Page 3 of 5 FirstFirst 12345 LastLast
Results 21 to 30 of 46

Thread: Basic to Indepth Guide on Home Computer Security Guide Share/Save - My123World.Com!

  1. #21
    2. Remove brontok Virus manually (New Folder.exe or newfolder.exe Virus)

    Here is the method to remove brontok virus manually though avg can remove it very easily.

    Start your computer in safe mode with command prompt and type the following command to enable registry editor:-

    reg delete HKCU\software\microsoft\windows\currentversion\pol icies\system /v “DisableRegistryTools”

    and run HKLM\software\microsoft\windows\currentversion\pol icies\system /v “DisableRegistryTools”

    After this your registry editor is enable type explorer go to run and type regedit
    then follow the following path :-

    HKLM\Software\Microsoft\Windows\Currentversion\Run

    on the right side delete the entries which contain ‘Brontok’ and ‘Tok-’ words.

    After that restart your system open registry editor and follow the path to enable folder option in tools menu

    HKCU \ Software \ Microsoft \ Windows \ Currentversion \ Policies \ Explorer \ ‘No FolderOption’

    Delete this entry and restart your computer

    And search *.exe files in all drives (search in hidden files also) remove all files which are display likes as folder icon. Your computer is completely free from virus brontok.


    Install and keep up-to-date AntiSpyware Software

    AntiSpyware software helps to protect users from spyware and other potentially unwanted software like adware. AntiSpyware helps to reduce negative effects caused by spyware, including slow computer performance, annoying pop-up ads, unwanted changes to Internet settings, and unauthorized use of user’s private information. Continuous protection improves Internet browsing safety by guarding spyware in ways they can enter the system. The worldwide SpyNet community plays a key role in determining which suspicious programs are classified as spyware.

    AntiSpyware gives the real-time protection by monitoring the system at different checkpoints. These checkpoints are triggered when programs make changes to Windows configuration. These changes can occur when user installs software on his system, or they can occur when spyware or other potentially unwanted software attempts to install on the system.

    In case Real-Time Protection detects a change in any checkpoint, AntiSpyware alerts the user and provides the option for user to allow or block the change.

    A good AntiSpyware gives the real-time protection, the counteract methods and updates itself for the latest checkpoints & spyware.

    Different AntiSpywares are available on the Internet. Microsoft has also released an antispyware by the name Microsoft AntiSpyware (Beta), which is available free on its site. For more details on Microsoft AntiSpyware (Beta), refer to the following link:

    http://www.microsoft.com/athome/security/spyware/software/default.mspx

  2. #22
    Harden the Operating System by turning off unnecessary clients, services and features

    Hardening of the operating system (OS) is a topic on its own for which there are a number of good references releases time to time on product basis by their respective vendors. Discussion on hardening on Operating System is beyond the scope of this document. For further reading on hardening the Operating System, please see the following links:

    http://www.microsoft.com/downloads/details.aspx?FamilyId=2D3E25BC-F434-
    4CC6-A5A7-09A8A229F118&displaylang=en


    a. Turn off the “Hide file extensions for known file types” feature:

    By default, Windows hides the file extensions of known file types. This behaviour has been used to trick users into executing malicious code. But a user may choose to disable this option in order to have file extensions displayed by Windows. Multiple email-borne viruses are known to exploit hidden file extensions. The first major attack that took advantage of a hidden file extension was the VBS/LoveLetter worm which contained an email attachment named "LOVE-LETTER-FOR-YOU.TXT.vbs". Other malicious programs have since incorporated similar naming schemes, examples include:

    Downloader (MySis.avi.exe or QuickFlick.mpg.exe)
    VBS/Timofonica (TIMOFONICA.TXT.vbs)
    VBS/CoolNote (COOL_NOTEPAD_DEMO.TXT.vbs)
    VBS/OnTheFly (AnnaKournikova.jpg.vbs)

    The files attached to the email messages sent by these viruses may appear to be harmless text (.txt), MPEG (.mpg), AVI (.avi) or other file types when in fact the file is a malicious script or executable (.vbs or .exe, for example).


    b. Remove the ability of others to access file shares and printers on the host
    since poorly protected file shares are being actively targeted:

    For all Windows users:

    Disable by deselecting the “File and Printer Sharing for Microsoft Networks” option in the Network and Dial-Up Connections applet. This service allows networked computers to transparently access files that reside on remote systems.

