Internet Security

How To Avoid Becoming A Victim of Identity Theft

2006-02-10T20:48:00.000-08:00

How To Avoid Becoming A Victim of Identity Theft
Clyde Dennis

For Additional Information On Internet Security: Click Here! With identity theft statistics currently at an all time high, and climbing, it just makes sense that we should all be doing everything we can to protect ourselves.

One of the most prevalent yet overlooked ways your personal information and passwords may be being compromised is through the presence of Spyware on your computer.

Note these very disturbing Facts about Spyware and Identity Theft:

- 27.3 million Americans have been victims of identity theft in the last five years, including 9.91 million people or 4.6% of the population in the last year alone.

- Spyware infects 91% of all computers. That equates to an alarming 9 out of 10 computers!

Stop thinking Identity Theft can’t happen to you. It can.

Spyware is without doubt the most prevalent threat to online computer privacy and security.

You maybe wondering, exactly what is Spyware?

Spyware applications are programs and files that hide on your PC's hard drive without your direct knowledge. They allow hackers and advertising companies to track your every move, both online and even when you work offline.

Tracking the websites you visit, the items that you buy online, the emails you send and receive, your Instant Message dialog, and worst of all they can even record your credit card number, personal identification numbers, and all of your passwords.

If you use dial-up to connect to the Internet then spyware can be used to bill 900 numbers to your telephone bill.

Spyware allows hackers to take control of your browser and alter your computer system files.

These computer parasites slow down your Internet connection by inundating you with unwanted Spyware pop-up ads.

This is just a short list of the harm that Spyware can cause.

Note: Spyware and Adware cannot be detected by anti-virus and firewall software.

Have you noticed your computer running slower than ever?

The reason for that may have to do with online advertisers adding Spyware, or Adware to your computer without your knowledge.

What is Adware?

Adware works very much like Spyware.

Adware is software that will show you popup ads over and over. These files can also be extremely dangerous to your PC and could cause major problems with your Computer.

If you’re still wondering why you should be concerned about adware or spyware, consider this reality.

Through the use of adware and spyware your passwords, credit card numbers and other personal information could end up in the wrong hands.

In an attempt to provide some much-needed information on the subject of spyware, adware and identity theft I’ve compiled a Special Report called Spyware! How To Get and Stay Safe.

The report is in PDF format and can be had for the asking by visiting the following URL:
http://www.easyhow-to.com/identity-theft-avoidance.htm

About the Author

Clyde Dennis, a.k.a. "Mr. How-To", is Editor at EASYHow-To Publications and has been contributing articles that help people make their lives better since 1999. At his web site, The "How To" Library, you'll find a collection of the latest tools, tips, and information you need to help you get things done. For more information visit http://www.EASYHow-To.com

Personal Firewalls for Home Users

2006-02-10T20:44:00.000-08:00

Personal Firewalls for Home Users
Pawan Bangar

For Additional Information on Internet Security: Click Here!

What is a Firewall?

The term "firewall" illustrates a system that protects a network and the machines on them from various types of attack. Firewalls are geared towards keeping the server up all the time and protecting the entire network.

The primary goal of a firewall is to implement a desired security policy; controlling access in both directions through the firewall, and to protect the firewall itself from compromise. It wards off intrusion attempts, Trojans and other malicious attacks.

Personal Firewalls:

They are meant for the home user in a networked environment. They aim to block simple attacks, unlike the enterprise level firewalls that the corporate world uses at the server or router end. There are many ways to implement a firewall, each with specific advantages and disadvantages.

Are they really needed?

Nowadays organizations and professionals use Internet technology to establish their online presence and showcase their products and services globally. Their endeavor is to leverage digital technology to make their business work for them.

All the organizations and professionals are shifting from Dialup to broadband and getting a fixed IP. It has led to an increase in security attacks, bugs in everyday working. This does not mean that Dialup being anonymous dynamic link or the firewall of the ISP network make you pretty safe.

Now if your machine was under attack, you must have wondered what went wrong making your system crash suddenly. So I would rather like to say, it’s not necessary for anyone to actually know about you or your IP address to gain access to your system.

