something real been done about viruses.
New AMD 64bit processors will have virus protection built in

Read full story at
http://www.prnewswire.com/broadcast/12076/press.shtml
Image
ImageStuff the DS!
07 Designs|Portfolio
freakno1
Registered User
Posts: 366
Joined: 23 Jun 2002, 02:00
Location: SA Geek Farm
Contact:

Post by freakno1 »

i realy like rule no9

also http://www.breakthechain.org/ is a cool place for hoax checking

L/users if i get one more warning from my users to delete the teddy bear icon in my windows directory i will strangle them with a smile on my face and a song in my heart

any way most peolple only adheare to the easy rules and pretend the rest doesn't exist and for those peple i have two words DISASTER RECOVERY
Image

-Some times you have to leave your corner of the forest to meet new people Whinnie the poo
Squirly
Registered User
Posts: 560
Joined: 01 Jul 2004, 02:00

Re: Practising Safe Hex

Post by Squirly »

Thrall wrote: Antivirus programs are retroactive in nature; they only protect you against known viruses.
Whatever happened to SharkNet?
jee
Registered User
Posts: 19336
Joined: 03 Jun 2003, 02:00
Location: a hole so deep...

Checklist: 11 things to do after a hack

Post by jee »

Where do you begin? Here's a brief list of some steps to take "post-hack" to ensure you have the best chance of determining who did what and how it was done:

11 things to do after a hack
"Integrity" and "integer" both contain a Latin root meaning "whole; complete." The root sense, then, is that people may be said to be acting with integrity when their beliefs, words, and actions have a sense of unity or wholeness.
User avatar
rustypup
Registered User
Posts: 8872
Joined: 13 Dec 2004, 02:00
Location: nullus pixius demonica
Contact:

Post by rustypup »

as an update, and in response to the influx of similar threads:

Freebyte's Guide to Free Anti-Virus Software - a fairly copmprehensive list of all the necessary nick-nacks required... (a little dated in some repsects, will edit if something better presents itself...)

Missing from the above list, and rated highly by many:
HijackThis by Merijn Bellekom (from Software Downloads, as it's in english ;) )
PC-cillin from Trend Micro

Finally, a comprehensive list of Rootkit scanners:
AntiRootkit
Most people would sooner die than think; in fact, they do so - Bertrand Russel
Psi_Co_killa
Registered User
Posts: 39
Joined: 04 Jan 2010, 15:42

Re: Practising Safe Hex

Post by Psi_Co_killa »

great thread

Should be required reading for any1 wanting to post in "security"

psi_
Image
User avatar
Prime
Registered User
Posts: 27729
Joined: 01 Mar 2004, 02:00
Location: Getting into trouble
Contact:

Re: Practising Safe Hex

Post by Prime »

:facepalm:
Post Reply