IntSecure - Internet Security for Newbies

Staying away from Phishing

2006-02-05T13:27:00.000-05:00

Today I'll be talking about one of the biggest things to hit Email, phishing. And no, I'm not spelling it wrong, when we talk about the Internet term, it's spelled with a "ph". Phishing is when people (or a company) send out Emails (works a lot like spam) asking for the user to update personal information such as passwords or credit cards, but the link they provide you in the email is a fake.

It's likely that the links provided in the Email are fake also. They may bring you to a "mock-up" version of some companies website. I remember sometime this year they made a fake Yahoo! website. It'll trick you into submitted personal information such as your name, address, and even your credit card number. One way is looking at the address. It is common sense to know that if a website is trying to mimik another company, it's fake. For example, Yaho.com is not the same as Yahoo.com (although Yahoo! owns Yaho.com). Sometimes it's easy to know that this Email is phishing. Look at this screenshot from my Gmail:

I don't even have a PayPal account. Luckily, Gmail has a built-in AntiPhishing protection system is it will remove any links in the Email to protect you. Since Gmail has such a great spam filter, this Email didn't even reach my Inbox. But you want to know how to protect yourselve? Here's how:

Look for a personal greeting of some sort. Most companies will only address you by your full name and not just as "User" or "Member".
Never, and I mean NEVER give out your personal information over Email. Sometimes you don't know who might read it. If the Email looks like it is really from the company, visit the companies website and look for some form of contact. If you need to, call them or Email them with the Email address they provide. Companies shouldn't even be asking for personal information over Email anyways!
Do NOT download any of the attachments in the Email unless you are 120% sure it's safe and you know it's from someone you know (like close friends or family). Trust no one.

If you think you are a victim of a phishing attack, change your password on the official company website and report the phishing scam to the official company. Should you have been fooled into giving away your credit card, contact your credit card company and have it locked out.

If you need a AntiPhishing tool, I suggest the Netcraft Toolbar (works with both Firefox and Internet Explorer. Microsoft also has an AntiPhishing toolbar for Internet Explorer and there's a built-in AntiPhishing program in Internet Explorer 7.

It's Alive!

2006-01-28T18:35:00.000-05:00

Greetings everyone, my name is Alex Morganis and I run the AMCP Tech Blog. I was invited by Kent to start posting here again. I know that IntSecure hasn't been touched in months, but I'm head over heels excited to be working on this blog. Expect some really great posts focused on, you guessed it! Computer Security.

Until next time,

Alex

Back for Now

2005-06-22T17:26:00.000-04:00

Hello visitors just wanted to post again in some of my spare time to explain to why we are not posting as much. We've decided to open up a main site and are currently working hard on the design and content.

The main site will have such features as

Security Software Reviews
Help Forums
More Quality Content
Dictionary of Comptuer Terms
User Polls

and much more....

You can visit the new site here: http://www.intsecure.com
(But you will have to be patient and give the DNS's some time to propegate the site across the net.)

We are looking forward to posting again and hearing from you all!

The IntSecure Team

Covering Your Tracks

2005-06-16T23:53:00.000-04:00

Whenever you browse the internet no matter what browser you use, you leave tracks on your computer which can tell anyone looking in the right spots, exactly where you have been and in some cases, what you have been doing there. This is why you need to clean up after yourself if you are using a public computer and also if you think someone might be spying on what websites you visit.

The remnants of websites you visit include the temporary internet files, cookies, and just a simple list of all the websites you visited. Temporary Internet Files consist of files downloaded from sites including images and actual content pages. For example when you visit any website, while the page is loading all the images and text that you see, is downloaded onto your computer so that you can view it. You can find out exactly what cookies are here.

Its easy to clear up this trail left behind by simply activating the browsers cleanup function or by disabling it entirely. This differs from browser to browser so you will just have to explore to find out where to go exactly. But doing this does not always remove everything you would like it to, as some cookies and files can be left over. Which is why I would recommend using a 3rd party application like Webroot Window Washer.

This program will assist you in cleaning up all the recent activities, and not only those which are associated with browsing the internet. This program does all of the following:

Safely and easily deletes extraneous files and folders that clog your computer's hard drive. This frees up space to increase PC performance.
Cleans up free space so fragments of previously deleted files are removed.
Allows you to choose the cookies you want to keep to optimize your Internet experience.
Instantly detects and cleans hundreds of popular programs.
Includes "bleach" as an added security measure that completely overwrites files, making recovery impossible.
Safely and effectively erases the contents of your hard drive so that you can donate or sell your computer with the knowledge that your private data is protected.

There are also many other programs out there that can do similar things, so Google it and have a look around. Let me know if you find any programs you think are worthy.

"Routing" for Dial-up Security

2005-06-13T14:14:00.000-04:00

We had an email recently regarding the "Routing" for Security post, and the question was if you could use a router on a dial-up connection. The response was large enough that it warranted its own post. The original question was:

Concerning your blog on June 6 "Routing" for Security
Is it possible and or advisable to use a router on a
dial-up connection?
Thank you for your response.

Yes it is possible and advisable if you can get your hands on the hardware. While it isn't possible to use today's broadband or Cable/DSL routers for a dial-up connection as they do not have the required hookups, there are products out there that support what you are looking for. The market these days is obviously not geared towards dial-up internet access and therefore little support to no support exists and it could be tricky to get your hands on some decent hardware.

Webramp is a company which used to manufacture just what you were looking for until they were bought out by Nokia. Located here (http://www.webramp.com/support/index.html) click on any of the products under the analog heading. These are dial-up routers. You can no longer purchase these unfortunately, but if you have a search on eBay you can usually come across one of these products or other similar ones made by other manufacturers like 3Com.

One thing to watch for though, is that some of these products require you to have an external modem with a serial DB-9 or a serial DB-25 connection in order for it to work. Mainly the Webramp products have this requirement while 3Com normally has a modem built directly into
the router itself.

I found this product by SMC (Amazon.com) which is actually a broadband router with a dial-up backup. I'm sure this could just be used as a router for dial-up but it does also require an external modem. This product is still being sold on Amazon but I would only recommend using this if more appropriate hardware cannot be found.

My best recommendation though, is that you have a look on eBay for a "dial-up router" and a "dialup router". I have included both those quotations to use as a search query on eBay as they bring up different results depending on how the seller spells dial-up. You may also try modifying those searches more too. I saw a 3Com dial-up router with 2 built in dial-up modems which might be the best option, however I have not actually used these products myself so I
cannot guarantee any success. I just hope this gives you a little more information and a place to start if you are seriously considering this.

There is also one other option, but it would require some advanced knowledge concerning networks. It would be to use an older PC that you may have kicking around somewhere and installing some proxy software on it that would act as the router. You would connect your modem and all the required hardware for your dial-up internet access and also you would connect your personal computer to it through a regular RJ-45 network connection. This option as I said though, would require a lot of knowledge in order to get the proxy software setup and working properly.

It was a good question because you would normally think that getting a router for a dial-up connection is pointless because the main feature of a router is to share one internet connection between multiple computers. I would image that if you did attempt to share a dial-up connection between 2 or more computers that it would become really slow, but if you look at the security features of a router, and depending on its price it could be a very beneficial purchase.

Cookie Security Internet Explorer

2005-06-09T18:06:00.000-04:00

This post is a follow up to Learning and Understanding Cookies where I explained how the internet uses cookies to store personal data of websites. Today I will explain how you can partake in safe cookie exchanging among websites. We will look through privacy settings of our web browsers and learn how they will help keep us safe.

Settings in Internet Explorer

Navigate to Internet Options by either opening Internet Explorer>Tools in the top menu bar>click Internet Options

or

My Computer>Control Panel>Switch to Classic Mode button on sidebar>Internet Options

In internet options we want to click on the privacy tab to locate our cookie settings. You screen will look something like this :

From here we see a slider bar that lets us navigate to 6 settings but before you understand how these settings work you must be educated on first and third party cookies.

First Party Cookies: These cookies are left on your machine by the host website you are visiting at the moment. So for example if you visit http://www.internetwebsite.com and you get a cookie from them called internetwebsites.txt

Third Party Cookies: These cookies are left on your machine by another website one that you are not visiting at the time. For example you are visiting http://www.internetwebsite.com and you get a cookie from http://www.anotherwebsite.com called anotherwebsite.txt this is a third party cookie. This cookies are usually present through advertising on the site from another website.

Compact Cookie Privacy Policy: Part of website code that contains privacy statement stating how the cookie is to be used.

So your goal is to pick a setting in the privacy tab that best matches your security needs while browsing the internet. Basically you want to make sure third party cookies have compact cookie privacy policies and you want to make sure this cookie isn't trying to get access to personal information stored on your computer. You also want to make sure first party cookies ask for consent before trying to use personal identifiable information. I believe medium or medium high are good settings to pick providing you have a spyware scanner to protect you from such bad cookies as the Atlas cookie, Bluestreak cookie, and Passport cookie.

I am currently testing out some software for better cookie protection and will share it with you once I am concluded the testing.

If you want more information check out this link

Source:
Cookie FAQ

Blogging About Blogs

2005-06-07T18:37:00.000-04:00

We are listed at Blogging About Blogs a great site that identifies great blogs on the internet. I suggest you check it out and view all the great work and effort people put into their blogs. Thanks to Ken the webmaster of the site please visit through this link:
http://www.incredibleblogs.com/

"Routing" for Security

2005-06-06T21:13:00.000-04:00

There is no way around it, you need security. In your home, your car, sometimes on your person, and in this day and age, on your computer. But you have to take so many steps just to ensure your safety. Install the anti-virus, install the anti-spyware, install the firewall, monitor startup and process lists for unusual entries, filter your email and your web browsing; ridiculous no? Well I have a complete solution for at least one of those and a semi-solution for the remainder. Its called a Router.

A Router is roughly defined as a hardware device which forwards packets of data between two networks. For example the Routers that home users would purchase would become the first and only device that is directly connected to the internet. This means that your computer is no longer the device people would be seeing if they attempted to connect or scan you. And because routers come with a built in firewall, you get your complete solution to having a software firewall installed on your computer, eating up resources.

The other semi-solutions you get with a router are that some viruses and spyware will attempt to call home or allow a hacker to connect directly to your computer through a normally innocuous port. With the firewall in the router, these malicious programs cannot communicate to or from your computer.

It doesn't cover you from all internet risks but nothing can. A router will simply save you from some of the most common and possibly damaging ones. But if you do have the need to allow access to and/or from a certain port or ports, you can easily enter the Router configuration and allow whatever ones you wish. Even if you have just one computer, buying a router can still be very beneficial. Besides, routers these days can be very inexpensive and you certainly don't need a top of the line model.

Tune Up Mozilla Firefox

2005-06-05T15:08:00.000-04:00

So were going to step away from internet security so I can promote a new piece of software my partner in crime has run across that greatly increases the browsing speed of your Mozilla Firefox. The Program is called FireTune and is available free for download to users. To learn more about FireTune and test its speed out read below.

