Practising Safe Hex
Practising Safe Hex
Someone once said that the best form of security is not to have a PC – or one must have one, never switch it on. Well, things aren’t quite as bad as that, fortunately. Here are ten hard-won lessons from the front-line trenches about safe hex:
1. Get a decent antivirus program and keep it up-to-date; checking twice daily for updates is sane, not paranoid.
Antivirus programs are retroactive in nature; they only protect you against known viruses. This is too bad if a new virus is released into the wild – and there are currently about 8 new viruses being released each day. Most antivirus vendors claim to have advanced heuristics (a type of artificial intelligence which relies upon suspect behaviour) that may spot new viruses, but the technology isn’t yet accurate enough to rely on.
2. Keep your patches up-to-date.
Windows and the different programs that exist on your computer have vulnerabilities – these are flaws through which a virus or a backdoor can be injected into your computer. Fix the flaw and the threat will bounce right off your PC; think of it as inoculation. Windows users can go to http://windowsupdate.microsoft.com - it’s a free, anonymous scan of your PC which will list the patches available for all Microsoft programs and install them automatically after you’ve downloaded them.
3. Get a firewall and learn how it works.
There are a number of free firewalls available – try http://www.free-firewall.org
Think of your PC as being a castle and the firewall as being the wall around the castle. There are gates in the wall (called “ports†in PC-terms), but with a firewall nothing gets in or out of those gates unless you allow it to. You can set “rules†which permit different programs to communicate with the internet under certain conditions so you’re never bothered again by that particular program eg. sending and receiving email.
You can test your firewall’s effectiveness by going to http://www.grc.com - click the “Shields Up!†icon and see how well-protected you are.
4. Get a spyware-checker and keep it updated.
Spyware is becoming a serious threat to everyone’s privacy. Spyware and adware are small programs that run on your PC without your knowledge or permission; generally-speaking they don’t do any damage, but they report on your online browsing and shopping-habits. Adware foists popup-adverts on your screen, which can be highly irritating.
Two good free anti-spyware programs to use:
a. Spybot Search & Destroy: http://www.safer-networking.org
b. AdAware: http://www.lavasoftusa.com
5. Don't use HTML-email if at all possible - read and send it in plain-text.
Since the ****-worm of a few years ago, it’s become a fact that worms don’t have to be in the form of an attachment to an email – they can be embedded in the code of the email-message itself, especially in HTML-email. It may not be as pretty, but plain-text email is smaller, it’s considered more professional by those in the know - and it’s safer.
Safer? Never mind viruses, most spam emails these days contain web-beacons which report back to the spammer’s database that you’ve viewed the email. A web-beacon is a small image-file, usually a 1x1 pixel – if you view the email in HTML, it tries to download the tiny graphic assigned to your email-address – confirming that your address is active and making you a huge target for more spam.
6. If you have to use MS email-clients like Outlook or Outlook Express, disable the Preview-pane - and set the program itself to "Restricted security" (click on Tools, Options, Security).
7. Disable the default option in Windows called "Hide extensions for known file-types".
Once you’ve disabled that option, you'll spot any files with double file-extensions because these usually contain viruses eg. yourfile.txt.pif.
A file-extension tells you (and Windows) what kind of file you’re dealing with, be it a Word-document (My CV.doc), an mp3 music-file (Alanis.mp3) or a jpg picture (Family.jpg), to name a few. Most users see a .jpg and know enough that a virus can’t infect a picture, so they open the file and get infected. How? Because it wasn’t a picture at all. It was actually family.jpg.exe but Windows shows you just the first file-type, not the last – and the virus runs its infection-routine.
8. Save and scan any attachments before opening them, even from people you do know.
These days, any virus worth its salt will fake the email-address that it came from – that way you can’t warn the person who actually is infected, so the virus has a much longer time in which to spread. By the same token, you may receive warning messages that you’ve sent a virus – sadly, these warning-messages are largely redundant nowadays and are more of a marketing-gimmick than anything.
