Instant Messaging - Reducing The Risks

The internet has revolutionised the way in which we communicate with email replacing snail mail and the introduction of real-time Instant Messaging (IM).

The most popular and widely used IM services are MSN Messenger, Yahoo Messenger, AOL AIM, and ICQ. Regardless of which of these you may use, they all provide an interface for one-to-one communication or group conversations.

These programs however have opened up a whole new area for spammers and hackers to target. Using IM you can obtain the latest weather reports, movie listing etc, but you are dealing with a ‘chat robot’, also known as a ‘bot’. Now the software behind this can in some instances fool you into believing that the responses are from a real person, especially the more sophisticated versions used by hackers.

These IM programs are free to use, but are also extremely vulnerable to exploitation. They allow you to transfer files quite freely, which may already be infected with a destructive virus, Trojan horses or worms, and to have unencrypted chat sessions, which to many hackers is an open door. Some IM clients also allow peer-to-peer file sharing which potentially means that other users have access to the hard discs of other users.

Protecting yourself is a simple combination of common sense, vigilance and a few essential security tools, such as a firewall and real time anti-virus program.

Because IM is real-time, malicious attacks spread very quickly and can do an enormous amount of damage in a very short period of time.

The default security settings in IM programs are very low to make it easier to use, but this also leaves you more open to attacks. There’s also a new breed of IM worms. To your friends it appears as though they’re receiving a message from you, but the truth is the message is generated by a worm, and may contain a link to a Web site that automatically downloads another bit of malicious code.

IM is a prime target for online scams, identity theft and other predatory behavior.

These tips will help to make IM more secure:

Use a strong password and change it frequently.

Regularly update your IM software, operating system and security programs.

Do NOT enter any personal information.

Do NOT open any attachments or click on any web links sent to you by an unknown person.

If you know the identity of the person who sent you a link, hover your cursor over it to check that it is a legitimate link.

Be very careful of if a person on your allowed list starts sending odd messages, best advice is to shut down your IM program immediately.

Spim is spam sent over IM containing offensive language or links to web sites which cam also trigger an avalanche of pop-up ads, Spyware and Trojans.

There are ways to limit this, but the settings that enable you to do this mean that anyone not on your ‘buddy’ list will be blocked. This is a good thing, it protects you.

MSN Messenger: Once you’re logged in, click on Tools then Options, and select Privacy. Check mark the ‘Only people on my Allow List can see my status and send me messages’ box. The Privacy tab also allows you to add or remove people on the Allow List, as well as allowing you to see which other MSN users have added you to their contact list.

Yahoo Messenger: Click the Login menu and select Preferences. Select Privacy in the left pane of the Yahoo Messenger Preferences window, and tick the ‘Ignore anyone who is not on my Friend list’. To prevent spim through Yahoo, choose the ‘Do not allow users to see me online and contact me’ in the ‘When people see my ID on Yahoo Web sites’ section.

AOL Instant Messenger: Click My AIM, Edit Options, Edit Preferences to open the preferences window. Select Privacy in the left pane, and then tick the ‘Allow only users on my buddy list’ option under the ‘Who Can Contact Me’.

ICQ: Click the Main button, select Security and Privacy Permissions. Click Communication Events in the left pane, and then fill in the radio buttons under either the yellow check mark icon (this will limit these actions to users on your contact list) or the red X icon (which will prevent anyone from sending you these things). Click Spam Control in the left pane, fill in all the check boxes in the right pane, and select ‘All users’ next to the item labeled ‘Do not accept Multi Recipient Messages from’.

What is a rootkit?

What is a rootkit?

A rootkit is not an exploit — it’s the code or program an attacker leaves behind after a successful exploit. The rootkit then allows the hacker to hide his or her activity on a computer, and it permits access to the computer in the future. To accomplish its goal, a rootkit will modify the execution flow of the operating system or manipulate the data set that the operating system relies on.

Windows operating systems support programs or processes running in two different modes: user mode and kernel mode. Traditional Windows rootkits such as SubSeven and NetBus operate in user mode.