If you system is infected or prone to intrusions, then beyond the anonymity of your Dialup connection or a dynamic IP, your system can be hacked.

Types of Attacks

Intrusion:

There are many ways to gain unauthorized access to a system. Operating system vulnerabilities, cracked or guessed passwords are some of the more common. Once access is attained, the intruder can send email, tamper with data, or use the system privileges to attack another system.

Information Theft and Tampering:

Data theft and tampering do not always require that the system be compromised. There have been many bugs with FTP servers that allow attackers to download password files or upload Trojan horses.

Service Attacks:

Any attack that keeps the intended user from being able to use the services provided by their servers is considered a denial of service attack. There are many types of denial of service attacks, and unfortunately are very difficult to defend against. "Mail bombs" are one example in which an attacker repeatedly sends large mail files in the attempt at filling the server’s disk filesystem thus preventing legitimate mail from being received.

Types of Attackers

Joyrider:

Not all attacks on computer systems are malicious. Joyriders are just looking for fun. Your system may be broken into just because it was easy, or to use the machine as a platform to attack others. It may be difficult to detect intrusion on a system that is used for this purpose. If the log files are modified, and if everything appears to be working, you may never know.

Vandals:

A vandal is malicious. They break in to delete files or crash computer systems either because they don't like you, or because they enjoy destroying things. If a vandal breaks into your computer, you will know about it right away. Vandals may also steal secrets and target your privacy.

“In an incident a Trojan was being used to operate the web cam. All the activities being done in the house were being telecasted on the websites.”

Spies:

Spies are out to get secret information. It may be difficult to detect break-ins by spies since they will probably leave no trace if they get what they are looking for.

A personal firewall, therefore, is one of the methods you can use to deny such intrusions.

How Firewalls work?

Firewalls basically work as a filter between your application and network connection. They act as gatekeepers and as per your settings, show a port as open or closed for communication. You can grant rights for different applications to gain access to the internet and also in a reverse manner by blocking outside applications trying to use ports and protocols and preventing attacks. Hence you can block ports that you don’t use or even block common ports used by Trojans.

Using Firewalls you can also block protocols, so restricting access to NetBIOS will prevent computers on the network from accessing your data. Firewalls often use a combination of ports, protocols, and application level security to give you the desired security.

Firewalls are configured to discard packets with particular attributes such as:

Specific source or destination IP addresses.
Specific protocol types
TCP flags set/clear in the packet header.

Choosing a firewall:

Choose the firewalls which have the ability to ward of all intrusion attempts, control applications that can access the internet, preventing the malicious scripts or controls from stealing information or uploading files and prevent Trojans and other backdoor agents from running as servers.

The purpose of having a firewall cannot be diminished in order to gain speed. However, secure, high-performance firewalls are required to remove the bottleneck when using high speed Internet connections. The World-Wide-Web makes possible the generation of enormous amounts of traffic at the click of a mouse.

Some of the good firewall performers available in the market are below:

BlackICE Defender
eSafe Desktop
McAfee Personal Firewall
Neowatch
Norton Personal Firewall
PGP Desktop Security
Sygate Personal Firewalls
Tiny Personal Firewall
Zone Alarm
Zone Alarm Pro

Most of these firewalls are free for personal use or offer a free trial period. All the personal firewalls available can’t ensure 100% security for your machine. Regular maintenance of the machine is needed for ensuring safety.

Some of the tasks advised for maintaining system not prone to intrusions:

Disable file and print sharing if you are not going to be on network.
Update your antivirus signature files regularly.
Use a specialized Trojan cleaner.
Regular apply security patches to your software and operating system.
Don’t open email attachments if you have don’t know the contents it may contain.
Don’t allow unknown applications to access to the internet or to your system.
Regularly check log files of your personal firewall and antivirus software.
Disable ActiveX and java and uninstall windows scripting host if not required.
Turn off Macros in Applications like Microsoft Office and turn macro protection on.
Check the open ports of your system and see them against the common list of Trojans ports to see if they are being used by some Trojan.
Log Off from your internet connection if not required. Being online on the internet for long duration gives any intruder more and sufficient time to breach system security.
Unplug peripherals like web cam, microphone if they are not being used.

