IMPROVE YOUR COMPUTER SECURITY
START HERE:
Code:
http://www.dyingsun.net/hardening.htm
http://www.dyingsun.net/hardening.htm
You can do the most amount of hardening with the least amount of time and effort by using a few free tools. You may also want to consider the paid apps below this section as they can provide even greater protection than what is available in the free tools.
Windows Worms Door Cleaner (Windows 2000, XP, & 2003 server)
Freeware
Code:
http://www.firewallleaktester.com/wwdc.htm
http://www.firewallleaktester.com/wwdc.htm
This small utility will close all system ports for you. This is the most common way for worms to invade your system. In the event that your firewall malfunctions, is improperly configured, or becomes disabled, your system will still be that much less vulnerable to attack.
For further information on why closing these ports is important, you are encouraged to read this report from the Honeynet Project from November 2000 (worm activity has since greatly increased)
http://cerberus.sourcefire.com/~jeff...Spitzner/worm/
SafeXP (Windows 98, Me, 2000, & XP)
Freeware
Code:
http://www.theorica.net/safexp.htm
http://www.theorica.net/safexp.htm
SafeXP configures Windows, Internet Explorer, Outlook Express, Windows Media Player, and MSN Messenger for much greater security. It covers too much to give any specific examples, but is very highly recommended for all Windows versions. If the choices overwhelm you, you can easily press the "Recommended Settings" button for a good selection of options that should work in most settings. Some items do overlap with other tools listed here, but should pose no problems.
SecureIt (Windows 95, 98, Me, NT, 2000, XP, & 2003)
Freeware
Code:
http://www.sniff-em.com/secureit.shtml
http://www.sniff-em.com/secureit.shtml
SecureIt configures your system in a more advanced way than SafeXP, covering different ground. It also has a few tricks not offered by other hardening tools, such as the ability to run IE and Outlook/Outlook Express with reduced security privlileges that can render malware powerless should they happen to gain access to your system by an unknown vulnerability. Please note that this may change your Internet Explorer settings in a way that may make some websites display improperly. The security is worth the inconvenience, however, and is still recommended. You should also consider using an alternate internet browser that is not based on Internet Explorer, such as Mozilla Firefox or Opera. If you do not use Internet Explorer, you should not see any difference.
HardenIt (Windows 2000, XP, & 2003)
Freeware
Code:
http://www.sniff-em.com/hardenit.shtml
http://www.sniff-em.com/hardenit.shtml
HardenIt configures your TCP/IP and network settings to leave you less vulnerable to exploits in the way your computer communicates across the internet. Hackers can send specially crafted packets of information that may "confuse", or otherwise bypass, your firewall, allowing them to "slip through" This is especially important if you run servers of any kind, peer-to-peer, or IRC applications. This should not adversly affect any normal internet usage, and all "recommended" settings work fine.
For instructions on configuring your system manually, visit:
Code:
http://www.markusjansson.net/exp.html
http://www.markusjansson.net/exp.html
If you insist on using your computer in an administrator account, you should also consider using
DropMyRights
(Windows 2000, XP, & 2003)
Freeware
Code:
http://msdn.microsoft.com/library/de...re11152004.asp
http://msdn.microsoft.com/library/de...re11152004.asp
The next time you reinstall Windows, consider making a customized, pre-hardened, install CD with
nLite
(Windows 2000, XP, & 2003)
Freeware
http://www.nliteos.com/
(requires the .NET Framework, available through Windows Update as an optional component)
nLite is a fantastic utility to create a customized Windows install CD with integrated service pack, hotfixes, drivers (of your choosing), tweaks, and allows you to completely remove components for security and performance. Very highly recommended for the next time you plan to format and reinstall Windows.
Qwik-Fix Pro
http://www.pivx.com/
Qwik-Fix is an excellent commercial hardening tool that gives you the benefit of auto-updates deployed by a full-time team of researchers actively seeking Windows exploits. This program offers hardening options not offered by free tools, including protection for third party applications (not just Windows.) This program works on all versions of Windows and costs only $25, with a 15-day trial available. With the above free tools, this can help you achieve very strong proactive security without the need for monitoring. Qwik-Fix works very transparently and with the greatest compatibility, making it a viable option for users of all skill levels.
