Skip to content

*26-10-08* Security for your Personal Computer! 5/5

16-2-2005

Preventing Internet and Spyware Attacks

February 16, 2005 – by Ric Dörner

Latest Security Hazards HAZARDOUS SECURITY ALERT

Internet Storm Center Infocon Status

Hohes Risiko

The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.

Revised 26-10-08

~~~~~~~~~~~~~~~~~

Please Note… I have to open other sites in a new window, so please allow Pop-ups for this site. I do not know why some experience this problem but if you click on some thing and it does not show you another window, please allow pop ups for this site (deigratia.wordpress.com) ONLY.*OR* Use the roller button (middle of your mouse) to open it on your browser to open a NEW TAB 🙂

GBAr

Thank you for that cleaning first, this will assist you in what you really require and the stuff here are security programs this should ensure that the program functions the way it should. Also note these programs are being used from Win 98 to XP no problem but Ram is require best upgrade for your computer and not expensive. )

GBAr

SecuriTeam Page (Click Here!)

*********************************************************************

Blockierung selbst definierter Websites mit “HOSTS”

Schau mal die Siete wo steht;

Personal Security for your computer, Da steht es wie Hosts file sind auf Spybot, und auch MVP Hosts ist da oben von Spybot.

So are you sick of me sending you emails about things? Want to know more about security and the internet and your computer? Then link to this site. There are many good people here who have the knowledge, the know how to assist you, and there are many links and great posts here to help you with things that may concern you.

Calendar of Updates

And look at these sites…….by Nick Skrepetos SuperAdBlocker.com | SUPERAntiSpyware
http://www.superadblocker.com
http://www.SUPERAntiSpyware.com

Care to know what actually is running on your computer? can be done with Firefox also….. Click here!

Click here to find out what's running on YOUR computer!

  • Please Read STOP ? THINK ? CLICK7 Practises for Safer Computing, here:

  • http://onguardonline.gov/stopthinkclick.html

    These signs are created and served by danasoft.com’s webserver in real-time for each person that views them. Your IP address and other information are only visible to YOU, not to others, but because people see their own IP address and computer information displayed on a blog or in a public forum, they think that their information can be seen by everyone!

    Read the privacy policy for more details. Click Here!

    In case you want some information about how to harden and protect your webservers take a look at the information available in the SANS Reading Room. They have some of the best advice and give us some great ideas.
    SANS Reading Room Web Servers

    Though viruses and worms put the data in computers they infect at risk, an equally serious problem is that many infections continuously broadcast network requests or attempts to find other vulnerable computers. In this way, infections perpetuate themselves, and their collective broadcasts can result in the large-scale traffic that comprises Distributed Denial of Service (DDoS) attacks. Unfortunately many of the people whose computers are infected just don’t realize this problem.
    They may be casual computer users who don’t have anything “confidential” on their systems and therefore don’t see a need to protect it. They don’t realize that their systems can be co-opted to compromise the security of the internet at-large. If you are reading this, chances are you are familiar with issues pertaining to computer security.
    But what about your friends, neighbours and family? Is their anti-virus software up-to-date? Have they applied O.S. patches? Are they behind a firewall? Do they know enough not to click on unknown attachments or not to install dubious software?

    MyNetWatchMan users are encouraged to make an effort to ensure that their extended community is free of compromised systems and vulnerabilities.

    Suggested especially if you have ZoneAlarm and no router. Can be done for your router also but please do not ask me. Thanks ask them or take time to read his posts

    MyNetWatchMan

    Here is a very old example how quickly malware is on  the internet……
    ******************************************************************************************************

    Event Title:

    Today’s findings alone….

