Archive for the ‘Online Safety’ Category

Typically when your computer gets bogged down with all the internet cookies and images you can remove them in your IE web browser or go to internet options in the control panel.

However if you use flash player for anything. For example youtube.com then you may need to clean out your Flash cookies. That means you have to go to a special url to clear them. Fun eh?



 

Click here to go to that super special site.

change the storage settings to None and Delete all sites. This will clear your flash cookies.

If you have known me for long you will know how much I tout performance and safety on your PC, MAC (OSX) (cause Apple products are the easiest hacked computers), or Favorite Linux Distribution (Fedora Core, Ubuntu, Suse , etc…).

The best way to keep your internet surfing clean fun and fast not to mention safer. Using a controlled or 3rd party DNS provider.

First we should explain what a DNS is….

From Wikipedia:

“The Domain Name System (DNS) is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participants. Most importantly, it translates domain names meaningful to humans into the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide. An often-used analogy to explain the Domain Name System is that it serves as the "phone book" for the Internet by translating human-friendly computer hostnames into IP addresses. For example,www.example.com translates to 192.0.32.10.”

"…The Domain Name System distributes the responsibility of assigning domain names and mapping those names to IP addresses by designating authoritative name servers for each domain. Authoritative name servers are assigned to be responsible for their particular domains, and in turn can assign other authoritative name servers for their sub-domains. This mechanism has made the DNS distributed and fault tolerant and has helped avoid the need for a single central register to be continually consulted and updated.”

What does this mean?

Its how you use English names and translate them into a Physical Address or IP address.

Every day your router goes out and gets the latest dictionary of DNS addresses that you request via multiple DNS servers.

So how does this help me with anti-malware and site blocking? Well there are companies and services that will take over or become a man in the middle to filter you requests and block known DNS names that harbor unsafe, disgusting or unwanted web content. The greatest part of this filtering is you do not have to install software to get this protection and monitoring like many web filters do (Net Nanny and Such.).

Today I am going to focus on 3 services (DNS):

 

OPENDNS: My favorite by far. Create an account and setup your filtering preferences. Take the DNS IP address’s and magically it all works. DNS address: 208.67.222.222 and 208.67.220.220

GoogleDNS: I like the speed however not sure exactly what “other” things google is tracking. DNS address: 8.8.8.8 and 8.8.4.4

NortonDNS: This is a beta program but promises to do as well as its software suite with this extra bit of protection. DNS Address: 198.153.192.1 and 198.153.194.1

 

With all three of these services you will see significant speed increase accessing your favorite sites. You will also see better protection with “accidental” clicking on bad links.

Be safe and if you have any questions please feel free to call us (801)682-3064 for assistance.

Very good question. I usually goes more like this:

I have installed a well known anti-virus and have kept up on all updates on it.”

I just found a pop-up that says I have over 50,000 virus’s (may or may not be a exaggeration). I have heard that there are these “fake anti-virus’s” How come my Anti-Virus doesn’t kill it?”

Antivirus

Where to start.

The easiest way to explain it is the Police Department theory. “If the police don’t know of a threat or a crime. It (crime) happens and the police come running. However all the criminals friends are distracting the police and the real criminal doesn’t get caught.”

Typical Anti-Virus software is very much like this.

The not so simple explanation.

You click on a link that takes you to a site and exposes a known vulnerability in software (operating system, firmware, applications, etc…). We have seen this with adobe, sun, Windows (you name it), OSX (yes even the beloved apple), Sun (Java) and many more. What typically happens is a link is clicked or an active x com object is installed and immediately kills any antivirus service that is working. Then it proceeds to mass download other virus’s and malicious content thus jamming up the most fastest processors with “crap calls” (yes that is a technical term made by me.) thus slowing your machine down to a crawl. Some even more fun virus’s add their own registry settings to stop your .exe’s from executing and other important files from working. So in a way with the virus taking over the anti-virus (which is typically very resource (CPU, Memory, I/O) heavy itself doesn’t have a chance to react. Some even more fun Virus’s/Spyware  introduce root kits that are the most evil of virus’s and are harder for an anti-virus to detect.

So why have an anti-virus? Well it gives you some protection. Not 100% but good protection from “Known” Virus’s. Because anti-virus’s are not 100% why pay for a anti-virus? or any anti-spyware?

What to Do:

Don’t install more than one anti-virus thinking you will get extra protection. In most cases you will get less and they will cancel each other out.

Install a good high performance anti-virus. One that does not need to take over your computer but one that boots up fast with your computer and sits quietly in the background (no pop-ups or annoying update information.). Also that does both antispyware and antivirus clean up.

Future.

Something you will see more of in the future is “Web Safe” anti-malware type applications.

facebooksafeweb

That will be installed on your online profile. These are still experimental at best. Be careful of anything that wants to give you “Web Safe” anti-anything.

