An exclusive gaming industry community targeted
to, and designed for Professionals, Businesses
and Students in the sectors and industries
of Gaming, New Media and the Web, all closely
related with it's Business and Industry.
A Rich content driven service including articles,
contributed discussion, news, reviews, networking, downloads,
and debate.
We strive to cater for cultural influencers,
technology decision makers, early adopters and business leaders in the gaming industry.
A medium to share your or contribute your ideas,
experiences, questions and point of view or network
with other colleagues here at iVirtua Community.
1.1) Forward: About this guide 1.2) Basics to protecting your system
2.1) Better Browser Basics 2.2) The \"Good Browsers\"
3.1) Spyware and Adware 3.2) Viruses and Trojans*
4.1) Hacking and Cracking* 4.2) Software Firewalls* 4.3) Hardware Firewalls*
* Soon to come!
1.1) Forward: About this guide
In these days of information and technology, all you hear about is how to protect yourself from viruses, spyware, and hackers. Each and every company claims that their program in the best. Of course, this can not be true. This guide is written in hopes that I will be able to clear up some of the most common questions about internet security and keeping your system safe and secure. I will update this guide as often as I can, so as to keep you informed about new programs available to you, and new threats to watch out for. If you spot any errors in this guide, or have something you would like to add, please PM me, as I will be able to respond faster that way, then if you post in this topic. I will be happy to give you credit for anything that you added.
Thanks,
Nitrous | CITF Tech Support
1.2) Basics to protecting your system
There are just as many ways of destroying and stealing digital data as there are to destroy and steal physical data. Most people are aware of this, and know that when they protect their system with anti-virus and anti-spyware software, they will be much safer from outside threats. But when they are asked \"What is a virus?\", or \"What is spyware?\", they generally shrug their shoulders in embarrissed neglect. If you understand just what you are up against in the digital world, you will be much better off. You do not need to be a computer genius to be protected. You just need to follow a few simple rules listed below:
1) As KoolDrew puts it, don't be a moron. If something looks suspicious, don't click on it. If someone tells you not to click on something, take their word for it and don't take the chance. There are tools to help you stay safe from Internet threats, but they are only as good as the user.
2) Stay protected! Make sure that you have an anti-virus program installed, a firewall enabled, and a spyware removal tool that you know how to use.
3) Know what you are downloading! Threats come in all shapes and sizes. Spyware could easily be disquised as your favorite Beatles song that you have been dying to listen to.
4) Don't give out personal information! Hackers can and will use every bit of information you give them, including your name, address, phone number, social security number, credit card numbers, etc. Don't give them a way to get this information in the first place.
5) Stay updated! Hackers are always one step ahead of us. It is importiant to keep all your security programs updated with the most recent information at all times. An un-updated program is almost as bad as not having one at all.
2.1) Better Browser Basics
Most people in the world use either Microsoft Internet Explorer, AOL, or Netscape as their web browser. The truth is, these people need to get with the program and realize that they need to use a better browser. The three browsers mentioned above are full of security holes, flaws, and bugs. This isn't only because the company who made them is not doing a very good job, as I am sure they are doing the best they can. The fact of the matter is that hackers target the more popular browsers, not that popularity of a browser is the only thing that can make a brower bad. Although popularity played a large role it this, the design of the browser, such as what languages it will interpret and if it runs any programs such as Active X (the downloading program used by Internet Explored that can be easily used to give your computer spyware and pop-ups). Like I said before, hackers are always one step ahead of us, so by the time one security hole gets fixed, another one opens. It is a never ending war. So, while most people in the world are suffering the constant bombardment of spyware, hijackings, and pop-ups because they are using a \"bad browser,\" you can be enjoying the suttle bliss of using one of the lesser known web browsers.
But will this cost you any money? Of course not. The \"good browsers\" I am going to present to you are all free of charge. They are not trial versions, demos, or anything of the like. They are all the complete full versions. All you have to do is download, follow on-screen instructions, and you will be on your way to internet heaven. Can you wait? I know I can't!
2.2) The \"Good Browsers\"
Mozilla Firefox- Firefox is my personal favorite. It has a beautiful, very customizable interface, built it pop-up blocker, and has the ability for you to add on hundreds of pre-made \"extensions,\" or tools that allow you to do almost anything imaginable. You can also change the skin to make it fit your taste. So Firefox sounds like it has a lot of features that you have to learn right? Wrong! Firefox works just like any browser. It even has a tool that lets you import your Favorites list from another web browser.
Opera- This is another really cool browser. It comes loaded right out of the box. This can be a good thing or a bad thing, depending on how you look at it. However, it is a very reliable and fast browser. It comes with a mail & IRC client, as well as an address book. Again, it works just like any other brower, so you don't have to learn anything new.
