Tweet
i didnt see a forum or thread here on retouch that is dedicated to computer/software security, so i thought i'd start one.
10 years ago, computer security meant getting norton anti-virus and running it every once in a while. today, all that has changed. any more, you shld be running a suite of programs to protect your computer. this is partially due to the gaping holes microsoft left in the operating system and accomanying software and partially due to a proliferation in virus and malware makers. it was estimated not too long ago that there are now over 60,000 viruses for computers. and that's just the viruses. there are many forms of malware. malware is just a catch-all name that means any piece of software designed to do something to your computer that you dont want done. this can include viruses, trojans, worms, spyware, hijack-ware, spam, active attack viruses (like the blaster worm), key-loggers, call homes (a form of spyware), riders, pop-ups, and quite possibly some others i'm forgetting.
the first best step in protection is education. learn what's out there and how to prevent it.
viruses: this is probably the largest class of malicious programs. for my purposes here, i also include worms and trojans in this class. all of these are designed to something destructive to your computer, or, at the very least, something you dont want to happen. they can, if unprotected, wipe your harddrive, render your operating system inoperable, steal data from your machine, enable others to access the entire contents of your machine and other malicious actions.
virus protection: norton anti-virus, trend micros online checker, AVG anti-virus, mcaffee anti-virus and others. if you're online, or get downloads of any kind, you NEED an anti-virus program and preferably one that does active checking of incoming files, including your email program, and preferably one that also checks any outgoing files so that you arent also infecting others.
hijackers: hijackers are a class of programs that usually target your browser, and most specifically, internet explorer. these can include those which alter your home page, alter which search engine you use, alter your browser options settings in any way, render parts or all of your browser inoperable, add .dll's to your system, or rewrite existing .dll's, usually adding a 'check and write' program to it.
hijack prevention: the best program to catch this class of program is 'Hijackthis'. this program was written specifically to catch hijacks. it searches your registry concerning the browser and lists all applicable apps or add-ons running in the browser and offers a way to remove them without destroying the browser. you do want to be careful with this one; you can remove things you dont want to, so study the docs and any online helps you can before using it.
spyware: spyware is another class of program that can infect your system. generally speaking, spyware doesnt want to alert you that it's there. it doesnt want to destroy your system; it wants to send information about your system to someone else without you knowing about it. common uses are to gain credit card numbers, bank account numbers, personal information, email addresses for email advertising and anything else which the originator deems valuable.
spyware prevention: ad-aware and spybot search and destroy are both excellent spyware removers. you shld prolly have both, as one may catch one type and the other another type. run them often.
riders: riders are a class of program that are attached to another piece of software that you do want. you download the program you want and install it and suddenly you have another piece of software on your machine that you didnt know about and dont want. the 'rider' is sometimes malicious, sometimes spyware, and sometimes just fairly innocuous. these are classed as malware because they are almost always done surreptiously. you want A and you get A and B without you knowing you're getting B.
rider prevention: i use a small program called Win Patrol to find and kill riders. i dont know of any others currently. Win Patrol starts up when i boot up the machine and i almost never turn it off. almost anything i install on my machine, win patrol will notice and ask me if it's ok to install. this can be a bit annoying, but it's also saved me from untold troubles. i've had several riders found by win patrol. it will also handle cookies. i dont allow many cookies on my machine. i consider them a sort of spyware almost. win patrol will notice any new cookie i do allow and ask me if i want to keep it or not.
active port/ip scans: if you're on the internet, there are attempts going on to scan your machine and what ports are open on it and if you're vulnerable to an attack. the blaster worm was the first of a class of ACTIVE attack viruses and was VERY widespread. nobody even knew these were possible. it was always thought that to get a virus you had to download something, even if it was only an e-mail. the blaster worm changed all that. all you had to do to get infected by the blaster was to be online and have no firewall or router and you could be infected. port scans are also an active attack. or rather, they are a check to see if you are vulnerable to attack. a person can scan your internet address to see if anyone if there and if so, if they have any ports open and if so, can they get into your machine via those. these can result in very destructive results.
active port/ip scan prevention: this one is simple. get a firewall or a router! and if you have one, turn it on! a firewall blocks other originated incoming traffic unless you allow it. when you browse, you are asking for the content on a site. you originate it. a port scan is originated by someone else. a firewall blocks the latter. it can even hide you from anyone even seeing that you are online. a router does the same thing. if you have windows XP then you have a firewall. if it's not on, turn it on! if you have windows xp service pack 2, then you have an even better firewall. personally, i dont use microsofts firewalls. i use zone alarm. they have a free basic firewall which is really quite good. they also have a pro version. there are others out there also which are reported to be quite good. get one and use it.