Be careful and enjoy!

Beware of new exploits by our wonderful friends in the phishing community.

according to a Lead Developer at Mozilla (Aza Raskin) 

There is a new phishing exploit attacking you without your knowledge. Tab Nabbing. We all now use tabbed browsers to do most of our web surfing. Its fun its easy and it feels somewhat efficient.

What this does is takes over or creates a new tab to look like or mimic another tab for example Gmail even though the url is completely different it looks and it feels like Gmail. So you enter in your credentials and now you have been phished.

 

 

A New Type of Phishing Attack from Aza Raskin on Vimeo.

 

Make sure you check your URL’s(Web Addresses) before submitting your login or important credentials.

More info soon.

 

I know I am. I have noticed the serious growth in URL(Web Address) Shortening Services like bit.ly, Tinyurl, and etc..

Sure I agree there are some seriously long URL (Web Address’s) out there and these great services allow us to post these links via copy and paste to our favorite social media hubs.

The question is do we trust everyone else’s links? Especially when everyone else’s PC seems to be getting virus’s from these type of URL’s?

Here is a simple way to check those urls are bad or have been reported as malicious.

http://www.urlvoid.com/

Here is a way to expand those url’s and preview them before you click on them.

http://www.prevurl.com/

Here is a way to see the URL expanded.

http://longurl.org/

 

These three links can help you be more safe and vigilant when surfing the web and using the social web sites.

Just in case you didn’t know Malvertising is the #1 way to get infected due to the numerous security holes found in:

Adobe Reader (acrobat)
Adobe Flash Player
Sun’s Java

Those are the top 3 applications being exploited right now.   You may be wondering how you got infected with a fake anti-virus program (for example) without ever clicking on any ad.  See the simple explanation below.

Here’s how Malvertising Works

  1. A legit website like CNN.com sells advertising space because it has thousands of views every day. (again, this is just an example)
  2. A malicious person or group purchases some of this advertising space and submits an ad that appears perfectly fine to the CNN.com advertising editors.
  3. The ad goes live.
  4. At some point the ad becomes malicious and starts scanning clients for outdated Adobe Reader, Adobe Flash or Java binaries.
  5. Once an exploit is available the malicious ad injects malware into the clients PC.
  6. The anti-virus may or may not detect it, it’s really just luck.  If the threat is old, then there’s a good chance it will.  If it’s just a few minutes old then there’s a good chance it won’t.
  7. The ad may stay live for minutes, hours, days, etc until someone notifies the web master of that domain.

How can you stop these attacks?

  1. Keep your Adobe Reader and Flash Updated.  This is not exactly an easy task since Adobe seems to find security holes every other week.  Open Adobe Reader and click help — check for updates (at the time of this writing I just discovered I had 2 waiting to be downloaded!).  Both programs do automatic update checking, however a lot of people just cancel the update.  Bad idea.
  2. When Java alerts you that an update is available then yes…install it.  Lot’s of my clients never install this update.  It’s really important that you do.
  3. Configure the Adobe Reader plugin in each of your web browsers not to load PDF’s automatically.
  4. Browse the internet with Sandboxie as much as you can.  That goes for everyone who uses the computer.
  5. Always download and install your Windows Updates.
  6. Follow steps 1 – 5 and you’ll probably never experience the end result of a malicious ad.

Sadly adobe and sun products are constantly getting new updates and do not uninstall the old updates so the potential for re-infection can still happen. If you don’t need these applications or you do not use applications that require these updates then promptly remove them.

You have noticed that even Apple a large supporter of adobe has decided not to add flash or java to their latest OS updates.

Special thanks to the remove-malware.com people for the information.

The wild west was one of the most interesting frontiers that our crazy forefathers decided to conquer. Those who pursued wealth fame or the all mighty easy dollar where either successful and overcome by other evils or broke and tried to make a life in a desert (semi-arid) landscape west of the Rockies.

Now a days we have the frontier of our intellect (could be argued.) or the internet. We have special tools that allow us to copy and paste and to download *FREE* stuff (video, Music, Software, Virus’s). There’s Gold in them there internets! While its true you can download to your hearts content *FREE* stuff; beware its not all free and or Gold. Some might call it fools gold. Kind of reminds me of the old adage “you get what you pay for.”. Truth is most the free stuff you can consume (download) has got some code that will make your Windows, Apple OSX and Linux Operating systems crash and burn. Possibly incurring data loss that you cannot afford to lose. Yes I said Apple and Linux too. No one gets a free ride.

Some of the more well known ways of getting your *FREE* stuff is P2P types of programs:

Limewire 

Lime Wire: Has been the king of the P2P networks most recently. Funny enough it offers a paid for version to make you think the content you download is not illegal. Of course the paid for version does also unlock more bandwidth and more open connections. Interestingly enough some of the open source community came out with a better app that allows for the paid version tools called Frost Wire. 