Pawan Bangar,

Technical Director,

Birbals,India

ebirbals@gmail.com

10 Signs And Symptoms Of Spyware Infections

2006-02-10T20:40:00.000-08:00

10 Signs And Symptoms Of Spyware Infections
GREGORY MBURU

For additional information on Spyware and Internet Security: Click Here! Your system runs noticeably slower than it did before. It could be infected by spyware.

A search toolbar or other browser toolbar appears even though you didn't request or install it. Spyware programs are usually installed with other programs that are advertised in regitimate ways.

You receive an email in your email client with offers related to your recent Internet searches. A spyware might be monitoring your buying habbits.

You enter a search term in Internet Explorer's address bar and press Enter to start the search.
Instead of your usual search site, an unfamiliar site handles the search. A spyware program might be responsible for this.

You get pop-up advertisements when your browser is not running or when your system is not even connected to the Internet, or you get pop-up ads that address you by name. A spyware program could be doing this.

When you start your browser, the home page has changed to something undesirable. Normally to a search portal that the spyware is trying to market.

At a time when you're not doing anything online, the send or receive lights on your dial-up or broadband modem blink just as wildly as when you're downloading a file or surfing the Web. Or the network/modem icon in your system tray flashes rapidly even when you're not using the connection. This could be a spyware program sending out info from your computer.

A new item appears in your Favorites list without your putting it there. No matter how many times you delete it, the item always reappears later. Spyware behaviors are normally very annoying.

Your spyware cure program or another protective program stops working correctly. It may warn you that certain necessary support files are missing, but if you restore the files they go missing again. It may appear to launch normally and then spontaneously shut down, or it may simply crash whenever you try to run it. Some Spyware programs will try to shut down your computer security programs so that they can run without being noticed.

Your phone bill includes expensive calls to 900 numbers that you never made—probably at an outrageous per-minute rate. Spyware programs can cost you thousands of dollars in losses

And the final sign is: Everything appears to be normal. The most devious spyware doesn't leave traces you'd notice! They are sit in your system, malignant and undetected but their destruction is graveus. Try using spyware cure program.

About the Author

Gregory Mburu Owns a Spyware Cure Program That Cleans and Prevent Your PC From Being Infected By Spyware. His Spyware Program Is Located At http://spywarecure.net

Internet Security News

2006-02-07T21:27:00.000-08:00

For More Internet Security Information: Click Here!

Microsoft to Unveil Paid Security Service (AP via Yahoo! News)
A new security service from Microsoft Corp. will charge users $49.95 per year to better protect its Windows operating system from spyware, viruses and other Internet attacks.
Microsoft to unveil paid security service (USA Today)
A new security service from Microsoft Corp. will charge users $49.95 per year to better protect its Windows operating system from spyware, viruses and other Internet attacks. Called Windows OneCare Live, the service will compete with products made by Symantec and McAfee.
Subsentio Announces New Partnership with Internet Security Systems to Deliver Network Security Services to Rural Telcos (Business Wire via Yahoo! Finance)
SAN DIEGO----Feb. 6, 2006--Subsentio, the leader in comprehensive real-time network security, today announced a new alliance with Internet Security Systems to provide a host of security services exclusively for independent rural telcos.
Microsoft to Unveil Paid Security Service (San Francisco Chronicle)
A new security service from Microsoft Corp. will charge users $49.95 per year to better protect its Windows operating system from spyware, viruses and other Internet attacks. Microsoft plans to release the product in early June. Called Windows...
Internet Security Systems To Challenge Security Status Quo at the RSA Conference 2006 (Business Wire via Yahoo! Finance)
ATLANTA----Feb. 6, 2006--Internet Security Systems , the worldwide leader in preemptive, enterprise security, will demonstrate the evolution of its network protection platform and the company's vision for the next generation of security at the 15th annual RSA Conference.
Microsoft, Symantec detail online-security offerings (Market Watch)
LOS ANGELES (MarketWatch) -- Microsoft Corp. and Symantec Corp. turned up the competitive heat on Tuesday, both revealing details of upcoming rival online-security services designed to protect consumers against the growing number of Internet threats while helping their computers run properly.
Microsoft to Unveil Paid Security Service (WJLA-TV Washington D.C.)
SEATTLE (AP) - A new security service from Microsoft ( website - news - quote ) Corp. will charge users $49.95 per year to better protect its Windows operating system from spyware, viruses and other Internet attacks. Microsoft plans to release the product in early June.
Microsoft to unveil paid security service (Canada.com)
Company to start charging users to secure its own products? A new security service from Microsoft Corp. will charge users $49.95 per year to better protect its Windows operating system from spyware, viruses and other Internet attacks.
Microsoft to release paid security offering in June, to cost US$49.95 per year (Canada.com)
SEATTLE (AP) - A new security service from Microsoft Corp. will charge users $49.95 US per year to better protect its Windows operating system from spyware, viruses and other Internet attacks.
Microsoft plans new PC security service for June (Reuters via Yahoo! News)
Microsoft Corp. said on Tuesday it plans to launch a new computer security service in June, marking the world's biggest software maker's entry into the fast-growing consumer anti-virus market.