What FireTune Does?

- Optimizes Mozilla Firefox by applying well known configurations that have been tested by experts to improve the speed of Firefox. You can do this by yourself by following a guide at Tweakfactor.com that you can find Here. FireTune just makes it easier for the user and applies these settings for you.

Problems?

- FireTune has only been tested on Windows XP so your are installing at your own risk on any other operating system. It is also recommended that you update the version of Mozilla Firefox before applying the changes. The latest version is 1.04 and can be found at http://www.mozilla.org

Test it Out

- To test if it has improved your speed you may want to run a speed test on your browser before and after here's how you can do that

Clear your browser cache by going to Tools in top menu/options/privacy tab
Go to http://www.numion.com/stopwatch/ and enter www.mozilla.org/products/firefox/ as the URL to do a speedtest on
Write down the speed
Apply FireTune to Mozilla (be sure to backup original configuration)
Clear you browser cache again and repeat steps 2 to 3
Compare times

Before the FireTune I received a time of 4.390 and after 3.250

Download FireTune here

Sources:
http://www.numion.com/stopwatch/
FireTune
Tweakfactor.com

The Windows Registry

2005-06-03T23:43:00.000-04:00

So you want to know about the registry? Well I am going to give the bare basics of what it is, what can be found and few tips to help you out. But before I go any further I must, like all registry tutorials, warn you about the damage you can cause to your system. If you don't know what you are doing or are unsure about something I would advise you not to fool around with the registry as you can render your computer system completely useless and unbootable. I'll give you the basics, but I will not be held responsible for any damage you may inflict.

* EDIT THE REGISTRY AT YOUR OWN RISK *

With that being said, lets get right into it. Under Win95/98/ME, the registry is stored in 2 data files called USER.DAT and SYSTEM.DAT which are hidden on your system (for good reason) and in 2000/XP it is stored in the directories \Documents and Settings\{username} and Windows\System32\config. To edit the registry, click Start, Run and type in "regedit" which will bring up a window like this:

Here you see some funny looking directories but the ones we will be going over are HKEY_CURRENT_USER (HKCU) and HKEY_LOCAL_MACHINE (HKLM). I am sure you can decipher as to what each contains; HKCU has the individual settings for the currently logged on user and HKLM has settings which are required for all users of the local machine like hardware and software configurations.

The main reason I am going over the registry with you, is to show where some spyware and viruses hide themselves so that they automatically start when the OS boots. In order to find these places we need to do a little browsing of the registry. But before we go any further, and if you plan on making some changes, we should backup the registry. Better safe than sorry I always say. There are many different ways to do this and the method you use also depends on what version of Windows you have. Follow this link to find different methods of backing the registry up.

Now, if you are following along then I need you to pick either HKCU or HKLM and find this address within (this will be the same address for both):

\Software\Microsoft\Windows\CurrentVersion\Run

Once you have successfully navigated to this location and clicked on the Run folder, you should see some familiar items in the right hand pane. These are all the programs starting when you boot into Windows. If you should notice something that is unfamiliar then I would advise, before modifying or deleting anything that you check the filename online to see exactly what it is and what it does. The easiest way is to just type the full filename into any search engine. If you think something doesn't belong, just delete it. AFTER THE BACKUP of course. Now these entries will be different for each of HKCU and HKLM, so I would go back to the one you didn't choose and just check that one too.

Some of you might already know this is exactly what MSCONFIG does for you, except in a nice GUI (Graphical User Interface). Yeah, you can use that tool but I prefer using the registry or sometimes even a nice 3rd party tool like this one. Its up to you, but for you more beginner computer users, stick to the GUI tools for now until you have a better understanding of the registry. It can be a very dangerous place.

Sources:
Mlin.net
Back Up Registry

Learning and Understanding Cookies

2005-06-02T14:00:00.000-04:00

So you see this term in your browser setting but you are still unsure what a cookie really is. Well don't worry your not the only one. So today I decided to talk and inform you about cookies and how they enhance your browsing experience and how they can also be a security risk.

About Cookies:

Cookies store important information from webpages you visit and store that information on your computer in the form of a text document. Of course you are unaware of this transaction of cookies from the webpages you visit but you monitor your cookies from your web browser settings. Lets say you enter a website and it requires you to enter information to personalize your browsing experience. Once you have entered the information this information is now saved to a cookie on your computer so when you revisit that website that information you previously entered will still be present. So if you shop online and order a product but don't officially check out yet the next time you go to that website the item will still be waiting at the checkout portion of the website for you. Cookies can also save passwords when you browse and elect for your browser to remember your passwords. This can be a big security risk and I always advise away from allowing the browser to save a password.

Types of Cookies:

Session Cookies - These cookies are only present during the time you are on the website and immediately delete themselves once you've left the website. These cookies are more suited for the website to remember statistics of the users visit
Persistent Cookies - These cookies store themselves on your computer for a given amount of time. These are the cookies that are used to store those personal settings and reloaded everytime you visit that particular site. The advantage of these cookies is it reduces load time of websites.

Problems with Cookies:

The downside to cookies is that websites can store cookies on your computer without you knowing and use these cookies to track your internet activity. It will monitor stats like what websites you visit and website purchases. These cookies are installed by spyware websites and programs and can be rid of by SpySweeper. Cookies that also remember passwords must be protected because if they are intercepted they can be used to gain access to your password protected websites. In a later post I will also talk about how you can adjust your browser to ensure your not vulnerable to getting bad cookies. Here are some other sites that explain cookies check them out: Cookie Guidelines 2/7 , Cookie Definition

Netcraft Toolbar

2005-06-01T15:50:00.000-04:00

I was shown this link the other day to an IE and FireFox toolbar called Netcraft. At first glance I will admit I was a little skeptical as these toolbars are a dime a dozen these days and half the time probably come chalk full of spyware. But after reading through the site for a bit, it seemed like a legitimate toolbar to use against insecure websites and things like Phishing. So I worked up the courage and installed it. The install went fine with no mention of sponsor software and no warning from the virus/spyware protection so things were good thus far. I opted for the IE version as I rarely use it and don't care much if it gets a little messed up.

After the install, everything came up as it should have looking like the image above. So I proceeded to run it through its paces and threw real websites such as eBay and Bank logins, and also a couple links from Phishing emails I had received. It did exactly what it was built to do, in that it displays higher green risk ratings for well known, trusted sites and will display higher red risk ratings for sites not as well known or that show signs of being fraudulent. Other tactics this toolbar employs to show the user pseudo sites, is the date the site was established and where the site is being hosted. So you will know that when you are on a supposed eBay login site where the date shows April 2005 and that it is hosted in the former Soviet Union, it is most likely a scam.

I haven't really had the chance to give it a full look over, but it also provides ways to report phishing scams and a whole slew of services. So give it try if you want, and let me know your opinions by commenting and/or emailing IntSecure.

Source: Netcraft Toolbar

System File Checker

2005-05-31T13:54:00.000-04:00

System File Checker (SFC) is a program included with Windows XP to scan important system files. These systems files are important because they aid in the functional operation of Windows XP. SFC can be a valuable tool to use in your internet security arsenal because viruses and trojans today are known to modify or remove system files causing them to act according to the viruses symptoms. SFC scans these system files to make sure they are original and if they detect a problem like the file has been changed or removed (ie. Corrupted) they will replace the file. Microsoft does this by digitally signing the system file of importance. This is similar to how we have a signature on our credit card to verify our identity and so no one else can duplicate it.

How To Run System File Checker (SFC)

To run SFC go to Start > Run > Type 'sfc /scannow'

This Window should appear and begin scanning your computer:

Problems running SFC:

There are some problems with SFC and during the scan you could be prompted to insert your Microsoft Windows XP disk. The reason this happens is because Windows is searching for a hidden folder named DLLCache. This is a very important folder and Windows has hidden it to avoid users deleting or removing files accidently.

To get around this you can simply insert your Windows XP disk or you will have to copy a folder from Windows XP cd to your computer and change a registry setting which can become more complicated.

Steps to complete this (Do These Steps at your own risk):

Explore your Windows XP cd and copy the I386 folder to the C:/ drive
Go to Start > Run > Type 'regedit' *WARNING Do not change anything else in regedit it contains very important data that is required to run your computer*
Go to HKLM\SOFTWARE\Microsoft\WindowsCurrentVersion\Setup
On the right hand side of the screen select Source Path and check what the Value Data is
I also found more things that can go wrong on this site: www.updatexp.com

Sources:
www.updatexp.com

Virus and Spyware Protection All In One

2005-05-30T17:19:00.000-04:00

With so many new forms of viruses and spyware turning up everyday, its almost becoming a full time job just to make sure you are protected from it all. First you run the update for each program just to make sure all your definitions are up to date. Then you run the virus scanner for about an hour and then the spyware detector for about the same. And maybe if you are still worried, run a few online tests for viruses or spyware. By this time you are about ready for a nap, I know that I usually am. But does protecting yourself have to be this annoying and seem so much like a chore?

I know people that don't believe in running a virus or spyware protection program on their computer because "it takes up WAY too many resources." Yes maybe they are right, these programs do require a lot of your computer, especially during startup. But I am, even more so lately, a firm believer in the use of anti-virus and anti-spyware programs as they are starting to play HUGE roles in internet surfing and email usage. And I have had my share of different programs from Norton and McAfee to SpySweeper and AdAware. Although each of these programs have their own pros and cons about them, I have recently found that none of these programs, whether used alone or together, can rival the protection that Panda Titanium Antivirus provides.

Don't let the name fool you though, as it isn't just an anti-virus program. It's more like an anti-virus and anti-spyware suite. After installing it for the first time, it automatically updated itself no questions asked and then recommended I run a full sweep. (And yes I know some people don't like programs automatically updating themselves so of course, you can disable that feature.) It seem to find a plethora of new and old spyware that had been sitting in my registry and in files on the hard drive which none of the other programs had picked up. I couldn't believe that I, someone obviously concerned with viruses and spyware on my computer, could have so much just sitting there. But its not just through the manually initiated scans that this program picks them up. I am finding that while surfing around the internet, windows will pop-up very much the same as an MSN Toast, letting me know that it has just eliminated a tracking cookie or piece of spyware from the system.

It constantly monitors your system and scans your email during download, but with the TruPrevent Technology it offers, new viruses which have not even been discovered can be blocked. They believe so firmly in this technology that they offer it as a separate product which you can purchase and add on to your current anti-virus software such as Norton or McAfee. Call it cocky, but I think they have reason to be. So if you are looking for some virus and spyware protection all in one, give Panda Titanium Antivirus a try as they even offer their software as a try before you buy.