Mozilla Suite [added by Predator]- This is the full internet suite version of Mozilla's browser. It is similar to Netscape's browser. It runs of the Gecko5 engine, which is said to be the fastest. This browser comes with a mail & IRC client, as well as a HTML Website Composer and an address book. Some people accuse this browser of 'code bloat,' because it isn't as simple as Firefox, but I assure you, it is definitely worth it to try this browser.
Spyware, by definition, is any software that covertly gathers information about a user while he/she navigates the Internet and transmits the information to an individual or company that uses it for marketing or other purposes. Of course, it is used for much more than that. Besides gathering your credit card numbers, passwords, address, or any other personal data about you or your computer, spyware drastically slows down your computer, making it almost impossible to use, let alone use the Internet.
Many people claim that Macontosh computers, or PCs running a Linux disto will not get spyware, or any kind of malware for that matter. This is only somewhat true. Yes, Windows PCs are most likely to get malware, as the Windows operating system is more unsecure than other operating systems. However if any kind of malware is programmed specifically for an operating system, and that program gets through, then that computer will become infected.
In order to keep your computer safe, it is recommended that you use of the following Anti-Spyware programs. Of course, you have to update your Anti-Spyware programs as soon as new updated become available so the program can scan and detect any new threats.
Microsoft Defender- This is my favorite Anti-Spyware program. It is fast, efficient, and integrated well into any relatively new Windows system. It features automatic updating, schedualed scans, and full time protection.
Ad-Aware SE- This is one of the most used spyware removal tools. It features everything that you would expect from a good Anti-Spyware tool. However, in order to get realtime protection, insteat of just a removal tool, you have to buy the Plus edition. However, the Personal edition is free of charge.
Spybot Search and Destroy- Spybot is another very common anti-spyware tool. Besides the usual features, it can also clean out web-usage and program tracks from your system, which is especially useful if you share a computer. You can also fix registry inconsistancies related to spyware and malware program installations.
Very nice job. I was planning on writing a security guide, but I'm too lazy.
However. you do need to change the part about other browsers being security risks because they are so poular. Popularity has nothing to do with anything.
Very nice job. I was planning on writing a security guide, but I'm too lazy.
However. you do need to change the part about other browsers being security risks because they are so poular. Popularity has nothing to do with anything.
Popularity has a LOT to do with exploits.. thus it has a huge affect on security. If 90% of people used Firefox, and 10% used IE, then obviously firefox would be the prime target to ind exploits on.
The reality is IE has the most share which is why it has the most number of exploits, however as firefox gains more share, it too will become more of a target.. which is one of the main reasions many firefox users have switched (opera has more of a clean security record)
If I make a browser and use it for personal use, noone is ever going to exploit it. If I make a browser and give it to 10,000 people, it has more of a chance of being exploited.. if I give it to 3,000,000 people, it will almost certainly get exploited.
Internet Explorer's problem is the result of badly-written code that, more often than not, predates Windows 2000. Back in those times, Microsoft was in such a hurry to produce more and more features that they didn't pay a great deal of attention to buffer over-flows and cross-site scripting bugs. Microsoft has learned its lessons from years of exploits, and developed a series of tools to help them find and correct problems.
Another thing is that IE is designed to be \"part of the operating system\", meaning that it can be controlled heavily by other programs.
heck, the next version of Windows is taking so danged long to get out the door precisely because the entire Windows codebase (and IE especially) needed a pretty serious security audit, as well better tools to improve the updating of the OS when vulnerabilities are found and fixed.
Security is a process, right? Firefox's security is improved with 1.5 precisely because the process by which vulnerabilities can be patched has improved. XP SP2 went a long way to improve this for IE, and we'll see another leap forward with Vista...... and another leap forward with the next version of Windows after that.... and so on and so forth.
Also, it's quite interesting how many vulnerabilities have already been discovered in FF's codebase, a browser with less than 10% market share. If FF were in IE's shoes, FF would be considered the least secure browser ever. Comparatively Opera has been around forever and has half as many known vulnerabilities (vs FF).
I have no doubt that Firefox will gain in market share. It's new, it's got the novelty factor. After a few years of no serious choice but IE then it's quite natural we'll see a rebound of rebellion.
That will be Firefox's undoing. Of anything, it's the one which stands most to lose from a major security flaw and exploit. Among all those who went to it because they thought it was more secure, the news of some virulent exploit will ruin the whole thing. This is where Firefox stands below IE. We went to IE because it offered compliance, it offered new features, it offered a current platform. Security wasn't an issue. Now it is.
Only after Firefox has been debased in this way will we see truly next generation browsers. Both Mozilla and MS will have seen their flagships beaten, MS by Firefox, Mozilla by exploits, and both will have the need to beat the other.
Not that any of this vulnerability talk matters much; IE (as of late), FF and Opera have quick turnaround on patches and browser security boils down to user intelligence. The users ability to make the right decision should a problem arise is the real issue.
Last edited by KoolDrew on Sun Dec 25, 2005 8:04 pm; edited 1 time in total
Very nice job. I was planning on writing a security guide, but I'm too lazy.
However. you do need to change the part about other browsers being security risks because they are so poular. Popularity has nothing to do with anything.
Popularity has a LOT to do with exploits.. thus it has a huge affect on security. If 90% of people used Firefox, and 10% used IE, then obviously firefox would be the prime target to ind exploits on.
The reality is IE has the most share which is why it has the most number of exploits, however as firefox gains more share, it too will become more of a target.. which is one of the main reasions many firefox users have switched (opera has more of a clean security record)
If I make a browser and use it for personal use, noone is ever going to exploit it. If I make a browser and give it to 10,000 people, it has more of a chance of being exploited.. if I give it to 3,000,000 people, it will almost certainly get exploited.
Using that logic, Opera has even lesser market share than Opera. Therefore, Opera isn't targetted as much, meaning more exploits will most probably be found if it gains popularity.
Contributed by Predator, Guest 510 iVirtua Loyalty Points • • • Back to Top
You seriously do need to fix your browser section. You make it sound like popularity is the only thing that effects the security of the browser and by using a \"lesser known\" one all there problems will be solved. This is far from the truth. Poularity is a very very small factor.
Just look at some other popular software. Does Apache have tons of exploits? No, it doesn't and it does happen to be the most popular.
I would just remove all the popularity garbage.
Also, under \"Basics to protecting your system\" the #1 rule should be don't be a moron (you can re-word it if you wish) :P
You seriously do need to fix your browser section. You make it sound like popularity is the only thing that effects the security of the browser and by using a \"lesser known\" one all there problems will be solved. This is far from the truth. Poularity is a very very small factor.
Just look at some other popular software. Does Apache have tons of exploits? No, it doesn't and it does happen to be the most popular.
I would just remove all the popularity garbage.
Also, under \"Basics to protecting your system\" the #1 rule should be don't be a moron (you can re-word it if you wish) :P
Apache does have quite a few problems, and most businesses that use it say it's old software in a new age.
The thing is, you wouldn't target apache if you wanted to do something, you would target the cgi, php, or whatever else is running on it.
And I still believe popularity is a big issue, and so does the author of \"secrets and lies - digital security in a networked world by Bruce Schneier\" it seems. noone says popularity is everything (and if they do, they lie). But it still plays a major role.
Almost all books I have ever read on exploitation have expressed that the area of exploitation for financial gain is almost always targetted at what most people use. You're not going to get hundreds of people trying to exploit the web browser amaya tommorow, because it's not logical to exploit it, hardly anyone uses it.
But you will get hundreds of people trying to find more exploits in IE. If you can find an exploit in IE and eBay or something, then you'll be rich. If you find one in firefox, you won't be so rich, and if you find one in opera, chances are it'll be patched before anyone makes use of it, and if you did it to something like uhh.. lynx, noone would care and it would be patched.
Last edited by kahrn on Mon Dec 26, 2005 11:58 am; edited 1 time in total
Yes, popularity does affect things, but it is the design and implementation that makes something insecure. If you're full of holes but nobody has bothered to exploit them yet, you're a disaster waiting to happen.
That disaster *did* happen with IE. It grew up under Netscape and while Netscape got all the flak, IE drifted by ignored. When Netscape went bye bye, IE got the attention.
Quote:
noone says popularity is everything (and if they do, they lie).
Nitrous is implying that popularity is everything in this guide. That is why it needs to be changed.
Last edited by KoolDrew on Mon Dec 26, 2005 1:07 pm; edited 1 time in total
Yes, popularity does affect things, but it is the design and implementation that makes something insecure. If you're full of holes but nobody has bothered to exploit them yet, you're a disaster waiting to happen.
That disaster *did* happen with IE. It grew up under Netscape and while Netscape got all the flak, IE drifted by ignored. When Netscape went bye bye, IE got the attention.
Quote:
noone says popularity is everything (and if they do, they lie).
Nitrous is implying that popularity is everything in this guide. That is why it needs to be changed.
I wasn't intentionally implying that popularity was everything. And it will be fixed.
EDIT: It is fixed. Any other complaints? :P
Last edited by Nitrous on Mon Dec 26, 2005 1:57 pm; edited 1 time in total
Digg Topic
Tag topic on On del.icio.us
Technorati Search
Post to Slashdot