Internet Scams 104 -- Particularly Vicious Scams

2006-01-24T21:55:00.000-08:00

http://www.onlineturnkeysolutions.com/ http://security.onlineturnkeysolutions.com/ http://www.mlmsolutionstoday.com/ Internet Scams 104 -- Particularly Vicious Scams Janette Blackwell Some scams use the name of organizations we trust, and they are the most vicious. Awhile back scammers sent an e-mail supposedly from the FBI. The address seemed to be fbi.gov, and the message told you that you had accessed illegal websites and that your Internet use had been monitored by the FBI’s “Internet Fraud Complaint Center.” You were then told to open an attachment and answer some questions. The FBI says that this e-mail is a scam. If you open that attachment your computer will be infected with a virus, tracking cookie, or trojan horse. • Anti-scam rule 1: Even trusted government agencies can have their addresses stolen. A trusted government agency will not ask you to open an attachment. Another extremely vicious e-mail identifies itself as Microsoft Security Bulletin MS05-039, and offers a link to what it claims is a patch against the Sober Zafi and Mytob worms. In fact, there is no such thing as Microsoft Security Bulletin MS05-039, and real Microsoft security bulletins offer links to a Microsoft download site, rather than to the patches themselves. If you click on this supposed patch, you will be infected with malicious software that gives attackers complete access to your computer. • Anti-scam rule 2: If you want to download something from Microsoft or another legitimate organization, do not click on an e-mail. Go to their official site and download it there. That’s the safe way to proceed. THE “eBAY ATTACK” The scam e-mails seeking my eBay account information started out low key. “Dear eBay customer, During our regularly scheduled account maintenance and verification procedures, we have detected a slight error in your billing information.” That one didn’t have an eBay logo, but it apparently brought in enough innocent victims to warrant an upgrade. Subsequent mailings grew more alarming and the official eBay logo began to appear in vivid color: “Dear eBay customer, Due to recent activity, including possible unauthorized listings placed on your account, we will require a second confirmation of your identity with us in order to allow us to investigate this matter further. Your account is not suspended, but if in 48 hours after you receive this message your account is not confirmed we reserve the right to suspend your eBay registration.” The scammers really, really wanted my eBay account number, but I was deleting their e-mails without clicking on their link. So they upped the ante. Because I didn’t reply, the supposed “eBay Fraud Mediation” people stepped in and got more and more testy as I didn’t supply them with my eBay account number. I felt perfectly relaxed through all of this, not only because I got each notice in triplicate (one from each sucker list I’m on) but because I DON’T HAVE AN EBAY ACCOUNT! If I had one, I might have worried, and then done the sensible thing: GONE TO THE OFFICIAL EBAY WEBSITE AND ASKED THEM IF THEY SENT IT. My husband did that once and got a form indicating (1) they get a zillion of these things, and (2) they don’t send e-mails like that. It was a scam, all right. • Anti-scam rule 3: eBay and other legitimate organizations are NOT going to ask you to confirm your account information in an e-mail. • Anti-scam rule 4: If you are not sure whether an e-mail is from a legitimate organization or is a scam, go to the legitimate organization’s website (rather than clicking on a possibly infected e-mail link) and ask them if they sent it. Coming next: the most vicious scam of all. Find the best recipe, food gift, and healthy dieting sites in Janette Blackwell’s Delightful Food Directory, http://delightfulfood.com/main.html -- or enjoy her country cooking at Food and Fiction, http://foodandfiction.com/Entrance.html

