Hammett's Glen

Computer Security: Chapter 2 - Playing Defense or Tit for Tat

There's a Worm  worm_chomping_on_computer_hg_blk.gif  Eating My Computer

And Other Tales From the Darkside

 

 

 

 Second:  dog_and_fence.jpg  Fugget-about-it!!!

 

No matter what I have led you to believe, there is no absolutely, positively, 100% secure computer. Any computer can bei_win.jpg compromised if a skilled and determined cracker wants to get into it. I read about two geeks who lived hundreds of miles apart that challenged each other to a contest to see which one could get into the others computer first. After several weeks of futile attempts by both parties one of them awoke one morning to find a mocking image on his screen signaling he had lost the bet. When pressed to how he succeeded, the first geek finally admitted that he drove all day and that night while his competitor slept he broke into his house and planted the image sitting at the guys keyboard while he slept in the next room.    ----------09/11/09----------  jinx

So how can we guard against a determined, clever and well armed adversary who vastly outnumbers us, uses tactics we don’t understand such as buffer overflows, format string vulnerabilities, integer overflow, and code/command injection and is willing to trick us, cajole us, and even seduce us into letting him into our domain? The truth as illustrated above is we can’t. That’s the bad news; the good news is that not one of those crackers, hackers or script kiddies cares a whit about yourporcupine_results.jpg particular machine. In the big scheme of things your computer is as insignificant as a grain of sand on the beach. There are millions and millions of computers logged on to the internet and just like a burglar prowling a neighborhood, the cracker is looking for an easy job. He’s looking for that open window, that unlocked back door, that pile of old newspapers that tells him he can get in undetected and make off with your stuff. He passes on the well-lit house with the barking guard dog and goes looking for an easier mark. So our job is to make it a real pain to get in our computers. To make our computers as invisible, thorny and fortified as possible so that when he cruses our internet neighborhood he quickly passes us up and goes looking for the easy prey. Now we’ve made the impossible, possible. Our goal isn’t to keep out a determined, sustained and calculated assault; it is merely to make it un-rewarding, inconvenient and time consuming to mess with us. Kind of like a porcupine.             ----------09/12/09----------  jinx

 scream.jpgHomer_scream.jpg

 "Come on, it can't be that bad. Can it?" ............“OK. Now I’m so freaked out, I’m back to just turning the darn thing off again”.

 

It does sound scary but don’t loose faith yet. We do have some tools in our box that can help. Again, let’s start with the basics. The most basic tool is our Anti-Virus Program. Most computers today come pre-loaded with some form of anti-virus installed. Most start you out with a 90 day trial and nag you to buy at least a years extension. If you don’t like the one that came on your box there are many to choose from: McAfee, Symantec, avast!, AVG, Avira, BitDefender, eScan, Eset, F-Secure, G Data, Kaspersky, Kingsoft, Microsoft Live OneCare, Norman, Sophos and Trustport to name a few. There are many features that you as a consumer need to evaluate when choosing your program, such as price, firewall integration, HIPS, behavior blocker, heuristics, GUI (graphical user interface)  and your level of expertise concerning all of these. Many of these like “avast!” have free versions that work quite well. They may limit some functions but still can be adequate for personal use. I use the free version of “avast!” on my laptop and am happy with it. I use “Kaspersky” on my desktop at home and “AVG” on my office network. Kaspersky is less user friendly than say McAfee or Symantec but it is also less intrusive and doesn’t nag you as much as some of the more commercial programs and “AVG” was recommended by my tech specialist for office networks. You should visit each vendors site and find one you are comfortable with, download the free trial, and see if you like it before you buy. If you buy one and don’t like it, use it till it expires and get a different one. But this is one tool you cannot do without.saving_your_ass.jpg

When an Anti-Virus (AV) program first loads you should set it to auto-update. This will allow it to contact its home server and download the latest definitions. Definitions are published for download by the vendor and contain the latest information on threats from malware and viruses. The vendor may issue several new definitions a day. After it updates let it perform a complete system scan of all the drives on your computer. If any threats are found allow it to delete or quarantine any threats it finds. If you are a casual user you should let the program install with all its recommended settings. It should be set to scan all incoming and outgoing traffic on your network and all emails.

conan.jpgMost AV programs today combine a host of other protections with a software Firewall being one of the main components and are often referred to as Security Suites. Firewalls, both software and hardware (we’ll discuss hardware firewalls later) are another absolute necessity for your computer’s security. Firewalls are by no means 100% secure, but when used as a part of an overall defense strategy are quite effective. Basically a firewall decides who is friend and who is foe. It also works both ways. It keeps at bay the barbarians at the gate and also stops any spies or intruders from calling home. This second capability is one of the most important because if a spy can’t contact his handler he is effectively neutralized and can be removed or quarantined without harm. So naturally crackers spend a lot of time and effort trying to hide and disguise their spy’s activity by making it appear harmless or a legitimate function of your machine. Some of these disguises are quite clever and difficult to detect. But here’s the catch: With very few exceptions, all spies must receive your explicit permission to breach the firewall. So if a spy gets through your firewall it’s because you were somehow tricked into giving it permission to do so.

 

 

 

 

 

 

 

 

<more later>

----------09/15/09----------  jinx

 

Posted by jinx on 09/10/2009
Last updated on 09/15/2009
Sponsored Links
Advertise Here!

Promote Your Business or Product for $10/mo

istockphoto_1682638-attention.jpg

For just $10/mo you can promote your business or product directly to nearby residents. Buy 12 months and save 50%!

Buynow

Zip Code Profiler

29650 Zip Code Details

Neighborhoods, Home Values, Schools, City & State Data, Sex Offender Lists, more.