Online Email Security Features

2005-05-29T20:37:00.000-04:00

I decided to make this post based on a question I received about a month back on how online email services like Hotmail, Yahoo, and Gmail keep you safe. As we all know emails can be a great source of internet threats and can compromise our internet security. In an earlier post Check Email Online First I explained the benefits of using online email services to increase security measures on your computer because your email is located on the hosts server. (Ex. When you use hotmail and someone sends you an email that email is not on your computer it is on Hotmails server). This post is a follow up to that post to explain the security features on these online email services.

Email Filters: Yes
Anti-Virus: No (unless you have Norton or McAfee anti-virus on your computer)
Secure Login: Yes

Pros: Gmail offers a 2 gig email service this is more then enough room to store massive amounts of emails. The filtering system is half decent, after using it for several months now it has blocked a lot of junk mail but a few Phishing Emails have gotten through. You do have the ability to create your own filters but this can be time consuming if your email address is on several spammers email lists and you receive massive amounts of spam.

Cons: Gmail doesn't have an online virus detector which is a big disapoinment considering it is only compatible if you have McAfee or Norton Anti-Virus on your computer. This means if you don't have these anti-virus programs download attachments at your own risk!

Email Filters: Yes
Anti-Virus: Yes Trend Micro
Secure Login: Yes

Pros: MSN Hotmail uses Trend Micros online virus scan to scan through attachments before you download them onto your computer. This is a great feature considering email attachments are such a great cause of internet viruses. They also provide an easy system to report spam emails to Hotmail to further develop there email filters.

Cons: I suppose 250mb of space to store emails is a con considering other competing companies offer a lot more space. In my opinion though 250mb is more then enough space for emails and the online anti-virus service more then makes up for the smaller space. Although some people may say Hotmails email filters aren't that good I have had many accounts on Hotmail that have been compromised by spam and the Hotmail filters have done a good job sorting the good from the bad.

Email Filters:Yes
Anti-Virus: Yes Norton Anti-Virus
Secure Login:Yes

Pros: Similar to Hotmail this has an online virus detector that is very helpful when dealing with file attachments. Yahoo provides 1gig of space similar to Gmail which is a massive amount of space for emails. Another great feature is that Yahoo mail will clear your browser cache periodically. If your unfamiliar with browser cache I will be touching on the subject in a later post.

Cons: Recently a serious flaw in Yahoo online security was discovered you can read about it here. It was discovered and has now been fixed by Yahoo.

Conclusions

Knowing the security features of your online email services can greatly put you at ease when sending and receiving emails. As I pointed out before checking your email online can greatly increase you safety from viruses. I myself prefer Hotmail services because of there online virus scanner and great email filter system. If you are using Gmail remember to have either Norton or McAfee Anti-Virus on your computer. And check out Check Email Online First to have a better understanding on this topic.

Sources:
MSN Hotmail
Gmail
Yahoo Mail

Wireless Network Security; Part II

2005-05-28T20:04:00.000-04:00

To further my last post on Wireless Network Security, I think that users of a wireless network whether commercial or not, need to make it as secure as possible. Setting up WEP and disabling SSID (refer to the first Wireless Network Security post for definitions) are a good step to ensure a secure network, but more can be done.

A MAC address or Media Access Control address, is a number assigned to every single piece of network hardware whether wireless or not, and is completely unique from any other MAC address. We can use this to our advantage, in a way so that you can specify which MAC addresses are allowed to connect to your network, using MAC Filtering. Most routers will come with this option available but it will be off by default as it takes some setting up to ensure that all your network devices can access the network. Also, some routers will allow you to filter both wired and wireless MAC addresses while others will only allow you to filter wireless. Most of the time filtering wired MAC addresses is unnecessary as it requires a direct connection anyway.

All that needs to be done is for you to acquire all the MAC addresses for your wireless devices and enter them into your routers configuration. To find out what your MAC address is, just open up an MS-DOS prompt and type in "ipconfig /all" which will display all the information for every single piece of networking hardware you may have. The MAC address is referred to here as the "Physical Address" and consists of 12 characters separated by dashes into 6 equal parts. For example:

0A-1B-2C-3D-4E-5F

Now that you have all the MAC addresses for your devices, just find the MAC address filter page in your routers config, and enter them into the appropriate box. Save those settings and voila, your network is that much more secure.

More on MAC addresses; they are burned permanently into every network card/device, therefore they are not modifiable. But they can be cloned or "spoofed" with certain pieces of software. So, it would be possible for a hacker to use a different MAC address, for example one of the ones that has been allowed by your router. But this would mean that they would have to have physical access to the device in order to find the MAC address. While it isn't bulletproof, activating MAC Filtering along with WEP Security and SSID Disable will make it very difficult for any hacker to access your network. They would essentially have to have one of the authorized MAC addresses from the router settings, the Service Set Identifier (SSID) and the WEP encryption key. And the likely hood of any hacker getting all 3 pieces of information is very small.

Common Passwords

2005-05-26T23:31:00.000-04:00

So I've decided to go over common passwords that people use to further the issue that
passwords and password protection is crucial to internet security. Computers with these passwords have many security vulnerabilities and are easily hacked. Hackers are well familiarized with these common passwords and there are even worms out that are programmed to scan and attempt to break into computers using common passwords. If your password is on this list or the list of the included website it is advised to change right away using these guides:
Protect Your Password and Password Generator and Tester

Common Passwords:

god
sex
money
love
administrator
admin
adminpw
secret
persons name or family name
digits of persons phone number
dogs name
street name
qwerty

Here is a longer list at another site but those listed are most common: More common passwords

Due to these passwords being so exploited it isn't wise to use one especially for your windows accounts, eBay account, or Paypal account.

A common program used for password recovery and identifying security and password weaknesses is LC5 you can find LC5 at @stake LC 5. This program attempts to crack your Windows password and gives you a summary on it's strengths and weaknesses. This is a great security product but can also be used by hackers to infiltrate your computer. I will discuss LC5 in more detail in a later post.

SO PROTECT YOUR PASSWORD!!!

Sources:
@stake LC 5
GeodSoft Password List

Phishing and Pharming

2005-05-26T14:55:00.000-04:00

Phishing? Huh? I know, I had the same reaction the first time I saw that word. Believe it or not, Phishing is a variation on the word "fishing" where as the bait is thrown out in hopes that somebody will take it. While most people will ignore the bait, there is always somebody to go for it and then they are caught.

But what is phishing? Well, it is when an individual or group of individuals (phishers) send out an email asking for the user to update personal information such as passwords or credit cards. But the link they provide you in the email is a fake. Most of the time its directed to a clone of whatever companies website they are claiming to be, where you can input the information requested and submit it for updating. But the dead give away for these website is the address, as it will not be the actual address of the company, so be watchful. All the site really does though, is save the information you input into a file where it can be accessed and used by the individuals who originally sent the email. Its fraud; a scam; I know. So how can you protect yourself?

The best way for you to protect yourself, is to be VERY watchful concerning emails from companies stating they need your information updated. Here are a few points to be considering while you are reading a suspected fraudulent email:

Look for a personal greeting. Most companies will only address you by your name and not just as User or Member.
DO NOT send any personal information via email. If the email looks to be an official email from the company, I would recommend visiting their website by directly inputting the URL into your browser and looking for some way to contact them either by phone or email, and confirm whether or not this email is valid. But companies should not be asking for this kind of information to be sent through an email because it is unsafe anyway.
DO NOT download attachments from emails unless you are 110% sure it is from someone you know or it is something you are expecting.

If you think you have become a victim of a phishing scam, immediately visit the official website of the company from the scam and change your password to something completely different from the old. The next step would be to report the phishing scam to the company who had been falsely portrayed in the scam. Most will have an email address you can forward the scam email to, so just visit their website and locate one. If the information you gave to the phishing scam was something concerning credit cards or banking information, you must immediately contact your Bank and/or credit card companies to have the accounts locked out.

Now, what is pharming you ask? Well, pharming is very similar in the respect that it falsely identifies itself as some company requesting your information. But, it incorporates a program that may be installed on you computer which directs you to the same false website as mentioned above, but it also makes the address look identical to that of the REAL companies website. This is achieved through methods called DNS Hijacking and DNS poisoning.

To protect yourself against pharming you can employ the same tactics I mentioned above, and also ensure you have anti-virus software installed and that the virus definitions are up to date. Also, run regular checks with some type of spyware/adware detector. Now, some email filters will pickup these malicious emails being sent to you but I believe that not all of these emails will be discovered. Also, official emails from such companies can be misconstrued by email filters as fraudulent so make sure you are still sorting through your junk email.

Here are some other posts relating to phishing and pharming which I recommend you read:

Using MSConfig - Protect Your Passwords - Email Filters

Here is a website I found very informative and it also includes a list of current phishing scams, among other things.

Anti-Phishing Working Group (http://www.antiphishing.org/)

Web Filters

2005-05-25T00:03:00.000-04:00

Have you ever been surfing the internet for a certain topic and then been bombarded by pornographic material. A web filter acts as an anti-spam agent that blocks out content on the internet. It does this by blocking out keywords that are associated with certain topics like drugs, pornography, and violence. Web Filters are a great addition to homes with younger children who surf the internet on a regular basis.

The other benefit of a web filter is you block out a large amount of spyware that can commonly be associated with adult websites. The last thing a user wants is unwanted spyware generated from a site they were forced to visit by carelessly surfing the internet. When searching for a web filter you must ensure it is compatible with your browser. A lot of web filters out there are made for Internet Explorer and can greatly improve it's browsing experience (If you've read the blog you understand I support Mozilla Firefox though)

To test out how a webfilter works check out the test at Surf Control by clicking this: Web Filter Test
To run the test type in a website that may be under a category that you do not wish to view. The results will show the category that site is in therefore proving that a site of this nature will be blocked by using this filter.

Currently I suggest using the filter include in Zone Alarm Pro because I have had the most success with it but you can also check out Surf Pro Web Filter

It is also wise to have email filtering to learn more about this topic check out this previous post: Email Fitlers

*If you have tested other filters with success please comment*

Sources:
Zone Alarm Pro
Surf Pro Web Filter

Site Map

2005-05-24T18:27:00.000-04:00

Browsers
- IE vs. Firefox
- Beware Of ActiveX
- Speed up Mozilla Firefox
- Updated Firefox?
- Web Filters

Email
- 2 E-mail addresses better than 1
- Spam
- Check Email Online First
- Email Filters

Network/Internet
- Understanding The Internet
- Safely Downloading Programs
- Protect your Passwords
- Password Generator and Tester
- Learning and Understanding Ports
- Firewalls
- Monitor Network Activity
- Changing Router Password
- Vulnerable Ports
- Zone Alarm Firewall
- Wireless Network Security

Safety Measures
- Using MSConfig...
- Advantages of Scheduled Tasks

Security Tests
- Popup Blocker Test
- Test Your Internet Security
- Another Internet Security Test
- Using Speed Tests

Spyware
- Adware and Spyware
- Check out Spysweeper
- Spyware Information
- Keyloggers
- Has your Browser been Hijacked?
- Misspelled Website...
- Free Online Spyware Scanners

Viruses
- Viruses
- Virus Removal Tools
- Free Online Virus Scanners
- Virus Information/Latest Viruses
- Virus definitions expired?