Internet Scams 105 -- The Most Vicious Scam of All

2006-01-24T21:47:00.000-08:00

http://www.onlineturnkeysolutions.com/ http://security.onlineturnkeysolutions.com/ http://www.mlmsolutionstoday.com/ Internet Scams 105 -- The Most Vicious Scam of All Janette Blackwell Not all e-mail scams are vicious. Some are kind of old-shoe, and a person would feel fond of them, except they are still cheating people out of their life savings. I recently got this classic: “I am George Mudashiru, a close friend and personal assistance to Abba Sani Abacha the son of the former Nigerian military ruler Sani Abacha. I got your contact throught a directory of prominent members in the world so I decided to contact you through mail on regarding this proposal. “As a close associate to Abba, he gave me a large sum of money which he said to help him transfer abroad and be deposited in my name in a security company. . . .” And good old George would like to deposit $10 million in my bank account if only he had its number. A great classic, which is to scams what a Duncan Phyfe table is to furniture. I didn’t give good old George my bank account number, and I’m sure you wouldn’t either. THE PAYPAL SCAM Now for the worst one. It started off on an alarmingly high note. (Or maybe I ignored the e-mails they sent for starters -- because I’m on three e-mail sucker lists I get daily news, in triplicate, about the terrible things supposedly happening to my PayPal, eBay, and bank accounts.) This one started out: “We recently have determined that different computers have logged 1nto (sic) your PayPal account, and multiple password failures were present before the login. One of our Customer Service employees has already tryed (sic) to telephonically reach you. As our employee did not manage to reach you, this email has been sent to your notice. “Therefore your account has been temporary suspended. We need you to confirm your identity in order to regain full privileges of your account. “To confirm your identity please follow the link below:” (the link looked like a PayPal link but I am sure was not). Well. They suspended my account. We’re playing in the big leagues now. I do have a PayPal account, though not at that particular e-mail address. And if I hadn’t received so many scam e-mails, this would have led me to go to the REAL PayPal website and ask if they sent that e-mail. Instead I hung tight. And got the doozy. It had the official PayPal logo and format. On the right-hand side of the page it said: “Protect Your Account Info. Make sure you never provide your password to fraudulent websites. To safely and securely access the PayPal website or your account, open a new web browser (e.g. Internet Explorer or Netscape) and type in the PayPal login page (http://paypal.com/) to be sure you are on the real PayPal site. PayPal will never ask you to enter your password in an email.” Amazing. They didn’t want me to type my password into an e-mail, and they did want me to go to the real PayPal site. So I went to the real site. Took a good look at it, then returned to the e-mail, which said on its lefthand side: “Dear PayPal Member: Attention! Your PayPal account has been violated! Someone with ip address 149.225.126.87 tried to access your personal account! “Please click the link below and enter your account information to confirm that you are not currently away. You have 3 days to confirm account information or your account will be locked. Click here to activate your account. “Thank you for using PayPal! The PayPal Team Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to” -- and they had an official looking link for me to click. So I clicked on it. Which I shouldn’t have done, and maybe that’s where I got the attempted computer hijacking and a tracking cookie. But I was curious. I was taken to a website that looked EXACTLY like the PayPal official website. Remember? They had me go to the real one to see how it looked. I still had the real site on another screen, so I went back to it. The two sites were EXACTLY the same, except for two things: The real PayPal website recognizes my computer. It automatically welcomes me and puts up the little stars that represent my password. The scam website had blank spaces for my account number and password. Well, of course they were blank! The whole point was that I should fill in my PayPal password and account number so they could wipe out my account. Second difference: the address in the window at the top of the scam site was not that of PayPal. It was a string of code letters and numbers. I still had the real PayPal site on another screen. I flipped back to it. The address in the window at the top was http://PayPal.com. The address on the scam site was not. And those were the ONLY TWO DIFFERENCES. Talk about low-down, sneaky scams! I hope I have turned you into a gimlet-eyed, suspicious person -- but only where Internet frauds are concerned. Find the best recipe, food gift, and healthy dieting sites in Janette Blackwell’s Delightful Food Directory, http://delightfulfood.com/main.html -- or enjoy her country cooking at Food and Fiction, http://foodandfiction.com/Entrance.html