Pivx also makes a tool called PreView that can show you the currently level of security of your system by examining the software and Windows Updates installed as well as how well your system is hardened against specific malware. This tool is free and can be downloaded from the main site.
Computer Security Tool
http://www.computersecuritytool.com/
Another excellent commercial tool. This mainly configures standard Windows components for maximum security, establishing a baseline that covers the SANS Top 10 Vulnerabilities in Windows and more. It makes an excellent companion to Qwik-Fix, and the two can replace most of the free tools. They are also both under active development, and promise to include some fantastic features in the future. Computer Security Tool includes some extra nicities including a well organized interface, HOSTS file scanning, security tips, portability (burn the program to disk with a security template and easily secure other computers), backup and restore of the settings it changes, templates of security settings for easy securing, and more. It also includes some group policy settings that can not be found in other hardening tools but which are essential (and basic) to maintaining your system security. Future versions of CST promise to include even more of this functionality, along with the ability to harden IE.
This program has both a beginner and advanced user modes. The beginner mode will ask you a few questions and configure your system according to your circumstances. CST, too, is a viable option for users of all skill levels, but has some very attractive options for those that work on other's computers.
You can also visit the website for more information on what each setting does. Even if you decide not to use this tool, it provides some good resources..
Security Software & Links part two
Security Software & Links
E s s e n t i a l . R e a d i n g
"How much protection is enough?" Article by Fred Langa
http://www.informationweek.com/840/langa.htm
"How To Ensure Remote-Control Security With XP" Article by Fred Langa
http://www.informationweek.com/story...leID=164300008
See http://www.langalist.com/ for a free newsletter with lots of good information on a variety of computer related subjects, including security. It's a great newsletter for users of all skill levels. Updated regularly.
Essential security tips by various users (including myself), courtesy GetData software. Also see the "Security Resources" links on the bottom left-hand side of the page for even more great resources.
http://www.computersecuritytool.com/...ness_home.html
Security Glossary, definitions of common terms courtesy of Prevx software
http://www.prevx.com/glossary.asp
A n t i - V i r u s
NOD32 (the best detection of unknown threats)
http://www.nod32.com
Kaspersky (KAV) (the best detection of known threats)
http://www.kaspersky.com
BitDefender (free on-demand only scanner available)
http://www.bitdefender.com
eScan Anti-Virus Toolkit (on-demand only, does not clean) (free)
http://www.mwti.net/antivirus/mwav.asp
Dr. Web CureIT (on-demand only) (free)
http://download.drweb.com/win/
AntiVir (free)
http://www.free-av.com/
(See the "Links" section for discounted/free antivirus software)
A n t i - T r o j a n
TDS-3, PortExplorer, and WormGuard
http://www.diamondcs.com.au
a-squared (free and paid versions)
http://www.emsisoft.com
Ewido (free and paid versions)
http://www.ewido.net
BOClean
http://www.nsclean.com/
TrojanHunter
http://www.trojanhunter.com/
F i r e w a l l s
Look n Stop
http://www.looknstop.com - beta drivers and background service available at the top of THIS thread in the official support forum
Outpost (free and paid versions)
http://www.agnitum.com
XP Firewall Control & x-Wall (free and paid versions available)
http://www.sphinx-soft.com/
Jetico (free)
http://www.jetico.com/
Sygate Personal Firewall (free, paid version available)
(note: should not be used if you use a content filter proxy like Proxomitron)
http://smb.sygate.com/products/spf_standard.htm
FileSecLab Personal Firewall (free)
http://www.filseclab.com/eng/products/firewall.htm
Kerio Personal Firewall (free, paid version available)
http://www.kerio.com/us/kpf_download.html
NetVeda Safety.Net (free)
http://www.netveda.com/
Tiny Personal Firewall
(note: also includes comprehensive generic protection, but not recommended for beginners)
http://www.tinysoftware.com/
CXH-I (free for home use. No application filtering, not suitable for beginners)
http://www.idrci.net/
Information and downloads of firewall leak-tests, and comparisons of different firewall's abilities to stop them, can be found at http://www.firewallleaktester.com/
G e n e r i c . P r o t e c t i o n
(behavior blocking and system monitoring)
ProcessGuard (anti-keylogger/rootkit/firewall bypass, more) (free and paid versions)
http://www.diamondcs.com.au - More info on this program HERE
Prevx (blocks most malware) (scroll to very bottom of front page for free version)
http://www.prevx.com
Qwik-Fix Pro (hardening tool)
http://www.pivx.com
RegRun (registry monitor & tools, disinfection tools, and more)
http://www.regrun.com
RegDefend (registry protection)
http://www.ghostsecurity.com
Code:
L i n k s
Eric Howes (malware expert) has a website similar to the page you are looking at now.
