Category Archives: Computer Safety

Avoiding and Removing Rogue Programs? Here’s how

If you frequently visit security discussion boards, you are sure familiar with Eric L. Howes’ – Rogue/Suspect Anti-Spyware Products & Web Sites.

We visit that webpage to keep ourself familiar or be aware on antispyware products that might give us more problem than a fix or protection. Eric is also listing the domain names of the offending antispyware programs. In Calendar of Updates, we try to keep everyone inform by posting additions and delisted (if any) programs. Example: see the calendar entry few weeks ago.

Visiting the above webpage of Eric L. Howes will help to avoid installing a deceitful program or a suspect application.
How about removal of already installed Rogue Programs? Go here to find out how. Hey, there’s new utility called RogueRemover!

Why do you need anti-spyware software?

Spyware – also known as Adware or Parasite.  It is in installed in a system to secretly gather information about the user and relay it to advertisers or other interested parties.  Spyware is usually bundled in a software that are offered as free program or shareware and website service.


Security Issue – A spyware has all privileges of the user who installed it.  Spyware cause conflict with an operating system and applications.  It can slow down the system.  It can delete, read, write, download, install another software, change or edit users’ preferences.  Others can even format the hard-drive!


The above PC and security issue should convince any user already (whether you are a home or enterprise user) that an anti-spyware helps to prevent unwanted application to control or damage your systems.  If it does not convince you read on…


Why do you need anti-spyware software?


  • There is no 100% secure Operating System or browser (software in general) – if you visit security related sites or forums, you’ll learn that everyday (no holidays! no Sunday fun days) a security hole is being discovered and reported.  Most of this security holes can be exploited by many method and one of which is to bypass some security programs and even you’re security, program and operating system settings.  It was reported before so take the chance? 
  • Most freebies or goodies are too good to be true – Ever wonder what is the catch of installing a freeware?  Some program that is free to a user is truly free but not free from spyware.  The above definition of spyware are some of the catch.  Most of the spyware can’t be controlled by the user.  You say no already but it keeps showing or installing itself after you’ve removed it.
  • Anti-virus is not enough – not all anti-virus will prevent installation of spyware! A program that is bundled with spyware can’t be detected by your anti-virus program as “infected with spyware“.  Why? It is because the setup file is not infected.  When the user execute the exe file and agreed with those many license agreements or terms of use of the software during installation, you gave your permissions away in just a snap by allowing the said application to spy on you or gather your private data.  Persistent spyware application does not only spy on you but can caused instability with your programs or system

What others has to say..


  • Spyware is walking a thin line of being classified as a Trojan horse or back-door (link) and currently, the only defense against it is anti-spyware software. ~ SurferBeware
  • Despite its name, the term “spyware” doesn’t refer to something used by undercover operatives, but rather by the advertising industry. In fact, spyware is also known as “adware.” It refers to a category of software that, when installed on your computer, may send you pop-up ads, redirect your browser to certain web sites, or monitor the web sites that you visit. Some extreme, invasive versions of spyware may track exactly what keys you type. ~ US-CERT
  • Spyware has risen to the top of many computer users’ lists as one of the most vexing challenges they face today. Microsoft customers echo analysts, partners, government leaders, and consumer advocacy groups in identifying spyware as a serious problem for the entire PC industry. ~ Microsoft
  • A number of firms currently design and offer so-called “spyware” software — programs that monitor user activities, and transmit user information to remote servers and/or show targeted advertisements. As distinguished from the design model anticipated by whatis.com’s definition of adware (“any software application in which advertising banners are displayed while the program is running”), these spyware programs run continuously and show advertisements specifically responding to the web sites that users visit. Companies making programs in this latter category include Gator (recently renamed Claria), WhenU, and 180Solutions. Other spyware programs include keystroke recorders, screen capture programs, and numerous additional software systems that surreptitiously monitor and/or transmit users’ activities. ~ Benjamin Edelman

What anti-spyware program to use?


There are huge number of anti-spyware in the market.  Most of them are paid software while others are free for personal use with usage limitation.  You should visit Rogue/Suspect Anti-Spyware Products & Web Sites page which is maintained by Eric L. Howes to find which anti-spyware is safe to use which has links to anti-spyware communities.  Check Dozleng.com Internet Security & Others for lists of free anti-spyware.  Visit Microsoft’s website for more information about spyware and how to prevent it.


If you are in doubt whether the antispyware is safe or recommended to use, visit the security-related forums or message boards before installing the program.

How to protect your system or network from Zero-day attacks?

