New
#1
Truly Secure Computing: A Knowledge Share
It's impossible to be 100% protected from viruses and hackers right?
Nah, that's nonsense!
Here is my knowledge share on how to stay almost 100% safe on the web.
Encrypt Your Entire OS and/or HDD: TrueCrypt
This is the highest level of offline file protection possible.
A. Encrypt your entire drive, not just a file or folder.
B. Use the strongest encryption possible.
C. Use Pre-Boot Authentication: You have to enter a password so True Crypt will decrypt your drive/os.i. Note that Disk Encryption was not designed to protect your drive when your computer is running, as it has to be decrypted before it is loaded into memory. But…ii. If someone steals your computer or a hacker snags your data, or even if they discover your windows password, they will need your encryption keys to get at your data, or to launch the OS.iii. If you’ve protected it with very strong encryption, a thief is left with useless gibberish without your encryption keys.D. Your encryption software should come with a recovery disk. Don't waste any time: Create the disk immediately!
E. Your encryption software should allow you to authenticate from a USB, CD-Rom, or some other removable device (meaning the boot-loader is on a removable device). In this way, if you want, no one can access your computer without the USB or CD or SD card.
Web Sense & Web Defense:A. Use Fake Challenge Responses And Remember The Answers
Going beyond "Common Sense" On The Web
i. The easiest way to break into someone's email or website account is by knowing someone's challenge answers.1. If you forget your password on a site, you are usually asked a challenge question, such as “What City Were You Born In?”a. Please don’t answer that question with the truth; Remember that your X, your worst enemy, and even best friend all know the answer, too. And they might be curious about you.B. Use The Firefox Web Browser & The No-Script and Ad-Block Plus Add-onsb. Answer web challenge questions with fake answers. Example: City I was born in? YomaKabujo99. That’s a fake city and who could possibly guess that?
c. Since nearly all web sites ask the same challenge questions, just come up with three good ones to use at every website and you’re good to go.
i. I know, everyone likes their favorite browser and “Chrome is just so fast,” but honestly: The only way to be nearly always protected from web threats is to use Firefox with No-Script and Ad-Block plus.
I'm not claiming Firefox is the best browser, but the Firefox family of browser's are the only ones that work with No-Script, at least to my knowledge. Use Chrome when you want to go to CNN and MTV.com. Use Firefox with NS and ABP when you want to visit less then trust worthy sites.
Some Info On No-Script: this free, open source add-on allows JavaScript, Java , Flash, IFrames, Meta Redirecions, and other plugins and web technologies to be executed only by trusted web sites of your choice (e.g. your online bank), and provides the most powerful Anti-XSS (Cross Site Scripting) protection available in a browser. NoScript's unique whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality.
Some Info On Ad-Block Plus: Annoyed by adverts? Troubled by tracking? Bothered by banners? Install Adblock Plus now to regain control of the internet and change the way that you view the web. You can also choose from over forty filter subscriptions to automatically configure the add-on for purposes ranging from removing online advertising to blocking all known malware domains.
C. Don’t click on links if you don’t know the site is secure.
i. Don’t click on anything if you don’t really know the site is securea. Don’t click on anything you don’t know is secure
Don't Use Your Password. Use Mine?
Strong Passwords Need To Be Long. But They're Easy To Remember
A. Don’t use a password like: BobTheBear9.That’s not strong.
B. Do use a password like: &^$(383JHdiodjhe(*%^()%^34HR%#(-3HFD^693. Don't worry, you'll remember it, please read on.
The best cracking programs in the world will literally take centuries or millennia to crack a password that long and complex. BobTheBear9 will be cracked easily.
Quick Quiz!
Why is it so easy for hackers to crack passwords?
The Answer is: It's Not! It's actually really difficult. But it's easier when:
1. All the password's letters are in lower case2. You've use a word from the dictionary in your passwordWhen you use a long, nonsensical password, it can virtually take forever to crack it. Most hackers will just give up and move on to a more vulnerable target.3. You have personal details about yourself in the password (your kids names with a 1 or 0, your pets name, birthday)
But who wants to remember a 28 character password?
C. Try A Password Manager:A password manager stores all your passwords and associated websites or applications in a password protected, strongly encrypted drive.A password manager will remember all your passwords for you.
A lot of password managers will fill in your password for you.
Robo Form - One of the best, nearly fully automated. It can even log you into a site just by typing the URL.Since you no longer have to type in your password, and because it appears masked [●●●●●●●●●●●●●●●●●●●●●●] on the screen where you log in, you've effectively defeated a key logger, which is either logging your keystrokes or taking screen-shots.