    Disable by deselecting the “Client for Microsoft Networks” option in the Network and Dial-Up Connections applet. This service will disable the facility that allows a distributed application to call services that are available on various computers on a network.

    For Windows 2000 and XP users only:

    To enable or disable the services in aforesaid Operating Systems go to Start> Settings>Control Panel>Performance and Maintenance>Administrative Tools>Services:

    Disable Performance Logs & Alerts: This service collects performance data from local or remote computers based on preconfigured schedule parameters.

    Disable Remote Registry Service: This service enables remote users to modify registry settings on local computer.

    Disable Windows Management Instrumentation (WMI) Driver Extensions: This service provides systems management information to and from drivers.

    Disable TCP/IP NetBIOS Helper Service: This service enables name resolution over TCP/IP.

    Disable Remote Administration Service: This service provide total control of user’s system to the remote user. (To disable this service, right click on My Computer> Properties>Remote Tab, then deselect “Allow Remote Assistance invitations to be sent from this computer”)

    Users should be extremely cautious about disabling the above mentioned services, as it is quiet possible that they might be using these services for different purposes in their environment. Disabling these services before any consent could result in malfunctioning of program/s. Please consult to the system vendor before taking any step.

  3. #23
    Defensive Measures at User Application Layer

    This is the third layer of the defense in depth model. The defensive measures that have to be taken at this layer are:


    • Keep up-to-date security patches and update releases for Application software.



    • Do not install programs from unknown origin



    • Precautions with E-mail



    • Chat clients



    • Securing Web browser



    Keep up-to-date security patch and update releases for Application Software

    Just as new vulnerabilities appear regularly in the Operating System, so too they also appear in applications. Hence keeping applications patched is important.

    In general, the announcement of new product vulnerabilities can be monitored by subscribing to one or more of the e-mail based free security alerting services. These services describe the latest vulnerabilities and generally indicate either how to get the required patch or the workaround pending a patch release.


    Do not install programs of unknown origin

    Installing programs of unknown origin exposes the user to the possibility of running malicious code. In general, programs to be installed should have been authored by company that is trusted and the download site should be a similarly trusted source.

    Virus scanning of any such program prior to installation is always recommended. It is also recommended that user should not use pirated software’s, as these pirated software’s might install some kind of backdoors which can be used to hack the system as and when the hacker wants.


    Precautions for Downloading Softwares

    · Do not download the softwares through file sharing as they may contain some malicious softwares along with that.

    · Do not download the software for which you have no license or not registered. There many sites which disturb the registered software by violating the license agreement and the users who download from these sites may get in to trouble.

    · Download software only from a trusted website.

    · Never download softwares through email attachment as most organizations does not send them via email attachment.

    · Always maintain a backup of critical data of your system. This will help you to restore to original state in case something happened to your system while downloading.

    · Though the software is downloaded from trusted site, scan the downloaded part, before installing it in to the system.

    · Read the License agreement carefully before installing the software in to the system.

    · Open the downloaded files after disconnecting from the web and scan with Anti virus software.

    · Check the validity of the certificate and issuer of the certificate for a site from which the software is downloaded.

  4. #24

    Thumbs up

    Email Security




    How emailing works


    Electronic mail in short known as E-mail, used for composing, storing and sending messages through communication networks. These messages can be any text file or the files stored on the hard disk. Email systems provide a text editor with the help of which we can edit the messages and can send to an individual by specifying his Email address.

    Some Email systems are confined to a single computer system or to a small network and they are connected to the other Email systems through gateway, which enables the users to connect to anywhere in the world.

    Though different electronic mail systems have different formats, there are some emerging standards like MAPI, X.400 that enables the users to send messages in between different electronic mail systems.

    MAPI is a Mail Application Programming Interface, a system built in Windows which allows different mail applications work together for distributing mails. Till MAPI is enabled on both the applications they can share mails with each other.

