Ivers Guide to keeping your system secure and safe.

Suspended
Joined
18 Oct 2002
Posts
2,655
Location
Back in blighty babeh
I do not like the idea of people or compainies gaterhing infomation about what I do online, or what files i have on my pc. At the end of the day its none of their god damn business. The fact they will then use my bandwidth to collect this information just adds insult to injury!.
On another note I do not want script kiddies gaining access to it either. Im sure some of you feel the same way so im going to list a few ways you can keep your pc exactly that....... a Personal Computer.


Windows
Keep Windows updated via Windows update! This is one of the most important steps in this article to keep your system secure.
There is also a number of suspect services in XP, as well as known ones that report back to Microsoft about what your upto. First port of call is XP Antispy . This free program disables a lot of nonsence that you certinally dont benifit from via a tick list that you have full control over. Each option is fully explained & reversible. Next go through BlackViper list of services (A great list that the chap explains very well so even the biggest n00b will understand) and disable ones you dont need. At the very least this will free up resources...... win win situation:)


Internet browser
More and more browser exploits are being discovered and abused at an ever increasing rate.
I've seen posts on this very forum praising other browsers and even tried a few, but always ended up going back to IE. That was untill I discovered Mozilla firefox
Faster, more customizable and safer.
As a side note Microsoft has vastly improved IE since the release of SP2 in my opinion & with firefox enjoying huge popularity it is now a bigger target than before.


Firewall
Get your self a firewall damnit! This will block unauthorised access to and from your PC. The most popular software firewalls at the moment are (and with good reason) Sygate & Windows XP SP2 built in

With windows vunrabilities being found and exploited all the time like the recent Remote Procedure Call hole that msblaster took advantage of.. In my opinion you would be mentally unsound to not use some sort of firewall.
If you are new to software firewalls dont be alarmed if you notice a few alerts per day..... theres lots of port scanning and simular going on all the time, your firewall will alert you of this. Alerts of this nature are not necessarly someone trying to hack your PC, and can usually be toned down or turned off so you dont see them.

I would personally reccommend Sygate persional firewall after trying many software firewalls. Windows SP2 firewall is also very good.


Anti Virus
A Trojan Horse virus is like giving an evil script kiddie your mouse. Not only will they be able to access files on your PC, they can use your PC to hack other peoples effectively covering their tracks. Get an AntiVirus package, keep them updated and run them regulary. This will stop trojans and a shed load of other nastys.
Some of the best Anti-Virus software:
NOD32 Excellent protection and very low resource usage.
Kaperspy Widely excepted as the best protection.
AVG Free!


Audio CD's
Yes Audio CD's!! Is nothing sacred these days!
Sony it has recently been revealed, has taken some rather extreme anti piracy measures in its latest Audio Cd's. They silently install a 'rootkit' via the Autoplay feature. (Rootkits hide files & Registry keys from view and security software. They are usually used by malware attempting to keep their existance hidden)
At no time are you asked or warned this software will be installed, and its incredibly difficult to remove it.
The rootkit also introduces several security holes into the system that could be exploited by others, such as hiding any executable file that starts with '$sys$'. This has huge implications, for example enabling game cheater's to go completely undetected by the likes of punk buster.
The scenario's for this piece of software (I could think of another word beginning with 'S' to use there!) to be misused are endless.
I for one will not be buying and Sony DRM protected disks. Shame on you Sony.

Temp files & general rubbish
Its a good idea to keep your computer clear of tempoary install files, old cookies & temp internet files etc... These can sometimes cause problems and pose a security risk. Most of all they just make a mess of things and are not needed.
You can use the windows built in app Disk Cleanup or a thrid party application like CCleaner . Crap Cleaner is a very good freeware proggie as it does pretty much everything in one hit, with the added bonus it cleans the very suspicious 'Index.dat' files. Index.dat files seem to do nothing but store your visited websites, the main worry being you can not delete or modify them yourself.
(You may need to download the Visual Basic Runtime files from microsoft to get this app working)


Cookies and Spyware
Just visiting a website can place a spyware cookie on your PC which will gather up infomation about you and report back to who ever. Installing shoddy software worsens the problem with other (usually nastier) spyware files and\or programs. This isnt nice for 3 reasons:

1) Mind your own business.
2) It will eat your bandwidth that you pay for!
3) You dont know what info they are taking, could be websites you browse upto personal infomation stored on your HDD, Who knows what they take.

Solution: download SpyBot. or MS Anti Spyware. These programs search for and kill spyware from cookies to .exe's.
The use of SpyBot and cleaning out your cookies\temp internet files\histroy regulary should keep you spyware free.
HiJack This Is another great Malware Identifier\remover.

File sharing software
Something related to the above point of spyware. Lots of popular p2p programs contain spyware, Kaaza for example is notorious for it.

Does my p2p program contain spyware?

Most people that use file sharing programs share illegal software, 'tis a fact. From .mp3's to gamez appz...........you get the idea. People have been prosicuited for sharing such files using programs like kazza etc... There are various agencies that can and do browse your shares, ranging from the FBI to music compinies. To stop this get Peerguardian 2 . Yet another free piece of software this one blocks the IP's of known Piracy related enforcement groups/Snoops from gaining access to your share while you use your p2p software.

