Practice Safe Hex!
- Browsing the Internet without
protection is just plain foolish!
It can't be stressed enough on how important it is to keep your
system up-to-date. This not only involves Windows Update, but also
all the other programs on your machine. The vast majority of user
problems (hijacks, adware/spyware) I see are due to failure to keep
Windows patched, and lack of a proper "Layer of Protection".
Preventing
Vulnerabilities in Windows and Internet Explorer
- Tighten the Settings in
Internet Explorer
- Do NOT run as Administrator or an account with Administrator
privileges, or use
Drop my Rights (XP)
- Build a Layer of Protection - there are enough
freeware products available on the Internet that there is no
excuse for not having an adequate defense. Add an anti-spyware
program that has "real-time" protection such as Microsoft's
Windows Defender
(freeware)
- Microsoft has several new (paid) products -
Windows Live Safety Center and
Windows OneCare
Preventing the
spread of Worms and Spam
Setup Outlook Express for Plain Text only! - yes turn off
the fluff ... you'll be much safer and the end result you will
receive less spam. Spammers embed web bugs into HTML emails so even
if you don't reply, they know that the message was received/viewed
and will continue to bombard you. Worse yet once they determine a
valid address this info is often sold to other spammers and the
cycle continues!
- Open Outlook Express - click Tools | Options | Read tab
Select: "Read all messages in Plain Text" click Apply
Click the Send tab and uncheck:
"Reply to messages in the format they were sent"
Mail Sending and News Sending Format - select: Plain Text
Click the Security tab and select the following options [screenshot]
click Apply
-
Test the security of your email system
Many users are reporting they are getting huge amounts of email
that contains infections. This usually occurs when their email address has been
harvested from a newsgroup posting, web site page or from someone else who is
infected and your email address is in their Address Book. A
simply way to prevent this is to NOT use your real email
address in a newsgroup posting. Other steps to reduce the amount of
Spam you receive:
-
Help keep spam out of your inbox
-
Munging Your Email Address
-
Create several email accounts at Hotmail or Yahoo and then use
those when you have to enter your email address at some site
that you want to use their service. This also helps to determine
if a site you are dealing with is selling your email address, or
turns out to be a spammer.
-
A good example of a site spamming you to death is
virtuagirl2.com
"After entering our e-mail address on this site we received
1736 e-mails per week."
Enable the Hidden
Files Option
Often times a user open an innocent looking file attachment only
to discover they have infected themselves. One favorite tactic these
parasites use is a double-extension file where one or both file
extensions are hidden. By default Microsoft hides the
"registered" file types from view - to protect the user
from opening protected system files. However this also prevents the
user from seeing these extensions in their email. To allow yourself
to view all file types, open Windows Explorer Folder Options - View
[tab]: [screenshot]
- Scroll down to the Hidden Files and Folders section
- Select: "Show hidden files and folders"
- Uncheck: "Hide file extensions for known file
types"
- Uncheck: " Hide protected operating system
files"
- Ok the Prompt, click Apply, Ok
Protecting your
system from unknown Startups
99% of these
threats all have one thing in common - they are set to execute
from one or more of the "Run" keys in the Registry. To protect
against these silent
additions: Add a Startup Monitor to your Layered Protection.
RegistryProt
2.0 StartupMonitor
WinPatrol (recommended)
WinPatrol also protects/monitors your HomePage and
Search URL's! 
WinPatrol Support
Forum at CastleCops
Microsoft's Windows Defender also provides a "Startup Monitor" as part
of it's "real-time" protection.
Startup Diagnostic
Utilities
Sysinternals Autoruns |
Silent
Runners |
StartupList 2.0 (XP)
Even the built-in
Firewall in XP can protect the average home user. And yes XP's
Firewall can produce "stealth" results if your services
are properly configured. You can even obtain a freeware add-on
for ICF [FireLogXP
v1.3]
to read the log file and show you who is trying to get into your
computer, and through which ports.
Troubleshooting
Windows Firewall settings in Windows XP SP 2
Editors Note: There is a terrific wealth of information in
this article. However for stand-alone setups there should be no
"Exceptions" enabled. Start | Run (type) Firewall.cpl
Test your Firewall configuration with
ShieldsUp
Additional Firewall
Products
SunBelt (Kerio) Firewall (2K/XP)
now that SunBelt has rescued this popular firewall, users have
another option over the default Firewall built into XP. This
terrific utility is well worth the price! ... even if you don't
purchase the full version the freeware version offers better
(two-way) protection than the default (one-way) XP firewall.
Official Sunbelt Kerio Personal Firewall Support Forum
(CastleCops Forum)
Editors Note: Yes this is the one I use on one of my machines and
recommend ...
ZoneAlarm
[freeware]
Zone Labs
Support Forum
For new users this is a more or less "set it and forget
it" firewall. TIP: (broadband users) turn off the
Inbound Alerts! - there are so many that the prompts become
bothersome. There is really nothing you can do about these probes
and you can ignore these as long as your
setup is Stealth.
Zone
Labs Security Scanner (identify third party tracking cookies)
OutPost Personal Firewall [freeware] [Experienced Users]
What is the outlook for
the Future?
A disturbing trend in the type of infections we are seeing is the
use of "injection" techniques. This involves one or more files
injecting themselves into other Windows processes. Once this is
accomplished, these type infections generally hide themselves not
only from the user, but also from most Security related programs.
As it stands now the majority of Antivirus and Anti-Spyware
programs are unable to properly deal with these techniques. Although
several are starting to develop (IDS) "Security Suites", these are
rather expensive and the subscription renewal offers make them even
less attractive.
RootkitRevealer - root kit detection utility
Windows
Sysinternals
RootkitRevealer Forum
Other
Security & Privacy Related Links
Microsoft
Security Bulletins
Home
Computer Security by: CERT® Coordination Center (recommended)
Sunbelt
BLOG
VitalSecurity
Donna's Security
Blog
Siljaline's
IE & Security Blog
List
of Antivirus Software Vendors
Virus Bulletin Home
Page
Cannot
Start Executable Programs (.exe Files) on Your Computer
You
Are Unable to Start a Program with an .exe File Extension
OLEXP:
Using Virus Protection Features in Outlook Express 6
Virus
Hoax: Microsoft Debugger (Jdbgmgr.exe) Is Not a Virus
How
to start the computer in Safe Mode (98/ME/2K/XP)
How to
turn off or turn on System Restore [ME]
[XP]
[more
info]
CastleCops Viruses,
Worms, Trojans Support ForumMcAfee
AVERT Stinger - Stinger is a stand-alone freeware utility used
to detect and remove specific viruses. It is not a substitute for
full anti-virus protection, but rather a tool to assist
administrators and users when dealing with an infected system. McAfee
Support Forums
Trend
Micro, Inc. offers a free
online virus scanning
Online Spyware Scanner
Panda
ActiveScan Online Virus Scanner
Kaspersky
Anti-Virus:
Free
Online Virus Scanner
Ewido
Anti-malware - (XP/2k) a very aggressive Malware
scanner. Full featured trial version - scanner runs in the
background as a Service. After the trial the Service is disabled,
but will still run (manually) as a scanner. Ewido catches a lot
of these parasites that the other Anti-Spyware apps miss or are
unable to properly remove.
This site subscribes to the following:
General Criteria for Detection
Privacy Policy