    Event Date: May 18, 2006

    *23:51 GMT*

    66,503 New Programs so far today

    updated every 10mins

    126 new device drivers

    63,640 new file names

    1,385 Malicious Programs first seen today

    7 new programs or Web Pages that access Mail address books

    2,093 new programs with multiple file names

    540 new screen savers

    45 new Windows sub folders

    4 new programs that violate physical memory

    1,099 new system components

    51 malware groups with new deviants

    12 new programs added to run keys by malicious code

    7 new SMTP mail programs

    21 new Browser Help Objects

    5 new programs that update the hostsfile

    132 new self replicating programs

    542 new Activex components

    43 new TCP Servers

    2 new programs modifying the Windows Restore Area

    681 new MSDos Programs

    12 new folders in System32

    179 new Keyloggers

    Are you sure your protected enough?

    This is one day of reporting, what will tomorrow bring?http://research.prevx.com/default.asp?d=0

    . . . . . . . . . . . . . .

    And now the latest……

    00:13 GMT

    901 New Programs so far today

    updated every 10mins

    148 new file names

    12 Malicious Programs first seen today

    3 new programs with multiple file names

    2 new screen savers

    4 malware groups with new deviants

    1 new Activex components

    2 new MSDos Programs

    R U protected!? Download and Scan your computer now with the Latest from this Security Company….

    Prevx

    Have a wonderful weekend all.

    Microsoft, which is at last joining the dubious Windows Client Protection business with its own antivirus solution, has been working hard to improve its own security credentials with a number of initiatives over the last year. Its Hotmail web email service is blocking 3.4 billion spam messages each day and has had two billion downloads of its malicious software removal tool in the last year, which tells us something about the overall size of the malicious software problem. General Security News

    Start with this Highly Recommended overview US-CERTSpyware PDF. document by Aaron Hackworth, “Spyware”,
    (You will need Adobe Reader or Foxit Reader FOXIT READER for this file.)

    Three basic security concepts important to information on the Internet are confidentiality, integrity, and availability. Concepts relating to the people who use that information are authentication, authorization, and non repudiation.
    When information is read or copied by someone not authorized to do so, the result is known as loss of confidentiality. For some types of information, confidentiality is a very important attribute. Examples include research data, medical and insurance records, new product specifications, and corporate investment strategies. In some locations, there may be a legal obligation to protect the privacy of individuals. This is particularly true for banks and loan companies; debt collectors; businesses that extend credit to their customers or issue credit cards; hospitals, doctors’ offices, and medical testing laboratories; individuals or agencies that offer services such as psychological counselling or drug treatment; and agencies that collect taxes.
    Information can be corrupted when it is available on an insecure network. When information is modified in unexpected ways, the result is known as loss of integrity. This means that unauthorized changes are made to information, whether by human error or intentional tampering. Integrity is particularly important for critical safety and financial data used for activities such as electronic funds transfers, air traffic control, and financial accounting.
    Information can be erased or become inaccessible, resulting in loss of availability. This means that people who are authorized to get information cannot get what they need.
    Availability is often the most important attribute in service-oriented businesses that depend on information (e.g., airline schedules and online inventory systems). Availability of the network itself is important to anyone whose business or education relies on a network connection. When a user cannot get access to the network or specific services provided on the network, they experience a denial of service.
    To make information available to those who need it and who can be trusted with it, organizations use authentication and authorization. Authentication is proving that a user is whom he or she claims to be. That proof may involve something the user knows (such as a password), something the user has (such as a “smart card”), or something about the user that proves the person’s identity (such as a fingerprint). Authorization is the act of determining whether a particular user (or computer system) has the right to carry out a certain activity, such as reading a file or running a program. Authentication and authorization go hand in hand. Users must be authenticated before carrying out the activity they are authorized to perform. Security is strong when the means of authentication cannot later be refuted – the user cannot later deny that he or she performed the activity. This is known as non repudiation.
    Why Care About Security?
    It is remarkably easy to gain unauthorized access to information in an insecure networked environment, and it is hard to catch the intruders. Even if users have nothing stored on their computer that they consider important, that computer can be a “weak link”, allowing unauthorized access to the organization’s systems and information.
    Seemingly innocuous information can expose a computer system to compromise. Information that intruders find useful includes which hardware and software are being used, system configuration, type of network connections, phone numbers, and access and authentication procedures. Security-related information can enable unauthorized individuals to get access to important files and programs, thus compromising the security of the system. Examples of important information are passwords, access control files and keys, personnel information, and encryption algorithms.

