That's a really good descriptive list.
Makes me want to fire up a printer with a full tray of paper...
Discussion on:
View:
Show:
It was a fun research project. Had to make it simple so I could understand.
sell this as a 50 pack of pamphlets, I gladly by it to had out to all my clients, and then some. I could give out a hundred at the local college for sure! I'd do it, just for the philanthropy of it.
You should get your dues for this hard work!
Sorry I never saw this till now.
You should get your dues for this hard work!
Sorry I never saw this till now.
all of your fine articles; if I can stay outta the hospital long enough! 
I'll do my durn best!! Ha! 
You know rat poison is soooo under-rated. It keeps me alive!
You know rat poison is soooo under-rated. It keeps me alive!
...that I've ever read a better treatment of the subject anywhere. Very clear, concise, thorough, accurate and altogether very well written.
but I'll save some trees and just forward a link to some people who NEED to read this...thank you!
I appreciate your comments. It was a tough one as I had to understand it to write it.
These tips are meant for home users.
Tip #1 Never type in Account numbers while running Windows. I would be willing to bet that 80-90 percent of computers out there have some form of spyware loaded. Always assume your PC is infected.
Tip #2. When surfing the Internet always do it from a limited account. To make it happen go to Control panel then User Accounts. Click on Create a new account then Name it. Click next then give the account limited permissions. Then click create accounts. From what I have been told rootkits cannot be installed while you are running in a limited account.
Tip #3 When you want to buy something over the Internet figure out how much money you need and then go to your bank and buy a gift card. My bank sells them for 2 bucks. You must log onto their web site and register it. Use it to make your purchase then log back on and find out how much is left. Burn up any left over money the next time you go to the grocery store. If a hacker gets your card number he gets nothing. https://www.harlandclarkegiftcard.com/
Tip #4 Be very careful using torrent programs.. Every time I use one my PC gets loaded with spyware.
Porn torrents are especially bad for containing malware.
Tip #5 The next time you reinstall windows do the following. Disconnect your machine from the internet during install. Make sure you install your firewall and anti-spyware before you connect up. Downlaod your updates, drivers and install your favorite apps. As soon as you have your machine set up the way you like it make a hard drive image. Norton ghost , Acronis trueimage or Driveimage XML are three good programs for this. Store it on an external hard drive. Now when your PC gets all screwed up just reformat and write the image back on. Problem solved. Bet your PC runs a lot faster too.
Tip #6 If your running Firefox and you should. Make sure you have the status bar on. Click View and make sure that Status bar has a check mark. I'm running Firefox 2 so they may have moved it in version 3. The status bar lets you see where a link is going to when you hover over it. A web programmer can hide this info but I will never click on a link that is hidden. Also talk to your kids about why they should be careful clicking on links and how to tell what they are clicking on.
Tip #7 Install a host file on your PC. You can get one at http://www.mvps.org/winhelp2002/hos...
A host file forces all bad web addresses to go to your loopback address instead of the bad web site. It also blocks connections to many advertising web sites. So when you visit a web page a lot of the adds won't show up. You will see an error message on the web page where the ad would have been. The page will still load fine. Your web access will speed up a little since you won't be wasting bandwidth on ads.
Tip #8 Turn off auto run for thumb drives etc. That way when a buddy shows up with some kewl pictures on his drive he doesn't load his trojans while hes there. Just google ?turn off autorun usb? for how to do it.
Tip #9. If you want to do banking over the Internet never use windows. Instead download a copy of Linux and burn it to a CD. Get one that will boot from the CD like Ubuntu. To the best of my knowledge when it gets burnt to a CD-R nothing can ever be changed on the CD. Make sure your PC is set to boot to CD/DVD drive first and boot Linux. It will be a little slow but there is virtually a 0 percent chance of any infection being present. When your done banking pop the CD out and reboot back to Windows. It may be a hassle but imagine the hassle if some asshat gets access to your bank account.
Tip #10. Keep temp files cleaned out as malware often gets stored there. Get a copy of Crap cleaner and make it easy on yourself. Get it at www.ccleaner.com
Tip #1 Never type in Account numbers while running Windows. I would be willing to bet that 80-90 percent of computers out there have some form of spyware loaded. Always assume your PC is infected.
Tip #2. When surfing the Internet always do it from a limited account. To make it happen go to Control panel then User Accounts. Click on Create a new account then Name it. Click next then give the account limited permissions. Then click create accounts. From what I have been told rootkits cannot be installed while you are running in a limited account.
Tip #3 When you want to buy something over the Internet figure out how much money you need and then go to your bank and buy a gift card. My bank sells them for 2 bucks. You must log onto their web site and register it. Use it to make your purchase then log back on and find out how much is left. Burn up any left over money the next time you go to the grocery store. If a hacker gets your card number he gets nothing. https://www.harlandclarkegiftcard.com/
Tip #4 Be very careful using torrent programs.. Every time I use one my PC gets loaded with spyware.
Porn torrents are especially bad for containing malware.
Tip #5 The next time you reinstall windows do the following. Disconnect your machine from the internet during install. Make sure you install your firewall and anti-spyware before you connect up. Downlaod your updates, drivers and install your favorite apps. As soon as you have your machine set up the way you like it make a hard drive image. Norton ghost , Acronis trueimage or Driveimage XML are three good programs for this. Store it on an external hard drive. Now when your PC gets all screwed up just reformat and write the image back on. Problem solved. Bet your PC runs a lot faster too.
Tip #6 If your running Firefox and you should. Make sure you have the status bar on. Click View and make sure that Status bar has a check mark. I'm running Firefox 2 so they may have moved it in version 3. The status bar lets you see where a link is going to when you hover over it. A web programmer can hide this info but I will never click on a link that is hidden. Also talk to your kids about why they should be careful clicking on links and how to tell what they are clicking on.
Tip #7 Install a host file on your PC. You can get one at http://www.mvps.org/winhelp2002/hos...
A host file forces all bad web addresses to go to your loopback address instead of the bad web site. It also blocks connections to many advertising web sites. So when you visit a web page a lot of the adds won't show up. You will see an error message on the web page where the ad would have been. The page will still load fine. Your web access will speed up a little since you won't be wasting bandwidth on ads.
Tip #8 Turn off auto run for thumb drives etc. That way when a buddy shows up with some kewl pictures on his drive he doesn't load his trojans while hes there. Just google ?turn off autorun usb? for how to do it.
Tip #9. If you want to do banking over the Internet never use windows. Instead download a copy of Linux and burn it to a CD. Get one that will boot from the CD like Ubuntu. To the best of my knowledge when it gets burnt to a CD-R nothing can ever be changed on the CD. Make sure your PC is set to boot to CD/DVD drive first and boot Linux. It will be a little slow but there is virtually a 0 percent chance of any infection being present. When your done banking pop the CD out and reboot back to Windows. It may be a hassle but imagine the hassle if some asshat gets access to your bank account.
Tip #10. Keep temp files cleaned out as malware often gets stored there. Get a copy of Crap cleaner and make it easy on yourself. Get it at www.ccleaner.com
That's not practical for frequent shoppers. I would've added Tip #3 - PayPal - get it, use it. I also consider Google Checkout a secure fund transfer resource.
I have not entered a credit card number on-line for a couple years now. If the site does not have PayPal I use the contact form and tell them why they just lost my business.
My PayPal account is connected to a checking account that I monitor with a "balance alert" if it goes over or under pre-set thresholds. Over and I transfer to secure savings acct. So if I ever do get hacked the damage will be tolerable and I'll know about it right away by a low balance alert.
Tip #9 - This is 2009 and you don't need to carry a Linux cd around anymore. All major distros boot off thumb drives and most have "light" or "mini" versions for basic functionality.
And while you're at it why boot back into Windows when you can easily do almost everything in Linux these days? I'm not a zealot - have Win 7 RC on Virtual Box on this machine.
Tip #11 - Always keep your browser updated. As Windows gets harder to penetrate, malware writers are concentrating on browser exploits like "man in the middle" - and these are OS independent. If you're interested (and you should be) these guys give great weekly presentations on these and related security topics: http://www.pauldotcom.com/
I have not entered a credit card number on-line for a couple years now. If the site does not have PayPal I use the contact form and tell them why they just lost my business.
My PayPal account is connected to a checking account that I monitor with a "balance alert" if it goes over or under pre-set thresholds. Over and I transfer to secure savings acct. So if I ever do get hacked the damage will be tolerable and I'll know about it right away by a low balance alert.
Tip #9 - This is 2009 and you don't need to carry a Linux cd around anymore. All major distros boot off thumb drives and most have "light" or "mini" versions for basic functionality.
And while you're at it why boot back into Windows when you can easily do almost everything in Linux these days? I'm not a zealot - have Win 7 RC on Virtual Box on this machine.
Tip #11 - Always keep your browser updated. As Windows gets harder to penetrate, malware writers are concentrating on browser exploits like "man in the middle" - and these are OS independent. If you're interested (and you should be) these guys give great weekly presentations on these and related security topics: http://www.pauldotcom.com/
I still say my in-depth defenses will give any malcoder a run for his money. My clients insist on banking and shopping online, I give them the same advice you do to try and scare them off the web shopping scene, but no cigar.
So I am forced to ad additional defensive layer in addition to/ or supplemental to your strategy. They know full well the risks after I give them my anti-pep talk. Some of them switch to phone shopping after that.
Most give up online banking entirely.
So I am forced to ad additional defensive layer in addition to/ or supplemental to your strategy. They know full well the risks after I give them my anti-pep talk. Some of them switch to phone shopping after that.
Most give up online banking entirely.
Nice breakdown. Now if only end users will learn and stop clicking every pop up they see :/
A really well written summary !!
While impossible to be "all inclusive" this article gives the fundamentals and beyond.
Great Job, Thank You !!
While impossible to be "all inclusive" this article gives the fundamentals and beyond.
Great Job, Thank You !!
You have me curious, what additions are you thinking about? I'd love to hear them.
Clear and right on target. That's the best, readable description of malware I've seen, and you didn't pull any punches. Especially appreciate your comments on the reactionary character of anti-malware. Great job.
It was fun. Being a generalist, I learned a great deal as well.
Thanks Michael.
It was very well written and for a non-IT Pro to be able to understand is great.
I am a retired general security specialist.
who has a smattering of IT security background. Keep up the good work
Frank
It was very well written and for a non-IT Pro to be able to understand is great.
I am a retired general security specialist.
who has a smattering of IT security background. Keep up the good work
Frank
I thank you and my customers thank you. Next time a client asks the difference between a virus, a worm etc. I'll just refer them to this article.
Congrats on this very useful document!
It is very important to educate as many people as possible on the Web and you do well: the better the level of knowledge, the more secure the Web will be for everyone...
For everyone as dangers also come from "computer illiterate" people.
Thanks again Michael! WTG
It is very important to educate as many people as possible on the Web and you do well: the better the level of knowledge, the more secure the Web will be for everyone...
For everyone as dangers also come from "computer illiterate" people.
Thanks again Michael! WTG
Wow!
I have never read an article so precise and to the point. Very informative for sure. I should read this before I started fighting malware for the last two days on a clients computer
I have never read an article so precise and to the point. Very informative for sure. I should read this before I started fighting malware for the last two days on a clients computer
It is a tough subject, did you perchance read the second in the series?
http://blogs.techrepublic.com.com/10things/?p=970
Also, there should be two more in the series, if you want to sign up for the newsletter, you will be notified when they are released.
http://blogs.techrepublic.com.com/10things/?p=970
Also, there should be two more in the series, if you want to sign up for the newsletter, you will be notified when they are released.
Since computers are integral to various health and safety systems, it is only a matter of time before malware causes death and disaster. Attack the problem at the source - tell your elected officials you want to see government take a more aggressive stand in identifying and prosecuting hackers. We need punishments proportional to the maliciousness and potential danger posed by these criminals.
I use Macrium Reflect frequently to make images of my C: drive. This has worked for me in the past because if I get a virus, I simply restore from an image dated before I got infected. Is this a good strategy in your opinion (in addition to using an anti-virus program of course)? It sounds like this would not help me if infected by a firmware rootkit.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
