Before I begin, allow me to share a few of my thoughts with you (This is simply my opinion and nothing more...)
1 - There is no such thing as a secure OS (operating system), or web browser. If you want true security (read something like this somewhere at some time); disconnect your network card, turn off/unplug your computer, take out the hard drive and smash it to bits, take computer to a construction site and ask the bulldozer operator to run over it.
2 - In the real world, Windows operating systems are less secure than the newest versions of Linux (distro) and Mac OS X. We'll leave the argument over why that is and the advantages of one OS over another to internet forums/discussion boards.
3 - A fully patched Windows XP and to a lesser degree Windows 2000 are the only non-server Microsoft OS's that are even remotely secure. If you care about security you shouldn't be running any other Microsoft OS's. If you have machines on your home network that run anything less than a fully patched XP, 2k, Linux (distro), OS X then the security of any machine on your network is lessened.
To give you a feel for how dangerous some of these threats can be, let us talk about port scans. A "port" is the doorway by which computers communicate with each other. A "port scan" often takes place with the use of programs called "port scanners". Crackers use port scanners to identify open ports on your system. Once an open port is found they attempt to enter your system to collect data or place malicious programs on it. Scary, isn't it? But, is this threat real or imagined? DShield.org tracks port scans in real time. Reports on attempted port scans from participating companies and individuals are sent to DShield on a real time basis. At the time of writing, the number of reported entry attempts is averaging over 1.1 BILLION attempts per month. Remember that this only represents a small percentage of the actual number of port scan attacks, those that are reported by participants.
In fact, the current "survival time" (the average time for an unprotected system to be attacked and compromised) is only 27 minutes. This means that a newly installed unprotected operating system connecting to the Internet for the first time will, on average, be attacked within 27 minutes and compromised in some way. That further implies that there is insufficient time for a new system to connect to the Windows Update site and download the latest security and critical updates from Microsoft before the system is attacked and compromised. Yes, the Internet is a dangerous place for the unwary.
Let us describe another, far more subtle form of attack. Recently it was discovered that viruses, Trojans and other executable files could be embedded within a simple .jpg (picture) file. If an infected .jpg is downloaded by your browser or email client, the embedded executable could run and install a Trojan or virus. Microsoft, software and anti virus developers have been working hard to close this vulnerability.
Another, more recent and far more dangerous threat, is crackers' use of "rootkits", "dll injection" and "global hooks" to take over systems "invisibly". These threats are difficult to prevent, detect and almost impossible to remove once they have successfully been deployed on your system. Prevention is the best way to stop these threats, as removal tools are only now being developed to clean a system after infection from one of these new threats. Removal tools for this type of threat are in their early infancy, and cannot be relied upon to clean a system once it has been compromised. Once infected, the only way to dependably remove one of these threats is to either restore a backup known to be made prior infection, or to completely reformat all your hard drives and reinstall your operating system and hardware.
One cannot depend on others to protect your system and valuable data. It is our responsibility to make our systems as resistant as possible to these kinds of threats. That requires a combination of protections. At a minimum, we recommend the following protective measures be taken by all users who connect to the Internet for any purpose:
- Protect the gateway to your systems with a good hardware firewall/router with at least port blocking (stealthing is even better) and Stateful Packet Inspection ("SPI").
- Install a good software firewall on your system. At a minimum a good software firewall should have application control, i.e., the ability to set permissions for Internet access on a program-by-program basis.
- Install a good Anti-Virus package.
- Install a good Anti-Spyware package, or two or more, if they are compatible and handle spyware in different ways.
- Install protective software that prevents the execution of unknown software on your system, and requires user permission (at the administrative level) to install services and drivers, global hooks, and dll injections.
- Install Web Filtering Package.
Note, I strongly recommend that these protections should be in place before connecting to the Internet for the first time on newly installed operating systems.
Tools you need to protect yourself:
1. Security Tool (Microsoft Baseline Security Analyzer 2.0):
MBSA Is a software tool released by Microsoft to help analyze security problems in Microsoft products, namely, Windows, Windows components such as the IIS web server application, Microsoft SQL Server, and Microsoft Office. One example of an issue might be that permissions for one of the directories in the wwwroot folder of IIS could be set at too low a level, allowing unwanted modification of files from outsiders.
2. Browser ( FireFox):
Firefox includes many features designed to improve security. Key features include a sandbox security model, same origin policy, external protocol whitelisting, a phishing detector, and an option to clear all private data, such as browser history and cookies.
is open source software, and thus, its source code is visible to everyone. This allows anyone to review the code for security vulnerabilities, whether their intentions are good or malicious.
3. Anti-Spyware (Ad-Aware 2008 Free):
- Improved Threat Detection
- Spyware, Adware, Trojans & Hijackers
- Fraud Tools & Rogue Applications
- Password Stealers & Keyloggers
- Enhanced Rootkit removal system
- Faster Updates & Faster Scans
- Less Resource Usage for optimal computer performance
- Easy to Download, Install and Use
- Lavasoft ThreatWork submission tool
- Compatible with Windows Vista (32- and 64-bit)
4. Personal Firewall (ZoneAlarm Free):
ZoneAlarm Free Firewall blocks hackers from infiltrating your home PC by hiding your computer from unsolicited network traffic. By detecting and preventing intrusions, ZoneAlarm Free Firewall keeps your PC free from viruses that slow down performance, and spyware that steals your personal information, passwords, and financial data.
- Essential firewall protection
- Be invisible to others online
- New interface makes it even easier—smaller size keeps it light
5. Anti Virus (Mcafee/Symantec/Trend Micro)
This is critical. Virus and Trojan outbreaks are a daily occurrence, and statistics show that an unprotected system will become infected by a virus or Trojan in an average of 16 minutes. So spending decent amount of Rs 1500/- to protect your PC is not a big amount, after all you are getting the above said tools for free.
You can purchase Anti Virus software’s at local Software/IT Security vendors like MIEL e-Security Pvt Ltd
6. Web Filtering (K9 Web Protection Free):
Blue Coat® K9 Web Protection is a content filtering solution for your home computer. Its job is to provide you with a family-safe Internet experience, where YOU control the Internet content that enters your home. K9 Web Protection implements the same enterprise-class Web filtering technology used by Blue Coat's Fortune 500 customers around the world, wrapped in simple, friendly, and reliable software for your Windows 2000, Windows XP or Windows Vista computer.
Please leave your feedback.
No comments:
Post a Comment