Internet Security Basics 101

2006-01-24T21:43:00.000-08:00

http://www.onlineturnkeysolutions.com/ http://security.onlineturnkeysolutions.com/ http://www.mlmsolutionstoday.com/ Internet Security Basics 101 Niall Roche The explosive growth of the Internet has meant that thousands of people are today experiencing the joys of being online for the first time. With growth there always comes pain. Be it your growing pains as a child or the growth and development of this part of our culture called the Internet. Firstly we need to quickly explain what the Internet is and where it came from. The Internet is the offspring of a military project called Arpanet. Arpanet was designed to provide reliable communication during global nuclear war. A vast network of interconnected computers was set up all over the world to allow the various branches of US and NATO forces to communicate with each other. Nuclear war never came (thankfully) and the world was left with a massive network of computers all connected together with nothing to do. Colleges and universities started to use these computers for sharing research internationally. From there it grew and spread outside colleges to local homes and businesses. The World Wide Web was born and its father was a guy called Tim Berners Lee. When you're connected to the Internet you're sharing a vast network with hundreds of millions of other users. This shared network provides resources that 15 years ago were never thought possible. Unfortunately when something is shared its open to abuse. On the Internet this abuse comes from hackers and virus creators. Their sole intent is to cause chaos and/or harm to your computer system and millions of other computer systems all over the world. How do you combat this? You need an Internet security system. This might sound complicated but your Internet security system will be quite straigtforward being comprised of just 2 - 3 Internet security products. We'll look at each of these products in more detail now: AntiVirus Software The first and most critical element of your Internet security system is antivirus software. If you don't have up-to-date antivirus software on your PC you're asking for trouble. 300 new viruses appear each month and if you're not constantly protecting your system against this threat your computer will become infected with at least one virus - it's only a matter of time. Antivirus software scans your PC for signatures of a virus. A virus signature is the unique part of that virus. It can be a a file name, how the virus behaves or the size of the virus file itself. Good antivirus software will find viruses that haven't yet infected your PC and eliminate the ones that have. Antivirus software can only protect your computer from viruses trying to infect it via email, CD-Rom, floppy disk, Word documents or other types of computer files. Antivirus software alone will not keep your computer 100% safe. You also need to use firewall software. Firewall Software The use of firewall software by home computer users is a relatively new occurence. All Internet connections are a two way process. Data must be sent and received by your computer. This data is sent through something called ports. These are not physical things rather aspects of the way your computer communicates online. Firewall software watches these ports to make sure that only safe communication is happening between your computer and other computers online. If it sees something dangerous happening it blocks that port on your computer to make sure your computer stays safe from the person who is trying to hack into your system. An easier way to understand a firewall would be to picture your computer as an apartment complex. At the front door of this complex there is a security guard. Every person who enters the complex must pass this security guard. If the security guard recognizes the person entering as a resident he allows them to pass without saying anything. If, however, the person entering the complex is unknown to him then he will stop that person and ask for identification. If they have no business being at the apartment complex he escorts them from the building. If you are not currently using firewall software your computer will get hacked into - that's a guarantee. Pop-Up Blocker You can get a good popup blocker at no cost. An easy way to do this is to install either the Google or Yahoo toolbar. Both of these come with popup blockers built in. Popups are not necessarily dangerous but are a nuisance and using either of these toolbars will make your life that bit easier. A simple rule for practicing online security is: "If in doubt then don't". If you don't recognize the file, the email address, the website or if your gut feeling says "no" then don't click that button. http://www.affiliate-advocate.com is run by Niall Roche. The site offers reviews of affiliate marketing ebooks and software as well as advice and tips for new and existing affiliate marketers.