Another side note. At the time of orginally typing this article, the RIAA (Recording Industry Association of America) were to my knoledge the only group seeking out and suing file sharers. Being the RIA*A* it was only Americans going to court, with the rest of us just getting nasty emails from our ISP's. Now the BPI (British Phonographic Industry) That up untill now remained in the background, has started following in the RIAA's footsteps taking action against us Brits. Be warned.


Update & Use Regulary
Keep windows updated regulary using Windows Update, this will make sure all the security exploits microsoft know about are fixed..... Its a microsoft product remember:p there will be lots.
Update Your anti virus and firewall regulary, to keep protected against an increasing amount of threats, same goes for SpyBot etc....

Theres no point in using such software if it isnt kept upto date and used regulary!!!!!!!!!!
 
oO sweet m8 nice one:cool: That list is over double the IP's of the one i posted and 4x the profiles, ill edit that to take the link you posted:)
 
With Peer Guardian I've always stayed away because when companies are scanning IP's to find suspect software what do you think they'd do if they found a machine actively declining the scans?

What will they think if they find a mini gold mine of warez? Personally i think most these companies are just having a snoop around, maybe if they find a particulary large hord of illegal software they may report it. I dont think they are serious about it enough to create a list of non acessable machines to try later, After all they must gather infomation from millions of people around the globe, i doubt they even process most of it. I would have thought a non-static IP would foil their plans anyway unless they are very serious about looking at what you have in which case peerguardian isnt going to help anyway.

is the methlabs site down?
Seems to be =/

it seems adaware is become very bloaty now
yea i agree, #6 is bloated, SpyBot is the daddy then gents?
 
Perhaps a quick comment saying that routers in NAT mode make an excellent hardware firewall.

Originally posted by technomage (in another threed)
I also have a router, I use NAT, I don't reply on NAT for virus or firewall protection. NAT (Network Address Translation) was not primarily designed to act as a firewall it was designed to conserve the very much used and not large enough IPv4.
It was designed so that computers or networks can connect to the internet without the need of a public IP address, this conserves the IPv4 IP addresses because home users and offices alike can use a private IP and there is then only need for one public unique IP address. I don't think I will go into how this works, to long...

NAT used with other measures by your ISP allow the internet to stay alive, without it you and me would probably find it hard to be able to connect to the internet. This is why IPv6 is coming, and its also the reason why you should not rely on NAT for firewall protection.
Think of it this way, you can buy a router that uses NAT (it would be pretty silly for a router not to be able to do this), and some also come with firewall measures built in, they would not use a firewall if NAT was enough.

Port forwarding or PAT (Port Address Translation) is meant as part of addeded security if you use filters also, it also helps direct certain traffic to certain ports for the likes of servers. This also should not be relied on as your sole security.

N.A.T does not protect against the likes of Trojans or Worms, although a Virus can be very destructive Trojans and/or Worms are more of a threat i.e. Identity Theft, Computer Misue and Abuse.

My recomendation is to use a software or hardware firewall WHENEVER you connect to an unsecured medium i.e. Internet, Wireless network etc

Like HEADRAT said, CODE RED works if there are intranet/extranet services running on your sysytem, CODE RED then exploits the IIS services into doing its damage. This is another reason why you should always make sure that there are no unrequired services running to exploit. The likes NIMDA worked in a different way and could be spread simply by having shares and a network connection, it could also be spread by simply remote viewing an infected machine, you don't need to download a file or anything to become infected, this is why NIMDA was such a BIG thing because you HAD to effectively shut you network down to destroy it. N.A.T does not protect you from this.

From what i can gather NAT only refuses incomming IP's, it will not stop out going nastys like trojans etc... So i would still reccommend some sort of firewall as well:)

Also, as two people have suggested, make sure you put a link to GRC and the very informative Shields Up page in your firewall section.
I was under the impression GRC was the laughing stock of the internet security world:eek:, www.grcsucks.com Exellent idea tho so as an alternative Norton have a simular web based security check located here: (hope it works) Security check

:)
 
Do u guys get similar?

Sure do matey, all depends on what you download\upload of course.
Lets say for example you was very naughty and downloaded pirates of the caribbean when it was first released. There was lots of anti piracy people monitoring the torrents for that and quite a few people got a nasty letter from their ISP.
Your much less likely to be monitored if downloading some obscure or old stuff. Saying this If you stay in a hub or simular in a program like DC++ for long enough you will be scanned as a matter of course regardless of what you are doing.

Also some of what peerguardian rejects isnt as scary as it seems, for example 'double click' cookies and fake files on kazza. Throw all these in the pot and add a shed load of multiples and its scaryier than it looks.
 
Originally posted by cky2k
another top tip to keep your pc secure, send me a cd with all your passwords on it by accident, like Iver did :D

-have you got a new msn now buddy?.

Doh!:D

still the Iverocuk msn addy m8, I thought you had banned me aint seen ya for ages!:D:p
 
I could'nt suggest a firewall at mo, Ive been using SP2's and my routers NAT quite happilly since I gave up on sygate about 6 months ago.

I can tell you norton products are rubbish due to the huge amounts of bloat and system rescources they needlessly consume. Ive used system works and their personal firewall in the (recent & not so recent) past and never again.

Sygate has just been taken over by norton so expect that to go down the crapper soon.. if it hasnt already.

I would also be intrested in the latest and greatest software firewalls:) Ive never been thrilled with zone alarm btw.
 
Back
Top Bottom