Kazaa 

Kazaa: Was the king of P2P sharing and still is around but the service has been under serious watch by the MPAA and RIAA.

 

 

WinMX WinMX: Now defunct. Was the Largest P2P up until 2005 and then was shutdown. Most likely due to pressure or lawsuits from various copyright owners.

 

BitTorrent:The New Sheriff in town. However harder to understand by most non-geek types. Very much harder to track but very open and determines how many others have the same file.

Usenet: A very old distribution network. Open mostly for discussions and trading ideas became a haven for file sharing and virus sharing.

IRC Chat: Another very old distribution network. Rumored to be the networks in which when your computer is infected with a virus. The virus (usually trojan horse) gets instructions from this network.

Truth be told all of these networks spread a ton of virus’s. Please make sure you are very careful when using these networks. They will bite.

 

So I have been in the business of building and rebuilding every type of personal and business computer (Laptop, Desktop, Workstations and Servers).WINPCVIRUS

I have seen my share of virus/spyware infections from easy to kill to so nasty it requires a full rebuild of a said computer. One thing I have been noticing as of late is the the Virus that gets installed and acts as a Antivirus Application. These are the most annoying Virus/Spyware applications. I have seen these applications download more and more Virus’s as well as a plethora of spyware in so much as over loading the Operating System and basically shutting down the computer.

Please if you get one of these type of virus’s or you get a pop up asking you to download it to kill the virus’s. This is a bad idea. Please do not download these type of applications. First they want you to pay for them even sometimes to the point they ask for a large subscription payment. They disable any and all antivirus application.

These applications are essentially evil please stay clear.

Update: This Virus is spreading quickly among many even very protected machines (updated antivirus and antispyware) If you encounter any of these types of Viri please unplug your network cable (commonly called ethernet or data cable).

Common Names I have encountered:

Personal Antivirus (Hardest of them to remove)

Antivirus 2008

Antivirus 2010

WinPC Antivirus

there may be more….

Here is a run down on how to clean. Feel free to contact me if you are unsure how to do this.

  1. Download Malwarebytes’ Anti-Malware, or MBAM, from the following location and save it to your desktop:

    Malwarebytes’ Anti-Malware Download Link

  2. Once downloaded, close all programs and Windows on your computer, including this one.
  3. Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MBAM onto your computer.
  4. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure you leave both the Update Malwarebytes’ Anti-Malware and  Launch Malwarebytes’ Anti-Malwarechecked. Then click on the Finish button.
  5. MBAM will now automatically start and you will see a message stating that you should update the program before performing a scan. As MBAM will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main program as shown below.

MalwareBytes Anti-Malware Screen

On the Scanner tab, make sure the the Perform quick scan option is selected and then click on the Scan button to start scanning your computer for Personal Antivirus related files.

MBAM will now start scanning your computer for malware. This process can take quite a while, so we suggest you go and do something else and periodically check on the status of the scan. When MBAM is scanning it will look like the image below

.You should click on the OK button to close the message box and continue with the PersonalAntivirus removal process.

You will now be back at the main Scanner screen. At this point you should click on the Show Results button.

A screen displaying all the malware that the program found will be shown as seen in the image below. Please note that the infections found may be different than what is shown in the image.

You should now click on the Remove Selected button to remove all the listed malware. MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so. Once your computer has rebooted, and you are logged in, please continue with the rest of the steps.

  1. When MBAM has finished removing the malware, it will open the scan log and display it in Notepad. Review the log as desired, and then close the Notepad window.
  2. You can now exit the MBAM program.

Your computer should now be free of the PersonalAntivirus program. If your current anti-virus solution let this infection through, you may want to considerpurchasing the PRO version of Malwarebytes’ Anti-Malware to protect against these types of threats in the future.

A large issue with all versions of Windows is by default the Operating system is installed to not show your file extension. FolderOptions

So why is this a problem? Well since Virus developers and Script kiddies learned of this they would mask the virus file as a jpeg. So please what ever version of windows you are using please uncheck Hide extensions for known file types.

If you notice in the diagram on the left I would and do the following on every install of any Windows version I install.

-Uncheck Automatically search for network folders and printers

-Check: Do not cache thumbnails

-Bullet: Show hidden files and folders

Click apply and then Apply to all folders. Windows will prompt you to make sure. Click ok.

Now when you download a file or someone sends you a file you know what the true extension of the file.

18.4% – Theft by employees
18% – Hackers
14% – Lost or stolen media
11.6% – Personal data inadvertently exposed

Kind of drives home the importance or proper access control, doesn’t it?

Be careful with your data/information.

Source:
http://voices.washingtonpost.com/securityfix/2009/06/malicious_attacks_blamed_for_m.html?wprss=securityfix

 





Theme by GDScomp. Developed by Joe Levi. Hosted at Media Temple.