|
|
|
|
Security for Home and SOHO Computer Users
|
May 21, 2005 Well, lots has happened over the last few weeks. More viruses/worms, more trojans/diallers, more malware. Just make sure you are scaning for all this stuff regularly. Two very good anti-spyware programs are CounterSpy and Zero Antispyware. Both cost money but seem to do the job well. Microsoft announced the scariest program ever - ONECARE. It is designed to be THE program to keep a person's computer up to date with anitvirus, antispyware and firewall programs and updates. All that sounds good, right? However they also let slip it will look after the DRM on your computer too. You will be giving Microsoft TOTAL control over your computer if you sign up for this "service". You've been warned - it's up to you. April 7, 2005 A while ago I had strong good words for AntiVir, an AntiVirus solution. However, from recent personal experience, I fould that from time to time the updates cause problems with Windows. This time it was a Dell Win ME machine and after an update and reboot, the screen was 16 color and no sound. Upon further inquiry I found the system.ini file was trashed. The 1st four lines (the boot part) were replaced with a string of zeros and ones (000000001000000001 etc). After fixing the file all was well. I advised the user not to download any more updates. It looks like you'll have to pay for a good non-bloat A-V program. NOD32 and PC-cillin seem to come out the best so far. April 1, 2005 For home computer users who don't know much about security and the buzzwords, there is a great site which helps explain it all. Click here to go to CERT Coordination Center - Computer Home Security. Intel has a more technical set of articles related to home security here. Got a wireless home network now? Click here to go to CERT's page on Home Network Security. Microsoft has a page about XP and Wireless networks here. A number of how-to documents can be found here. and finally, from the University of Illinois, here is a page called Securing Your Internet Connection. For admins, here is the SANS page. March 31, 2005 Microsoft updates trash web browsing while using a dialup connection. Does Internet Explorer respond with "page cannot be displayed" when you try to get to a web page? Have you emptied Temporary Internet Files and still get the message? Are you downloading updates? Just as an experiment, try turning off Windows Update and see how your browsing experience improves! Of course you would only do that if you are confident of your AntiVirus and Firewall and AntiSpyware programs. Followup from March 26th: Drive-by infections are caused by using Internet Explorer and having Activex turned on. Either turn it off or at least set it to "prompt" to help avoid becoming infected. The second most common method of drive-by infection is through the use of Javascript, or Active Scripting, as Microsoft calls it. Add your trusted sites to the Trusted Sites Zone (Internet Options) and either turn off "Active Scripting" (best) or set it to "prompt" (still good, but will have a lot of prompts). On another note, Win95 is losing because of the tendancy of most broswer makers to not support it. Netscape up to 4.8 works fine but style sheets are flakey. Firefox is for Win98 and up. Mozilla does work, for about 15 minutes, and then hangs for memory leaks. No, we are not going to talk about Internet Explorer. Opera does work just fine, including support for complex style sheets. March 26, 2005 Well it's been an interesting 3 months. More browser takeovers, more domain name hijackings (including this one), more scams, and a new way to send spoofed sender spam email. Spyware is more rampant than ever before. Giant Antispyware was bought by Microsoft so that Microsoft could
have an antispyware program. Giant Antispyware was the best paid software out there. It
would run on all windows OSs. However the new version, Windows AntiSpyware, only runs on
W2000 and WinXP. Go figure. For a very good list of antispyware program descriptions and links, both paid and free, go to MajorGeeks. The programs at MajorGeeks are believed to be legit. However for a list of no-so-good programs purporting to be antispyware, check this Spyware Warrior page of Rogue/Suspect Antispyware products and Web Sites.. For a comparison of many different antispyware program features, which was done last fall, go to this Spyware Warrior page and for a very good testing analysis, go to this Spyware Warrior page. Next time I'll cover drive-by infections of your computer, just by visiting some websites. January 1, 2005 Happy New Year! Well, hopefully.... December 25, 2004 Merry Christmas! December 15, 2004 Well I suppose it's time to stop fooling around. We dance around the IE vulnerabilities but now it's time to do something about it. Why is it that people don't want to change to try something new, like a new, safer, no-popup, fast browser. Is it that people are familiar with Internet Explorer and don't want to experience learning a new browser? I'd have to say yes. However, for those who are fed up and are perhaps more adventurous than the average web surfer, there is Firefox - and for your email, instead of the dreaded Outlook Express, there is Thunderbird. Click of the graphic links for more info.