there is a lot more that can be said on the subject, but that's some of the basics. i hope that others add to this thread and correct any mistakes i've made and also that folks will post some links to some of the prgrams i've mentioned and to the ones that they use also. be safe, folks
Craig
10 years ago, computer security meant getting norton anti-virus and running it every once in a while. today, all that has changed. any more, you shld be running a suite of programs to protect your computer. this is partially due to the gaping holes microsoft left in the operating system and accomanying software and partially due to a proliferation in virus and malware makers. it was estimated not too long ago that there are now over 60,000 viruses for computers. and that's just the viruses. there are many forms of malware. malware is just a catch-all name that means any piece of software designed to do something to your computer that you dont want done. this can include viruses, trojans, worms, spyware, hijack-ware, spam, active attack viruses (like the blaster worm), key-loggers, call homes (a form of spyware), riders, pop-ups, and quite possibly some others i'm forgetting.
the first best step in protection is education. learn what's out there and how to prevent it.
viruses: this is probably the largest class of malicious programs. for my purposes here, i also include worms and trojans in this class. all of these are designed to something destructive to your computer, or, at the very least, something you dont want to happen. they can, if unprotected, wipe your harddrive, render your operating system inoperable, steal data from your machine, enable others to access the entire contents of your machine and other malicious actions.
virus protection: norton anti-virus, trend micros online checker, AVG anti-virus, mcaffee anti-virus and others. if you're online, or get downloads of any kind, you NEED an anti-virus program and preferably one that does active checking of incoming files, including your email program, and preferably one that also checks any outgoing files so that you arent also infecting others.
hijackers: hijackers are a class of programs that usually target your browser, and most specifically, internet explorer. these can include those which alter your home page, alter which search engine you use, alter your browser options settings in any way, render parts or all of your browser inoperable, add .dll's to your system, or rewrite existing .dll's, usually adding a 'check and write' program to it.
hijack prevention: the best program to catch this class of program is 'Hijackthis'. this program was written specifically to catch hijacks. it searches your registry concerning the browser and lists all applicable apps or add-ons running in the browser and offers a way to remove them without destroying the browser. you do want to be careful with this one; you can remove things you dont want to, so study the docs and any online helps you can before using it.
spyware: spyware is another class of program that can infect your system. generally speaking, spyware doesnt want to alert you that it's there. it doesnt want to destroy your system; it wants to send information about your system to someone else without you knowing about it. common uses are to gain credit card numbers, bank account numbers, personal information, email addresses for email advertising and anything else which the originator deems valuable.
spyware prevention: ad-aware and spybot search and destroy are both excellent spyware removers. you shld prolly have both, as one may catch one type and the other another type. run them often.
riders: riders are a class of program that are attached to another piece of software that you do want. you download the program you want and install it and suddenly you have another piece of software on your machine that you didnt know about and dont want. the 'rider' is sometimes malicious, sometimes spyware, and sometimes just fairly innocuous. these are classed as malware because they are almost always done surreptiously. you want A and you get A and B without you knowing you're getting B.
rider prevention: i use a small program called Win Patrol to find and kill riders. i dont know of any others currently. Win Patrol starts up when i boot up the machine and i almost never turn it off. almost anything i install on my machine, win patrol will notice and ask me if it's ok to install. this can be a bit annoying, but it's also saved me from untold troubles. i've had several riders found by win patrol. it will also handle cookies. i dont allow many cookies on my machine. i consider them a sort of spyware almost. win patrol will notice any new cookie i do allow and ask me if i want to keep it or not.
active port/ip scans: if you're on the internet, there are attempts going on to scan your machine and what ports are open on it and if you're vulnerable to an attack. the blaster worm was the first of a class of ACTIVE attack viruses and was VERY widespread. nobody even knew these were possible. it was always thought that to get a virus you had to download something, even if it was only an e-mail. the blaster worm changed all that. all you had to do to get infected by the blaster was to be online and have no firewall or router and you could be infected. port scans are also an active attack. or rather, they are a check to see if you are vulnerable to attack. a person can scan your internet address to see if anyone if there and if so, if they have any ports open and if so, can they get into your machine via those. these can result in very destructive results.
active port/ip scan prevention: this one is simple. get a firewall or a router! and if you have one, turn it on! a firewall blocks other originated incoming traffic unless you allow it. when you browse, you are asking for the content on a site. you originate it. a port scan is originated by someone else. a firewall blocks the latter. it can even hide you from anyone even seeing that you are online. a router does the same thing. if you have windows XP then you have a firewall. if it's not on, turn it on! if you have windows xp service pack 2, then you have an even better firewall. personally, i dont use microsofts firewalls. i use zone alarm. they have a free basic firewall which is really quite good. they also have a pro version. there are others out there also which are reported to be quite good. get one and use it.
there is a lot more that can be said on the subject, but that's some of the basics. i hope that others add to this thread and correct any mistakes i've made and also that folks will post some links to some of the prgrams i've mentioned and to the ones that they use also. be safe, folks
Craig
Comment