Also known as backdoors or Trojans, user-mode rootkits run as a separate application or within an existing application. They have the same level of system privileges as any other application running on the compromised machine. Since these rootkits operate in user mode, applications such as antivirus scanners can detect the rootkit’s existence if they have a signature file.

A kernel-mode rootkit is remarkably different — and much more powerful and elusive. Kernel-mode rootkits have total control over the operating system and can corrupt the entire system.

By design, kernel-mode rootkits control the operating system’s Application Program Interface (API). The rootkit sits between the operating system and the user programs, choosing what those programs can see and do.

In addition, it uses this position to hide itself from detection. If an application such as an antivirus scanner tries to list the contents of a directory containing the rootkit’s files, the rootkit will suppress the filename from the list. It can also hide or control any process on the rooted system.

Rootkit detection

Methods to detect rootkits fall into two categories: Signature-based and heuristic/behavior-based detection.

Signature-based detection: As its name implies, this method scans the file system for a sequence of bytes that comprise a “fingerprint” that’s unique to a particular rootkit. However, the rootkit’s tendency to hide files by interrupting the execution path of the detection software can limit the success of signature-based detection.

Heuristic/behavioral-based detection: This method works by identifying deviations in normal operating system patterns or behaviors. For example, this method could detect a rootkit by determining that a system with 200-GB hard drive that reports 160 GB of files has only 15 GB of free space available.

Rootkits are hard to detect. But there are programs – including a free one from Grisoft which I have covered in another post.

Virus Protection from AVG - Tutorial included

Protecting your computer from a virus is getting harder and harder each day. While it may border on the paranoid, it goes without saying that you can’t leave your guard down for one second. Even corporate giant Microsoft has found its own systems compromised on more than one occasion.

Because new viruses erupt daily, it is important that you regularly update your antivirus software. Become familiar with the software’s real-time scan feature.

Make it a habit to always scan all new programs or files no matter from where they originate.
Perform regular backups in case your system is corrupted. It may be the only way to recover your data if infected.

I suspect a lot of people get virus infections because they download random files off the internet. Kazaa/eMule and other peer-to-peer are great places to download infected items. It is important that if you use such programs that you have one dedicated folder to download too, and before opening or running anything scan it first with an anti-virus program. I recommend that people who want to exchange files over the internet (including entire folders of files) do so using encrypted solutions (and only with friends or people they know). A great new application is GigaTribe, it encrypts all exchanges, no files size limits, and is free from any spyware/adware.
Their website is http://www.gigatribe.com

AVG Anti-Virus Free Edition is a free downloadable antivirus program that has received high marks for its reliability. In the past, free downloadable antivirus programs have been viewed skeptically because of issues relating to its reliability.

However, AVG from Grisoft, remains one of the best-known free anti-virus programs available. While AVG cannot be installed on a server operating system and there is no technical support, it still makes a good choice for many home computer users.The best part is that it is free for both Windows and Linux and it checks for updates on a regular basis.

I have been using AVG free Anti-Virus for many years and install it as first choice on other peoples machines.

Get yours here:http://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5

Save the program to a folder which is easily accessible, I created one on my desktop and renamed it Downloads, this is where I download all of my utilities etc. so I have them in one easily accessible location.

Once installed AVG loads at startup and sits in your system tray.It will carry out a complete scan on a daily basis, but you can schedule it to do this at a time convenient to you. When it has completed its scan a small window will pop up with the results.

You also have the added benefit of real-time scanning as it runs in the backgound and will warn you if something you are downloading is infected.

You can also left click any folder or an item within a folder and scan it with AVG.

Important: Do NOT use more than one Anti-Virus programas it will give you false readings.

http://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5

Windows Media Player Tutorial - Click Here

Securing Windows XP

With its default configurations, Windows XP is not very secure. However, by making some simple changes,you can secure your system and data from attackers and viruses.

Automatic Updates
Keeping your system up-to-date is crucial to maintaining security. Microsoft releases security updates and makes them available for download on the Windows Update web site.
Using the Automatic Updates feature, Windows XP can be configured to download and install updates for you automatically at a time that suits you.