9. Don't send out virus-warnings if you don't know what you're talking about.
Just because it’s on email doesn’t mean that it’s factual - the rule is: “When in doubt, don’t send it outâ€. A good site to check out the authenticity of any suspected hoax is http://hoaxbusters.ciac.org
10. Prepare for the worst.
Keep backups of all of your important files - and test them to be sure that they do actually work before storing them somewhere safe. Everyone is equally vulnerable to a new virus during the window-period (that’s the time between a new virus being released into-the-wild and the time that your antivirus program will recognize it), so backups are sensible, not boring. And if the backups you’ve so painstakingly made don’t work when you need them, it’s too late.
Finally, keep yourself informed. Your security is your problem - don't let it become everyone else's.
1. Get a decent antivirus program and keep it up-to-date; checking twice daily for updates is sane, not paranoid.
Antivirus programs are retroactive in nature; they only protect you against known viruses. This is too bad if a new virus is released into the wild – and there are currently about 8 new viruses being released each day. Most antivirus vendors claim to have advanced heuristics (a type of artificial intelligence which relies upon suspect behaviour) that may spot new viruses, but the technology isn’t yet accurate enough to rely on.
2. Keep your patches up-to-date.
Windows and the different programs that exist on your computer have vulnerabilities – these are flaws through which a virus or a backdoor can be injected into your computer. Fix the flaw and the threat will bounce right off your PC; think of it as inoculation. Windows users can go to http://windowsupdate.microsoft.com - it’s a free, anonymous scan of your PC which will list the patches available for all Microsoft programs and install them automatically after you’ve downloaded them.
3. Get a firewall and learn how it works.
There are a number of free firewalls available – try http://www.free-firewall.org
Think of your PC as being a castle and the firewall as being the wall around the castle. There are gates in the wall (called “ports†in PC-terms), but with a firewall nothing gets in or out of those gates unless you allow it to. You can set “rules†which permit different programs to communicate with the internet under certain conditions so you’re never bothered again by that particular program eg. sending and receiving email.
You can test your firewall’s effectiveness by going to http://www.grc.com - click the “Shields Up!†icon and see how well-protected you are.
4. Get a spyware-checker and keep it updated.
Spyware is becoming a serious threat to everyone’s privacy. Spyware and adware are small programs that run on your PC without your knowledge or permission; generally-speaking they don’t do any damage, but they report on your online browsing and shopping-habits. Adware foists popup-adverts on your screen, which can be highly irritating.
Two good free anti-spyware programs to use:
a. Spybot Search & Destroy: http://www.safer-networking.org
b. AdAware: http://www.lavasoftusa.com
5. Don't use HTML-email if at all possible - read and send it in plain-text.
Since the ****-worm of a few years ago, it’s become a fact that worms don’t have to be in the form of an attachment to an email – they can be embedded in the code of the email-message itself, especially in HTML-email. It may not be as pretty, but plain-text email is smaller, it’s considered more professional by those in the know - and it’s safer.
Safer? Never mind viruses, most spam emails these days contain web-beacons which report back to the spammer’s database that you’ve viewed the email. A web-beacon is a small image-file, usually a 1x1 pixel – if you view the email in HTML, it tries to download the tiny graphic assigned to your email-address – confirming that your address is active and making you a huge target for more spam.
6. If you have to use MS email-clients like Outlook or Outlook Express, disable the Preview-pane - and set the program itself to "Restricted security" (click on Tools, Options, Security).
7. Disable the default option in Windows called "Hide extensions for known file-types".
Once you’ve disabled that option, you'll spot any files with double file-extensions because these usually contain viruses eg. yourfile.txt.pif.
A file-extension tells you (and Windows) what kind of file you’re dealing with, be it a Word-document (My CV.doc), an mp3 music-file (Alanis.mp3) or a jpg picture (Family.jpg), to name a few. Most users see a .jpg and know enough that a virus can’t infect a picture, so they open the file and get infected. How? Because it wasn’t a picture at all. It was actually family.jpg.exe but Windows shows you just the first file-type, not the last – and the virus runs its infection-routine.
