Cookie policy

Flexible Broadband Services from Eclipse Internet - ISPA awarded: Best business broadband provider 2003

Enregistrée en France - N Gillam - Siret No: 788 771 824 00012
Internet Security - the basics...

Internet Storm Center Infocon Status

What will you lose today?

Identity? money? data? buisness? or all of them? Take these simple steps to secure your computer, data, identity & sensitive account details

On-line security requires the correct approach, not 'dont go to any dodgy web sites' a PC is easily compromised visiting a legitamate website with malicious scripts injected into it or from 'drive by' downloads for example. Installed malware may keylog your bank account details or send spam. Theres good online advice from sites like get safe on line . But Internet security is a very fast moving target where the correct discipline is vital. Recently a PC connected to the Internet was completely owned in 30 seconds demonstrating the vulnerability of Windows. The windows UAC in Vista & 7 gets turned off in frustration. New & advanced stealth techniques of infection are evolving, even featuring software to remove competing viruses and deploy silently with no sign of attack are constantly evolving.

Dont forget data security, regretably the last useless, ineffective government failed to protect the identity of 25 million people then failed to listen to a group of peers with some good ideas for dealing with e-crime. Labours heads firmly in the sand, failed to realise the consequences of their ill conceived folly, particually those associated with ID cards and worse still, medical records may pose. It is appalling, every few days a government laptop, with sensitive unencrypted data will be lost. Its easy to secure confidential data with TrueCrypt or Cypherix and keep your private information private, forever.

The steps below will significantly harden your defences & raise awareness to exploits:

1. Secure your web browser - avoid Internet Explorer - its the hackers best friend!

Most security problems Ive repaired are usually attributed to Internet Explorer, its lack of security via active X plug ins and other sloppy coding is legendary, so dump IE. There are much better web browsers. Whilst a completely secure web browser is difficult to achieve, it can be improved with the steps below.

  • First download and install the FireFox web browser & set as your default browser. FireFox is free, open source & much less vulnerable than Internet Explorer
  • A lot of attacks are via malicious scripts & to mprove FireFox security use the No Script add on, once installed this needs your permission before executing scripts in the browser.
  • Also add Ghostery to stop web site cookies tracking your browsing habits - & be surprised how many trackers there are!
  • Then consider QFX Keyscrambler to defeat trojan keyloggers, each keystroke with QFX is encrypted and the personal version is free
  • Add in Ad Block Plus to excludes a lot of annoying adverts you may find web sites load a bit quicker & saves Internet bandwidth
  • Add in the Do Not Track Plus there are a lot of companies using underhand methods to profile your web browsing - so heres how to stop them
  • Still think you have a problem, run this test from ESET world leaders in antivirus & security,
  • Terminally paranoid, visiting Russia, China or anywhere the gov't like to snoop - then run Fire Fox in its own 'sandbox' with Sandboxie this combat proven solution isolates your browser in its own sandbox - just like a Mac.

Beware & avoid browser toolbars - they are often poorly programmed with exploits, some even come with malware pre-installed - dont install them & remove them if you have.

2. Use the best anti virus & anti spyware software you can buy, note 'buy', freeware is better than nothing, paid versions perform better & development needs funding.

Only a fool would not deploy a first class antivirus software to protect their PC along with a good malware/spyware scanner. The free offerings just dont cut it anymore, so upgrade & get the best, we have tested, deploy & strongly recommend:

Keep your AV & spyware applications up to date - at least daily and renew your subscriptions when required.

Beware of scareware - These are rogue websites make you think you have a virus infection - its just presents an image but it looks real enough, it then appears to 'run' a fake AV scan & 'finds' other (false) viruses - also just an image, they then try and trick you into buying useless software that does nothing or installs a rel virus. The screen dumps all look very real. Theres a chance your credit card details may be stolen as well. Make sure you only run your vendors AV software or if you do an on-line scan its from a trusted source such as the ESET one.

3. Secure your E-mail

First control spam our Advanced mailboxes have an adjustable spam filter with white & black lists, we also find Mailwasher Pro installed at the client works very well as an additional layer.

Use a more secure e-mail client - Microsoft Outlook and Outlook Express are vulnerable to attack. Outlook Express is no longer supported and should be replaced. Use an open source email client such as Mozilla Thunderbird or The Bat.

