Tag Archives: anti-rootkit

Include safe computing in your list of New Years Resolutions

Bookmark This (opens in new window)

The New Year is a time of reflection, and traditionally a time to consider changing one’s habits.

Our reliance upon computers and networks has exceeded our means to safely use and control them. Every computer user has some responsibility to make sure that their computer and use of the Internet does not introduce unknown and unwanted risks. By following these recommendations you will greatly reduce your risk to fraud, identity theft, and other risks related to Internet usage.

1. Change your passwords. Use strong passwords, which cannot be easily guessed by others, even those who know you. Do not share your password with any other person. If needed, store your passwords in a protected vault such as Password Safe or KeePass. I recommend you not use an online vault for password storage: if their security is compromised, so are your passwords.

2. Scan for Viruses and other malware. Configure your anti-virus software to scan your entire computer at least weekly. Make sure that your anti-virus software is checking for updates at least once per day. Also scan your computer with one of several online virus scanners at least once per month.

Panda: http://www.pandasoftware.com (look for the ActiveScan link on the home page)

Symantec: http://security.symantec.com/default.asp?productid=symhome&langid=ie&venid=sym

Trend Micro: http://housecall.trendmicro.com/

Kaspersky: http://www.kaspersky.com/virusscanner

CA: http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

3. Block spam, and don’t open spam messages. The majority of spam (unwanted junk email) is related to fraud. Spam messages advertise fraudulent or misleading products, or lure you to websites that contain malware that will attempt to take over your computer (without your knowing it) and steal valuable information from you.

4. Get a firewall. If you use Windows, turn on the Windows Firewall. Ask your broadband service provider to upgrade your modem/router to one that contains a firewall (most newer modems / routers do have firewalls or other similar protection).

5. Remove spyware. Obtain a good anti-spyware program and use it to find and remove spyware from your computer.

6. Update your software. Obtain up-to-date copies of browsers and tools on your computer, as many older versions are no longer secure. This includes Firefox, Internet Explorer, Opera, Microsoft Office, OpenOffice, Java, and other programs.

7. Install security patches. If you are using Windows, turn on Automatic Updates, and configure it to automatically download and install security patches and updates.

8. Use separate accounts on shared computers. If more than one person uses your computer, set up separate accounts for each user. Make each user an ordinary user or power user, but never an administrator. Making each user an administrator makes the entire computer more vulnerable to malware (viruses, etc.).

9. Browse Safely. Change to Firefox and use the NoScript add-on. This is the only combination designed to block the new “clickjacking” vulnerability present in all other browsers. Also consider using Flashblock (works only with Firefox) if you want to control the use of Flash content in your browser.

10. Protect your wireless WiFi network. The old an still-common “WEP” protocol designed to encrypt your wireless traffic has been broken, and is no longer safe. Upgrade to WPA, even if it means buying a new wireless access point.

11. Back up your data. All kinds of bad things can happen, from mistakes to hardware failures. If you cannot afford to lose your data, then you need to copy it to a separate storage device. External hard drives and high capacity USB thumb drives cost well below US$100. You’ll be glad you did, sooner or later.

12. Encrypt your hard drive. Mostly important for laptop computers, but also important for desktop computers. The TrueCrypt tool is by far the most popular one available, and it’s free. If you don’t encrypt your data, then anyone who steals your computer can (and will) read all of your private data.

13. Check your credit reports. Fraud and identity theft can result in thieves opening new credit card and loan accounts in your name. They run up a balance and then never pay the bill, making that your problem instead. Consider a credit reporting service as well, which will alert you to inquiries and changes to your credit accounts, limits, and balances.

Annualcreditreport.com

Federal Trade Commission information on free credit reports

Equifax

Experian

Transunion

Recommended Tools:

Secunia Personal Software Inspector – free tool that examines your computer and alerts you to all of the unpatched and older versions of programs that need to be upgraded.

Password Safe – safe and secure storage of all of your Internet passwords. Also remembers userids and URLs.

NoScript – the only way to control third-party javascript and clickjacking. Works only with Firefox.

TrueCrypt – safe and free encryption of your PC’s hard drive.

Give the gift of safe Internet use this Christmas

Bookmark This (opens in new window)

Internet use can be far safer for most home computer users through the use of free tools and services that help protect computers from malicious code that can lead to identity theft and fraud. In this article:

  • Free anti-virus
  • Free online virus scan
  • Free DNS filtering
  • Free personal firewall
  • Free rootkit detection
  • Free anti-spyware
  • Free patch updates
  • Free file eraser
  • Free disk encryption
  • Free password storage
  • Free encrypted e-mail
  • Free credit check

All of the tools represent the best of the best – they are all popular and renounced for their quality and effectiveness. If you doubt any of these, google these topics yourself and see where these tools appear in your search results.