December 12, 2004 Just how fast does an infection occur using WinXP and no firewall? In our little test approximately 20 seconds. Not bad for what Microsoft billed as the "most secure operating system" ever produced. Here is a much more detailed experiment: December 6, 2004 Well Microsoft is supporting IE for win98 to WinXP SP1 after all. Please see this Microsoft page for a patch issued Dec. 1st for recent vulnerabilities. November 25, 2004 MS advised they would only support the SP2 version of IE6 in the future. However there are huge vulnerabilities for the non-SP2 versions of IE, which have made the rounds over the last couple of weeks. I wonder what MS will do. MS didn't announce an end-of-life for the older IE. How could they - it is "part of the operating system". Interesting. November 11, 2004 Watching the ongoing vulnerabilities for all operating systems (the most going to MS however) begs the question: when will it end? I believe it won't end. We have to get used to it and protect our computers. Vendors of the software we use, such as Windows, MUST take some responsibility. Anyway, this month Microsoft is not fixing, to date, the Iframe and Embed vulnerabilities for which there is an exploit through the Mydoom worm. Please folks, turn OFF active scripting. Please check the Secunia and CERT advisories. CERT also has a page on how to harden your IE browser and MS email products. Win XP SP2 is apparently not affected by the vulnerability. The browser solution? User another browser, such as Firefox. News Update - free Antivirus programs: So, can you guess? Let's go with AntiVir
- it at least installed, scanned and runs without fanfare. No hassle at all. It is small,
light and fast - no extra bloat like so many other AV programs have. Yes, it works very
well for today's install on Win95 (and Win98). Thanks to one of you for supporting the home user! One more note: Again, go to this url BEFORE you use or buy an anti-spyware program.
Some are spyware! In addition to the Spywareguard and Spywareblaster links just below, there is the great Spybot Search and Destroy spyware detector and cleaner. Don't forget BHODemon from Definitive Solutions (PCWorld download link) to check and clean out those nasty BHO's. Ok, one more item for today - a repeat: July 11, 2004 Well - Well - Well! It's like a circus in the anti-virus/worm/trojan/dialler/etc. world. More vulnerabilities with Internet Explorer, dialler backdoor programs and on and on. Here are links to several online scanner sites. This is good if your own anti-virus program has been rendered inactive by one of these programs. Panda - http://www.pandasoftware.com/activescan/com/activescan_principal.htm Then you go on a search to find a solution and you see paid rankings in your search engine. Do those sites offer something good or are they a scam? Go to this next link and see. Rogue Anti-Spyware - Be Careful what you use! From JavaCool software come SpywareBlaster and an always active spyware guard. SpywareBlaster from Javacool http://www.javacoolsoftware.com/products.html Here is a whole list of tools for your reading or downloading enjoyment. Spyware/Adware/Hijackware Tools And last but not least for today, Microsoft. Microsoft Patch Leaves Holes Open I'll be looking at Free Firewalls and Free Antivirus programs for the next entry. May 30, 2004 Well, I've alway liked AVG from Grisoft, however they are making it much more time-consuming and difficult to download and install the software. It now requires 2 emails and 2 website visits to do the job. And, if you want to download it more than once, for someone else who can not connect to the net because of virus or trojan activity, you sometimes can't, because your IP address is tracked. Another company has what seems to be a great product, which, according to its website seems more feature-rich than AVG. It is a relatively smaller download - and - there is no email reg key to hold you back, like AVG. The FREE for personal use anti-virus program is called AntiVir Personal Edition and is published by H+BEDV Datentechnik GmbH. Go to the special website they have setup just for AntiVir. Yes - it works on win95! And Win98 right up to XP. May 12, 2004 Well, we have seen a huge number of infected computers, due mostly to the Netsky and Sasser worms. Microsoft vulnerabilities never seem to end for their "secure" operating systems. But I suppose we must thank Microsoft for all the overtime needed to fix the problems. A very indepth and thorough page regarding "Securing your PC" written by Paul Szabo of The University of Sidney can be found here. It is kept up to date. It lists and links a huge number of vulnerabilities. It has solutions. Try it, I think you'll be there for quite a while, because there is so much to read and heed. Mar. 22, 2004 In the Sans NewsBites newsletter of March 17th, a very interesting quote, which says much more elequently what has been said here. Editor Alan Paller started it off this way. Stop Blaming the Victims The software vendors could have done a much better job of protecting their clients. Their officers have admitted as much. This nation, and every other nation, has a right to better treatment from the software vendors. A small excerpt is here: "Mainstream users shouldn't have to be IT experts to operate their computers." I wonder when the software vendors are going to "take responsibility". Mar. 8, 2004 Spyware detection and removal Lavasoft - AdAware Feb. 17, 2004 With all the Worms and Viruses circulating today, it would be
helpful if people didn't click on email file attachments, no matter how enticing it is.To
check if what you receive is the latest worm or virus you could go to either of these
websites. US-CERT Current Activity Frisk International - F-Prot http://www.f-prot.com/virusinfo/list_date.html Sophos Top 10 http://www.sophos.com/virusinfo/topten/ Annoyances - like forgotton passwords - easy fixes - no more excuses about forgotten passwords now Password Recovery Tools Dialupass - forgot you dialup password? Asterisk Logger - so easy to use - from Nirsoft Asterisk Key - a little more involved Protected Storage PassView v1.60 - from Nirsoft Mail PassView v1.13 - from Nirsoft Netscapass v2.03 - from Nirsoft Windows Update Troubleshooter Microsoft Windows Update Troubleshooter When Windows Update fails Outlook Express ongoing problems - troubleshooting Outlook Express Issues, Tips, Spell Check, Mail/News Sharing Sandi's Site DNS Stuff - who? www.DNSstuff.com Reverse DNS Lookup Quick and easy Email checker - while still on the server! Quick and Easy way to check email on the server on a regular schedule and delete as
well. POP-UP Stopper MyPopupKiller v1.24 - from Nirsoft Cookie Viewer Very powerful Cookie Viewer and Editor for IE - see what web sites are tracking News Rant - Feb. 7th, 2004 McAfee has no support for Win95 and support for Win98 is dwindling.