Wireless Network Security

2005-05-23T19:33:00.000-04:00

For many of us, the need for greater mobility with computers is increasing. We want to take our laptop out on the deck and enjoy the summer breeze while creating entries in our blogs, or we need an internet connection in the garage to assist us with car maintenance. But would you really want to run an extremely long network cable to every room or area of the house you want to connect? Seems a little absurd, and in some cases nearly impossible. Which is why many of us are now using Routers with Wi-Fi LAN (Local Area Network) or WLAN support. This allows WLAN equipped computers to connect wirelessly with your router and use all LAN services just the same as if you were hard wired. But with the wireless convenience comes great risk. Anyone in the range of your routers wireless signal and have WLAN equipped computers, can easily gain access if you have not taken the proper precautions to secure your network.

Check this earlier post, to breifly learn about WEP or Wired Equivalent Privacy. It basicly means exactly what it says, that your wireless computers can have the same security or privacy as that of your wired computers. But a little work must be done to ensure a good level of security. First things first is to discover where the WEP settings are located on your router. Search around on your router manufacturers website for specific tutorials. Here are a few well known companies:

Linksys Homepage (http://www.linksys.com/)
Linksys (Linksys Tutorial)
D-Link Homepage (http://www.dlink.com/)
D-Link (D-Link Tutorial)
NetGear Homepage (http://www.netgear.com/)

The way you can access you routers settings is by typing its IP address into your web browser and logging in with the username and password (which I hope you changed - click here if you didnt). The most common IP addresses are 192.168.0.1 and 192.168.1.1 but if you arent sure you can check the websites listed above or just open up an MS-DOS window and type "ipconfig" and find the Gateway Address. This address will be that of your router.

Once you have located the WEP settings page for your router, you must ensure you are using the highest level of security that you can. In other words, select the highest bit encryption level. The most common are 64Bit, 128Bit and 256Bit. Once you have selected the highest that your router supports, you can continue on to selecting the actual key used to allow access. Some routers, Linksys ones for example come with a WEP Key Generator built-in and some do not. In either case you can use an online wep key generator.

http://www.andrewscompanies.com/tools/wep.asp

Depending upon which level of encryption you have, the key itself must be a certain length. 5/13/29 characters for 64Bit/128Bit/256Bit respectively. Enter the WEP key in the appropriate textbox or the Key1 box if multiple exist and Click the Apply/OK/Save button. WEP should now be active and any such device that wishes to connect to your router here on, will require the user to input that same WEP key you copied into the router settings, so make sure you write it down to save you from running back and forth.

Enabling WEP on your router is taking a good sized step in the direction of wireless network security. Although this method is not entirely bulletproof as a skilled hacker can, in time, discover what your WEP key is and use it to access the network. But this is better than nothing, believe me.

P.S. Disabling the SSID (Service Set IDentifier) Broadcast option on your router can also greatly increase the level of security because the hacker would then have to know the the SSID and the WEP key. This will disable the ability for a wireless device to automatically discover your network, hence you will have to manually input this into your wireless network setup on the device, along with your WEP key.

P.S.S. You should also protect your WEP key and SSID much the same as you would Protect Your Passwords.

Free Online Spyware Scanners

2005-05-23T18:19:00.000-04:00

I've gathered a small list of free online spyware scanners to help remove dialers, data mines, hijacks, adware, malware, and tracking components. There are many free spyware scanners on the internet but some cannot be trusted and contain viruses themselves when opened. I have tested these three online spyware scanners and deemed them safe but you should always use at your own risk. If anyone else has problems with them feel free to email me.

I found these scanners run best on Internet Explorer because they use Active X but can also run on other browsers like Mozilla Firefox by simply saving and manually running the .exe program.

Here are the Online Scanners:

X-Cleaner (There is also a free download of the program available on this page)
Web-Roots Spysweeper Scan (Doesn't remove spyware only notifies you of spyware present on your computer)
Zone Labs Spyware Scanner

To learn most about spyware you can check out these previous posts:
Spyware Information
Check out Spysweeper
Has Your Browser been Hijacked

Link To Us

2005-05-23T00:42:00.000-04:00

To exchange links contact us at Intsecure@gmail.com
Feel free to link back to our site by choosing one of these options:

Option 1: Small IntSecure Logo

To place this link on your site copy and paste the code below:

Option 2: Text link IntSecure

Zone Alarm Firewall

2005-05-22T13:24:00.000-04:00

If you don't understand firewalls check out my previous posts: Firewalls, and Learning and Understanding Ports

This will be my first review of a firewall that I have used in the past to help my computer and clients stay safe. The great features of zone alarm firewall is its ease of use and user friendly environment. Zone alarm has two versions of their firewall a free version with minimal security features and the pro version which has to be purchased.

Some features on the pro version include:

Stop intruders from accessing your computer
Approve safe programs for internet access
Pop up and internet content blocker (usually this only works in Internet Explorer)
Protects personal data from leaving computer
Email protection from incoming and outgoing threats

Zone Alarm is a great firewall if properly configured for your network needs. Before downloading zone alarm they suggest you use there free scan for spyware in order to remove and have a fresh install of Zone Alarm.

To download the free version of Zone Alarm click Here
For more information on Zone Alarm Pro click Here

Sources:
Zone Labs

Using Speed Tests

2005-05-20T20:17:00.000-04:00

So after you have monitored your network activity and are suspicious of some of the activities running while you are on the internet you may want to run a speed test to check how your speed ranks with what it actually should be. This can give us a better idea if some of those network activities are hackers using your internet connection at their disposal.

I spoke more about how a hacker can use your internet connection on the topic Changing Router Passwords
hackers commonly break into other computers to:

Steal passwords and valuable information
Run programs called bots that they use to attack other computers
Store files
Practical Joke

You'd be surprised on how easily a computer can be compromised and is used as a bot to send mass amounts of traffic to other computers. This causes your computer and the computer the hacker is attacking to run very slowly. So check out this speed test at DSL reports.com and Bandwidthplace.com. Read these steps before beginning

1. Before running the speed test close down all network activities you have running at the present time.

2. After you run the speed test compare your results with your actual connection in the graph.

3. If your speed is slow and you have read Monitor your network activity you will know how to use the program X-Netstat to end the process you think is a threat.

!Do not delete processes!

This can be done by using the Kill button on the top toolbar of X-Netstat to end suspicious process. This will end the network activity for the time being but when you restart the computer it should return. Once the suspicious network activity is terminated run the test again and see if the results are the same.

4. Research the processes using Google and run Virus Scans on your computer.

*Warning* Slow speeds are not always caused by hackers and can be the results of:

Many network activities open on your computer (ie. downloads)
Internet busy with a lot of traffic
Problems with internet connection
On a home network (router with other computers connected)
Problems with speed test servers

Some of these cases require you to get in contact with your Internet Service Provider to resolve the issue.

Sources:
DSL reports.com
Bandwidthplace.com

Vulnerable Ports

2005-05-19T18:54:00.000-04:00

Today I have included another link with a list of vulnerable ports that are usually used in trojan attacks. To learn more about ports check Learning and Understanding Ports, Monitor Network Activity, Viruses and Firewalls. Use the Monitor Network Activity and these port lists to determine if your computer might be at risk of a trojan attack and always stay protected with a firewall.

Here is a list of common ports that are used regularly:

Application Name Port
FTP (File Transfer Protocal) 21
Telnet 23
SMTP (used to send email) 25
POP3 (used to receive email) 110
DNS (used to convert IP to name) 53
HTTP (used to browse webpages) 80

Common Application Ports
For Example MSN Messenger uses several ports:
6891-6900
1863
5190
6901

To see more common ports check Special Application Port List

Check this site for common ports that are vulnerable to trojan attacks:SpeedGuide

Source:
Special Application Port List
SpeedGuide

Change Router Password

2005-05-18T16:39:00.000-04:00

Yes another password to deal with if you have a home network. I speak especially for wireless networks because WEP (Wired Equivalent Privacy) which is the security protocal for the 802.11 frequency can be very vunerable to hackers. Due to the fact that wireless transmits data through the air it can easily be stolen by another computer with wireless access. A common practice for hackers is to piggyback on your wireless connection. This means that they scan the air waves to discover you have a wireless router and then they use your router password to log on to your internet. The results are you get to cruise the internet at much slower rates.

If you leave your password set to the factory which is; username: admin, password: admin
you have made yourself an easy target for hackers. If you change your password to something complicated this makes it very difficult for the hacker to break and much less of a target. To learn more about passwords and types of passwords you should use check out my other posts:
Protect Your Passwords, and Password Generator and Tester

Here is a tutorial on How to change your password using a linksys router: Change router Password Tutorial

Source:
Change router Password Tutorial

Another Internet Security Test

2005-05-16T23:35:00.000-04:00

Here is another security test I have found on the internet that may be useful to check how much information can be gathered about your computer.

This test will test for:

Ip Address - This number uniquely identifies you on the internet
Browser Name - Mozilla Firefox, Internet Explorer are example of browsers
Computer Name - The name you gave your computer (usually on installation)
Services running on your computer - Like a butler can give you services so can your operating system(Windows) but your operating system has services like the remote services which allow access to your computer from another location (ideally hackers search for computers with these services enabled)

The importance of this test is that certain information received can be used to the advantage of the hacker to compromise your computer.

The test is provided by Sygate who have such great products as Sygate Personal Firewall Pro

To run the test click HERE
also check out the other post on Security tests and Popup Blocker tests

Sources:
Sygate

Monitor Network Activity

2005-05-15T14:05:00.000-04:00

This tool can be useful to check if any intruders are using your computer to their own disposal. Commonly hackers using trojans or spyware will:

Steal information
Store files on your computer and use it as a server
Use your computers bandwidth (speed) to attack other computers
Monitor activity for marketing purposes (spyware)
Steal passwords
Take total control

By learning the techniques I teach you will be create a safer environment on your computer and learn more about internet security.

*Before reading this you should check out my posts on Learning and Understanding Ports and Understanding the Internet

Using Netstat

Netstat is a program within the DOS (virtual operating system that can be run from windows) that allows you to monitor network activities. It is issued by a command in the DOS window and when applied you can find out such information as:

The internet service you are using at the time (ie. MSN, Internet Explorer, Mozilla Firefox)
Ports being used by the service to send information and ports used by your computer to receive information
Status of the current connection (ie. Is it ending the service, waiting to begin, currently running)

First I will show you how to run the program within DOS and then I'll show you an easier way to have a program on your Windows machine that will monitor it for you at all times.