    Judging from CERT® Coordination Center (CERT/CC) data and the computer abuse reported in the media, no one on the Internet is immune.

    Those affected include banks and financial companies, insurance companies, brokerage houses, consultants, government contractors, government agencies, hospitals and medical laboratories, network service providers, utility companies, the textile business, universities, and wholesale and retail trades. The consequences of a break-in cover a broad range of possibilities: a minor loss of time in recovering from the problem, a decrease in productivity, a significant loss of money or staff-hours, a devastating loss of credibility or market opportunity, a business no longer able to compete, legal liability, and the loss of life.

    Learn About…

    Laptop Security

    I see the code has not worked well here sorry just click the above or just below to learn more…….

    Laptop Security

    Your laptop can help you work and keep in touch, no matter where you are. It’s convenient – but are you doing all you can to keep your laptop in your hands (and out of the hands of others)? Learn the steps you can take to help keep your laptop safe.
    Laptops have made our life much easier. We can now work when we want to, and where we want to – and do a better job. However, INFOSEC practitioners also suffer a bit due to that same advantage. Laptops are much more likely to leave company premises, and are relatively expensive and as such an interesting object for thieves. While the cost of a laptop fleet is significant to organizations, what we are most worried about is the data contained on them.

    There are several issues related to laptop security:

    * Physical protection of the device;
    * Maintaining control over the networks it connects to;
    * Preventing malicious code from being introduced in other settings than the “protected office”;
    * Preventing leakage of data despite the higher risk of theft.

    The risk posed to a laptop can also differ significantly based on location. For example, suppose you use full disk encryption. When you are logged in, such encryption is of little value. In the average American/European environment, we use full disk encryption as a means to guard the data on our device when it is ‘out of sight’. While we are watching the laptop, all data is relatively safe. Is this also valid for our oil executive travelling to Nigeria ?

    Avoid having any data at all on the endpoint. They are inherently prone to theft, and by enabling a connection to the home base and uploading work data there, one can maximally reduce risk of data theft on the endpoint. While this is not possible in all locations (try getting your oil exec a stable connection in areas around Port Harcourt, for example), the increasing availability of internet is making this more of a reality for many companies.

    * Always carry a cable and lock for your device;
    * When you don’t need wireless on a trip, (e.g. during a presentation), disable it. Also ensure that your wireless drivers/software is hardened so you won’t make unexpected connections. ( There is also wireless-specific security software available today to monitor the connections you make or connection attempts others make toward’s you. This may be overkill in some cases, but it’s interesting to know about them)
    * System hardening is important (disable autorun, you never know what untrusted material you may need to plug in to “get a presentation copy”. Also keep a thumb drive on you which you can write protect to hand things out, and another one they can write to so you can take it with you and use elsewhere after further scrutiny;
    * Do not walk through a metal detector until you see your laptop entering the X-Ray machine. Do make sure you don’t have anything on you that may delay you further while your machine moves ahead. Mention you want to keep your laptop in sight if this would happen.
    Your laptop can help you work and keep in touch, no matter where you are. It’s convenient – but are you doing all you can to keep your laptop in your hands (and out of the hands of others)? Learn the steps you can take to help keep your laptop safe.

    READ MORE

    Wireless Communications

    Any information travelling on airways could be at risk of being intercepted. As a safe practice, avoid transmitting or storing personal information in data or voice format over the following channels: cellular telephones, portable telephone handsets, unencrypted e-mails, unencrypted instant messaging, chatrooms, newsgroups, web pages and wireless network connections.

    In the past few years, Wireless Networks (Wi-Fi) convenience has gained a massive increase in popularity with consumers. New products with built-in Wi-Fi capability are appearing on the market. To avoid accidentally exposing your information: disconnect or disable your Wi-Fi card when not in use, limit your use of Wi-Fi to non-sensitive activities like surfing, disable the automatic hotspot search/logon feature, check your computer file sharing settings and use strong passwords. Before initiating a Wi-Fi session, use an invalid user ID and password combination. Do not use the connection if you are able to logon with invalid account information.

