4 replies to this topic

[LilBambi]

Several folks asked that I start a thread with this list that I had posted here. It has also been pinned as suggested.So here we go:Cluttermagnet's last posting asks how sophisticated these pieces of malware crap have become. Two words: RATs and rootkits...these are the order of the day. And it doesn't matter what version of Windows you use because they can be devastating even on a SP2 for WinXP Pro if you get one.So yes, they are increasingly sophisticated, and more targeted as well.Having said that, if you follow the following, most any OS will be ok as long as you walk carefully around the Internet and don't fall prey to social engineering tricks:1. backup data regularly and image partitions if possible*2. run a personal firewall (software) and keep antivirus software updated and run scans3. keep anti-malware software updated and run scans4. empty temporary spaces often, particularly when something seems a little odd, or you end up somewhere you didn't expect while browsing, and particularly before you reboot the computer5. use as few browser plugins as possible and keep them updated as often as available6. keep up on all software updates when available (media players, office software, etc.)7. use an email client that can be set to plain text email, preferably with no images inline, and where the email client does not have the ability to run code, period - and be careful with emails!8. use an alternate browser that may be safer than IE for general browsing - and be careful where you go9. Set IE's (edit: IE 6.x) normal Internet settings to High (same as for Restricted Zone) and place *.microsoft.com in the trusted zone for windows updates (just in case they provide one out of their good graces patches - they have been known to do this); along with any other trusted sites that may need to use IE10. Broadband and/or networked computers with shared internet access - use a router with a built-in stateful inspection firewall between your computers and the Internet.These things will keep any OS, current or not, safer, however with an out-dated OS ALL of these things become more important.There is NO secure OS. So you do the best you can with what you have and be a good netizen by making sure your computer is NOT part of the problem.Just my two cents.Any other items to be added to the list? I just know I am forgetting something important.NOTES:* Disk Imaging added by Cluttermagnet, Temmu and others

[epp_b]

Quote

1. backup data regularly and image partitions if possible

And keep it on a completely external medium (ie.: an external USB drive or a CD-RW) and be sure to test that your backup is valid and also test the backup medium itself for structural damage.  If your data is even more important to you, take your backup with you when you if on trips that are a day or more and/or seek out a remote-backup solution.

Quote

4. empty temporary spaces often, particularly when something seems a little odd, or you end up somewhere you didn't expect while browsing, and particularly before you reboot the computer

Some web browsers are capable of emptying some or all of the browsing information when closed.  For example, Internet Explorer can be set to clear the cache every time it is closed and Firefox can be set to delete pre-selected browsing data (history, cache, cookies, etc.)

Quote

5. use as few browser plugins as possible and keep them updated as often as available

Note that "plugins" are not necessarily the same as "extensions" in Firefox.

Quote

6. keep up on all software updates when available (media players, office software, etc.)

However, it is sometimes good to wait just a couple of days (if, perhaps, it's not a critical update) to see if there are reports of problems with any specific patches.  Otherwise, be sure to have a recent backup of your operating system as an image or partition.

Quote

7. use an email client that can be set to plain text email, preferably with no images inline, and where the email client does not have the ability to run code, period - and be careful with emails!

Some mailers, such as Eudora, include their own basic browsing engines which render only very simple formatting and images.  If you must use HTML mail -- particularly in Windows -- these are generally much safer than letting the mailer use Internet Explorer's browsing engine.

Quote

There is NO secure OS

That's right folks.  Security is a myth.  No matter how thick the walls in your bank vault are, there's always the chance that someone will have enough dynamite to bust it open.  So, be on guard in order to close the biggest hole in your personal digital security: you!

[Laz]

LilBambi, on Apr 16 2006, 06:44 PM, said:

Several folks asked that I start a thread with this list that I had posted here. It has also been pinned as suggested.Any other items to be added to the list? I just know I am forgetting something important.

  It would not hurt to disable some of the services that are not required bythe individual user, such as SERVER, REMOTE DESKTOP, REMOTE DESKTOP HELP SESSION MANAGER, REMOTE REGISTRY, all of which can provide a back door opportunity.  These can be controlled from "START / RUN / SERVICES.MSC

[RichNRockville]

My experience with users being invaded by rootkits, trojans and virus infections is that many of them were looking for something for nothing.Like a free copy of some commercial software, video or music.I have no sympathy for them as most received more than they asked for.but the three most important words in computers are:BACKUP!  BACKUP!  BACKUP!YMMVRich

Edited by RichNRockville, 28 March 2008 - 05:55 AM.

[LilBambi]

I undestand why you might think that RichNRockville, but although that often happens, that is not the only way to get infected.Since many people are now getting their Windows Updates, have antivirus and antimalware scanners, the unethical hackers have moved to other things; mainly third party software and browers and browser plugins.To update this list, I would also encourage all users to make use of Secunia's Software Inspector:http://www.secunia.c...tware_inspectorto help them keep these third party programs, browsers and plugins up to date.Remember, many people have been infected from visiting a legitimate site such as The Miami Dolphin's site, the MLB site, and thousands of other legitimate websites making use of vulnerabilities in browsers, third party plugins, and third party programs.A perfect example of this is the Pwn2Own (sponsored by TippingPoint) Day #2 winner, the original iPhone hacker, who used an exploit in the Safari browser to take down the MacBook Air this week -- 2 MINUTES into Day 2 after the rules had been relaxed to enable the hackers to use Zero Day Exploits.