Zero-day or 0-day attacks is an incident in which a vulnerability was exploited in the wild before it is reported to the vendor or security community.  This means the vendor hasn’t identify the security hole.  Zero-day attacks arrives as a worm or virus. 


How to protect your system or network from Zero-day attacks?


  • Update your antivirus software – an up-to-date antivirus program can help to protect the system.  Any malware behavior that act like the known malware in its database will trigger the antivirus program to stop the malicious activity.  You can find free antivirus program here or check the special offers by antivirus vendors
  • Enable heuristic analysis of your antivirus program – enabling such option lets your antivirus program detect the similar behaviour of known malware.
  • Take advantage of beta definitions or signatures provided by the antivirus – this is helpful and useful for important scenario e.g. to combat a virus or malicious code outbreak, to provide a first-level quick response to virus attacks, to it use in emergency situations.
  • Enable your firewall protection – This will help to block any attacks or intrusion to your system or network.  You can find list of free firewall software here.
  • Patch your system – Visit the vendors’ site and install the supplied important patch or fixes for your system.  Visit Windows Update regularly or enable Automatic Updates.  If security patch isn’t available yet, check with the vendor for any advisory then read the suggestions by the vendor e.g. work-arounds.
  • Use the latest version of programs that are installed in your computer or system – Some users are too conservative.  Malwares are not conversative at all.  Malwares do not always use old style or old trick in hijacking, infecting, attacking and spreading.  Why you?  Using the latest version of the program that is supplied by the vendor is not just a recommendation but a must.  This will help in protecting your system for any known security hole which was discovered or reported.
  • Disable unnecessary or non-essential services – Review the services that is running in the background or loading.  If you do not need it, disable it. 
  • If File Sharing is enabled or needed, configure it securely
  • Do not run Administrator account if you do not have to.
  • Check for any open ports or run a vulnerabilty scan – It is often good to run a vulnerability scan.  It helps to measure the effectiveness of your security programs.  There are sites or company that offers free vulnerability or port scan.  You can find some of it here.  Microsoft offers Microsoft Baseline Security Analyzer (MBSA) and other security tools

The above are some method in preventing or protecting your system or network from 0-day attacks.  You can also install another tool that offer Zero-day real-time protection.  Some programs that offers 0-day protection are:


  • Attack Shield Worm Suppression (WS) – Sana Security has Attack Shield WS which offers protection from network worms
  • PrevX – PrevX offers free program (for Home use) that will protect your system in real-time.  They also offer PrevX for ISP and PrevX Enterprise
  • Qwik-Fix – PivX has Qwik-Fix Pro Home Edition, Qwik-Fix Pro Enterprise: Desktop Edition, Qwik-Fix Pro Enterprise: Server Edition and Qwik-Fix Pro Enterprise: Management Console – Included with Enterprise purchase which uses Active System Hardening to protect the system
  • QualysGuard –  Qualys solution to protect your system from worms and hackers and for third-party certification of network security.

 


 

What Browser to Use?

What is a Browser? A browser is a software that allow you to read and interact on the World Wide Web. Below are some of the browsers available:



Do you need more than one (1) browser?


It is not bad to install or use more than one browser.  You do not need to uninstall or remove the existing browser to make the other browser work.  You can configure your system on which browser will be your default browser.  You should only review the System Requirements of the software prior installing.


How to choose which browser to use?


  1. Verify that you are installing a browser that is created for your system. 
  2. Try the browser if you like its’ features and functions.  Not all browser has the same features or functions.
  3. Visit the vendors’ site to find out if the browser is being updated frequently to solve the bugs or security issue. 
  4. Visit the sites that you frequently visit to find out if the browser that you are using will show the site properly.

I’m concern on browser security.  Which browser is secure or safe to use?


There is no secure browser on earth.  Most browsers or software in general has its’ own security hole.  What you can do to have at least 90% secure browser are: 


  • Make sure that you will install the latest version
  • Be informed on security issue to find out if there are work-around or fixes
  • Configure the browsers’ security settings to the prompt you for anything or disable the feature if you are not using it. 
  • You should also install a security program that will alert you for any changes made in your browser or system.  Some of this program are:  SpywareGuard, SpywareBlaster, WinPatrol, BHODemon, Spybot Search & Destory.
  • Enable the real-time protection by your firewall and antivirus program

Happy Safe Computing!

How to stay clear from vulnerabilities?