    A potential problem with wireless networks is called the “Evil Twin” or the “Wi-Phishing” scam. In this case, a legitimate hotspot is hijacked and the unsuspecting users are redirected to an illegitimate hotspot. As a result your information and files on your personal laptop or Wi-Fi device can be captured by the “Evil Twin”.

    Table 2: Wireless Networks (Wi-Fi) Tips

    Practice Tip
    Using an open or unsecured hotspot. All information that you are sending and receiving is transmitted as a radio signal and can be monitored by all and the owner of the hotspot. This includes your personal information contained in your browser settings.
    Using a secured access point or hotspot. Technically, the administrator of the hotspot will be able to monitor your information but others will not. WEP is recognized as the weaker protocol, use WPA as it is more secure.
    Using a secured session (https:// online banking or eCommerce session for example) on a secured hotspot. It is always preferable to use a regular Internet connection for this purpose. If the hotspot is legitimate your information will be fully encrypted from your computer to the secured site.
    Use and Configuration of a household Wi-Fi router/device. Be aware that criminals may actively scan your neighborhood to gain entry to your network /computers.

    • Avoid purchasing bargain priced equipment.
    • Consider turning off or disconnecting this equipment when not in use, including routers .
    • Use a different SSID (service set identifier) than the provided default and do not broadcast it.
    • Use a WPA encryption key with the maximum level available.
    • Switch your device to another channel than the default one.
    • Do not use default IP range or DHCP.
    • Consider MAC address filtering.

    —————————————————

    Well worth discussing.
    http://redtape.msnbc.com/2006/03/the_real_threat.html#posts
    Basically, bad folks can spoof the source of certain DNS queries and the result is a distributed, reflected, magnified denial of service due to certain responses being up to 64x larger than the query. Yikes.
    It’s a bit like an open SMTP relay, only these DNS servers are answering DNS queries for machines not on their local network. Something that I’d previously thought of as harmless (and indeed useful for redundancy!).
    ——————————————————–
    Microsoft may rush out a security update for Internet Explorer to fix a flaw that is now being exploited to attack Windows systems, security companies say.
    Computer code that demonstrates how a hacker can use the flaw to take over a PC was released onto the Net on Thursday. At least two such exploits were made public, and one has now been adapted to attack systems, Monty IJzerman, the manager of security content at McAfee, said on Friday.
    “This exploit code is being used in the wild in malware,” or malicious software, IJzerman said. “I expect other attacks to be prepared and to be out there over the next few days.”
    In a security advisory issued Thursday, Microsoft said it will address the vulnerability in a security update, but did not say when that patch would be delivered. Its next “Patch Tuesday” bundle of fixes is scheduled. On Friday, however, Microsoft indicated that a security patch might be released outside of the regular cycle.
    “It is on the table,” said Stephen Toulouse, a program manager in Microsoft’s Security Response Center. “Every time any kind of exploitation is going on, it is on the table.”
    The flaw is the third to hit Microsoft this week. It has to do with how Internet Explorer handles the “createTextRange()” tag in Web pages. A hacker could take advantage of it to gain control over a vulnerable PC by crafting a specially coded Web site, Microsoft said.
    McAfee found that a Web site is using the IE vulnerability to sneak malicious code onto vulnerable Windows PCs, IJzerman said. The company has updated its security software to protect against that code, which IJzerman could only describe as something related to spyware.
    Security companies Sunbelt Software and Websense have also reported seeing attacks out on the Internet.
    Symantec had not yet seen the attack on Friday, but said it expected to see them. “There is a lot of financial incentive to exploit this stuff and foist nasty, unwanted things onto people’s desktops without their consent,” Dave Cole, a director at Symantec Security Response, said.
    Typically, what gets installed on a PC using such flaws is adware, spyware or software that turns a PC into a zombie in a botnet used in other cyberattacks. An unpatched flaw is attractive to attackers, since people will not have received an update from Microsoft to protect their systems.
    The last time Microsoft issued a fix early was in January. Microsoft rushed out a fix for a serious vulnerability in the way Windows handled the Windows Meta File image format. That flaw was also being abused to attack Windows users.