- Run Netstat From DOS

To open DOS

go to START/Run../Type Command or cmd

A black window will open up and you will now be able to type in it
to check out netstat type:

netstat

You will see something like this:
Click here for Screenshot

- Number 1 - is Local Address: This is the port that your computer is using for incoming and outgoing information from the service in use

- Number 2 - is Foreign Address: This represents the name of the service (server) and port the service is using to send and receive information from your computer

Example: baym-gw33.msgr.hotmail.com:http is a MSN messenger server and is using the http port which is port 80. So you are receiving and sending information to that server and port when you are connected to MSN messenger.

- Number 3 - is State: This represents the current state of the connection for example if it is established the connection is active, listening is when your computer is waiting for the connection, and syn_sent is when it trying to establish a connection. (These are usually the most common you will see)

From this information we can determine what ports are being used and the servers being used to send and receive information but this can still be difficult to determine if any are threats to your computer or not. Using a program called X-Netstat we can get a better idea of what is happening on our network.

Using X-Netstat

To Download the program you can click on this link: X-Netstat

This program runs directly in windows and looks something like this:
Click here for Screenshot

Now we can view Local Port, Remote Port, State, Recognized, and Process. These are the only features we want to focus on if you want to learn more the program comes with an helpful manual. The last two recognized and process can be very helpful to determine if the process running is a threat. If you cannot recognize a process running you may want to take research steps to determine if it is a threat to your computer these steps include:

Do a Google search of the process and a lot of information can be read to better understand what the process does for example firefox.exe is for Mozilla, aim.exe is for AOL instant messenger, svchost.exe is a Microsoft service host

Search The Trojan List, The Spyware Guide, and Startup Application List with the process information and port

Run Virus, Spyware, Trojan scans using cleaning software on your computer or search Google for a Virus Removal Tool if you have found out it is infecting your computer

Block the port or hostname using a firewall (will explain in more detail in later posts)

Use the Kill button on the top toolbar of X-Netstat to end suspicious process. This will end the network activity for the time being but when you restart it will come back.

Once you found out more information about the process you can better determine if it is a threat to your computer but

*WARNING do not delete the process as it could be a vital program used to run other programs or your operating system for example svchost.exe*

Running a Firewall on your computer will better protect you from these threats
if you don't understand something or need help recognizing a process Email me

Sources:
The Trojan List
The Spyware Guide
Startup Application List
Download X-Netstat

Test your Internet Security

2005-05-13T16:06:00.000-04:00

I have found a great internet security test on the internet that tests your network to see how many open communication ports are available. If you are not familar with what a port is you should check out my posts on understanding ports and the internet. Once you are familiar with these topics it will give you a better understanding on how this security test is testing vunerabilities that can be taken advantage of by hackers on the internet.

Before running the test your browser will alert you that you are sending valid information over the internet. This is nothing to worry about since you are testing your security. Once at the testing screen use the top buttons like 'common ports' and 'file sharing' to run the test.

Click Here For Shields Up Security Test

Once you have complete the test you can see an analysis of the ports test and if they were open or closed.

If you have vunerbilities you should look into installing and learning how to use a firewall. In the next few posts I will go over quality firewalls that are free and available to purchase to improve your internet security.

Source:
Gibsons Research Corporation

Misspelled Websites can cause Spyware infections

2005-05-12T19:13:00.000-04:00

Ensure when you type websites into your address bar that your spelling is correct or you could be visiting a webpage that will infect your computer with spyware and viruses.

It has been proven that when you type in 'google.com' as 'googkle.com' it takes you to a site that infects your computer with trojens and adware. Some ways a user can prevent this include:

Use Mozilla Firefox
Go to Start/Control Panel/Internet Options/Security Tab/Click on the Restricted Sites logo so it is highlighted/Click the Sites button/type in www.googkle.com in the text box/Click the Add button
Bookmark www.google.com and use the bookmark link everytime you want to go to Google

Here is more information on the threat from googkle.com. There are no doubt more misspelled web addresses that can infect your computer so take precaution when typing your favorite website in the address bar

Source:
News about Googkle

Popup Blocker Test

2005-05-11T15:37:00.000-04:00

So you cruise the internet a lot and you notice a lot of sites now have annoying popups that might interfere with your browsing experience. If you have been reading this blog for some time you will know that Mozilla Firefox has a great pop up blocker built into their browser. Unfortunately Internet Explorer 6 doesn't have this feature but it should be incorporated into Inernet Explorer. I have found this great site that lets you test the ability of your pop up block check it out at http://www.popuptest.com

Pop ups use several different techniques to bypass your pop up blocker such techniques include:

Come and Go - One pop up when you come to the page and one when you leave
Timed - Launches a new pop up periodically
Mouseover- Launches pop up when you move your mouse over a certain object on the page
Floating - Floats all over the screen very hard to close and often reappears when closed
Channel Operator - opens a pop up that is the full screen of your computer and has no close button
Sticky- Floats in one of the top hand corner and follows you as you scroll down the screen

All of these pop ups can be very annoying so test your popup blocker and see if your protected from them all.

Click Here:
POPUP BLOCKER TEST

Sources:
Popup Test

Under Construction

2005-05-10T00:50:00.000-04:00

Finally have the spare time to work on a new design so bare with me. Email me if you need any help with anything

IntSecure

Has your Anti Virus program Virus Definitions expired?

2005-05-05T16:24:00.000-04:00

Yeah well with a lot of programs you have to pay to renew them which means your computer is venerable to any new viruses that come out after that last renewal date. Well if you like the program you are using but can't afford or need time to renew the package you can revert to Free Online Virus Scanners. (Follow that link to my previous post for a list of them) or you can check out. A lot of the time when customers don't feel like using there current anti-virus program any longer I recommend this program.

AVG Antivirus

Features:

AGV email scanner
AVG resident shield
AVG virus vault
Scheduler
Update Manager

For more information on AVG contact these sites
AGV Home Information
AVG Antivirus

Avoid getting scammed by spoofed Emails

2005-05-03T17:46:00.000-04:00

An email scam is something used to gain vital information from a culprit like a name, phone number, or credit card number. This is information we must protect at all times and avoid giving out on the internet.

Some cases where people widely share this information is websites like ebay and paypal. Due to the nature of these businesses it is required to provide personal information to participate in their activities. Because of their popularity a number of email scams are directed at eBay and paypal users.

Example of eBay Email Scam

Subject: Renew your eBay account!

Return Address: support@eBay.com <>

Content: Dear eBay Member,

You have received this email because you or someone else has used your identity to make fake purchases on eBay. For security reasons, we are required to open an investigation on this matter. We treat online fraud seriously and all cases which cannot be resolved between eBay and the other involved party are forwarded for further investigations to the proper authorities. To speed up this process, you are required to verify your personal information against the eBay account registration data we have on file by following the link below.

http://Somewebsitemadebyscammers

This website now directs you to a fake eBay website something like http://ebiy.com and is a form for you to fill out your personal information. If your personal information is filled out it is submitted to the criminals where they can you use it at their own will.

How To avoid getting Scammed

With anything requiring personal information send an email to the company to verify approval. *Do Not Verify with the email address that has sent you the request for personal information. Find contact information on the company website.
Be aware of unfamiliar subject lines, email addresses, and content
Google search the senders email address, subject line, and content
If you are prompted to go to a website make sure the url matches that of the real site ie. http://www.ebay.com is real and http://www.ebiy.com is fake

You can also check the email headers to determine the origin of the email and if the email address is legitimate but this requires a guide that can be found on Millersmiles.co.uk

This site contains a great guide on determine if an email is a scam and a great database of email scams that are presently in use.

Source:
Avoid Getting Tricked by Scam Email
Database of Scam Emails

Have you Updated your Mozilla Firefox Browser Lately ?

2005-05-01T14:31:00.000-04:00

Lets start with Mozilla Firefox. There has been a few releases of Mozilla Firefox to fix problems or bugs within the browser. A large part of the bugs deal with security holes that can cause hackers to gain access to your computer. So here is how we determine if we need an update and how to update.

How To Determine if you need an update:

1. Check upper right corner of Mozilla Firefox browser for a red arrow pointing up

2. On the taskbar (Bar at top with File, Edit, View, etc.) go to help then about Mozilla Firefox in this window the version will be displayed somewhere (a version is represented by a number so like 1.00 updated to 1.01), compare this version with the one on http://www.mozilla.com Latest Version is 1.03

How To Update your browser:

1. Click on that red arrow and a wizard will come on the screen with instructions on how to download the newest version of Mozilla Firefox

2. Go to http://www.mozilla.com and download manually and install the newest version

Stay secure and keep your browser updated this is a big security issue and can take as little as 5 minutes to complete. Next time we'll go over updating Internet Explorer which is an easier task.

And if you haven't gotten Mozilla yet .........Get it for your own safety!!!!

Source:
Mozilla Homepage

Has your Browser been Hijacked?

2005-04-28T14:16:00.000-04:00

Has your browser been Hijacked? If so you want to try and remove that nasty spyware that is causing it right away. What is A Browser Hijack you ask ?

Browser Hijack - When your browser has been taken over by spyware which will cause such symptoms as:

Whenever you open your browser your homepage is changed usually to search page or business directory (popular hijack is Home Search Assistant)
Pages randomly appear in your Internet Explorers trusted sites security zone (this is a security setting in Internet Explorer you can find it in control panel/internet options)

Browser Hijacks are spyware running on your computer and you can get it by simply visiting the wrong website or installing software with programs in them to cause this to happen on your computer.

You cannot remove Browser Hijacks by changing your homepage or restarting you computer because the Hijack will only change it back to the page of its choice.
Some Hijacks can simply be removed by using Spy Sweeper or
Ad Aware but others like HSA (Home Search Assistant) aren't so easy and require you to do some complicated things to your computer

Removing Hijacks that cannot be removed by spyware detectors:

*Warning: This program is intended for computer users with good knowledge of the components mentioned below

To remove hijacks from your computer that your spyware detector cannot you should use a program called Hijack This.

Features of this Program:

This program logs running processes, start/search pages, Internet Explorer toolbars, trusted zone sites, registry items
Allows you to delete bad entries *DO NOT DELETE ITEMS IF YOU DO NOT HAVE KNOWLEDGE IN THE ABOVE SUBJECTS MENTIONED*

If you have no knowledge on the components mentioned above you can still use this program to save a log file and send to someone who is familiar with reading log files like myself. These people can tell you the components you need to delete in order to attempt to remove the Hijack spyware from your computer. If you cannot find someone to look at your hijack this log search on google for Hijack Removal Forums and post it there or you can email me.

I've collected a list of site you can visit:

Download HiJack This
Guide on HiJack This Spyware removal

Firewalls

2005-04-26T14:54:00.000-04:00

Ok a Firewall is a system or program designed to monitor and protect unauthorized access onto a computer or network of computers. It represents a bouncer for your computer as it allows people you want and disallows people you don't. A firewall monitors the ports that are in use while your on the internet. It will monitor the programs, people, internet threats that attempt to gain access to your computer. A firewall can be in the form of software installed on your computer that you can control and monitor. To properly configure firewalls it is best you have an understanding on how they operate or you could find yourself wondering why certain programs cannot access the internet anymore. Ex. You don't know how to properly allow MSN to access the internet will cause your firewall to block any attempts you make to sign on.

