Jump to content

Recommended Posts

Posted

Computer Protection Primer

Okay, for starters, I apoligise if this seems as if its written for beginners, but I want everyone to be able to understand it. Also, this is written with the Windows user in mind.

Terms you need to know:

Adware - Programs on your computer which popup ads randomly as you use it.

Dialers - or 'modem hijackers' take control of your modem to dial long distance numbers, which the program designer gets a comission from.

Trojans - Open a 'backdoor' to your system, allowing others access to it.

Malware - Programs designed to do damage to your system, and/or cause financial damage.

Virus - Malicious code, usually harmful, which is buried in the code of other programs

Hacker - Someone who intentionally breaks into private computers.

Patch - An add-on fix for errors in a program (IE 6), or operating system (Windows).

Spyware - Programs which send information about you, your system, and online habits back to another server.

Keylogger - Reports all your keystrokes (including banking passwords) to a remote server.

Spyware, malware, trojans, keyloggers, dialers, and adware are programs installed on your system either without your permission, or hidden in programs that you install on your system. These programs are similar to viruses, but somewhat more developed and purposeful (not for you though), rather than destructive.

There are three things you need for good basic computer security. They are:

- A firewall

- Anti-virus/spyware software

- Current updates to your system.

Most of these you can get for free, or at least trial versions to get you through until you can purchase the full version.

Firewalls

A firewall is the digital version of a doorman who checks the ID of everyone coming into your system. If you have not given permission for someone to connect to your system, it blocks their access. Some, like Zonealarm are very automated and run with minimal input from the user. Others such as Wingate are highly configurable and flexible, but much more complicated and not recomended for the beginning user.

There are two types of firewall, hardware, and software. The above two mentioned are software firewalls. Programs that you download and install of your system. Hardware firewalls are found in routers on your home or office network, and deal with incoming data before it even reaches your machine. I won't go into details of setting up and configuring a hardware router here, but the most important thing you can do if you have one at home is make sure you change the default password set by the manufacturer. I can assure you that any hacker will know the default passwords of the main manufacturers, and try these first.

Antivirus Software

Like your computer's immune system. It catches malicious data as it arrives and kills it on the spot. My antivirus catches about 10-20 per day on emails alone. Install it, and update it often.

Anti-spyware programs

Works similar to antivirus programs, with a different target. good ones will watch for changes in your computer's registry.

Software Updates

This is very important. When a flaw if found (often) in Windows, Microsoft will usually release a patch within days to fix it. Without it you are leaving a hole in your security open that has just been publicized all over the place.

You can either use your windows automatic update wizard, or go to http://www.microsoft.com/security/ every few days to find new info on potential threats.

Related Websites

Firewalls/Antivirus

http://www.zonelabs.com/ ZoneAlarm (Firewall/Antivirus/Security Suites)

http://www.mcafee.com/ McAfee (Firewall/Antivirus/Security Suites)

http://www.symantec.com/ Norton (Firewall/Antivirus/Security Suites)

http://www.bitdefender.com/ (Antivirus)

http://housecall.trendmicro.com/ Once off removal of Virus

Anti-Spyware

http://www.microsoft.com/athome/security/spyware/software/ Microsoft Anti-Spyware (Beta)

http://www.safer-networking.org Spybot Search&Destroy

http://www.lavasoftusa.com Ad-Aware

Spyware Terminator - includes antivirus (new Sept 06)

http://www.hitmanpro.nl/ Automatic spyware remover

Spyware Removal Programs Reviews: http://www.adwarereport.com/

Microsoft Security Site: http://www.microsoft.com/security/

Other Sites of Interest:

Computer Emergency Response Team (CERT) http://www.cert.org

AntiOnline Computer Security Community http://www.antionline.com

cv

  • 9 months later...
Posted

I have noticed OP's asking for advice in removing this and that trojan, and how do I get rid of this and that adware.

Here are two free sites offering free malware removal, and general computer help.

http://www.bleepingcomputer.com/

http://www.spywareinfo.com/

I have been trained at both these sites, so I can tell you that the training you receive before you are allowed to post fixes is quite tough.