Personal Firewalls for Home Users

2006-01-24T21:29:00.000-08:00

http://www.onlineturnkeysolutions.com/ http://security.onlineturnkeysolutions.com/ http://www.mlmsolutionstoday.com/ Personal Firewalls for Home Users Pawan Bangar What is a Firewall? The term "firewall" illustrates a system that protects a network and the machines on them from various types of attack. Firewalls are geared towards keeping the server up all the time and protecting the entire network. The primary goal of a firewall is to implement a desired security policy; controlling access in both directions through the firewall, and to protect the firewall itself from compromise. It wards off intrusion attempts, Trojans and other malicious attacks. Personal Firewalls: They are meant for the home user in a networked environment. They aim to block simple attacks, unlike the enterprise level firewalls that the corporate world uses at the server or router end. There are many ways to implement a firewall, each with specific advantages and disadvantages. Are they really needed? Nowadays organizations and professionals use Internet technology to establish their online presence and showcase their products and services globally. Their endeavor is to leverage digital technology to make their business work for them. All the organizations and professionals are shifting from Dialup to broadband and getting a fixed IP. It has led to an increase in security attacks, bugs in everyday working. This does not mean that Dialup being anonymous dynamic link or the firewall of the ISP network make you pretty safe. Now if your machine was under attack, you must have wondered what went wrong making your system crash suddenly. So I would rather like to say, it’s not necessary for anyone to actually know about you or your IP address to gain access to your system. If you system is infected or prone to intrusions, then beyond the anonymity of your Dialup connection or a dynamic IP, your system can be hacked. Types of Attacks Intrusion: There are many ways to gain unauthorized access to a system. Operating system vulnerabilities, cracked or guessed passwords are some of the more common. Once access is attained, the intruder can send email, tamper with data, or use the system privileges to attack another system. Information Theft and Tampering: Data theft and tampering do not always require that the system be compromised. There have been many bugs with FTP servers that allow attackers to download password files or upload Trojan horses. Service Attacks: Any attack that keeps the intended user from being able to use the services provided by their servers is considered a denial of service attack. There are many types of denial of service attacks, and unfortunately are very difficult to defend against. "Mail bombs" are one example in which an attacker repeatedly sends large mail files in the attempt at filling the server’s disk filesystem thus preventing legitimate mail from being received. Types of Attackers Joyrider: Not all attacks on computer systems are malicious. Joyriders are just looking for fun. Your system may be broken into just because it was easy, or to use the machine as a platform to attack others. It may be difficult to detect intrusion on a system that is used for this purpose. If the log files are modified, and if everything appears to be working, you may never know. Vandals: A vandal is malicious. They break in to delete files or crash computer systems either because they don't like you, or because they enjoy destroying things. If a vandal breaks into your computer, you will know about it right away. Vandals may also steal secrets and target your privacy. “In an incident a Trojan was being used to operate the web cam. All the activities being done in the house were being telecasted on the websites.” Spies: Spies are out to get secret information. It may be difficult to detect break-ins by spies since they will probably leave no trace if they get what they are looking for. A personal firewall, therefore, is one of the methods you can use to deny such intrusions. How Firewalls work. Firewalls basically work as a filter between your application and network connection. They act as gatekeepers and as per your settings, show a port as open or closed for communication. You can grant rights for different applications to gain access to the internet and also in a reverse manner by blocking outside applications trying to use ports and protocols and preventing attacks. Hence you can block ports that you don’t use or even block common ports used by Trojans. Using Firewalls you can also block protocols, so restricting access to NetBIOS will prevent computers on the network from accessing your data. Firewalls often use a combination of ports, protocols, and application level security to give you the desired security. Firewalls are configured to discard packets with particular attributes such as: · Specific source or destination IP addresses. Specific protocol types TCP flags set/clear in the packet header. Choosing a firewall: Choose the firewalls which have the ability to ward of all intrusion attempts, control applications that can access the internet, preventing the malicious scripts or controls from stealing information or uploading files and prevent Trojans and other backdoor agents from running as servers. The purpose of having a firewall cannot be diminished in order to gain speed. However, secure, high-performance firewalls are required to remove the bottleneck when using high speed Internet connections. The World-Wide-Web makes possible the generation of enormous amounts of traffic at the click of a mouse. Some of the good firewall performers available in the market are below: · BlackICE Defender eSafe Desktop McAfee Personal Firewall Neowatch Norton Personal Firewall PGP Desktop Security Sygate Personal Firewalls Tiny Personal Firewall Zone Alarm Zone Alarm Pro Most of these firewalls are free for personal use or offer a free trial period. All the personal firewalls available can’t ensure 100% security for your machine. Regular maintenance of the machine is needed for ensuring safety. Some of the tasks advised for maintaining system not prone to intrusions: · Disable file and print sharing if you are not going to be on network. Update your antivirus signature files regularly. Use a specialized Trojan cleaner. Regular apply security patches to your software and operating system. Don’t open email attachments if you have don’t know the contents it may contain. Don’t allow unknown applications to access to the internet or to your system. Regularly check log files of your personal firewall and antivirus software. Disable ActiveX and java and uninstall windows scripting host if not required. Turn off Macros in Applications like Microsoft Office and turn macro protection on. Check the open ports of your system and see them against the common list of Trojans ports to see if they are being used by some Trojan. Log Off from your internet connection if not required. Being online on the internet for long duration gives any intruder more and sufficient time to breach system security. Unplug peripherals like web cam, microphone if they are not being used. Pawan Bangar, Technical Director, Birbals, India ebirbals@gmail.com

