Securing Your Computer
Last Updated on Sunday, 29 November 2009 10:23 Written by DarkKnightH20 Tuesday, 25 August 2009 06:16
This is an ongoing article that may be updated in the future as ideas are collected.
Windows Update/Linux Update
One of the most important things you can do is keep up-to-date on your operating system’s patches and fixes. Holes in your operating system are often the most exploited by worms. Do your part to keep yourself safe by updating through your Linux’s repository or your Window’s Windows Update.
Disable Unused Services
If you have ANY unused serves, and I mean any, try to disable them. Having a service running that isn’t used allows for more possible exploitation attempts. For example, on Windows operating systems many worms exercised vulnerabilities that used DCOM. Disabling the DCOM service dealt with this issue and prevented exploitation attempts to begin with. Consequently, internet service providers (ISPs) also took action later during that time, but many were infected who had the service enabled.
Uninstall Unused Programs
This tip also means “don’t install programs you won’t use”. These programs can contain vulnerabilities themselves. Now, under normal circumstances this isn’t an issue since often the program must be running to be exploited. However, under certain circumstances, such as with programs that have their own URI (similar to the “http://” in an URL or “ftp://” in an FTP connection), these vulnerable programs can be activated by the exploit itself.
Keep Up-to-Date Software
Many softwares release service packs and updates. Some of these updates include security fixes, whereas some include new features. What you want to do is update only when security patches are involved. If the update includes new features, then new vulnerabilities can also exist — making the update a security risk. It is a good idea to always look at the changelog before updating.
Turn Off Extra Features in Software
As the above mentions, the introduction of new features in software is a security risk usually. A lot of the time you can avoid such problems by disabling the unused feature (if the software allows it). For example, most instant mesaging (IM) software has file sending, chat invites, and other things. If you disable these settings, you may be able to avoid any possible vulnerabilities that relate to those specific components of the software DEPENDING on how the program deals with them after they’re disabled. A vulnerability may still occur depending on how the software is programmed, but on some occassions it will not.
Install AntiVirus (AV) Software
Most people say that they do not need antivirus software. They say that they’re too smart to catch a virus…Lovely. Just because you think you’re too smart to get a virus, doesn’t mean it won’t happen. If you accept files from friends for example, who says that they’re not going to have viruses? Do you surf the internet? Then you can run into viruses at any time. Any website you go to has the potential to be hacked and have malicious scripts run as soon as the page is loaded. Antiviruses help combat against web based viruses, spyware, etc — pretty much all types of malware. Keep the auto protect features on and keep their definitions up-to-date.
Install Firefox With Adblock Plus & NoScript
Install Firewall (Software & Hardware)
Most people have a router now adays. This acts as a hardware firewall and does an amazing job at keeping most computers safe. For extra protection, it is recommended that you install a software firewall as well. These don’t only keep people from trying to connect to you and send malicious data, but they also prevent your computer from communicating to the outside world when you do not wish for it to. They alert users upon connection requests – local and remote – and can help detect malware indirectly (i.e. if a program you downloaded tries to connect to the internet even though it has no visible reason to, it could have a backdoor hidden in it).
Don’t Use Alpha/Beta Software
I’m hesitant to recommend this one since many software developers need testers…However, vulnerabilities are often at their highest when the software is in such a stage. Be careful. Be safe.
Watch Out for Security Advisories
Even when all the security in the world protecting your computer your defenses can be penetrated in a matter of seconds when attacked by a brand new vulnerability. Some vulnerabilities don’t reach advisory status until it’s too late, but on many occassions you can get lucky and find information that could allow you to protect yourself (such as a temporary manual patch) until a real patch is issued.
Submit Unknown Files to Online Multi-Virus Scanners
You never want to open anything without scanning it for viruses. I personally like to view exe’s under a hex editor, whereas other people prefer viewing files with Ollydbg or even running them in an emulated environment (such as through Wine) for testing purposes. Not everyone can do such tasks, however, and even if they could, they may slip up and miss something. An online multi-virus scanner I highly recommend is Jotti’s Malware Scan. It uses over 20 virus scanners to scan every file you submit. There is a 15mb limit per file though so it won’t work on bigger files without some effort being put in (i.e. chopping up the file into parts and submitting each piece part by part).
Avoid Unknown Websites
Websites are sometimes created with malintent in mind. Avoiding any website you don’t know or have never heard of, is a good way to help keep safe. Googling for information on such websites is highly recommended if you really must go to them.
Turn Off LM Hash (Windows)
LM hash, or LAN Manager hash, is created by Windows automatically. This is more of a local vulnerability, but people can download the LM hash from your computer, then use a cracker to find out what your password is. Look Here for information on disabling the creation of LM hash.
Put Lock on PC Case
This is a local, physical vulnerability for the truly paranoid to deal with. A lock should be put on your computer case to prevent people from opening it. Why would they want to open it? To snag your hard drive, to reset your BIOS, etc. Locks can be broken or picked, but at least they can slow down the attacker or force them to figure out a new means of obtaining what they want.
Password Protect Your BIOS
Though also a local vulnerability, a lot of harm can be caused if the BIOS are left unguarded. Someone could hurt your hardware, change the bootorder to allow for booting from CD, etc. If someone can boot from a CD using your computer, then they can run a different operating system or a set of boot tools to do a numberous amount of malicious activities, such as stealing files, password retrieval/cracking, etc.
Boot From CD/USB Disabled
As mentioned above, if someone can boot up to your computer using a CD, then they can do loads of harm. The same exists with booting up with USB drives. Protect yourself!
Install Encryption Boot Software
Computer using such software have their hard drive’s data protected until after the password is supplied during boot. This disallows people from retrieving the contents of a hard drive after stealing it. Such software is commonly found on corporate computers, especially laptops since they are mobile and can be stolen easily.
Never Use Admin Account
One of the most recommended things to do is to never ever use an administrative account on Windows or Linux. You should always be on a restricted, or semi-restricted, account. This helps prevent exploits from running that require administrative status and can limit their activity. Privilidge escallation vulnerabilities can get around this, unfortunately, but it can very well help you regardless.
Know of any good suggestions? Leave a comment!
Incoming search terms:
- HAWX 2 ollydbg