Security Protection Checklist :: security :: using tech

Stopping up the holes where viruses get into your computer

This page is an attempt at a practical summary and checklist for protecting your computer (and your information, and therefore, you) from being damaged, stolen, or misused. It is intended for the personal computer user, and these are things you can do without having to know too much about the subject.

If you just want to make your computer safe right now, read and do the things in the green boxes.

If you want to learn more, read the rest!

What is a "virus"?
"Loosely speaking, a virus is any malicious piece of software that is installed on your computer without your knowledge and which spreads to other computers, usually through a computer network" (that means: email, web page, internet connection, flash drive, etc.)
www.res.kent.edu/newres/tabid/300/default.aspx

A virus is "software" — It is nothing magic: it is only a computer program, created by a human being, a programmer. It runs on your computer and does things to harm it or others.
But, unlike the programs you are used to, it does not show any windows or anything to look at. So:

  • Like a disease virus, you won't know if it is there or what it is doing.
  • Like a disease virus, you won't know your computer has it, or that your computer is passing it to others, until your computer or someone else's computer gets sick!
  • Like the disease virus AIDS, computer viruses are constantly changing, so we can't immunize once against them. We have to constantly be on alert.

Yes, it's annoying! But there it is, and we have to deal with it.

Security has become a big problem with using computers. It is not just trouble-makers causing your computer to crash any more, it is now big business. The bad guys are making a lot of money, tens of thousands of dollars, using your computer to:

  • Steal email addresses to send spam to, and to sell to other spammers.
  • Use your computer to send spam
  • Use your computer to send programs and data to other computers.
  • Use your computer to store programs and data (do you really know what is on your D: drive?)
  • Steal personal information from your computer (financial records, id, etc. ) transfer money from your bank account, use your id for covering up bad activities, etc., and also sell it to other bad guys so they can do the same.

Some words for these bad programs are: virus, malware, spybot, adware, trojan, rootkit, ... Unless we specialize in the security field, we don't really need to know what they are — we just want to keep them out!

These are all programs that i and others in Dharamsala have actually researched, and tried out on our own computers. Will try to keep this updated so that the information stays useful!

If you are an organisation or government office, of course you need more than this. And of course, you have a system administrator to run things, who knows a lot more than i do. Right?

The three ways that viruses get into your computer are
first and most often, through you yourself! — Installing and using them with your web browser, programs, email, and flash drive;
second, through attacks and viruses that sneak past you;
and third, through the network

At the end of this page there is also a list of more advanced things you can do ... especially if you are a system administrator. And some solutions for special problems.

Since this is only a summary: Follow the links given on this page, the "Know more" links at the end of the page, go to other files on this website, and/or browse the great world-wide web, if you want to learn more about this subject.

YOU!

Most viruses get into our computer because we install them ourselves — really! Whenever we view web pages, download and install some cool program, click "ok" without reading the popup, stick a flash drive into our usb port without checking it, we are opening the door and welcoming them in.

If you follow only the following rules, you will be very unlikely to get viruses. Everything else on this web page is explanation, or extra security.

Your Web Browser: Don't use Internet Explorer — good browsers are Firefox and Opera.

Your Programs: Don't download or install any program unless you are very sure it is safe and trusted.

All Flash Drives: Don't allow any flash drives to be plugged in to your computer.

Your E-Mail:
Don't use Outlook Express — use Thunderbird or Eudora.
Don't view your email as HTML,
Don't open attachments unless you are really sure who sent them, AND you have scanned with an antivirus program.

Your Brain: Just like you automatically check out people when you are walking down the street, pay attention to your computer and programs.

1. You and Web browsing:

50% of the danger can be avoided simply by using safe habits when browsing the web. This is the same thing as being normally cautious when you walk down the street — you don't welcome every stranger on the street with open arms, agree with everything they say and accept whatever they give you ... do you?

Don't use MicroSoft Internet Explorer (MSIE). Use FireFox, Opera, or Safari. Because of the way MSIE is made, it is an open door to many viruses. www.mozilla.com/firefox
www.opera.com
If you must use MSIE, set the highest security settings. Tools -> Options -> Security Settings ... uhhh ... It's really complicated in MSIE ... just use FireFox!  
In any browser, change your settings to
  • block popups
  • don't save passwords
  • don't allow install of anything
Tools -> Options -> ...  
Don't be logged in as an 'administrator' user when browsing. Use a regular 'user' account.    
If something pops up — read it — don't just click OK. A program may be asking to be installed — and it may not be a good program!  