Note: I have been using many of these tools for years, and am very happy with them. Data security is my profession; I am paid to know this stuff. Happy Holidays!

Free Anti-Virus

Most users don’t need fee-based anti-virus programs like Norton or McAfee. Instead, consider using AVG anti-virus. It’s free, easy to install and use, and just as effective as the big boys.

AVG from Grisoft: www.grisoft.com (you’ll have to hunt around on their site to find the free version. Keep looking.)

Free Online Virus Scan

Not sure if your installed anti-virus program is finding all the viruses on your computer? Go to one or more of these sites to get a free online scan – like getting a second opinion on the health of your computer.

Panda: http://www.pandasoftware.com (look for the ActiveScan link on the home page)
Symantec: http://security.symantec.com/default.asp?productid=symhome&langid=ie&venid=sym
Trend Micro: http://housecall.trendmicro.com/
Kaspersky: http://www.kaspersky.com/virusscanner
CA: http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

Free DNS Filtering

By configuring your system (or home router) you can make sure that your system won’t be able to visit sites containing unsafe or undesired content.

OpenDNS: www.opendns.com
ScrubIT: www.scrubit.com

Free Personal Firewall

A firewall can block incoming threats like worms and bots that can otherwise harm your system and steal your data. Like the other tools on this page, these two products are both free. Firewalls require a little more knowledge, so you might want to find a power-user friend to help.

Zone Alarm: www.zonelabs.com
Comodo: www.personalfirewall.comodo.com

Free RootKit Detection

Rootkits are a new kind of malware (like viruses etc) that seek to evade detection from regular anti-virus programs. These are free and easy to install and use. More info here.

Panda Anti-Rootkit: www.pandasoftware.com
AVG Anti-Rootkit: www.grisoft.com
Sophos Anti-Rootkit: www.sophos.com
McAfee Rootkit Detective: www.mcafee.com

Free Anti-Spyware

Spyware, adware, and other unwanted software lurks in spam and on websites. Anti-virus stops some, but not all.

Spybot: www.safer-networking.org
Spyware Blaster: www.javacoolsoftware.com
Microsoft Defender: www.microsoft.com

Free software patches

Okay, software patches should be free, and free they are. It is very important to stay up to date with Windows and Office security patches. If you run Windows, get your patches straight from Microsoft. Unless you’re an IT pro, I recommend you set up Automatic Updates so that patches are installed automatically.

Microsoft update: update.microsoft.com (only works with Windows Internet Explorer)
Learn about automatic updates: www.microsoft.com

Free File Eraser

Did you know that “deleting” files on your Windows computer doesn’t really delete the information at all? It’s still there for any clever intruder to find – even after you empty your trash can. This free tool called Eraser safely *wipes* your deleted data so that it cannot be discovered. Read this tip.

Eraser: sourceforge.net/projects/eraser/

Free Disk Encryption

If your laptop (or desktop) computer is stolen, thieves are going to be able to steal all of the data on your hard drive. You can encrypt your hard drive, which will result in thieves being unable to access your data. Read this tip.

TrueCrypt: www.truecrypt.org

Free Password Storage

I have mentioned in the past that you need to be careful how and where you store your passwords. If you store them in your computer, intruders can find and exploit them by logging in to your websites. Please do not use your browser to store passwords! Instead, use one of these two free tools to securely store passwords. More info here.

Password Safe: passwordsafe.sourceforge.net
KeePass: sourceforge.net/projects/keepass/

Free Encrypted Email

If you are sometimes concerned that a third-party may be able to read your e-mail – you’re right and you’re not alone. Sending e-mail is like sending postcards through the mail: others can easily see what you are saying to your friends and colleagues. Hushmail safely encrypts e-mail with world-renowned PGP (and your power-user friends who use PGP can send and receive encrypted mail with you). Best of all, it’s free, like the other tools on this site.

Hushmail: hushmail.com

Free Credit Check

U.S. citizens can get free credit checks once per year. You can get them from all three credit reporting bureaus all at once, or do one every four months, picking a different bureau every time. By monitoring your credit, you are more likely to discover fraudulent use of your identity.

Annualcreditreport.com
Federal Trade Commission information on free credit reports
Equifax
Experian
Transunion

Learn more about computer security

Computer Viruses for Dummies – teaches all the basics, not just about viruses but online Internet use and many tips to stay safe online