8. Save and scan any attachments before opening them, even from people you do know.
These days, any virus worth its salt will fake the email-address that it came from – that way you can’t warn the person who actually is infected, so the virus has a much longer time in which to spread. By the same token, you may receive warning messages that you’ve sent a virus – sadly, these warning-messages are largely redundant nowadays and are more of a marketing-gimmick than anything.
9. Don't send out virus-warnings if you don't know what you're talking about.
Just because it’s on email doesn’t mean that it’s factual - the rule is: “When in doubt, don’t send it outâ€. A good site to check out the authenticity of any suspected hoax is http://hoaxbusters.ciac.org
10. Prepare for the worst.
Keep backups of all of your important files - and test them to be sure that they do actually work before storing them somewhere safe. Everyone is equally vulnerable to a new virus during the window-period (that’s the time between a new virus being released into-the-wild and the time that your antivirus program will recognize it), so backups are sensible, not boring. And if the backups you’ve so painstakingly made don’t work when you need them, it’s too late.
Finally, keep yourself informed. Your security is your problem - don't let it become everyone else's.
Re: Practising Safe Hex
Thrall wrote:...Your security is your problem - don't let it become everyone else's.
-
- Registered User
- Posts: 1315
- Joined: 29 Apr 2004, 02:00
- Location: North Carolina, USA
- Contact:
Finally something real been done about viruses.
New AMD 64bit processors will have virus protection built in
Read full story at
http://www.prnewswire.com/broadcast/12076/press.shtml
New AMD 64bit processors will have virus protection built in
Read full story at
http://www.prnewswire.com/broadcast/12076/press.shtml
i realy like rule no9
also http://www.breakthechain.org/ is a cool place for hoax checking
L/users if i get one more warning from my users to delete the teddy bear icon in my windows directory i will strangle them with a smile on my face and a song in my heart
any way most peolple only adheare to the easy rules and pretend the rest doesn't exist and for those peple i have two words DISASTER RECOVERY
also http://www.breakthechain.org/ is a cool place for hoax checking
L/users if i get one more warning from my users to delete the teddy bear icon in my windows directory i will strangle them with a smile on my face and a song in my heart
any way most peolple only adheare to the easy rules and pretend the rest doesn't exist and for those peple i have two words DISASTER RECOVERY
-Some times you have to leave your corner of the forest to meet new people Whinnie the poo
Re: Practising Safe Hex
Whatever happened to SharkNet?Thrall wrote: Antivirus programs are retroactive in nature; they only protect you against known viruses.
Checklist: 11 things to do after a hack
Where do you begin? Here's a brief list of some steps to take "post-hack" to ensure you have the best chance of determining who did what and how it was done:
11 things to do after a hack
11 things to do after a hack
"Integrity" and "integer" both contain a Latin root meaning "whole; complete." The root sense, then, is that people may be said to be acting with integrity when their beliefs, words, and actions have a sense of unity or wholeness.
- rustypup
- Registered User
- Posts: 8872
- Joined: 13 Dec 2004, 02:00
- Location: nullus pixius demonica
- Contact:
as an update, and in response to the influx of similar threads:
Freebyte's Guide to Free Anti-Virus Software - a fairly copmprehensive list of all the necessary nick-nacks required... (a little dated in some repsects, will edit if something better presents itself...)
Missing from the above list, and rated highly by many:
HijackThis by Merijn Bellekom (from Software Downloads, as it's in english )
PC-cillin from Trend Micro
Finally, a comprehensive list of Rootkit scanners:
AntiRootkit
Freebyte's Guide to Free Anti-Virus Software - a fairly copmprehensive list of all the necessary nick-nacks required... (a little dated in some repsects, will edit if something better presents itself...)
Missing from the above list, and rated highly by many:
HijackThis by Merijn Bellekom (from Software Downloads, as it's in english )
PC-cillin from Trend Micro
Finally, a comprehensive list of Rootkit scanners:
AntiRootkit
Most people would sooner die than think; in fact, they do so - Bertrand Russel
-
- Registered User
- Posts: 39
- Joined: 04 Jan 2010, 15:42
Re: Practising Safe Hex
great thread
Should be required reading for any1 wanting to post in "security"
psi_
Should be required reading for any1 wanting to post in "security"
psi_