2. You and Your Programs installing running operating system

Installing programs:

Don't download and install programs unless you are sure you trust where they come from. Not only much free software is offered in order to pass viruses to you, hackers provide download sites with infected versions of good software!
This includes many "anti-virus programs" — They actually install more viruses!
The only trustworthy download sites i know of are:
www.downloads.com
www.filehippo.com www.sourceforge.net www.tucows.com
And,
the official home of whatever software you are looking for. For example, Firefox lives at www.mozilla.org/firefox. You would certainly be safe to download Firefox from there!
Don't use free screensavers, "cracks", etc. They are there to distribute viruses, rootkits, etc in the downloads they give you. Again, see above for sources of good software.
Before you download a program, check if it is in a database of known malware. This is it  —> www.spywareguide.com

Running programs:

If something pops up - *read it* - don't just click ok. That pop up window is the only way the poor programmer has of communicating with you. He is trying to tell you something, to help you!  
Check what programs are starting up when you start the computer, and make sure you really need them.
  • Start -> Program Files -> Startup Menu
    will show programs that will start when the computer boots.
    Right-click and "Delete" to take them off the list (The original program won't get deleted).
  • But — some, especially viruses, won't show in startup menu.
  • If you don't use Windows Messenger, disable its startup:
    • open msdos window (Start -> Run)
    • msconfig
    • click on "Startup" tab
    • click on checkbox for "msmsgs" to disable startup
 
Keep your OS, all your programs, and your anti-virus programs updated always. New viruses and attacks are always being developed, and the good programmers are always updating their programs to protect against them. But the only way the good programmers can get those changes to you, is if you update your copy of the program. The websites for the different programs. Many programs will update themselves whenever you are online.

Your operating system:

Be careful with MicroSoft Windows

If you must use MicroSoft Windows:

  • Make sure every user account on the computer has a password.
    (Not only because of a person sitting down in front of the computer! But because a virus can use a no-password account to do bad things on the computer.)
  • Learn all the security features of Windows and use them. Plus add other security programs since the built-in "features" are not near enough.
It's up to you to find how to do these things. I don't use Windows (see below).
Consider switching to another operating system.

The other most-used operating systems these days are Macintosh and Linux.

  • Yes this does require a lot more work: You have to learn the differences for that system.
  • How much work and time are you spending now trying to keep viruses out of your Windows machine? Rebuilding reports or files that you lost due to virus?
MacOSX:
www.apple.com/macosx/leopard
en.wikipedia.org/wiki/Mac_OS_X
Why Linux?
www.polishlinux.org/why-linux
Ubuntu Linux:
www.ubuntu.org
PCLinux:
www.pclinuxos.com/

3. Your computer and memory sticks (flash drive, usb stick):

Don't use your flash drive in public computers (cybercafe, etc.). (I know i know, this makes your flash pretty useless! But it's gotten that bad. Back to CDs, folks!)

When you insert the flash drive:
Hold down the shift key. This will disable any virus' autorun.inf on the flash drive, so that the inserted flash drive won't automatically run the virus.
Then, immediately after insertion, run a virus scanner on the flash drive and on the host computer, before using the drive.

Always scan USB Flash Drives after they have been used in other computer systems, even your own.

Disable autorun on your Windows computer, so that any inserted flash drives won't automatically run viruses. [How to disable autorun]

If possible, get a flash drive with a "read-only" switch. (If you find any like this, let me know!)

ClamWin: An antivirus to carry on your flash drive. Free, open-source, good anti-virus program, that you install onto and run from your flash drive. Tried it and use it 2006-2007 www.portableapps.com/apps/
utilities/clamwin_portable

4. Your E-Mail:

Don't read your email in "html format". Check in your options and change to "text format".
If you are sure the email is safe and you know who it is from, you can always switch to html format to view that mail.
 
Don't click on links in email. Type in the url given yourself - better yet, go to the website, and click through to the appropriate page.  
Don't download/view attachments unless you are sure they are safe and you know who they are from.    
Use the virus scanner in your webmail program , or in your local mail program.    