Features of Firewalls:

Blocks Unauthorized users from accessing your computer
Many firewalls can be easily understood for easy configuration
Manually Allow or Block programs or people from accessing your computer
Provides log files (information) on all programs and people accessing your computer

Example of Firewall in Action:

When you are running firewall software and you attempt to open new software that requires internet access lets say Mozilla Firefox. This is the firewalls actions:

Alerts you that a new program is trying to access the internet named Mozilla Firefox
Tells you what risk this program is to your computer
Gives you the option to ALLOW Mozilla Firefox to access the internet or BLOCK the attempt.

If access is allowed everytime Mozilla accesses the internet first it will be authorized by the firewall and determined you gave it access

If access is blocked everytime Mozilla accesses the internet it will go through the firewall and the firewall will determine you have blocked access from this program and disallow it from using the internet.

I will be compiling a list of great firewalls to use on your computer hold tight

Sites About Firewalls:
Understanding Ports
How Firewalls Work

I'm Back

2005-04-26T14:38:00.000-04:00

Ok folks I'm back and am going to start posting great tips and information about internet security again. I'm sorry for the time off I was very busy with work but now I have a lot of spare time to dedicate to inform the internet newbie how to keep safe!!

To review we have went over such topics as:

The internet and how it works
Viruses
Spyware and Adware
Email safety
Password safety
Browser safety

and many more so if your a new visitor browse around the site to get familiar and come back often to learn more!

Speed Up Mozilla Firefox

2005-03-27T02:16:00.000-05:00

Ok my site is on internet security but I ran into this cool trick on Paul Tech's Blog and decided to share it with you since I have recommended Firefox to increase security.

How to Speed up Browsing on Firefox:

Type "about:config" into the address bar (the place where you type the names of websites you wanna go to)
When the config page comes up locate "network.http.pipelining"
Change the false to true in the value field by double clicking it
Locate "network.http.pipelining.maxrequests"
Double click the number currently in the value field and change it to 30

Those are some simple instructions for quick instructions check out the source.

Source:Paul Tech's Speed Up Firefox Instructions

Learning and Understanding Ports

2005-03-25T13:39:00.000-05:00

Here's the deal this blog will start to talk about Firewalls and port monitoring programs so you can further protect your computer but it's best I explain them first.

Port:
You can consider a port a doorway or an endpath to a connection in the internet world. When you open a webpage you have to send a request to another computer which is called a server (A server is a computer that deals with network resources like it stores webpages and files you can view on the internet). Once you send the request to the server it has to send back the webpage to your computer to view on your screen. To do this it uses paths on the internet to transfer the webpage and when it reaches your computer it has to come in a doorway or port. There are many doorways or ports available to enter to ensure you can run multiple network programs and to properly identify network programs.

Example: When sending an email port 25 will open and send your information out into the internet to the receiver. When the receiver opens his email program and asks to see if there is any mail for him port 110 will open and receive that message.

So here is the Overview of Ports just incase you still don't understand:

Provide a doorway or connection end for information to enter your computer
When information is sent or requested it travels from a port to a port similar to how carrier ships travel from dock to dock to deliver imports or exports.
Represented by a number that identify the type of port it is Example: Port 80 is the port that deals with websites so it receives all information to view webpages on your screen.
There are thousands of ports that can be used in a wide number range
Certain ports in lower number range are most commonly used for Programs

Here is a list of ports and what programs or services they are associated with so for example on the list MSN messenger uses port 1863 to do things like send and receiver information

*Ignore things like TCP and UDP for now but these represent rules data being sent and received must follow.

Source: Port List
Source: Port Definition

Password Generator and Tester

2005-03-20T18:29:00.000-05:00

Ok if your having a hard time figuring out a password or want to have a real secure password try this password generator at Security Guides For Windows. You could always pick your own but if you want the most secure try out this site.

After you try this site check out the second link the Password Strength Meter at SecurityStats put in your password and it will test it's strength. If you have a weak password it's best to change it up using that site I have given.

There are also great tips for making a secure password if you scroll down on the Password Strength Meter Site

*WARNING WHEN CHECKING PASSWORD IN PASSWORD STRENGTH METER USE ONE SIMILAR TO THE ONE YOU USE*

Source:Password Generator
Source:Check Password Strength

Scheduled Tasks

2005-03-18T14:03:00.000-05:00

What is it?
This is a feature within Windows that will allow us to set a date and time for when we want certain programs to open or operations to happen.

Why We should Use it?
Since today we have so many programs dedicated to keep our computer secure (anti-virus, anti-trojan, spyware cleaners, adware cleaners, malware cleaners) sometimes we forget to run specific scans in a given period of time. This program enables us to set dates and times for these programs to open automatically for us to begin scanning. So for example I can have SpySweeper the program open up automatically at 4pm every Friday and The Cleaner open up at 5pm so I can begin scans. Now when this is program is open I have to start the scan. Anti-virus programs already take advantage of this feature upon installation it is set up so that it runs live updates automatically for you.

Now the time period between scans is entirerly up to you but it is recommended to run scans for all the types of viruses at least once a week.

How To Use Scheduled Tasks:
Pretty easy stuff

IN Windows XP:Go to Start>Programs>Accessories>System Tools> Scheduled Tasks
IN Windows 2000,98,NT:Go to My computer>Control panel>Scheduled task folder>Scheduled Tasks
Scheduled Task Window Will open
The first button in the Window is Add Scheduled Task Click This
Scheduled Task Wizard will open
Follow On Screen instructions to select a program to open, time, and date (If you can't find the program in the list use the browse button)**
Advanced options can be configured after by checking the advanced check box in the final window*

*Repeat Steps for all security programs*
**Windows XP users require ADMIN PASSWORD SET ON INSTALLATION in order for the tasks to work**

Here is another site with a tutorial on how to run the Scheduled Task Feature you can also email me for help

Source:Windows Scheduled Task Tutorial

New Latest and Top Virus Links On Sidebar

2005-03-16T18:49:00.000-05:00

I have just added a new feature located on the Sidebar to the left that allows you to view information on the latest and top viruses on the internet provided by Trend Micro. The offer such products as Pc-Chillen and Trend Micro Home Network Security.

How this Feature can help keep you PROTECTED:

Keep updated with symptoms of new viruses
Know how you can get infected from these viruses
Information on how to remove these viruses

The more you know the safer you will be and remember the top viruses listed in that list are usually the ones that are most common on the household computers now a days.

*This List is Constantly UPDATED so check back frequently*

Source:Trend Micro

Keylogger

2005-03-15T19:22:00.000-05:00

Ok quick post today because I failed to mention this type of spyware earlier

Keylogger: This is a type of spyware that tracks and records each keystroke you push while operating your computer then stores this to a log file that you usually cannot access.

Purpose of a Keylogger:

Can be used by businesses to track employees
Used by hacker to find out passwords

Keyloggers attempt to get such information as banking information or passwords, credit card numbers, ebay and paypal passwords. Anything that can be a valuable use to hackers

To stay protected make sure you run your virus checker weekly to insure you haven't been infected with a keylogger. There is also keylogger protection programs out there to check out more open up google and search for "keylogger protection". I have included a link to an anti-keylogger program called Anti-Keylogger (which I am in the process of checking out)So check this out at your own discretion.

Source:More Info on Keyloggers
Source:Anti-Keylogger

Check Out The Cleaner

2005-03-13T13:03:00.000-05:00

Program: Moo Softs The Cleaner
Purpose: Detect and Clean Trojans, Worms, Keyloggers, and Spyware and provide great features such as TC active and TC monitor
Operating System: Windows

If you forget definitions of viruses check this link out Viruses

Ok so here's the deal your probably saying that you have Norton or McAfee so there is no need for another virus type program but remember more is always better when dealing with protection. The cleaner offers a great package and great protection for users who aren't familiar with internet security or the computer. Ontop of the protection from trojans, worms, and keyloggers it offers it also has two great features which I will explain.

Features: (These features are great for security because they monitor aspects of Windows that work behind the scenes)

TC Active - This monitors all the current processes of your operating system which means that any program that is being run is being checked by this program for viruses, worms, keyloggers, and spyware.

and

TC Monitor - This monitors your registry. I know I haven't talked about the registry yet so you might be up in the air on this one but trust me this is an important aspect of your security so check out this link for now The Registry

So check out this program at Moo Soft The Cleaner and try it's Free Trial

Source:Download The Cleaner Here
Source:The Cleaner Product Info
Source:The Registry

Email Filters.... You might need this

2005-03-11T21:03:00.000-05:00

Ok a wise move to make if your using personal software to send and receive email is to download an email filter program to ensure your minimizing spam and virus threats. What is an email filter you ask

*If you use an online program like Gmail or Hotmail don't worry about email filters they offer there own and work really good. *

Email Filter: This is a program that scans your mail for suspicious content that may be spam or virus threat. Alot of the time for example the subject matter for an email can reveal if it contains an attachment with a virus or if it is spam mail

Warning: Sometimes filters will see non spam emails as a threat so it is wise to check the detected emails over yourself aswell

Now virus detection programs with email protection also work great for targeting viruses so the main use of an email filter is to avoid the unwanted spam.

Here is an email filter program you can check out on a 30 day trial and a good site on email filtering check them both out

be sure to check out more aswell email me to tell me which one you found worked best

Source:Email filter Program
Source:Great Info on Email filtering

Interested In Trading Links

2005-03-11T19:27:00.000-05:00

Trading links is a great way to attract traffic to your blog!!

Interested in trading links and getting listed on my blog send me an email with the url of your blog and I'll check it out and get back to you..

Email me intsecure@gmail.com

Check Email Online First

2005-03-10T23:27:00.000-05:00

Tip: Check your email online first and delete any suspicious emails prior to downloading the email on email software such as Outlook Express

Ok when we sign up with an internet service provider we are given an email address. Now what most people do is set up this email address with an email program such as Outlook express.
Lets discuss how email travels.

How email travels:

Email message is constructed
Email message is sent to an address
Email message travels over internet to storage space (Internet Service Provider email server)
User opens email program Outlook Express
Outlook express contacts storage space and downloads any emails that are addressed to it

So basically what happens is email is being downloaded to your computer that could potentially be an attachment with a virus to infect your computer.

What to do:

To be safe about the situation you should view your email online first and delete any suspicious looking emails. This site has subject lines that most commonly have viruses attached to them
Virus Email Subject Lines
How to do this:

Every Internet Service Provider should have a website where you can access your email address online providing the email address as login and password. To find out about your online email services consult your Internet Service Provider.

Source:Virus Email Subject Lines

Check the Links!