    Meanwhile, Microsoft has offered a work-around for users to protect themselves. Disabling active scripting in the browser will prevent the attack, according to the Microsoft security advisory.
    The flaw affects fully patched versions of IE 6 and Microsoft Windows XP with Service Pack 2 as well as IE 7 Beta 2 Preview, according to security experts. Microsoft, however, in its advisory lists the IE7 browser as immune.
    *THE REMEDY!!* *THE REMEDY!!*
    A supercritical zero-day IE flaw has been released in to the wild by a reckless British company. There are no patches available as of 11/22/2005. Here is what you can do now to protect yourself. You must disable “Active Scripting” on all Windows computers running Internet Explorer 5.5 or 6.0 even if you have Windows XP SP2 installed.
    Open Internet Explorer and hit the “Tools” menu and click “Internet options”. Jump to the “Security” tab, highlight “Internet” and click “Custom Level”.
    This is what you would normally see if you scrolled down to “Scripting” section. This is NOT safe!
    Change it to “prompt” and click “OK”
    see the image here.

    Although this will protect you from malicious websites, it can break certain web pages. To avoid this in the future. you just need to make sure they’re listed under your “Trusted sites” group. To add a trusted site, highlight “Trusted sites” and then click the “Sites” button.
    To add a site, just type *.my_favourite_domain.com” and click “Add”.
    Close everything out and your home PC will protected against this new exploit.
    —————————————————-

  • StopBadware.org

  • http://www.stopbadware.org/
    launched in January by Harvard University’s Berkman Centre and the Oxford Internet Institute, is designed to put pressure on purveyors of ‘badware’ programs by ‘naming and shaming’ them. ‘Badware’, according to the organization’s site, is ‘malicious software that tracks your moves online and feeds that information back to shady marketing groups so that they can ambush you with targeted ads’. The project is supported by Google, Sun and Lenovo.
    StopBadware.org positions itself as ‘a “Neighbourhood Watch” campaign aimed at fighting barware.’ The project will ‘seek to provide reliable, objective information about downloadable applications in order to help consumers make better choices about what they download onto their computers.’ It also ‘aim[s] to become a central clearinghouse for research on badware and…[those] who spread it, and become a focal point for developing collaborative, community-minded approaches to stopping badware.
    Yesterday StopBadware.org issued its first reports, http://stopbadware.org/home/reports
    naming and shaming Kazaa, MediaPipe, SpyAxe and Screensaver.com as applications that ‘contain annoying or objectionable behaviors’.
    ——————————————————
    Why PC Security Means PC Stability:
    How Installing Security Software Keeps Your PC Running Smoothly.
    It happens all the time. Applications act up. Screens freeze. Programs slow down and shut down for no reason. Your PC crashes in mid-task. You ask yourself, “What’s wrong with this computer?” – and you believe it’s something system-related. But very often, it’s something more subtle, something you don’t expect…
    ——————-
    What is Adware?
    Of all the spyware attacks that PC users face, the most plentiful are adware programs. Adware is software that can be quietly installed onto your PC when you accept free offers, but can also be downloaded casually while you’re surfing the Internet. You know you have it by the arbitrary pop-up offers that suddenly appear on your screen, or perhaps a change in your browser’s appearance or settings. Some of the ads you may find useful, but many of them contain objectionable content. For example, ads for questionable pharmaceutical products or discounts on imitation Rolex watches.
    Other than selling you stuff, one of the main functions of adware is to track your Internet surfing habits and report them to a third party. By tracking your surfing habits, they gain valuable market research information, and can target their offers to you more precisely. Interestingly, you may have agreed to have adware installed on your PC when you accepted a free download – your permission is sometimes granted in the fine print.
    ——————-
    Do I have Adware?