You should only receive advice from an expert, but sometimes non experts post answers, but these are removed as soon as the site MODS see them.

You will only ever be asked to download free software to help fix your problem. And advice when your computer is clear on how to stay clear. The language used will be as simple as you require, so if you dont understand anything it will be explained again step by step. You will also be told if you have any anti spyware software that is considered to be rouge.

You will need to register with them, its a similar sort of process to register here.

Both sites are US based, but have members from all around the world. The advice you get probably will not be instant, as there are more Op's with problems than volunteers that fix them.

  • 10 months later...
Posted

If you have additional suggestions for this section please PM me and I will add them in.

Thanks

Astral

Moderator

  • 2 months later...
Posted

This is a long post.

After years of struggling with Personal Computers that crash after a few months or become too slow to be usable or get infected with bugs I have finally come up with a configuration that is about as robust as one could wish for. Best of all it resists all attacks by Spyware, Malware, Hacking and virus’s and perhaps even better than those things it costs me nothing by way of license fees, except for the operating system. The software I use is all free and is currently regarded as some of the best available. The bottom line here is that every time I go to use my PC it works as intended and not even the most destructive web site seems to affect it. My PC does not suffer from performance degradation, my hard disks are always in best shape and I am always in a position to react in time to any kind of threat.

So because I run into so many expats in Thailand who always seem to have PC problems, I set out below, hopefully in simple enough terms, the way to construct the operating system and software side of a home PC and hope that some people will find it helpful. Whilst much of what is written below is common sense for experienced users you can imagine that many folks miss the obvious sometimes. If all of the following is not clear don’t worry, I have a more detailed free guide I will happily PM to anyone who needs it.

Finally before we begin, there is a fair amount of subjectivity associated with this topic and I do not claim that the solution presented here is the absolute best, one that is far better than any other solution. Individuals will have personal preferences as to individual software components and they may well be right. Others will also have additional steps that can be taken to further improve things and they also may be right. All I offer here is a time tested and proven method of making sure that you end up with a PC configuration that is useable all of the time and one that has good performance and is free of problems over the medium to long term.

The two assumptions used in compiling the following are, (a) your PC is Microsoft compliant and (:o you connect to the Internet, preferably by broadband.

PRE INSTALLATION WORK

Start by backing up to a removal device all the personal data and files you want to save then fully FORMAT all hard drives using NTFS (assuming Windows 2000 or later).

Visit one of the more reputable Freeware download sites such as Major Geeks, Snap Files, File Hippo or File Forum and download free copies of the following free software. Burn the above software to CD or put copies on removable media.:

Zone Alarm free firewall

AVG Anti virus (including latest virus definition file)

Spybot Search and Detection

Ad-Aware Anti-Malware

Spyware Blaster

EasyCleaner 2 by Toni Arts

Crap Cleaner

Zsoft Uninstaller

Disk Keeper Lite

Mozzilla Firefox

Eusing Free Registry Cleaner

Hi-Jack This

System File Defrag by System Internals

Root Kit Revealer

Starter by Codestuff

RegScrub XP

Registry Defrag 2.20

Create an operating system partition, typically this will be the “C” drive – this partition should be about 10GB. Create as many additional partitions as needed to store data and this will vary based on personal needs and circumstances. I have four partitions, one for the operating system and programs (10GB), one for documents (10GB), one for music (72GB) and one spare (58GB). By configuring your disk in this way you will be able to recover data and/or reload your operating system easily in the event of a failure and without having to back everything up first.

LOAD THE OPERATING SYSTEM

(In the following instructions, reboot your PC where so instructed by the system).

Reload a genuine copy of your operating system, preferably XP Pro since this is perhaps the most advanced security and performance wise of all of Microsoft’s (MS) products.

Get the free disk from MS containing Service Pack 2 and load that.

Take a look at the Services that are started at boot time and take a view as to which ones you really do need and which ones you can switch off. The Black Viper web site is an excellent source of information in trying to reach those decisions. Remember, the fewer services that are loaded at start up means a system that will boot more quickly.

Load the software disk that contains all the drivers for your modem, BIOS, display etc – this will likely be a disk that came with the PC. Alternatively, if you do not have such a disk the drivers can be obtained from the internet later.