5. Your Good Brain:

Try using only 1% more of your brain. A computer often seems like just an entertainment system — a completely dumb tool like a radio. But it is not.
Our computer has many capabilities, and can be a powerful tool that greatly expands our abilities. It does need us to learn some things in order to make best use of it. Just like having a powerful horse or a powerful car, we need to be smart ourselves in order to use its power and not be overcome by it.
Science says we only use 10% of the capacity of our brain. For the effort of using only 1% more of our brain, we will get a huge reward of expanding our abilities and power.
It is really hard, and takes practice, to extend our brain power to that 1% more. Learn to think when you are using a computer, and you will find your computer working 100% more for you!

Attack prevention: "Anti-Virus" Programs:

Even though you try your best to keep the bad things out, just like with human diseases, sometimes the virus or attack gets past you anyway.

There are programs that can detect and protect you from spyware, viruses, and other bad things. BUT: There is not any solution that can give a 100% effectiveness rate for detecting viruses and malware.

  • We often would rather download a free program, rather than pay so much money. The free programs are often just as good - the pay programs often just combine the features of different kinds of programs.
  • There are good free programs, but some of them are trojan horses — they are doing the bad things underneath! So we have to research and choose which ones to use.
  • You have to keep any/all of these updated, otherwise they are useless.

About installing and running anti-virus programs

DO: Use more than one anti-virus program
  • There is no single program that will consistently be the first and fastest to respond to a virus outbreak.
  • Different anti-virus engines have different strengths and weaknesses.
www.gfi.com/news/en/multipleav.htm
HTML of PDF file from gfi.com,
on google
BUT: Install and run only one anti-virus at a time. Multiple versions of antivirus software may interfere with one another.
  • "It is important to note that one should not have more than one antivirus software installed on a single computer at any given time. This can seriously cripple the computer and cause further damage. This is not always obviously stated in terms of usage for these programs."


en.wikipedia.org/wiki/Anti_virus
  • Since antivirus software interacts with the system at a very low level, having multiple antivirus packages will almost invariably lead to greatly reduced system stability and performance.
www.res.kent.edu/newres/
tabid/300/default.aspx

1. anti-spyware programs

signature-based (use one of these):

Spyware Doctor v.5.0 Aug 2007 Highest ratings. Found and removed the most malware in most tests (2007).
Also has anti-virus support.
"The trial version offers time-unlimited real-time protection (free spyware blocking), but does not remove threats detected during on-demand scans."
Full version $29
Tried it (Free version) Aug 2007
It looks you can just remove the found threats manually.
www.pctools.com
Spy Sweeper v.5.5 august 2007 Also has anti-virus support.
Said to be easier to use.
Full version $20
not yet www.webroot.com
ZoneAlarm Full version $20
best rating at cnet.com (2007)
not yet www.zonealarm.com
Ad-Aware Use this in addition to one of the above, to catch things they might miss.
Three versions: Pro, Plus, and Free
Tried it (Free version) august 2007 www.lavasoftusa.com
Compare versions at: www.lavasoftusa.com/
download_and_buy/
product_comparison_chart.php

non-signature-based (use one of these as well):

Primary Response SafeConnect monitors every running process checking suspicious behavior not yet www.sanasecurity.com
Prevxl Individual   not yet www.prevx.com

2. virus scanners

Use one of these anti-virus programs:

(They also check for spyware, adware etc., but that checking may not be complete as a dedicated spyware program (see above).)

AVG No anti-virus program is perfect, since the hackers keep making more viruses!
These three are all good, but each has different drawbacks. Plus they are not open-source - that is, other programmers can't check them. For the best, free, open-source anti-virus, use ClamWin (below).
Tried it 2006-2007 www.grisoft.com
Avast not yet www.avast.com
Free Virus Cleaner virus removal tool www.avast.com/eng/
avast-virus-cleaner.html
AntiVir not yet www.free-av.com
ClamWin Free, open-source, very good anti-virus program. Tried it: I use it on all peecees in office/class, and use the PortableApps version on my flash drives 2006-2007
If you need a free anti-virus, this is the one to use.
www.clamwin.com
NOD32 anti-virus Cost, very good anti-virus program.
100% capture rate at the Virus Bulletin website
Best Antivirus Product of 2006 at www.av-comparatives.org
no www.eset.com

3. Suites

Good:

  • include all the functions
  • of course it is easier to manage one program rather than several
  • may run more efficiently, whereas multiple programs may conflict with each other.
  • may include a firewall as well.