You Can Stop Computer Viruses

2006-01-24T21:00:00.000-08:00

http://www.security.onlineturnkeysolutions.com/ http://www.onlineturnkeysolutions.com/ http://www.onlineturnkeysolutions.com/pips.html You Can Stop Computer Viruses Robert Ing Hardly a day goes by when you don’t hear about a computer virus in the news or from someone you know. As a matter of fact, there are well over 8,000 active computer viruses in the world in any given twenty-four period and 5 new viruses are introduced daily. The majority of computers will catch a virus through an e-mail attachment or link. Most viruses will use an infected computers address book to distribute themselves, so you are much more likely to receive a virus from someone you know rather than a total stranger. However, the best way to identify whether or not any attachment could be a potential virus hazard is by looking at the extension (suffix) of the attached file. Hazardous file attachments are .pif, .exe, .com, .vbs, .bat, .bin, .dot, .reg, .js, .scr, .xlm and .dll. While this list is by no means exhaustive these are the definite ones to be on-guard for. In case you’re wondering, catching a virus by file sharing is the second most popular way to get infected. File sharing whether you use removable disks, CDs, DVDs, memory cards/sticks or even synch cables can make your “never connected to the Internet” computer, vulnerable to catching a virus. Protecting your computer from a computer virus infection is relatively easy if you follow these simple steps: 1. Put anti-virus software on all your computers whether they are Internet connected or not. 2. Don’t open or download file attachments (attached files) in your e-mails. Especially the ones with the extensions .pif, .exe, .com, .vbs, .bat, .bin, .dot, .reg, .js, .scr, .xlm and .dll. 3. Don’t click on links in the body of your e-mails. 4. Don’t download software from web sites that you do not know. 5. Never install software on your computer unless you know where it came from. 6. Run a manual anti-virus scan for every 24 hours you use your computer. 7. Be sure that your anti-virus software is up-to-date. All anti-virus software products usually provide updates every 2 – 4 weeks and this service is free of charge to registered users for up to a year. 8. Received an e-mail from someone you know but didn’t expect them to send you a file attachment? Call the person first, before downloading or opening the file attachment to confirm that it really came from them. Some virus programs are very good at making it look like they are just files sent to you from someone in yours or your friends e-mail address book. 9. Put firewall software on all your computers that are temporarily or permanently connected to the Internet. If you follow these simple steps you should be able to stop a virus before it infects your computer. Copyright © 2005-2006 Dr. Robert Ing, www.drroberting.com About the Author: Dr. Robert Ing is a forensic intelligence specialist and has appeared on North American news networks on the issues of technology crime, computer security, privacy and identity theft. For more articles by Dr. Robert Ing please visit http://www.drroberting.com Source: www.isnare.com