Do NOT connect to the Internet until asked to do so.

Create a user account for use on a daily basis and this should be separate from the Administrator account that is to be used for system maintenance only.

ADD ADDITIONAL SOFTWARE

Load to your PC ALL of the downloaded software saved from above.

Run Crap Cleaner and Easy Cleaner to remove any junk files. Also run Zsoft Uninstaller by searching for Temp Files ONLY and remove them.

Run Spybot and ensure it is always in Advanced Mode. Select Tools, Hosts and check the button that adds Spybot addresses to the Hosts file.

Run Regscrub to get rid of unwanted registry entries.

Run Easy Cleaner and check for any registry inconsistencies and delete any that are found.

Run Eusing Registry Cleaner to delete even more obsolete entries.

Run Disk Keeper Lite to defrag the hard disk.

Run Registry Defrag to compact the registry.

Run Starter and determine which software you really need to start at boot up. Typically a PC for home use will require very little software to load at start up time and I recommend you restrict this to Zone Alarm, AVG Anti-virus, and perhaps your modem software – all others can be removed.

Open each of the installed programs, one at a time and change the settings (where applicable) to ensure that each one will search for and install updates every time you connect to the internet. Spybot, AdAware, AVG and Zone Alarm all have such settings.

Turn on the Windows Update setting in XP to ensure that operating system updates are downloaded automatically.

Open AVG and schedule a weekly virus scan.

CONNECT TO THE INTERNET

If you connect to the Internet via broadband you will almost certainly have an “intelligent” broadband router that can be configured. Since all routers and technology vary it is not possible to provide details of settings here but the principle should be that you only allow wanted services and protocols and all others should be blocked. Personally I allow only TCP/IP and HTTP and forbid all else. This seems like a daunting task but most handbooks will guide you through the process without too much pain. N.B. I use two routers back to back – one serves broadband whilst the second serves a Vonage IP phone and this provides a double layer of protection in many respects.

Using the working account created after operating system load, ONLY:

Establish your Internet connection and allow the operating system to download all updates to XP. When all updates are installed visit the MS update site and check for system updates that are PC specific that have not been downloaded automatically.

Visit the home site for each of the pieces of software you have installed and ensure that all definitions and updates have been downloaded.

Make a backup copy of your entire system and store this on removal media and a copy on a spare drive, if you have one.

DAILY OPERATION

Try not to use Microsoft Explorer since it is the target of most hack attacks; use Mozilla Firefox or Opera instead.

Only Use the Administrator Account infrequently and even then when you are off line.

Ensure all updates are downloaded at least every few days.

Run an anti-vrus scan, AdAware and Spybot at least once a week and delete all offending entries.

Run Hi-Jack This weekly and check the log report for processes that you do not recognise, research each and action accordingly.

Do not use Outlook for email, a much safer, faster and flexible option is Thunderbird by the Mozzilla foundation. I have setup my Thunderbird software to automatically retrieve copies of all my emails from three different email suppliers, each in turn and the process is effortless and very quick.

Set Crap Cleaner to run automatically and clean the temporary files folders at start up.

Run the other disk cleaners, defrag software and registry cleaners every few days.

Configure the Mozzilla browser to download all files to a specific folder that you designate, this will make management of downloaded files easier and will ultimately save disk space.

Consider loading a Hosts file containing a list of know malicious sites. Several such files exist on the Internet and when you find one that you want to use, load it into the Systems32/Drivers/etc folder. Be sure to re-add the Spybot hosts list (see above) once again afterwards.

Check the Zone Alarm firewall logs for consistent and reappearing threats and block them using Zone Alarm.

Ensure that only programs you specify are allowed to access the Internet by modifying the list of programs in Zone Alarm.

Try to stay away from sites that are known to cause problems and these include a large percentage of sites offering adult material.

Do not open any attachment to any email from any address you do not know – curiosity killed my PC!

HOW TO TEST YOUR SYSTEM

Try visiting the GRC Shields UP site and run a test on your network security.

Download and run Microsoft’s MBSA V2.0 to test for system weaknesses.

Good Luck

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...