Yet,

  • The individual programs may actually be more complete then the bundles in these suites.
Norton Internet Security 2007 Actually does not get best reviews.
antispam, parental control, or privacy protection are separate.
www.symantec.com
Panda Internet Security   not yet www.pandasoftware.co.uk
ZoneAlarm Internet Security Suite 7 Now excellent at spyware also.
Has Identity Theft Protection: scans hacker sites for your credit card no., etc.
top-rated
www.zonealarm.com

Network

1. firewall

Like a guard at your door — blocks things coming in and going out through the internet.

At the very least, turn on Windows built-in firewall. ... -> ...  

Better, install one of these firewalls:

ZoneAlarm   Tried it (Free version) Aug 2007 www.zonealarm.com
Comodo   Not yet www.comodo.com
Outpost Firewall Pro 3.0 30-day fully-functional trial version
$40 single license; other licenses available.
Not yet www.agnitum.com/products/outpost/

Advanced things you can do:

1. Find root kits/remote access tools (RATs)

Root kits and RATs enable a programmer to access your computer remotely, and use it for whatever he wants. They actually replace part of the operating system's core, and may not be detected by virus scanners.

Install one or all of these:

McAfee's Stinger This app does not install — starts immediately after downloading (or loading from a windows boot CD) vil.nai.com/vil/stinger/
IceSword   www.majorgeeks.com/icesword_d5199.html
RootKitRevealer   www.sysinternals.com
Black Light This is part of F-Secure Internet Security, as well as available as a stand-alone program. www.f-secure.com/blacklight

2. Registry protection

Install and use one or all of these:

Spybot Search and Destroy registry tool Spybot has a tool "Tea Timer" that will inform you whenever an application wants to change the registry.
Free. Reading the website, i like this guy.
Tried it Aug 2007 www.spybot.info
Ad-Aware registry tool "Smart Scan" is a tool for cleaning the system registry, part of the Ad-Aware 2007 program. Tried it Aug 2007 www.lavasoftusa.com

3. Attack Simulators

After cleaning up computer, you can simulate attacks and you can see if you are really safe.

Nessus works locally www.nessus.org
PC Security Test 2006 works over internet www.pc-st.com/de/
Attack Tool Kit works locally
test security, simulates hacker attacks.
has plugins
www.computec.ch/projekte/atk

4. Network/Wifi checking

NetStumbler - Scans environment of computer, shows all available access points, coverage, etc.
  • Before install, check if your WLAN card is compatible with it, at www.stumbler.net/compat
  • After installing:
    • activate "Auto Reconfigure" function.
    • select appropriate lan card from "Device" menu
www.stumbler.net
Nessus - checks threats through router Has a client and a server. Does attack simulations. www.nessus.org
Superscan 4: port scanner. After finding out what ports are open with this tool, close them with your firewall settings.
free
www.foundstone.com

Ideally, before you install any of these:

Boot from a CD with a virus scanner (such as AntiVir) installed, (with the latest virus defintions!) and scan from that. Then after all clean, reboot and install the anti-virus/malware programs. Chip Guru - May 2007 - Security issue: p.90-93 has how-to make boot cd with programs.
Uses Bart's PE Builder: www.nu2.nu/pebuilder

Special problems

Tools -> Folder options disabled

XXX
  • Coming soon!
www.XXX.com

Process Manager (ctrl-alt-del) disabled

XXX
  • Coming soon!
www.XXX.com

Folders deleted or made hidden

XXX
  • Coming soon!
www.XXX.com

Get help solving problems

HiJackThis (HJT)
  • From any of the websites listed, download the program.
  • Run it on your computer and save the log.
  • Upload the log to the help forums at the same site where you downloaded HJT, and people there will check them out and figure out any problems.
www.spywarewarrior.com www.temerc.com www.bleepingcomputer.com

Know more

Chip Guru - May 2007 - Security issue
Many articles on securing your pc, how-tos for many of the tools listed on this page.
"Fast Track to Security"
Much information and resources
Digit, September 2006
"Security Super Guide"
summary of all the tools.
Indian PC Magazine - July 2007 - p.70-74
General info:
www.wikipedia.org/wiki/Anti_virus
About viruses, anti-virus software, with links to more info.
www.tibetangeeks.com/technologies/security/
About security – tech info for Tibetans

add tech info

Send Security info to us and we will publish in this section.

This site built with Open Source: html/css, php, apache, linux, vim, air, water.
— and also with the awesome Lenovo ThinkPad —
which is made in and working for — thank you, China!