Scheduling this task is very simple. In Windows XP, use the following steps to enable this feature:
1. Right click My Computer and select Properties.
2. Click the Automatic Updates tab from the System Properties box.
3. Select the option to Automatically download the updates, and install them on the schedule that I specify.
4. Select the day and the time when you want the updates installed.
5. Click Ok.

Windows Firewall
Windows XP includes the Internet Connection Firewall service. In Windows XP Service Pack 2, the ICF is renamed to Windows Firewall and it is enabled by default. It is designed to protect your computer from intruders while it is connected to the Internet.

Note: if you are setting up a home network, do not enable Windows Firewall on your LAN (Local Area Network)connection. Only enable it on the Internet connection. If you enable it on your LAN connection, it will block File and Printer Sharing.

Important NoteIf you are using Zone Alarm Free Firewall DO NOT enable the Windows Firewall.

User Accounts
Windows XP includes various built-in user accounts. There are certain steps that you should take to ensure they are not compromised.

Disable the Guest Account. The guest account has always been a huge hacker hole and should remain disabled if it is not required.

Require passwords for all user accounts. Obviously, blank passwords are a bad idea if you care about security.Make sure you assign passwords to all accounts, especiallythe Administrator account and any accounts with Administrator privileges. All passwords should be a minimum of eight characters in length.

In Windows XP Home Edition all user accounts have administrative privileges and no password by default.Make sure you close this hole as soon as possible.

Rename the Administrator account. By renaming the administrator account hackers will have to guess the password and the name assigned to the account.

Don’t make it easy for hackers, renaming the Administrator account will stop some hackers in their tracks, and will deter the more determined ones. They won’t know what the group permissions are for an account, so they’ll try to hack any account they find and then try to hack other accounts toimprove their access. If you rename the Administrator account, try not to use the word Admin in its name. Pick something that won’t make it easy for others to guess.

Remote Desktop
Windows XP Professional’s Remote Desktop allows users to connect remotely to your computer.Although it can be useful for obtaining remote assist with troubleshooting problems, it is also an open door for intruders. Remote Desktop should always be disabled and only enabled when it is needed.
To disable Remote Desktop right click on My Computer, select properties then click on the Remote tab and untick the check box beside Allow Remote Assistance invitations to be sent from this computer.

Anti-virus Software
Anti-virus software is a program designed specifically to detect and remove viruses, making it an essential application to install. Once you install anti-virus software,it will scan your computer and clean any viruses it finds.

Some of the more popular antivirus software programs are listed below, though I refuse to pay for these as mentioned below you can get the same protection for free.
1. Trend Micro
2. McAfee
3. F-secure
4. Symantec
5. Computer Associates
6. Panda Software
Most anti-virus software must be purchased or it may be included with the purchase of a new computer for a limited time.

I highly recommend the use of AVG-AntiVirus available fromhttp://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5

I have covered this with a tutorial athttp://cotojo.wordpress.com/2007/04/27/avg-anti-virus-installation-guide/

Important note: DO NOT use more than ONE anti-virus program on your pc as this will cause conflicts.

I prefer to use AVG which scans daily and also runs in the background continuously. On a monthly basis I use Trend Micro housecall online.

Screensavers
Ok, so you are sitting at your desk, or left it for a while and suddenly, a nice image appears on your screen. Ok it’s your screensaver. However, screensavers can serve a much more important purpose other than providing us some cool images, and preventing screen burn.

Enabling a screensaver can increase the security on your computer.
Use a password protected screensaver, this stops others from accessing your computer.
You can configure a screensaver to start when your computer has been idle for a specific amount of time (eg: 5minutes). By password protecting the screensaver, the computer is locked when the screensaver starts. This is a simple idea for additional security. You will need to enter the correct password to resume using your pc.
So once a password protected screensaver has been enabled,you can walk away from your computer knowing thateverything is secure. In Windows XP, you can use the steps outlined below to enable a password protected screensaver.
1. Right click a blank area on your your desktop and click Properties.
2. From the Display Properties dialog box, select the Screensaver tab.
3. Use the drop down arrow to select your screensaver of choice.
4. Change the Wait value to specify how long the computer can remain idle before the screensaver is started.
5. Select the On resume, password protect option. If you do not select this option any activity will cause the desktop to appear.