2005-03-09T19:39:00.000-05:00

Make sure to check out the links to other blogs I continue to post

TechNudge and AMCP Computer Privacy TECH BLOG

These are two sites on there that provide excellent updated information on new technology and technology news. Keep updated because alot of posts on there provide help securing yourself online!

Feel free to email the webmasters with comments and questions as well
or email me

Spam

2005-03-09T16:14:00.000-05:00

Ok everyone knows what spam is ..........but just incase I guess I can explain it and give some sites on how to report it and avoid it.

Definition: Spam is junk or unsolicited mail sent to your mailbox. Often this is advertisements from companies trying to get you buy their service or product.

Nobody wants spam but unfortunately it isn't illegal to email spam to people

How do these people get our email address:
1. Email Lists
I talked bout email lists in my last post basically websites collect emails then sell it to other companies so they can spam your mailbox

2. Websites
They could hack websites using programs to download the whole website and take there email list

3. Chat Room or Chat program profiles
If you put your email in these profiles expect spam

There are more but these are the main ones I have included a website that includes alot more and also other links to assist in tracking down the spammer.

So like I said before having more then one email address will help and I was given a tip to that sometimes even more then 2 email addresses help just as long as your protect your main address.

This is just some information on Spam to help you avoid getting hit hard with it . Later we will check out spam filters to protect your inbox from getting all this junk mail.

Source:Spam Tips
Source:Sites to assist in tracking spam(Links at bottom of page)

2 E-mail Addresses better then One

2005-03-07T21:02:00.000-05:00

So I've made the tip for today pretty obvious by explaining it in the topic. I've moved away from talking about viruses for a sec and thought this is a good tip to share. Why two email addresses you ask well here's the reason:

One E-mail for personal (main address):

This can be shared to friends and family for personal use
Do not give this E-mail address to anyone else unless you know them

One E-mail for internet (secondary address):

This account should be used to signup for anything on the internet. More and more today sites are requiring your email address for verification. The problem with this is NOT EVERY WEBSITE CAN BE TRUSTED and what happens is you give your email address to them for verification and they sell it to spam companies who flood your mail box with junk.

This account is used for internet sites that require verification
This can be given to people who you may not fully trust
Can also be used for verification with software if they require and email address

To many times have I seen people with great email addresses ruined because they use it in all of these scenarios and get flooded with spam. So take my advice and open up more then one account.

Virus Information/Latest Viruses

2005-03-04T15:21:00.000-05:00

It's a great advantage to know exactly how a virus can infect your computer and what kind of damage that virus is doing. So today I've assembled a list of sites with up to date virus information. Remember it doesn't hurt to also stay updated with information with recent viruses so you know what to look out for.

On these sites you can find information such as:

What type of files the virus hides itself in
Email subjects that usually contain viruses within them
The risk or threat of a virus
Where the virus locates itself on your computer
Symptoms and type of damage the virus does to your computer
Removal Instructions (Warning: A lot of instructions contain steps that are vital to a computers performance and should be done by a professional)
Ports the virus use to access your computer

So if you notice you have picked up a virus it is wise to consult these sites and gather this information so you have a better chance or removing the virus completely. Use the search feature on these websites to locate the virus you have been infected with.

Source:Symantecs Latest Virus Threats
Source:McAfee Virus Information Library

Virus Removal Tools

2005-03-02T16:02:00.000-05:00

So the tip of today is

If you cannot rid a virus from your computer using your anti-virus software search for a Virus Removal tool to do the job for you before taking into professional help

When your computer is diagnosed with a virus from your virus scanning software you have the chose to remove it from your computer or quarantine the virus. In some instances the software cannot remove the virus so it will quarantine it. What this means is it stops the virus from infecting your computer anymore by containing it. Now it's up to you to remove the virus from your computer. Before taking it to a computer Technician it is wise to do a google search for any removal tools that can be downloaded to do the job for you. Removal tools are separate programs dedicated to removing specific viruses for example if you have the W32.Netsky@mm virus Symantec has designed a removal tool to search and rid you computer of this virus. These website also contain instructions to run the program and to remove the virus manually too but that should be left to professionals.

Here are some locations of popular virus removal tools:

Source:Symantec Removal Tools
Source:McAfee Stinger program (designed to remove a number of specific viruses)
Source:Grisoft Removal Tools

Under Construction........

2005-03-01T22:28:00.000-05:00

Currently I'm making a logo and editing the template to look more professional so stick with me more great information to come. Anyone that wants to trade links feel free to e-mail me providing your website is computer related.

See you soon............

Protect your Passwords

2005-02-17T15:33:00.000-05:00

Ok here's the deal creating a password is a very important part of internet security too many times have I seen computers or large networks compromised because they failed to use a complex password. Here's some tips for password creation:

Have 3 or 4 common passwords that you would like to use
Make sure you passwords are long 8-10 characters and contain letters, numbers, and special characters
Don't share your password with other people (obvious)
Don't use your password for common websites ie. Your eBay password is the same as your paypal password
Some programs offer to your remember your password this shouldn't be trusted due to some security issues with programs
Use upper and lower case letters
Try not to use common words found in the dictionary

Later I will also talk about programs that use a technology called encryption to better protect your passwords from hackers and viruses. Although this may seem like a chore to memorize these passwords it will benefit you in the future.

Email me Questions

Source:Us-Cert

Contact Me

2005-02-15T17:28:00.000-05:00

I have created a email address at Gmail <intsecure@gmail.com> so you can contact me for:

Questions about Internet Security
Comments
Request information posts
Trade site Links

Contact me I want to hear from everyone. If you have problems I am available to help.

Email:intsecure@gmail.com

Free Online Virus Scanners

2005-02-13T14:23:00.000-05:00

Each virus checker has different capabilities to scan and remove viruses. As a customer your job is to find the virus checker that will find the most viruses and remove them successfully from your computer. Now on many company websites you can run a free virus scan of your computer to test which virusscanner is best for you. You also should check out the features of the virus scanner aswell. These virus scanners run within your browser using either Java technologies or Active X.
Unfortunatly these virus scanners best run in Internet Explorer.

Here are some comapanies that have free online virus scanners:

Symantec (Product: Norton Antivirus) (Requirements: Active X)
McAfee (Product: McAffe VirusScan) (Requirements: Active X)
Trend Micro (Product: PC-Chillen) (Requirements: Java)
Panda(Product: Titanium 2005) (Requirements: Active X)

Reminder: Most of these sites will have an Active X pop up box that asks you yes or no to install the program to run the virus scan click yes if you want it to run. These are safe.

These represent some of the main brand anti-viruse software. I tried them all and they were releativly easy to use. The hardest one was Trend Micro which seemed to be having problems with it's Java application. I liked McAfee's the best because while scanning it gave you tips on how to avoid viruses. The only downfall about McAfee's is you have to setup a user account before the scan begins but this takes 10 seconds. The overall test is for you to run these scanners find out if you have viruses that you are unaware of and choose which Virus protector is best suited for you.

Source:Symantec
Source:McAfee
Source:Trend Micro
Source:Panda Software

On your marks get set GO!

2005-02-11T15:58:00.000-05:00

Ever wonder what programs are starting up when you boot your computer. Msconfig (Microsoft System Configuration) can help. Msconfigis a utility built into windows 95, 98, 98SE, ME, and XP. This utility was designed to configure aspects of how your windows machine boots up. Today we will focus on the feature of Msconfig that monitors and allows programs to load when your Windows machine first boots. Some threats are built to load up on your computer upon entering Windows without your notification. So lets check out what programs are loading.

To access MSCONFIG simply:

Go to Start > Run > Type: Msconfig > Click Ok or press Enter

Once loaded your screen will display Msconfig

For Windows 95, 98, 98SE this is what you will see :

For Windows XP:

Where to go:
Now before getting started I must remind you that you shouldn’t play with settings in Msconfig unless you have knowledge of the results as changing properties in Msconfig could affect your computers boot process. Today we will only focus on the 6^th tab labeled Startup.

What this is:
Once you click on this tab you will be given a list of programs with checkboxes to the left of them. These items listed represent all the programs that load without you clicking on them when Windows boots up. A lot of these programs have names that you can’t understand but are required on Windows load.

What to do:
To check if anything is running that is a threat to your computer I’m including a website SYSINFO with common startup names related to programs and viruses. There is also a program that I will talk about soon enough that can help you do this. So best thing to do is go to this website SYSINFO and search up the components that look suspicious and if found a threat uncheck the box beside the item listed. Upon changes once you exit the program it will ask you if you would like to restart the computer click yes for the changes you made to take place. After you’ve competed this look into removing the threat from your computer by running viruses scans, spyware scans, etc.

Uses of Msconfig:
Using Msconfig and the Startup tab is a highly used troubleshooting tool for administrators. If a problem is detected with a computer usually one of the first steps they take is to load Msconfig and disable most programs in the Startup tab then reboot the computer to check if the problem still exists. If the problem is gone then they know that it is a program loading when Windows starts that is causing the problem. The Startup tab can also be used to troubleshoot slow speeds on computers. As I said though play around with this tool at your OWN RISK.

Safety Feature of Windows Xp

In the Startup tab of Windows Xp you can uncheck any box and your Windows machine will still boot up successfully

In any other Windows operating system with Msconfig you must make sure that Scan Resistry and Systray remain checked to ensure your computer will boot properly. It is probably beneficial to leave any virus checking software checked too.

Here are some links to check out on Msconfig

Source:Starup List at Sysinfo (use this to check what is running in msconfig)
Source:More Msconfig Stuff

Do you have this?

2005-02-10T16:04:00.000-05:00

Recently I've been browsing around the internet for lists of spyware and how they infect your computers. I've came across a few goods sites but the main one I enjoyed was located at spyware-guide.com. It gave an extensive list of spyware along with information on how it affects your computer and tips on how to remove the spyware from your computer. So as a tip if you have spyware on your computer and your anti-spyware program isn't removing it consult this website and do a search on the name of the spyware. If you can't find it on this website I suggest running a search in google for it. With that said I should have a blog on how to best search for information regarding security information on the internet. Anyways check this site out to find out more about spyware on your computer.

Source:Spyware-Guide

I'll be back

2005-02-07T23:40:00.000-05:00

Busy week as I'm leaving for a few days and will have minimum access to the internet but rest assure I will be back!!

Cleaning House

2005-02-04T16:06:00.000-05:00

So today I decided to start looking at a adware/spyware cleaning program called spysweeper. I have tested this program along with others to ensure the best protection for mine and clients computers. To run the test I simply downloaded some of my favorite adware/spyware cleaner programs and ran them one after the other to see which one finds the most adware/spyware on a computer. To do this of course I had to avoid removing the spyware right away but it gave me a better idea on how these programs match up to there names. So I myself prefer spysweeper but as I was searching around on the internet I ran into an article called "Anti-Adware misses most malware". This article basically explained how Eric Howes an instructor at the University of Illinois also ran a test on many adware programs to find that most adware programs only catches less then half of the bad stuff on your computer. So what it seems is one program is just not enough anymore since adware/spyware seems to be so rampant on the internet. The bright side to this topic is Spysweeper was rated #1 in the test and caught 70% of the adware/spyware Eric infected the computer with. I plan on doing more testing on the subject to see what companies are doing about this problem to make sure we are protected. Look for that in the future but for now check out Spysweeper.