Vulnerabilities or security holes is defined as any weakness that could be exploited to violate a system or the information that it contains

An example of a vulnerability exploit is Buffer Overrun in JPEG Processing (GDI+).  A problem that was detected in many products that uses gdiplus.dll. Another example is Vulnerability in WordPerfect Converter – if a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of the affected system. One more example is  AOL Instant Messenger aim:goaway URI Handler Buffer Overflow, that  can allow attackers to execute arbitrary code.  There are security holes in many products.  Popular and not widely used products can have security holes. 


Are you at risk?:  Depending on the vulnerability.  There are virus that exploits any vulnerabilities to spread rapidly to  infect many computers while some virus that exploit the security holes will automatically execute in a computer which can caused data loss or system instability.


How to stay clear from vulnerabilities or security holes? or how to protect your system and data against security holes?


  • Patch that.  Keep a patched system and programs.  Apply the available patches once an advisory has been released.  If patch or fix is not yet available, keep yourself informed on what is affected.  Use or apply the work-around provided until the patch or fixes is released.

  • Be informed.  Find out the severity, impact and where it is exploitable [remote (via network) or local (on the system or program)]. If no available work-around, use alternative product until the problem is fixed.  Subscribe to receive an e-mail on latest security information to keep yourself informed on the latest security advisory:

  • Shield it.  Keep an up-to-date antivirus and firewall programs that can block many malware that exploits the vulnerabilities and will block virus to get into any system via unprotected ports.  Make sure that your firewall and antivirus program will protect your system against any malicious intrusion and new threats (heuristic scanning is recommended to use) or add a security program that offer 0 day protection or new threats.

  • Lock down – Review your system and programs’ configuration. If possible, lock down the affected product.  If the product needs a connection before it can be use, use a firewall to block any communications made through affected software or limit the ports in use by the program.  Unneeded services should be disabled. Use strong password in all accounts.


  • Monitor – Use a port monitoring program that will allow you to view the status of your connections and learn what are ports running/listening and to whom it is connected. You can also view this information by running Netstat command in command prompt.

How to combat SPAM and phishing out from your mailbox?

SPAM – junk, unwanted e-mails that are sent in HTML e-mail message, embedded with images and pictures that secretly send information to the sender (the Spammer) to confirm that your e-mail address is active (this means more SPAM is coming on your way).  SPAM are sent to large number of people to promote a product or service without the recipients approval (subscription).


PHISHING – spoofed e-mail message that is designed to convince the recipient to reveal personal or financial datas such as credit card number, username, password, social security number and others that will let them hijacked your account and steal your money or identity.


How to combat SPAM and PHISHING out from your mailbox?


You need to know how to handle SPAM if you will receive one. 


  • Do not click on any link from any SPAM e-mail message that you will receive because doing this will confirm to the sender that your e-mail address is active
  • Do not unsubscribe or click on “Remove Me“.  Again, you will only confirm to the sender that your e-mail address is active
  • Ignore and delete it as soon as you receive one
  • Do not buy anything from any unwanted SPAM e-mail message
  • Do not forward chain e-mail

There are many method in fighting SPAM:


  • Create your own message rules using your favorite e-mail program.  Sample message rules that can be made in Outlook Express are:

    1. Create a mail rule to delete any message from the server that does not contain the character @ in the From line. 
    2. Create a mail rule to delete any message from the server that does not contain the character @ in the To line

If you will create any mail rule, make sure to configure the Options available.  Example:  Select “Message does not contain the people below”


  • Organize your contacts by adding them in your Address Book will let Outlook Express filter which HTML e-mail messages are allowed

Top 5 Reasons to install Windows XP Service Pack 2 (SP2)

Microsoft published Top 10 Reasons to Install Windows XP Service Pack 2 (SP2) which should convinced Windows XP users to install the latest Service Pack which is SP2.  Here’s my Top 5 reasons on why you as an XP user should upgrade to SP2:


1.  The Internet Explorer with Windows XP SP2 now offers security


  • Pop-up Blocker – you do not need 3rd party pop-up blocker, it is now built-in with Internet Explorer in Windows XP SP2.  You can configure which sites that you trust is allowed to show any pop-ups.  Select whether you want to hear a sound when it blocked a pop-up or just show the Information Bar that when a pop-up is blocked.  You can also filter between Low (allow pop-ups from secured sites), Medium (Block most automatic pop-ups) or High (Block all pop-ups).  I prefer using High filter because this will make sure that no pop-ups will ever pop! If a link will not open because of my aggressive preference, I will simply press Ctrl key while clicking on the link I want to view. 
  • Any harmful contents will not be installed anymore!- If a site attempts to download a program to your computer without your authorization, Internet Explorer in Windows XP SP2 uses the Information Bar to let you know. The Information Bar shows up to notify you, and then it disappears when you move on to another Web page.
  • Block downloads from specific publishers  – Some sites kept prompting us to install programs – also known as unwanted programs. Others are very aggressive that even if you selected No, the program will still be installed. Not anymore with Internet Explorer in Windows XP SP2 because a Security Warning will be shown to you which you can select whether to “Always run software from …“ or “Never run software from …“ and/or “Ask me every time“
  • You’re in control even with Internet Explorer Add-ons! – Add-ons are files that was downloaded while you are viewing a site.  It can be a game, toolbars or other programs that will be used while you are in their site.  Internet Explorer in Windows XP SP2 control it by disabling or enabling it via Add-on Manager

2.  The Outlook Express (widely used e-mail program and installed with Windows) now offers SPAM, privacy and attachment protection


  • Welcome HTML e-mail messages again  – Most SPAM messages are embedded with pictures and images that secretly send information to the sender (Spammer) so they can find out whether your e-mail address is valid and active.  Once they’ve confirmed that your e-mail address is active, more spam is on your way.  The work-around in previous versions of Outlook Express is to configure Outlook Express to show messages in plain text.  This work-around really works like a charm but what if your trusted friends or contact sent you an HTML e-mail message that you’ve been waiting? You will need to toggle between plain text and HTML?  Not anymore with Outlook Express in Windows XP SP2! Because Outlook Express SP2 will now block images automatically in messages from people who are not in your address book.  Isn’t that is cool? Unwanted e-mails from unknown senders will no longer received any information from you because anything that they will embed in their HTML e-mail message is blocked.  That is because they aren’t in your address book. 
  • Attachment Manager is your new friend  – New security technologies in Windows XP SP2 help to reduce the spread of viruses through e-mail. Now, Outlook Express calls upon the Attachment Manager to help you make smarter choices when you receive e-mail attachments.  Safe attachments like text files (.txt), graphics (.jpg and .gif) are available to you.  Unsafe attachments are blocked which means you will not be able to open it.  Example of unsafe attachments are screensavers (.scr), script files (.vbs) and executable files (.exe).  If an attachment is not recognized by Outlook Express or not determined if safe or unsafe, you will receive a security warning whether to open it or not.  More information on Attachment Manager here

3.  Windows Security Center will monitor your system whether you are protected or not


  • The Security Center lets you check the status of your essential security settings. You can also use it to find information about the latest virus or other security threat or to get customer support from Microsoft for a security-related issue.
  • If there is new virus ‘in the wild’ and your antivirus requires an update, the Security Center will alert you that you will need to update your antivirus to protect your system.  Note:  Not all antivirus and firewall are designed to report this information.  Check with the vendor if their antivirus or firewall is compatible with Security Center. 

4.  Dial-up users can now depend with Automatic Updates


  • Windows can make sure that you will receive important and critical updates on time or as soon as it is available for public.  That is if you will enable Automatic Updates.  If you choose not to enable it, you should manually visit Windows Update page to check whether an update is ready for you or simply visit Calendar of Updates   where all levels of users tracks and post software updates.
  • New technology has been added to help dial-up customers download updates more efficiently.

5.  Free Windows Firewall


  • If you’re running Windows XP Service Pack 2 (SP2), Windows Firewall is turned on by default. Note: You do not have to use Windows Firewall – you can install and run any firewall that you choose. Evaluate the features of other firewalls and then decide which firewall best meets your needs. If you choose to install and run another firewall, turn off Windows Firewall.
  • Windows firewall will help block computer viruses and worms from reaching your computer.  It will ask for your permission to block or unblock certain connection requests.  Create a record (a security log), if you want one, that records successful and unsuccessful attempts to connect to your computer. This can be useful as a troubleshooting tool.  If you have problems in using Windows Firewall, download the Troubleshooting Windows Firewall in Microsoft Windows XP Service Pack 2.  You can customize the setting of Windows Firewall either during or after installation.  Download the Using the Windows Firewall INF File in Microsoft Windows XP Service Pack 2

To find out whether your application is compatible with Windows XP SP2 download the Application Compatibility Testing and Mitigation Guide for Windows XP Service Pack 2


Order free Windows XP SP2 now! Microsoft encourages you to share XP SP2 CD with your friend or family that are using Windows XP to help them protect their system and take advantage of the above security enhancements in Windows XP.