(my page hopes only to compliment his and other sites around the web, not mimic or replace it.)
https://netfiles.uiuc.edu/ehowes/www/
Spyware Warrior - Home of the "Rogue/Suspect Anti-Spyware Products & Websites" & tons of other info on the war against spyware (by Eric Howes and Suzi)
SpywareGuide - Another good site for spyware info
A.S.A.P - Find a website for assistance with removing malware by volunteer experts
Microsoft MVP's - Most Valuable Professionals in the area of security. Most of these folks have great webpages with excellent tips/guides for securing and/or disinfecting your computer, some even have their own freeware for download. Very much worth looking through.
Wilders Security Forums - By Microsoft MVP Paul Wilders
CastleCops - Security forums, resources (including Windows startup, LSP, and CLSID lookup), software reviews, news, and more
CounterExploitation (cexx.org)- Privacy resource
VersionTracker - Stay up to date with virtually all your software)
Tech Support Alert - Excellent source of software recommendations & reviews (security & otherwise)
Windows starup online repository - List of files commonly found in the Windows startup, what they do, and if they're needed, useless, or harmful.
VMyths - "The truth about computer security hysteria" - a must read for anyone interested in security
TechWeb - Security and Privacy news & articles
Infosyssec - Security news
Security Pipeline - More news
ComputerWorld - Major computer/IT site, this link goes directly to their security section
IT Observer - Network security portal
SANS Top 20 Internet Security Vulnerabilites
Secunia - stay up to date with software vulnerabilities
SecurityTracker - Similar to Secunia. Tends to get more advisories than Secunia, but not as well organized.
Hideaway.net - Security resources for all skill levels
CERT Coordination Center
In-depth reading:
(many of the certification sites have documents for free download that are worth checking out even if you aren't interested in becoming certified)
The Honeynet Project - White Papers. See the rest of the site for lots of good information. This site is very much worth acquainting yourself with.
SecurityFocus - major security website with tons of articles and security mailing lists worth checking out, including the famous BugTraq mailing list, for all skill levels.
The CISSP and SSCP Open Study Guides website - Free resources for these security certifications
SANS Institute - Computer security education and information security training
Information System Audit and Control Association - CISA and CISM certifications
The Open CSO Project - "The ultimate resource for aspiring security professionals"
Spyware free downloads:
Snapfiles
Softpedia
MajorGeeks
Download.com
Kool Lite Tools - Best freeware site on the web
NoNags - freeware without nag screens
Last Freeware - last freeware versions of freeware that later became shareware
Discount software (reliable sources) :
NewEgg (BOClean $25, Acronis True Image $33, SpySweeper $20, more, subject to change)
Software Shop at Calander of Updates (many programs 5%-20%)
F-Secure anti-virus 6 months free and/or 50% off
http://www.f-secure.com/protectyourpc/
FREE eTrust AntiVirus and PestPatrol, courtesy PCFormat Magazine (http://www.pcformat.co.uk/)
http://www.excid.com/futurenet/download/
FREE Panda AntiVirus
http://www.pandasecurity.com/survey/
I n f e c t i o n
R e p a i r . T o o l s
Blackspear's General Cleaning Instructions (virus & trojan removal) at Wilders Secuirty Forums.