The last good version of Virusscan (no screwups) was 4.02. Verson 4.03 dropped downloads
for no apparent reason (no reason why at all). Later versions are more bloat and patch
friendly. Version 4.02 is no longer supported. They really are not making it easy for
people. So it looks like it is 4.03 or nothing. Well, it is time for AntiVir. Virusscan
was never free and I, like everyone else, paid for it. However, I'm not interested in
paying every year. That is straight BS. Pay once - that's it! I did consider Norton Anti-Virus, but it doesn't play nicely with Outlook Express. (No, I don't use OE!) Not at all. It works without errors if you turn off email scanning. And, you pay every year - more BS. Is it any wonder that viruses and worms catch on and last so long? Many people with Win95 and Win98 are propagating them but they don't have the support of the A-V companies. One would think, on the surface, that the A-V companies would like to help with world users. But perhaps not - can't sell product if viruses and worms are not in the news eh! More power to companies like H+BEDV Datentechnik GmbH, maker of AntiVir - powerful free (personal use) and runs on Win95 to WinZP. Old News A column about "good worms" by Jim Rapoza at eWEEK more than suggests that the uninitiated user is to blame for security issues such as trojan takeovers. Perhaps he is talking about system administrators though. Hard to tell. The article you are reading here is more from the perspective of home or SOHO user. Here is a quote from his article: ". . . if you haven't protected your system against well-known holes that have had fixes in place for months or years, then you obviously have abdicated responsibility for your system. Your systems are now a threat to others." How can you abdicate responsibility if you didn't know you were responsible? How do you know? Perhaps by reading trade web sites and subscribing to security-related newsletters. However the average Joe doesn't even know they exist. People keep talking about security issues as if everyone knows. Well, everyone doesn't know. Just ask any service tech at a computer store. Mr. Rapoza is suggesting that "good worms" be sent through the internet to "fix" the computers which are infected by "bad worms". Wow! As we know, with Windows XP and 2000, Microsoft is in a position to talk to our computers, load whatever Microsoft wants to our computers and turn off what Microsoft doesn't like, on our computers. My, My. Now Mr. Rapoza wants to add insult to injury by suggesting that "good worms" should modify our computers, unknown to us and without permission. Does anyone see a cycle developing here? You know that when you buy a toaster or iron or tv a nice little manual comes with it. The first several pages have WARNINGS, usually bright red in color, about plugging it in or turning it on or a dozen other things. These are safety related warnings. So if "bad" programs are running on people's computers and they are considered "unsafe" - and if the operating system itself is susceptable because of vulnerabilities, then why not tell people about it? Why doesn't Microsoft, for instance, have warnings in the front of their operating system manual? To wrap up, I would suggest that vendors contact the people they sell computers to, and, software makers contact the people they sell software to, and advise the people of the strengths (few) and weaknesses (many) of their shiny new computer system. Microsoft wants the home user to switch to XP, which is an insecure system, as we know from weekly updates issued from Redmond. But the home user, who bought the XP machine because it was billed as too easy to use (user friendly - no computer smarts required, especially about that old DOS stuff!) is now expected to automagically know all about security threats? Crapola. It would be nice if the great security folks in their nice office
towers would just work in a computer store for a couple of weeks. That is where the real
education lies. |
|
All rights reserved. IBO
Business.com This page was last updated on 05/21/05. |