KeePass - Not fully automated, but uses better encryption.
A. Use a DNS service, such as Google DNS or Open DNS. These services provide
Faster DNS resolution timesA faster web experience through smart DNS cachingThey filter lots of malicious traffic for you.
I. Anti Virus: G-Data
Use an AV that has been tested and proven to catch lots of Malware, both known and especially unknown types.
A. Do get independent data about your AV Solution: AV-Comparatives.org is an independent testing body, not owned by AV companies, that regularly conducts scientific tests on the major Anti Virus vendors.
B. Don’t trust the advice of a source with commercial interest: You can trust your favorite magazines advice if you want to, but sometimes commercial interest outweigh what's "good for the people."
AV Updates:
i. Set your Anti Virus to update automaticallyC. Passwords protect your Anti Virus: This is an option in almost all of them, and it comes in handy when some Malware is trying to disable or turn off its services.ii. Always let it update exactly when it asks to.
D. Check your AV settings: A good one should do most of the following:
i. Test the entire content of a file (some Av’s don’t)ii. Unpack every compressed file and scan its contents after it is uncompressed (some Av’s don’t)iii. Unpack a packed executable (like a UPX), so that it can decrypt a suspicious file and see what it’s actually doing.iv. Scan for Alternate Data Streams:
Alternate Data Streams are simply extra containers within a single file. In NTFS file systems, you can literally place one file inside of another. For example, I can place a 700MB ISO image inside of a text file. If the text file is only 5kb large itself, windows will only report that the file is 5kb large, even with the 700MB ISO image hidden within it.
Make sure your AV checks for these (some AV’s require you to enable this feature). Hackers do make use of Alternate Data Streams.E. Perform a boot time scan at least once every couple of weeks. If the AV has the ability to scan before the OS is loaded, Malware has a very, very difficult time hiding.v. Provide a list of all files that couldn’t be analyzed.
It should also provide the reason why. And its always a good idea to at least check out the file if you're not sure what it is.
F. Use Alternate Scanners: Every so often, double check and make sure you are not infected by using a different Anti Malware application to scan your system. Hitman, Malwarebytes, and Hijack Hunter are three great apps.
Use A Good Firewall: One that allows you to, IP by IP and port By port, Deny/Allow Traffic
A. Test out firewalls to find out which one performs best
B. Choose a firewall that lets you view ALL incoming and outgoing traffic
At the very least, it should let you view the IP addresses, Ports, Protocols, and Allowed/Blocked status of each network conversation.The firewall should be able to monitor Loopback traffic as well, with the same detail.The firewall settings should be protected by a password.
Discovering Unknown Threats: It is possible that, despite all efforts, you might still one day be infected with a piece of Malware or fall victim to a hack. If this happens, review the steps above and see where you might be able to improve your security posture.
A. Monitor Network Traffic: For those who understand protocols, and for those who want to:
1. Close all web browsers and applications that are likely to access the web, whether for updates or whatever.2. Wait about 5 or ten minutes and then Load your packet capturing tool and start capturing3. Go to a movie or a friends house, but let it run for at least an hour or two.4. Come back, stop the capture, and look for anything strange.B. Monitor your systems Activity
Is there a program that is trying to reach out to a server whose TOP Level Domain is .CN or .RU, then you might have a problem
1. Load Process Explorer or Process Hacker and Monitor the CPU usage and In/Out Reads and Writes to and from your hard disk.Image Is Everything: At Least That's What They Told Us
Is Adobe Reader writing hundreds or thousands of kilobytes to your hard disk? Well, why in the world would it do that? Is it creating a new PDF for you to read? In other words, look for anything out of the ordinary.
Check out this excellent Thread by WishMaster
Always have a quick easy way to restore your system to a known clean state if ever necessary.
For the hardcore techs, there are many other things to do: Creating SHA or MD5 hashes of all files on your system and log in a text file. Write a script to to iterate through that file and compare changes. The script could be scheduled as a task.
If you code a bit, there is some great code online for password protecting USB's (no hard switch needed), but the code basically writes random data until the drive is filled up, you're prompted for the password and then the random data is deleted. This is done so that a virus cannot infect your drive when the password is active.
Well, if you bothered to read all that, you know how I keep safe on the web. I would love to hear about everyone else’s set up.
Last edited by dranfu; 21 Aug 2010 at 10:45.