For additional help by volunteer experts, visit the link to A.S.A.P in the "Links" section above.
Also see links above for free on-demand virus & trojan scanners, and CWShredder
McAfee Stinger (removes the ~50 most common malware infections) (free)
http://vil.nai.com/vil/stinger/
a-squared Hijack-Free (included in a-squared) (free)
http://www.hijackfree.com/en/
ADSSpy, Hijack This! (free)
http://www.merijn.org
SpyHolesList (free analysis by developer) (free)
http://www.greatis.com/security/spyholeslist.htm
Pocket Killbox (free)
http://www.bleepingcomputer.com/files/killbox.php
ProcX (free)
http://www.ghostsecurity.com/
XP TCP/IP Repair (free)
http://www.xp-smoker.com/freeware.html
IEFix (free)
http://windowsxp.mvps.org/IEFIX.htm
Infiltration Recovery Tool (free)
www.excessive-software.eu.tt
Advanced Process Termination, Advanced Process Manipulation, more (free)
http://www.diamondcs.com.au/
Remove Toolbar Buddy, Remove Startup Programs Buddy, Remove about:Blank Buddy (free)
http://www.scosoft.com/
about:buster (free)
http://www.malwarebytes.biz/
Should you find that you are infected with a remote access trojan (RAT), backdoor, keylogger, or rootkit, it is very highly recommended that you reformat your computer, after disinfecting, to ensure all traces are removed. Any detections of these types of malware should be verified by the vendor of the program that detected them to ensure that it is indeed what it detected it as, and not a harmless file mis-identified by the scanner. If it is, you will also need to change all account numbers and passwords, and contact the program vendor for further advice. Treat these kinds of infections as if you came home to find that someone had broken into your house and stolen your computer and all personal documents. Take no chances with this type of infection.
Easy Cleaner (history & temp file cleaner, much like jv16 PowerTools) (free)
http://personal.inet.fi/business/toniarts/ecleane.htm
Index.dat Suite (index.dat viewer & cleaner) (free)
http://support.it-mate.co.uk/
KeePass (secure password manager) (free)
http://keepass.sourceforge.net/
IE Privacy Keeper (automatic history cleaner, also works with Firefox) (free)
http://browsertools.net/IE-Privacy-Keeper/
S y s t e m . T o o l s
& . O t h e r . S o f t w a r e
Moox Firefox builds - optimized for security & performance (free)
http://www.moox.ws/tech/mozilla/firefox.htm
SysInternals tools (many quality system tools, also RootkitRevealer) (free)
http://www.sysinternals.com/
Acronis True Image (drive imaging)
http://www.acronis.com
RegSupreme / RegSupreme Pro (registry cleaners)
http://www.macecraft.com/
Process Info (find out what those processes in task manager are) (free)
http://www.gomiller.com/
PocoMail (email client with many security options)
http://www.pocosystems.com/
Mozilla Thunderbird (email client)
http://www.mozilla.org/
Erunt and NTRegOpt (registry backup and defragmenter) (free)
http://www.larshederer.homepage.t-online.de/erunt/
PC Inspector File Recovery (recover deleted files) (free)
http://www.pcinspector.de/file_recovery/uk/welcome.htm
ZipGenius (archive program, like WinZip, with security & privacy options) (free)
http://www.zipgenius.it/
KeyNote (notes program with encryption) (free)
http://www.tranglos.com/free/index.html
ProcessTamer (lowers priority of processes using high CPU)
http://www.donationcoder.com/
mst IsUsedBy (shows you what process is currently using a file you may be trying to delete)
http://mstsoftware.com/
O n l i n e . S c a n s . & . T e s t s
Fred Langa wrote an article "Good And Bad Online Security Check-Ups" that you should read first.