Beware 'social engineering' - No, you did not win the Nigerian lottery or have a long lost relatives who wishes to transfer the sum of several million dollars to you! - BEWARE Email or messages similar to these:

  • Youve won an iPod/Laptop/anything else. Ask yourself, so how did I win it if I diddnt ener the competition?
  • A package is waiting from UPS/Fedex/Some other carrier. Ask yourself, how do UPS know my e-mail address?
  • Your account statement is enclosed. Ask yourself, does my bank normally do this?
  • Your airline flight tickets are enclosed. Ask yourself, have I really booked a flight online (or other service)?
  • Your computer has a virus - Ask yourself, is that dialogue my AV? beware of 'scareware' , check them out at SpyWare Warrior
  • Your account has expired - Ask yourself, really? A common fraud known as phishing - delete the mail, then empty trash.
  • An invitation to join facebook - or any other social network site may also carry an attchment with a virus
  • Today, we charged your credit card $695 USD. Ask yourself, Did I spend this? - contact your card service if in doubt

    They all have one thing in common, they want you to respond to something within the message - so dont ever respond. Delete the e-mail. It will usually have a .zip or .exe attachment containing a malicious script virus. Please delete these emails without a thought. Do not trust anything unless it is from someone you know or you may be expecting. Further more, do not respond to any email that appears to come from a bank - it will be a fraudulent - phishing email. Also, should your bank ever telephone you, it could be anyone. Hang up & call them back.

    If you receive an e-mail from a friend, warning about a new and dangerous virus attack, please verify it first, chances are it will be a hoax. Passing these messages on wastes other peoples time & if the message did have a virus, then you could infect your friends PC

    See http://hoax-slayer.com or the threat center at Sophos for further info

Please refrain from forwarding jokes it may be funny, but that dosnt justify forwarding it to your entire in-box. Please consider the consequences as you broadcast your address book to an e-mail which could be read the world over & addresses harvested by a spammer. Such messages can also contain malware or malicious scripts, the text 'scanned free from viruses' meaningless, if its been forwarded several times. The same applies to chain e-mails, just delete them. If anyone persistenlty sends you jokes & other rubbish, just send them this hopefully they will get the message.

Windows has a nasty vulnerablity in its file naming although I informed Microsoft some years ago, it seems yet to be addressed. By default, Windows hides the file extension, (.exe .bat .doc etc) a virus author can change the file name from document.doc to document.doc.exe . The last three letters are hidden from view, you think you have a .doc word document attachment but its a .exe executable. This has been successfully exploited several times. Microsoft play into the hands of malware & virus writers. Go to Windows Explorer, tools, Folder Options, View tab - in the list remove the tick from 'Hide extensions for known file types' & click OK. Emailed attachments will be shown with the correct extension & you have a chance of spotting a malformed file should you receive one.

4. Secure your Internet connection

Important areas to consider:

  • A router is much more secure than a USB modem - the Netgear DG834 or DGN2000 series has a SPi firewall as well as NAT translation,
  • For a professional/business solution, add an Arxceo Ally this stops any intrusion dead in its tracks.
  • The Windows XP 'firewall' allows outgoing traffic! - thats very stupid of Microsoft (again). We advise a better personal firewall than that supplied with Windows such as with ESET smart security package. Ideally you need something that will alert & block outgoing connections & be aware what was secure yesterday may not be tomorrow so test your security - Gibson research have tools to test your firewall & take action if required.
  • Wireless connection - if your wireless network uses WEP encryption its very easily broken in two or three minutes, making most BT home hubs an easy target! Secure your wireless with WPA-PSK2 and restrict access to known MAC addresses. Avoid using your wireless laptop for financial transactions ie bank account management on public networks.
  • DNS management with Open DNS this is a fast & secure DNS service. It prevents access to a lot of phishing & hostile web sites by blocking the DNS records. To use Open DNS servers, you just need to set your DNS server setting in your router to 208.67.222.222 & 208.67.220.220. For maximum effectiveness get a free account and configure your requirements, blocking sites you dont want - gambling, pharmacy etc. Open DNS is fast, completely brilliant & free.

Consider:

Consider security in layers, you need one software firewall, one antivirus program & one spyware scanner, pick the best, which makes ESET smart security a good choice if the rest is too daunting.

Consider strong encryption such as Cypherix or Vera Crypt to create vaults for securing sensitive information - if your computer is lost or stolen the data is useless - HMG please take note.

Peer file sharing - File sharing services blow gaping holes in your security, do not use insecure peer file sharing software, what you download may also be illegal copy write material, so get rid of them.

Windows automatic updates - Im really undecided on this one. Ive seen automatic updates do more damage than a virus! for example: servers that wont boot, computers that cannot connect to the Internet & so on. Of course Microsoft & other support sites will advise their use. Ultimately it depends how much you trust it to work every time, against the vulnerability of your system.

Use a hosts file - this hosts file in locate in your C:\windows\system32\drivers\etc directory helps prevent visiting rogue web sites.

Finally if you require a good solution that works, consider Apple Mac use the Fire Fox web browser with NoScript monitor outgoing traffic with Little Snitch & get Sophos antivirus for free!

The opinions expressed in this article are personal & acquired from over 25 years experience in various sectors of IT

A final thanks to Microsoft, your dreadful software, poor coding & lack of security has kept me very well employed & paid.

This information is provided freely with no liability for loss or damage what so ever