Give your pc a quick tune-up at http://pcpitstop.com
Run the Full Tests from the menu on the left of the page after creating a user account and password.

Go to http://www.belarc.com/free_download.html
The Belarc Advisor builds a detailed profile of your installed software and hardware, missing Microsoft hotfixes,anti-virus status, CIS (Center for Internet Security) benchmarks,and displays the results in your Web browser. All of your PC profile information is kept private on your PC and is not sent to any web server. I would recommend that you print off the results page as it contains details of your Drivers and Software License Keys, useful if you have to perform a format.

Scan for any viruses at http://housecall.trendmicro.com/

Check to see if your ports are Open, Closed or in Stealth mode athttps://www.grc.com/x/ne.dll?bh0bkyd2

Check your internet connection speed at
http://www.abeltronica.com/velocimetro/pt/?idioma=uk&newlang=uk
Click the green arrow beside the flag on the top right of the header and select your language. Scroll down to Speedometer and click on Test Now.

Remember to always back-up your system or create a restore point before making any changes.

Safe surfing everyone
cotojo

Protect Your PC and Privacy

You may think that you are reasonably safe as you surf the net, but windows has many gaping flaws that do not protect your privacy, and it it far too easy for a hacker to gain access to your privacy and others to harness your ISP etc. There are some simple steps outlined below which will allow you to surf much safer, as well as guiding you through various tweaks to help you.

Set a Restore Point or back-up your PC FIRST!

I have been using AVG free Anti-Virus for many years and install it as first choice on other peoples machines.
Get yours here: http://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5

Ad-Aware Personal remains the most popular anti-spyware product for computer users around the world, with nearly one million downloads every week.
http://www.lavasoft.de/products/ad-aware_se_personal.php

Also worth using is ZoneAlarm free firewall available from http://www.zonealarm.com/store/content/company/products/znalm/freeDownload.jsp

SpywareGuard, SpywareBlaster and MRU-Blaster available for free from http://www.javacoolsoftware.com/products.html

The only thing that I would actually PAY for is XoftSpy, and it is only a one off payment with lifetime updates, and a free scan so you can test it and see what it finds.
It's availabe at http://www.linkbrander.com/go/34613

Also check your PC for free at http://pcpitstop.com/

Without your knowledge or explicit permission, the Windows networking technology which connects your computer to the Internet may be offering some or all of your computer's data to the entire world at this very moment! You can check your open Ports, File Sharing etc for Free at http://www.grc.com/default.htm
Simply scroll down the page to *Hot Spots* and click on ShieldsUp.

Finally for now, I would also recommend the use of CCleaner (formerly Crap Cleaner) is a freeware system optimization and privacy tool. It removes unused and temporary files from your system - allowing Windows to run faster, more efficiently and giving you more hard disk space. The best part is that it's fast! (normally taking less than a second to run) and Free. Cleans the following:
Internet Explorer Cache, History, Cookies, Index.dat.
Recycle Bin, Temporary files and Log files.
Recently opened URLs and files.
Third-party application temp files and recent file lists (MRUs). Including: Firefox, Opera, Media Player, eMule, Kazaa, Google Toolbar, Netscape, Office XP, Nero, Adobe Acrobat, WinRAR, WinAce, WinZip and more...
Advanced Registry scanner and cleaner to remove unused and old entries. Including File Extensions, ActiveX Controls, ClassIDs, ProgIDs, Uninstallers, Shared DLLs, Fonts, Help Files, Application Paths, Icons, Invalid Shortcuts and more... Backup for registry clean.
Windows Startup tool.
http://www.filehippo.com/download_ccleaner/

Hope that some of this is of some use to you.
Have a good day all
http://www.linkbrander.com/go/35000
http://www.linkbrander.com/go/33862
http://www.linkbrander.com/go/33863

Any problems then feel free to leave a comment and I will get back to you asap.