Jotti's Malware Scan - online virus scan by 13+ scanners, scans one file at a time
BitDefender online virus scan
F-Secure online virus scan
TrendMicro online virus scan (also free spyware tool downloads)
Panda Antivirus online virus scan
Norton online virus scan
Reliable AntiVirus (RAV) online virus scan
AhnLab online virus scan
McAfee online virus scan
Kaspersky online virus scan (currently beta, requires registration)
WindowsSecurity.com online trojan scan (uses a-squared)
Sygate online trojan scan (scans for open trojan ports, not files)
PestPatrol online spyware scan (click the "Are there spies on your computer?" graphic)
SpywareGuide online spyware scan (uses X-Cleaner)
ZoneLabs online spyware scan (uses Anonymizer)
Tenebril online spyware scan
ScanIt Browser Security Test - Probably the quickest and easiest test to run.
GFI Email Security Test
PCFlank - Firewall, trojan, and browser/privacy tests
PCPitstop - Variety of online scans, including virus, malware, and full system health check-ups
Audit My Pc - Firewall, spyware, privacy, pop-up, and patch managment tests
GRC Shields Up! - Online firewall test
a-squared - Firewall, security, exploit, and browser checks. Very lengthy.
Compendum of Browser exploit tests (thread at Wilders Security Forums)
L i n k s
Eric Howes (malware expert) has a website similar to the page you are looking at now.
(my page hopes only to compliment his and other sites around the web, not mimic or replace it.)
https://netfiles.uiuc.edu/ehowes/www/
Spyware Warrior - Home of the "Rogue/Suspect Anti-Spyware Products & Websites" & tons of other info on the war against spyware (by Eric Howes and Suzi)
SpywareGuide - Another good site for spyware info
A.S.A.P - Find a website for assistance with removing malware by volunteer experts
Microsoft MVP's - Most Valuable Professionals in the area of security. Most of these folks have great webpages with excellent tips/guides for securing and/or disinfecting your computer, some even have their own freeware for download. Very much worth looking through.
Wilders Security Forums - By Microsoft MVP Paul Wilders
CastleCops - Security forums, resources (including Windows startup, LSP, and CLSID lookup), software reviews, news, and more
CounterExploitation (cexx.org)- Privacy resource
VersionTracker - Stay up to date with virtually all your software)
Tech Support Alert - Excellent source of software recommendations & reviews (security & otherwise)
Windows starup online repository - List of files commonly found in the Windows startup, what they do, and if they're needed, useless, or harmful.
VMyths - "The truth about computer security hysteria" - a must read for anyone interested in security
TechWeb - Security and Privacy news & articles
Infosyssec - Security news
Security Pipeline - More news
ComputerWorld - Major computer/IT site, this link goes directly to their security section
IT Observer - Network security portal
SANS Top 20 Internet Security Vulnerabilites
Secunia - stay up to date with software vulnerabilities
SecurityTracker - Similar to Secunia. Tends to get more advisories than Secunia, but not as well organized.
Hideaway.net - Security resources for all skill levels
CERT Coordination Center
In-depth reading:
(many of the certification sites have documents for free download that are worth checking out even if you aren't interested in becoming certified)
The Honeynet Project - White Papers. See the rest of the site for lots of good information. This site is very much worth acquainting yourself with.
SecurityFocus - major security website with tons of articles and security mailing lists worth checking out, including the famous BugTraq mailing list, for all skill levels.
The CISSP and SSCP Open Study Guides website - Free resources for these security certifications
SANS Institute - Computer security education and information security training
Information System Audit and Control Association - CISA and CISM certifications
The Open CSO Project - "The ultimate resource for aspiring security professionals"
Spyware free downloads:
Snapfiles
Softpedia
MajorGeeks
Download.com
Kool Lite Tools - Best freeware site on the web
NoNags - freeware without nag screens
Last Freeware - last freeware versions of freeware that later became shareware
Discount software (reliable sources) :
NewEgg (BOClean $25, Acronis True Image $33, SpySweeper $20, more, subject to change)
Software Shop at Calander of Updates (many programs 5%-20%)
F-Secure anti-virus 6 months free and/or 50% off
http://www.f-secure.com/protectyourpc/
FREE eTrust AntiVirus and PestPatrol, courtesy PCFormat Magazine (http://www.pcformat.co.uk/)
http://www.excid.com/futurenet/download/
0 comments
Post a Comment