Here are the sources I used today check out that article it provides lots of great information about adware/spyware. I have also included the link to a free spyware check on Spysweepers site to check if your computer is infected and a link to learn more about Spysweeper and download it if interested.

Source:Anti-Adware misses most malware article
Source:Get SpySweeper Here
Source:Free Spyware check From SpySweeper

In Programs we Trust

2005-02-03T18:01:00.000-05:00

We are constantly downloading programs from the internet for whatever purpose you hope to serve. The problem is when we download these programs we are unsure what we are installing on our computer when we run the .exe (executalbe) file. An executable file is a program bundled into one file waiting for you to click on it so it can properly configure itself on your computer. The problem with the executable file is you don't know what your putting on your computer until all is said and done unless of course it's open source but I won't get into that today. So my lesson for today is trust the program you download before installing it on your computer.

Some safe practices to ensure a program is safe from spyware or viruses include:

Search your program up on Google and look at the results. You are looking for any topics about spyware, viruses etc.
Search your program up on Google with the words spyware, virus, adware, or anything that may be harmful to your computer ex. do a search for <"Program Name" spyware> or <"Program Name" virus>
Check out the link on the bottom of this blog update to see if the programs name is in the list

We will discuss many ways to check your computer for spyware soon but until then keep using these safe practices before installing programs. Check out the link I found of programs infected or suspected to have spyware.

Source:Spyware List
Reminder: This list doesn't have every program with spyware on it there are plenty more

Beware of Active X

2005-02-02T13:54:00.000-05:00

Active X is similar to Java as in it allows interactive content on the world wide web by installing programs on your computer to complete these tasks. For example using Active X you can look at Microsoft Media files, Quicktime files, or Macromedia Flash files from within your web browser. Microsoft created Active X to compete with Java so this technology is common for Internet Explorer. When you go to a webpage that requires an Active X program to run a certain portion of the webpage or install something for your browser you will receive and Active X dialog box like this:

As you can see it is asking if you want to install Macromedia flash player because something on that website that you are viewing requires this program to view the content. Clicking yes is similar to running an .exe(executable) file on your computer This Active X technology for installing programs can be very beneficial because of it's ease to use but spyware programs are taking advantage of this.

The problem with Active X is it relies totally on the user to accept the program or decline it. To many times have I seen people browsing the internet and accepting these dialog boxes without realizing the consequences. Many spyware programs are finding ways to force the user into accepting yes to avoid nuisance.

Some methods used By Spyware or Adware sites:

They will continually have the Active X dialog box pop up until the user hits yes
Have some type of directions telling the user to hit yes in order to complete a task like download a file

Ways to avoid getting the Spyware:

Always read the Active X dialog box before making a choose to hit yes or no
Make sure the company the program is distributed by is trusted
If you don't trust it and want it to stop popping up constantly continue to press the x in the top right hand corner or use task manager to stop the browser

For more information check out this site:

Source:Security Trade-offs:Java vs Active X

Your Web Browser

2005-02-01T22:02:00.000-05:00

Have you made the switch yet ? If you haven't I suggest you do. If you don't know what I'm talking about let me explain. Recently Mozillas Firefox 1.0 was released and is taking Internet Explorer by storm. This browser offers great security by offering great technology like it's pop up blocker, active x control blocking and 3rd party image blocking. Every clients computer I clean I recommend this browser and they end up loving it due to the fact they rarely ever get spyware or adware now. So first tip I give to you is give yourself an upgrade. Installing this browser is easy and all your bookmarks can be imported from Internet Explorer. To run java on Mozilla you have to also download the java program from Java's website. I will also be posting more about Mozilla and security features that will benefit you as you cruise the internet. So what are you waiting for make the switch today. If you don't believe me that it's better then Internet Explorer check out these reasons.

Source:Reasons why Mozilla is better then Internet Explorer
Source:Download Mozilla Firefox Now

Adware & Spyware

2005-01-31T19:30:00.000-05:00

Business has began to pick up on the internet as many companies are looking for means of marketing information. This has caused companies to start creating programs called spyware and adware to aid in market research for companies. Once infected these programs either steal information from your computer or constantly bother you with ads. This is big security risk lately as spyware and adware are becoming very common in the online world.
Spyware

When infected with spyware it will steal such statistics as sites visited, number of sites visited, activities on computer etc..Basically any information that will aid in a companies marketing research
This uses up memory which slows down your computer

Adware

When infected symptoms include constant ad pop-ups when browsing or not browsing your browser ie. Internet Explorer, your homepage is changed everytime you load your browser, tool bars in your browser, etc.

Adware and spyware are becoming a great nuisance in the online world and we need to be better educated on how to avoid getting infected by it and programs we can use to remove it. After I cover all the basis of the internet I will begin giving instructions and tips on how to do just this.

For more information search google for "Adware information"

Soon I will be putting my email up for people to ask me questions and request topics related in computer security that I should cover.

Viruses

2005-01-29T12:07:00.000-05:00

Ok Here's the list of different types of viruses and how they infect your computer. For more information I have found a great free e-book explaining the viruses and their origins incase you want to study up.

Virus

A program or code that is runs on your computer. Viruses come in many different forms and can cause many different things to happen to your computer. Common uses of viruses include playing pranks, stealing data, setting up ftp servers, using your computer as a bot to run commands off of, erasing data and infecting programs and so they don't operate properly. Viruses can also slow down your computer because it is using your memory to run.

Worms

A worm will infect your computer and make copies of itself then use communication devices or internet programs to spread itself to other users. If you have a worm it is hard to remove since they can spread so fast. An Example would be a worm infects your computer then uses a mail program like Outlook Express to forward itself to all users in your address book.

Trojens

When infected with a backdoor trojen another user can remotely access your computer to do such common things as store files on your computer, use your computer to run attacks against other computers, or just play pranks on your computer. This is similar to my example in my THE INTERNET post where you receive an email and are infected with a backdoor trojen.
A trojen horse will pose itself as another program but when you run this program it does something completely different that may infect your computer with another virus. So basically it's like receiving a package marked fresh apples and when you open it all there seems to be is dead fish.

File Virus

These viruses use commands from other programs to infect the users computer. For example if you are running Internet Explorer and whenever you go to enter a URL in the address bar the program begins to shake.

These are all the common viruses out there that I will begin to explain. For more information check out this free E-book
Virus E-book made by ITS

The Internet

2005-01-28T14:31:00.000-05:00

The first lesson I want to teach is understand the Internet and how it works. This will give the user a better understanding on how to protect themselves when online. To better understand, all the computer lingo presented I will use comparisons to everyday common things.

The Internet is alot like our automobile transportation systems. It contains roads to properly reach mapped destinations, automobiles which represent the traffic on the roads, and means of controlling traffic like stoplights and stop signs.

We first want to represent our computers as our home. Our home in reality has an address to represent our location as the computer has what is called an IP ADDRESS. This is a unique number that is a set of four numbers seperated by periods each number can be from 0 to 255 for example - instead of our house being 15 cherry lane it is represented by an IP of 64.182.147.345.

Now we will represent the automobiles as information or PACKETS of information that can be sent or received by your computer along the roads that interconnect the Internet

Finally as means to controlling traffic we are going to assign a parking attendant to your house who will control who will come in and what area they are to park in. The parking spaces are represent as PORTS and you have 1023 parking spaces at your house. A port is a means of connection on the Internet or a communication channel for example when I use Internet explorer I am using port 80 to send and receive information to view web pages. Today we will only talk about common ports so there are 0 though 1023. Each program uses specific ports for open communication to and from your computer

For more information on which program uses which ports check

Scenario - You are having a huge party at your house you've invited your good friends. You've prepared for the party and sent out invitations to all you friends. You've also hired a parking attendant since you will have many guests and parking organization is needed. When the time roles around they all begin arriving first Internet Explorer comes and the parking attendant tells him he needs to use parking spot 80 for the night. Upon Internet explorers arrival you realize you want him to bring some snacks, so Internet explorer leaves spot 80 goes back to his home retrieves the snacks and brings them back to your home parking back at spot 80. Next Email comes and brings his uninvited friend Virus the bad parking attendant lets both of them in giving email parking space 110 and virus parking space 1000. Now virus can come and leave as he pleases and you are unaware of his presence. Upon emails arrival he tells you he has an entertainer friend that will come and entertain at the party for free he just has to pick him up. So you give email an invitation for his friend and you tell him to go deliver it to him but use your car parked at spot 25, Email leaves immediately. Once the party is over all your guests leave except Virus. You are unaware Virus is present and now he is free to do whatever he has been sent out to complete.

Computer term: You are at your computer and you decide to use Internet Explorer upon opening it you are establishing a communication channel of 80 to send and receive information from websites you attend. In the real life scenario Internet Explorer arrives and uses spot 80 but you decide he needs to bring snacks so you send him to get them. This is similar to you going to a website you are requesting information and receiving it through port 80. Now you want to check your email so you open up an email program lets say Outlook Express. When opened you begin receiving an email of information this opens up communication on port 110. When you receive the email there is an attachment you open it and run it and it is a virus. Without you knowing this virus sets itself up on your computer and now opens port 1000 to send data or information as it pleases. After opening the email you respond to the person and send it. This opens up port 25 to send the email to the recipient. In the real life situation Email arrives and is told to park at spot 110 but brings along an attachment which is Virus since you parking attendant is bad and not trained to stop the Virus it lets it park and do what it needs to do. Once the email arrives he wants to invite his entertainer friend and takes your car parked in spot 25. This is similar to you wanting to reply to the email now the email is sent through 25. So port 110 is used to receive email and port 25 is used to send email these are both common ports on the Internet.

In conclusion since your parking attendant is untrained he is unaware of what parking spaces or ports are being used for communication in your computer. These ports can be opened or closed by him without your control. With proper security knowledge and programs you can control what applications use your parking spaces or ports.

Next time I'll explain the types of Viruses out there..................hope you enjoyed if you don't understand feel free to leave comments

Welcome

2005-01-27T21:09:00.000-05:00

The internet today has become a nest of spyware, adware, trojens, and viruses. Being a Computer Technician I have noticed this problem getting worse and worse as the majority of personal computers I service are full of these nuisances. So to provide a means of safety I've started this blog to inform the basic pc user the in's and out's of security on the internet. I hope this blog will be helpful to you in protecting you computer since computers are becoming a necessity in our everyday lives. The first lesson I want to teach you is the number one rule we learn when dealing with computer security.

"The only safe computer is the one not plugged in to the internet"