    X.400 is the universal protocol that provides a standard format for all Email messages. X.500 is an extension to X.400 standard which provides standard addressing formats for sending emails so that all email systems are linked with each other.


    http://img89.imageshack.us/i/figure15.png

    Figure:11

    Email Working:

    The working of Email is as shown in the figure above. Each mail server consists of two different servers running on a single machine. One is POP3 (Post Office Protocol) or IMAP (Internet Mail Access Protocol) server which holds the incoming mails and the other SMTP (Simple Message Transfer Protocol) server which holds the outgoing mails. SMTP works on the port number 25 and POP works on the port number 110 and IMAP works on the port number 143.



    In the figure shown above, Client 1 has an account in the mail server 1 and Client 2 has an account in mail server 2.



    When Client 1 sends a mail to Client 2, first the mail goes to the SMTP server of mail
    server 1. Here the SMTP server divides the receiver address in to two parts user name
    and domain name.



    For example, if SMTP server receives user1@example.com as the receivers address it
    will separate in to user1, which is a mail account in destination mail server and
    example.com which is the domain name of destination mail server.



    Now with the help of the domain name it will request particular ip address of the
    recipient’s mail server and then it will send the message to mail server 2 by
    connecting to its SMTP server.




    Then SMTP server of Mail Server 2 stores the message in Client2 mailbox with the
    help of POP3 in mail server 2. When the client 2 opens his mail box he can view the
    mail sent by client 1.

  5. #25
    POP3 Server:

    POP3 server contains a collection of text files one for each mail account. When a message has arrived to a particular user it will append that message at the bottom of that particular user account text file.



    When a user connects to the mail server for checking his mails he connects to POP3 server of that mail server through port 110. Here it requires user name and password to view his mailbox on the mail server.



    IMAP is also similar to POP3 protocol.


    Possible threats through email and Countermeasures for handling emails safely


    Emails are just like a postcard from which the information can viewed by anyone. When a mail is transferred from one mail server to another mail server there are various stops at which there is a possibility of unauthorized users trying to view the information or modify it.



    Spam messages may contain virus along with it or some advertisements, which is sent to various users by email. This may happen when we chat with some strangers on line. They may collect your email address and sell it to advertising agencies. Even while shopping on line they may ask to specify the email address for getting discounts and for other purposes. Spam is also known as bulk email or junk email.



    Since a backup is maintained for an email server all the messages will be stored in the form of clear text though it has been deleted in your mailbox. Hence there is a chance of viewing the information by the people who are maintaining backups. Hence it is not advisable to send the personal information through emails.




    Countermeasures for using Email safely:

    Since the email messages are transferred in clear text it advisable to use some encryption software like PGP (pretty good privacy) to encrypt email messages before sending, so that it can be decrypted only by the specified recipient only.



    Use a Email filtering software to avoid Spam so that only messages from authorized users are received. Most email providers offer filtering services.



    Do not open attachments coming from strangers, since they may contain virus along with received message.



    Be careful while downloading attachments from emails in to your hard disk. Scan the attachment with an updated anti virus software before saving it.



    Do not send messages with attachments that contain executable code like Word documents with macros, .EXE files and ZIPPED files. We can use Rich Text Format instead of the standard .DOC format .RTF will keep your formatting, but will notinclude any macros. This may avoid you sending virus to others if you are already infected by virus.



    Avoiding sending personal information through Emails.



    Avoid filling forms that come via emails and asks for your personal information.


    Do not click on links that come via emails.



    Do not click on the emails that you receive from untrusted users as clicking itself may execute some malicious code and spread in to your system.
    Last edited by ajaysinghnegi; 01-03-2011 at 01:20 AM.

  6. #26
    Precautions with Email

    In general a user receives lots of e-mails every day, most of which are unsolicited and contains unfamiliar but believable return addresses.


    Email spoofing

    Email “spoofing” is when an email message appears to have originated from one source when it actually was sent from another source. Email spoofing is often an attempt to trick the user into making a damaging statement or releasing sensitive information (such as passwords).



    Spoofed email can range from harmless pranks to social engineering ploys. Examples of the later include:



    email claiming to be from a system administrator requesting users to change their passwords to a specified string and threatening to suspend their account if they do not comply



    email claiming to be from a person in authority requesting users to send them a copy of a password file or other sensitive information



    Mail uses social engineering to tell the user of a contest that the user may have won or the details of a product that the user might like. The sender is trying to encourage the user to open the letter, read its contents, and interact with them in some way that is financially beneficial – to them.


    Protection from spam

    Spam is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose tomreceive it. Most spam is commercial advertising, often for dubious products or get-rich-quick schemes. Spam costs the sender very little to send -- most of the costs are paid for by the recipient or the carriers rather than by the sender.




    Never respond to spam

    Most of spammers say in their mail to unsubscribe click here but they relying. What they really want to do is confirm that they’ve got a live address. Also, if the user respond, they’ll sell their addresses to every other spammer meaning user soon be flooded with even more spam.


    User should not post his address on his website


    It seems like a good idea at the time, but posting an email address on a personal home page is just an invitation to spammers. Spammers and the people who sell spamming as a business have software that "harvests" email addresses from the Net. This software crawls through the Internet seeking text strings that are -something-@-something-.-something-. When it finds one, it catalogs it on a database of other email addresses to be used to send spam.



    It is recommended that instead of giving e-mail in text form at the website, user should give an image of it.






    Use a second email address in newsgroups

    Newsgroups are the great email address gathering ground for spammers. If someone posts to a group, he is going to get spam -- it is just a matter of time. So how is he supposed to participate? Use a different email address for talking to friends and relatives. In other words, have a public address and a private address. One has to deal with spam only on his public address.


    User should not give his email address without knowing how it will be used

    If a website is asking for email address, they want to use it for something. Be sure to know what. Read the terms of use and privacy statements of any site before telling them email addresses, if there is not any privacy statement; don’t tell them email address.

  7. #27
    Use a spam filter

    While there is no such thing as a perfect filter, anti-spam software can help keep spam at manageable level. Some of it is cumbersome, some works better than others, some even requires that the user let his email messages go through another system for storage and cleaning.


    Never buy anything advertised in spam

    The reason that people spam is because they can make money. They make money, like all advertisers, by convincing people to buy a product. If no one buys the things advertised in spam, companies will quit paying spammers to advertise their products.



    Disable scripting features in e-mail programs when possible

    Since e-mail programs frequently use the same code as web browsers to display HTML formatted messages, the vulnerabilities that affect ActiveX, Java, and JavaScript are often applicable to e-mail. Apart from disabling these features, the ability to run Visual Basic Scripting (VBS) should be removed if possible.



    Viruses such as ILOVEYOU contain attachments ending in .vbs which infect the host when user clicks on the attachment to open it.



    Phishing

    Phishing is a scam, where a stranger sends an email which appears as if it is from a trusted organization to a normal user to get his personal and financial information. For example, when you receive a mail from a bank to update your personal bank account 18 information and when you click on the link to update the information a separate window opens which looks like a original bank site, where it asks for account information, password and other details. When you enter the information and press enter it will go to the hands of strangers and not to the bank site.


    Protection from Phising attacks

    When user receives an e-mail asking him to visit his bank’s web site, it signifies the beginning of a phishing fraud. The e-mail would usually provide a link to bank’s web site and ask the user to click the link. It would ask him to provide certain confidential banking information like his account number, credit card number etc., failing which his account would be doomed. There would be a sense of urgency and panic in the e-mail. This type of attack is called as phising attack.



    Here is a checklist which helps to prevent this type of attack :

    Check to see if the e-mail is indeed from the user’s bank and not from just any bank. If it isn’t, stop reading further and confirm the same from the by using other means like telephone.



    If the e-mail is not personally addressed to the user, it is most probably a fraud.



    Check the language and spelling of the text contained in the e-mail. If the user find misspelled words or substandard language, conclude that it is not from his bank.



    If the e-mail urges the user to act immediately without delay, failing which his account will be closed down, stop reading it. It is not from user’s bank.



    If there is anything that even remotely feels wrong, stop. If something feels wrong, it is most probably wrong.



    Never click any link given inside the e-mail message. Instead, directly type the URL of the financial institution.



    If the user does not know the URL of his bank’s web site, take the time to call them immediately to find out.



    User should never provide personal information to anybody, come what may.



  8. #28

    Thumbs up

    Identity Theft


    Identity theft is a term used to refer to a fraud that involves stealing money or getting other benefits by pretending to be someone else. This information can also be used by the criminal to create new bank accounts or used to access existing bank accounts. The Internet has made it easier for an identity thief to use the information they've stolen because transactions can be made without any personal interaction.





    There are many ways for retrieving one's personal information. Some of them are retrieving personal paperwork and discarded mail from trash *****ters (*****ter diving) is one of the easiest ways for an identity thief to get information. Another popular method to get information is the identity thief simply stands next to someone and watches as the person fills out personal information on a form. This method of retrieving personal information is known as shoulder surfing. The person whose identity is used can suffer various consequences when they are held responsible for the perpetrator's actions.




    Preventive Measures to Avoid Identity Theft

    § Be aware of “*****ter diving” and make sure not to throw anything that contains personal information. Since this information if once in the hands of wrong persons can be misused for their benefits. So before throwing such kind of things tear it in to pieces and throw it.
    § Be careful while accessing bank accounts at ATM's. Shoulder surfers can see your pin numbers and try to access your account.



    § Cancel all credit cards that are not in use or have not been used for a long time. Since Thieves use these very easily - open credit is a prime target.



    § Use strong passwords for all your accounts.



    § Make a note of the time required to issue a new credit card or renewal of the old credit card. So that if they are not received in appropriate time call the credit card grantor and find out whether the card has been sent. If it has been sent, find out if any change of address has been filed.



    § Don't carry cards that are not in use for a long time and which reveals your personal identity.



    § Before giving personal information to any one, first find out why do they need it and find out whether your personal information is protected. In no case, give it to someone who can't establish their identity, never over phone or email.



    § If a person calls you at home or at work, and you do not know the person, never give out any of your personal information. If they tell you they are a credit card grantor of yours, call them back at the number that you know, and ask for that party to discuss personal information. Provide only information that you believe is absolutely necessary.



    § Get credit cards and business cards with your photograph on them.



    § Do not put your credit card account number on the Internet (unless it is encrypted on a secured site.) Don't write account numbers on the outside of envelopes, or on your cheques.



    § Order your credit report at least twice a year. Review it carefully. If any thing was found suspicious, report to the concerned authority about that.



    § Monitor all the statements of your credit card every month. Check to see if there is anything that you do not recognize and call the credit grantor to verify that it is truly yours.


    Do not Visit Untrusted Websites

    It is always recommended that the user should not visit the untrusted websites or download software’s, screensavers or games etc from those untrusted sites. There is a possibility that these types of application software install some kind of malicious code on the user’s system, which can be used to launch attack on other computer systems without any consent of the user.

  9. #29

    Thumbs up

    Online Chat

    It refers to any kind of communication over Internet. In an Email when we send a message to an individual the reply can be obtained immediately or after some period of time till he checks his mail box. In online chat we will get the reply immediately after sending the message. Here the users on both side should be on line to chat with each other.


    Chat clients

    Internet chat applications, such as instant messaging applications and Internet Relay Chat (IRC) networks, provide a mechanism for information to be transmitted bi-directionally between computers on the Internet. Chat clients provide groups of individuals with the means to exchange dialog, web URLs, and in many cases, files of any type. Because many chat clients allow for the exchange of executable code, they present risks similar to those of email clients. As with email clients, care should be taken to limit the chat client’s ability to execute downloaded files. As always, the user should be wary of exchanging files with unknown parties.


    Now a day’s virus and phishing attacks are also targeted through the Instant Messaging clients.



    Mobile Security

    Mobile Security and the Possible Threats

    There are various threats which can affect the mobile users. For example, sending multimedia messages and text messages to the expensible toll free numbers, unknowingly by clicking yes for a message received through mobile phone. Now-a-days many malicious programs try to get access to mobile phones and laptops and steal the personal information from it. In order to avoid these kind of incidents and to make your mobile devices secured following tips should be followed.



    Countermeasures for Securing Mobile Devices


    · Be careful while downloading the applications through Bluetooth or as MMS attachments. They may contain some harmful software which will affect the mobile phone.


    · Keep the Bluetooth connection in an invisible mode unless you need some user to access your mobile phone or laptops. If an unknown user tries to access the mobile phone or laptop through blue tooth, move away from the coverage area of blue tooth so that it automatically gets disconnected.


    · Avoid downloading the content in to mobile phone or laptop from an untrusted source.


    · Delete the MMS message received from an unknown user without opening it.


    · Read the mobile phone's operating instructions carefully mainly regarding the security settings, pin code settings, Bluetooth settings, infrared settings and procedure to download an application. This will help in making your mobile phone secure from malicious programs.


    · Activate the pin code request for mobile phone access. Choose a pin which is unpredictable and which is easy to remember for you.


    · Use the call barring and restriction services provided by operators, to prevent the applications that are not used by you or by your family members.


    · Don't make you mobile phone as a source for your personal data, which is dangerous if it falls in to the hands of strangers. It is advisable not to store important information like credit card and bank cards passwords etc in a mobile phone.


    · Note the IMEI code of your cell phone and keep it in a safe place. This helps the owner to prevent access to the stolen mobile. The operator can block a phone using the IMEI code.


    · Regularly backup important data in the mobile phone or laptop by following the instructions in the manual.


    · Define your own trusted devices that can be connected to mobile phone or laptop through Bluetooth.


    · Use free cleansing tools which are available in the Internet to make your mobile work normally, when ever it is affected by malicious softwares.

  10. #30

    Thumbs up

    Effects of Malicious Softwares on Mobile Phones


    Malicious softwares affect the mobile phone in several ways. Some of the examples are:


    • Increased phone bills as trojans, which were installed with some other application may send SMS to unknown numbers.



    • Spyware that has entered in to the mobile phone through Bluetooth transfer may transfer personal information to the outside network.



    • Worms may disturb the phone network by spreading from one mobile to other through Bluetooth transfer, infrared transfer or through MMS attachments.



    NOTE:

    · IMEI stands for International Mobile Equipment Identifier which is of around 15 or 17 digit number, which is unique for each and every mobile device. When a mobile is lost the owner of the mobile can ask the operator to block the mobile from working by giving the IMEI number of that mobile phone to the operator.



    Data Security


    Importance of Securing Data

    Data Security means ensuring that the data is free from any type of corruption and the access to this data is controlled in such away that only authorized users can access the data. Data refers to personal information regarding the individuals, bank details, etc. Hence, there is a need for everyone to secure the data so that it does not fall into the hands of unauthorized users.



    Different Methods of Securing Data

    There are different types of data to be secured. The procedure regarding how to secure different types of data is given below:



    Shared Information

    Make sure that the shared information is accessed by the authorized users and also specify the data that should be shared and data that should not be shared by the public.



    Securing Data While Transmission

    Securing the data while transmitting includes encryption and authentication and also the end-to-end users are authorized.


    · Authentication is secret information that is shared between two computers before the actual communication starts. Public key encryption is another means of authentication which authenticates only the receiver and not the sender with the help of the keys which are possessed by the two systems by other means.


    · Encrypting data with out a key can be easily accessed by modern computer users by performing brute force attack. So in order to protect the encrypted data the key length should be long such a way that it is not easy to guess it. Encrypting the data only ensures that the data cannot be read by the third party in an understandable format when the data has been received by them.


    · Securing through Web Browser.
    Ensure that the data being sent using browser application is secured by seeing the URL. Ensure that it is using HTTPS instead of HTTP in the URL for authentication.


    · Secure Email Programs.
    Secure email programs use public key encryption for sending and receiving messages. This works well when both the users are using secure email programs otherwise the user should send emails without using secure email programs.


    · Secure Shell.
    Previously computer users used telnet application to connect to remote systems. But telnet transfers the information in clear text. To avoid this problem 'Secure shell' has been introduced which sends the data in the encrypted form. It uses public key cryptography for encryption and also ensures confidentiality and data integrity.
    Last edited by ajaysinghnegi; 01-03-2011 at 01:45 AM.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •