Sunday, November 18, 2007

9:59 PM

Com Security Part 2: Tips for End-users
Back, Part 1: History of Computer viruses

Given the nature and the number of computers affected, it could be very likely that the computer you are using to read this could be infected by this worm. So you may be wondering, what tools do we the end users have to deal with such threats?

I will be answering this question in this section.

For end-users, just remember 5 things. Firewall, Antivirus, Constant Updates, Alternative software and Common Sense.

Firewall

A firewall is a software or hardware that filters out any unauthorised data from passing between two networks. It is usually considered the first line of defence for most computer (networks) as it prevents infection in the first place. As prevention is always better than cure, I will be elaborating in detail about its importance and usage.

A firewall is a must have for any computer system/network that is connected to the Internet today. Today's viruses and worms do not even need user-intervention to spread itself. An example would be the Blaster worm I mentioned earlier, it can infect an unpatched/unprotected PC connected to the Internet even without the user doing anything on it.

According to the SANS institute as reported by ZDnet News, it takes just 20 minutes to compromise a computer. And take note, that was in 2004, there is every reason to believe that this time frame has gone shorter by now. Even with the most seasoned techies, a firewall is still a must.

Thankfully, every computer installed with the Windows XP Service Pack 2 or later has an inbound-based firewall turned on by default. That perhaps can give users a basic sense of security. To check if yours is turned on, see the instructions from Microsoft here.

Its good to note that the built-in firewall provided by Windows XP does not protect well against outbound transmissions. That is to say, the moment a virus manages to get into a system, there is nothing to stop it from sending out information such as credit card numbers back to its creators. Microsoft claims that Windows Vista has the ability to control outbound data. But so far, an independent tester has found it unreliable and unintuitive to use.

Therefore, the best solution is, get a third-party firewall for this task. The several common ones include Zonealarm and Comodo. This two are free for Home use.

The main feature that distinguishes most third-part firewalls and the Windows Firewall is the ability to manage outbound connections more efficiently. The problem is, outbound filtering requires active user intervention for it to work effectively. The user has to individually approve the outbound access of all programs that wants to do so.

Very often, the user is shown just the process name without any additional information. The user being to fed up with the constant questioning may simply click allow at every question or worse still, turn off the firewall altogether. This is obviously is not the correct way. The firewall has no way of determining whether the program is legitimate as there are billions of programs in the world. Its up to the user to seek out and search the name of the process online and hopefully make a correct decision.

It is not common knowledge that routers are actually a form of physical firewall in itself. Due to the nature in which routers operate, they automatically filter out any unrequested information. An added feature is that the router's programming resides on a firmware in a chip, this makes it even more unlikely that it can be corrupted by a rogue program. DoS attacks are also limited as any attempt to bring down a system is mainly focused on the external entity (router), the internal entities (computers) remain secure.

The price we pay for increased security is reduced convenience.

Antivirus

As its name suggests, it searches for viruses in a computer and alerts the user if one is found. Take note, up to this stage, the virus has already infected the system so the antivirus software is essentially a cure.

Antivirus software work like a security camera behind a locked door (firewall). When an intruder enters the house, it will attempt to identify the threat and eliminate it. Its function is fairly basic thus there is no need to explain much here.

The most common free antivirus software is AVG by Grisoft. There are paid versions too like Norton Antivurs from Symantec and Mcafee VirusScan. I will not participate in the debate between the quality of paid and free versions as I have not used paid versions . Your best bet will be to do read online reviews and ask around for advice.

When getting such software, always ensure that that it offers On-Access protection. This feature allows the software to scan all the computer processes for rogue activities as they are being used. Some software such as the Clamwin Antivirus does not have this feature and requires the user to manually scan a file(s) for viruses

There are prepacked solutions that combine all the relevant software into a single package. They are usually cheaper than purchasing the software individually. Symantec has the Norton Internet Security that includes the AntiVirus, Firewall, Antispyware and Antispam etc.

Constant Updates

This is not a third line of defence. It is a must-have in this age of rapidly evolving threats. Your security software have to evolve in tandem to keep up.

First and foremost, ensure that the automatic update feature in Windows is turned on. If not, make sure you visit the Windows Update Site regularly to install the latest patches. Do take a look at the software updates section at the site from time to time.

For firewalls, the need to update is less urgent as firewall technology has stayed relatively constant throughout the years. Any new feature is usually only available in newer versions of software. But that does not mean you should totally neglect it, update when the software tells you to.

For antivirus software, no updates equal negligible defence. The antivirus software needs up-to-date signatures to detect the threats of today. Always ensure that the automatic updates feature by the antivirus is enabled.

Alternative Software

This is another method to avoid certain threats altogether. For this part, I will be elaborating only about Web browsers and operating systems (OS) as hackers mostly target flaws in these software

It is a given that most Internet threats today target Internet Explorer (IE) over other browsers such as Mozilla Firefox and Opera. As such, in order to keep safe, users have to constantly patch this software. But patches are only for protection against yesterday threats, who is to say a hacker will not exploit a yet undetected flaw?

Here is where alternative browsers come in. Other browsers with their much lower market share will usually be ignored by hackers. Thus, they tend to be safer. A good start would be Mozilla Firefox currently in its 2.0.0.9 version. The downside being that certain features may not work on alternative browsers. The most common being the ActiveX control which is only available on IE. Its helpful to note that ActiveX itself is actually responsible for many security loopholes on IE.

For OSes, its much tougher. This entails switching to alternative platforms such as Linux and Apple. Apple's Mac OS can only be used on their own proprietary designs. If you want to use your current hardware, this leaves Linux as the only remaining viable option.

Linux is an open-source operating system that is usually available free-of-charge on the Internet. The installation and usage of Linux is still considered rather geeky despite its improved user-friendliness over the years.

And the problem of missing/different features becomes magnified here. You can expect all the third-party software such as games that you are using now to be incompatible with Linux. It is almost mandatory to use alternative software like Firefox and Openoffice for your day to day operations. This entails an extremely high learning curve which not many users want to overcome.

(Open Source- A software which has its source code easily available to the public to scrutinise for bugs.

Openoffice- A free, open source alternative to the Microsoft Office productivity suite.

Linux actually has a limited ability to run Windows applications through emulators such as Wine and virtualisation software such as VMware. But these tools are usually slower and not all software can work on them with the same efficiency then if they are run on their native platform. )

Even hardware, due its small installed user base. Certain specialised hardware such as TV tuners, wireless adapters, scanners, webcams and biometric readers etc may not be usable if the manufacturer is lazy to write a driver for it on the Linux platform.

Because of this, most Linux users operate in a dual-boot environment. This allows them to switch over to Linux by a simple reboot if the need arises. The technique to partition a drive for installation space is HIGHLY not recommended if you just a novice user.

If you are really daring like I did, you can go ahead and take the plunge to install Linux. But thankfully there are some Linux distributions that allow to “test-run” Linux in the form of Live-CDs before installing it. These distributions do not touch any files on your hard disk. Any time you want to go back to Windows, just reboot.

Common conventional Linux distributions, Fedora Core, OpenSuse, (K)Ubuntu and Mandriva.
Common Live CDs, Knoppix, Puppy Linux, Damn Small Linux.

Common sense

Nothing is usually good when we are dealing with the human aspect of machines and technology. Computer security is also no exception. In every system, humans are always the weakest link. Common sense is supposed to be common, but surprisingly some people do not have it, probably due to the lack of knowledge.

Now is the time for me to preach with the ten commandments of computer security. Print out and paste in front of your computer if necessary.

Rule 1: Do not accept any attachments you receive haphazardly. Whether through email or instant messaging, when you click it, it gives the virus an opportunity to activate itself.

Rule 2: Do not deactivate any security programs you are running. Just because they are an irritant does not give you the license to take a chance without protection. A lock is only effective if it is used all the time.

Rule 3: More does not mean better. Having more that one security program of the same class may cause them to conflict and create unnecessary problems.

Rule 4: Stay out of piracy! Do not download any stuff such as games, screen savers from the Internet without first scanning them for rogue material. Buying pirated stuff from the pasar malam may get you more that what you bargained for.

Rule 5: Backup important data regularly.

Rule 6: Never give out personal information and passwords to anybody.

Rule 7: Change passwords regularly. Once every 6 months would be prudent. Make sure they are of at least 8 characters and are hard to crack. If you are afraid of forgetting your passwords, write them on a physical medium and store them in a safe place.

Rule 8: Be observant. If you feel that your computer or Internet connection is getting slower and slower, there is a high probability your computer is infected by a virus.

Rule 9: Key the exact web URL in the browser's address bar. This prevent phishing where a hacker sets up an identical looking site to get personal information

Rule 10 : Follow the above rules but do not be complacent. Stay vigilant!


Next, Part 3 : Future Roadmap of Computer Security

Labels:


0 Comment(s)

Post a Comment

Posted by yeokm1 aka the insigificant observer

T

h

e

I

n

s

i

g

n

i

f

i

c

a

n

t

O

b

s

e

r

v

e

r

Credits
aoi-chan "Shadow Of Transcendence" blogskin
Notepad++
Imeem
Photobucket
Cbox | Separate View 1/ View 2
RSS to javascript converter
Web Color Chart
Text-html converter
Mascot Linux image modified from Larry Ewing given here
My Stats by Statcounter
My blog on Technorati
Disclaimer




 Subscribe in a reader

Subscribe to posts via Email

Comments feed

Minimum Page Requirements

http://the-lone-entity.blogspot.com/
Best viewed at 1024x768 resolution
16 colours (16-bit recommended)
Optimised for Mozilla Firefox 3.0
A text browser will also do
Tahoma, Georgia & Verdana fonts
IE STRONGLY not recommended
No operating system limitation


Recent posts

Com Security Part 3: Future Roadmap
Engineering Quest Day 2
Engineering Quest Day 1
CCA Lunch
Handphones!
Weiliang's birthday
Science Carnival 07
Roy's laptop again
Class outing + END of PW!!!
My last official debate session this year

Archives

May 2007 ::: June 2007 ::: July 2007 ::: August 2007 ::: September 2007 ::: October 2007 ::: November 2007 ::: December 2007 ::: January 2008 ::: February 2008 ::: March 2008 ::: April 2008 ::: May 2008 ::: June 2008 ::: July 2008 ::: August 2008 ::: September 2008 ::: October 2008 ::: November 2008 ::: December 2008 ::: January 2009 ::: February 2009 ::: March 2009 ::: April 2009 ::: May 2009 ::: June 2009 ::: July 2009 :::

Labels

0713 ::: Blog Admin ::: CCA ::: Computers ::: Education ::: General ::: Mathematics ::: Media ::: Milestones::: Science & Tech ::: Singapore ::: Politics :::

0713

0713 Blog
0713 Forum
Chuen Hwee
Gabriel
Guo Hao
Hong Hao
Jia Cheng
Jia Rong
John Tan
Jun Hong
Sohee
Wei Han
Yan Chao
Yanyu

0720

Azri
Hui Ting

CCA/CIP (NYJC)

Benjamin Cheah
Clara
Hao Yi
Mr Seah
Peer Tutoring
Ying Yi

AMKsians

AMKSS blog
AMKSS Infotech Club
Benedict
Candhira
Han Ling
Hua Zhen
Jannson
Jason Teo
Jia Min
Jocelyn Tan
Leying
Melvrick
Mrs Chung
Shiuan Shiuan
Xin Yi
Yijun

Acquaintences

AuroraManson
Benjamin Low
Ming Ching
Phil Shapiro
Pico Ruiz
Zhong Hao
Darren Lee

NYJC/Geek/Misc pages

Official website
Litespeed
NYConneXions
Student Leaders
Maths
Economics

Game for tweaking?
Geek gadgets galore!
News for nerds (or geeks)
PCWorld
PCworld Community Voices
http://www.dwheeler.com/

4/2 forums (probably defunct)
BloggerSG
Diary of a Singaporean Mind
Little Speck
Mr Brown
Mr Wang Says So
The Online Citizen
Sammyboy's Alfresco
Singapore SC for Reform
Singapore Angle
Singapore Partriot
Singapore Window
The Thinker
To Fix a Mocking Peasant
Xenoboy in SG
Visit the PCWorld forums!

My Mascot

I'm Kheng Meng, yeokm1 aka "the insignificant observer"


Came to life on 5 September 1990



2. SERIOUS BLOG

3.Blogskin testbed
4.Private blog (ceased posting)

View my Profile

Search posts

My schools

NS 3 Signal Batallion TCC2 UIP
NS Signals 04/08 Infocomm 1 WACTC
NS BMT Orion Coy Platoon 3 Section 2
Nanyang JC 0713, Tribe27, 0720, OG18
Ang Mo Kio Sec 4/2, 3/2, 2/5, 1/5
Rosyth Primary 6-03 , 5-03, 4-01, 3AC, 2AF, 1A6

Goals/Things to get/Dream Stuff


Computer Sci (SOC) course in NUS
Master HTML and CSS
Gain weight and grow taller

Pencil Case/Wallet to suit my character

160GB Seagate SATA2 7200.10 16MB
PSP Slim
Genuine Leatherman Knife
GPS reciever
Call detector
USB watch
Pocket Microscope
12-in-1 emergency tool
Atomic watch
Creative ZEN player
Creative ZEN X-Fi
MSI Wind U100
Fujitsu UMPC U1010 (Win XP tablet Ed)
Kohjinsha SR8KP06S
ASUS Eee PC 1000H
Lenovo ThinkPad T61p
Lenovo Thinkpad X300
Motorola Rizr Z10
Motorola ZINE ZN5
LED binary watch

Unique tools

Myself!
8GB Ipod Touch 2nd Gen
Motorola RIZR Z8 (Build 2388)
1+2GB Sandisk Sansa c240 MP3
Philips 75% Noise-cancel earphones
Sandisk Cruzer Titanium 4GB
Sandisk MobileMate SD+ Reader
Mini-USB data cable
9 LED torch (3 AAA batteries)
B-powerstick emergency charger
Victorinox Grey SwissCard Lite
16-set screwdrivers
Mini-USB cable
2005 street directory
Keychains
- Soltaire LED torch(Adjustable FL)
- Laser pointer (Adjustable FL)
- Laser-cum-LED pointer
- Whistle (Red LED and compass)
- 1m retractable measuring tape
- 3 function Victorinox Swiss knife
Pencil Case (Some gadgets)
- Test pen
- Gravity Pen
- Laser pointer(out of commission)
- Aurora 532nm Green laser pointer
- 9cm spring
- 49 cm radio antannae
- Magnetic torch (no batteries)
- Lighter, matches, candles
- "Imitation" Leatherman knife
- 1m retractable measuring tape
- Safety pins