    Although it’s often installed invisibly, without your knowledge, if your computer has been infected by adware there are usually indications. The classic symptoms are obvious: frequent and annoying pop-up offers, a general slowdown in PC performance and, as the adware begins to conflict with your PC’s legitimate software and operating system, frequent freezes and crashes, resulting in lost information between saves. If you’ve been experiencing these frustrating scenarios, you probably have adware on your PC. Use the URL below for a free online scan and check if you have adware or spyware on your PC.
    eTrust Pest Scanner

    Since adware is often programmed to launch when your computer starts up, and run continuously in the background, it adds time to your startup and slows down everything you do on your PC – especially if you have more than one adware program on your PC.
    By using up your system resources in this way, adware is consuming memory and speed that would otherwise be used for normal computing needs.
    Another symptom that adware has been quietly dropped on your PC, is that your browser begins acting on its own and takes you to places you don’t want to go. This is known as browser hijacking. The goal of browser hijackers is to group you into a targeted marketing campaign and steer you to the sites that they want you to visit.
    ——————-
    How Did I Get it?
    Here’s how adware gets downloaded onto your PC. You visit an ordinary web site for just a few minutes, or maybe only a few seconds, and then seamlessly move onto something else. In the few moments you spent at that site, adware can be invisibly downloaded onto your PC without your knowledge or approval. This is called a “drive-by download”.
    Another common way of getting adware is bundled with free software. There is a multitude of free software available on the Internet that provides real value to people. However, if you read all the fine print during the installation process, you may find that it comes bundled with adware – often multiple adware programs.
    ——————-
    Peer-to-Peer Applications Are More Than They Appear.
    Did you know that when you install most peer-to-peer applications that allow you to share files with friends and family, you are inviting adware onto your PC as well? Most peer-to-peer software developers, like Grokster and KaZaA, get paid by companies looking for ways to distribute their adware offers. This is how they make their money. Surprisingly, they’re doing it with your permission. Many of us don’t realize that when we “agree” to the company’s software license, we grant permission to have adware downloaded. It’s buried in the fine print. So, buyer (or sharer) beware.
    Here are a few links to help you make heads or tails of the details and dangers behind some of the more popular peer-to-peer programs and common adware pests:
    Grokster:
    http://www3.ca.com/securityadvisor/pest/Pest.aspx?id=453060425
    KaZaA:
    http://www3.ca.com/securityadvisor/pest/Pest.aspx?id=453060292
    MySearch:
    http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453090717
    BargainBuddy:
    http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453068324
    ——————–
    Be Sure the Cure Isn’t Worse Than the Condition.
    The good news is that there are many security software products available that protect you from spyware, adware and more. When shopping for anti-spyware software, you want to find a product that detects and removes a wide range of spyware threats, offers real-time protection, uses little hard drive space and offers frequent updates to protect you from newly discovered threats.
    ~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-
    “Be not afraid to circumvent the voices of the world.”

    GBAr

    *****************************************************************************************

    Some more reading on alert awareness pages!

    GBAr

    Back to the

    Meeting Page

    *OR*

    The Next Page for More Info

    There are 5 in total for you to read at your leisure

    Updated* Security for your Personal Computer!1/5

    *NEW* Security for your Personal Computer! 2/5

    *NEW* Security for your Personal Computer! 3/5

    *NEW* Security for your Personal Computer! 4/5

    *NEW* Security for your Personal Computer! 5/5

    GBAr

    See anything that you think requires my attention? I have changed somethings due to your requests, If for any reason you have not heard from me please scan your computer with the suggested programs above. Thanks for I do always reply, but the mail has to reach me first. Good Luck.Well then feel free to click on image.I will respond either soon or immediately!rad16.gifTruth is the way things are.

    Advertisements
    2 Comments leave one →
    1. gerry permalink
      1-10-2009 19:31

      Rick ,I hope you are getting better and will be able to come see me soon or Please let me know if you are getting better. my Prayers are with you and Jen says the same . We both hope you are on the road to recovery
      Gerry

    2. Gerry B permalink
      22-10-2009 23:30

      Hi Rick,I sure am glad I got to talk to u this day,October 22,2009. May the good Lord Show you the love he has for you by making you health and let you get back to hanging out with your friend,s and doing what you have alway,s done helping people feel good and enjoy your company. Once again get well soon, Gerry

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s

    %d bloggers like this: