Hintlink - Viruses, Spam & Security

Protecting your computer

Viruses, Spam & Security (+Alerts)

Tip of the moment: Avoid lots of exclamation marks (points) in your emails !!!!!!.

Update Warnings

2008-07-09 07:59:29 MS Update KB 951748. Don't install with Zone Alarm. Your Internet connection will fail.
2008-05-12 08:22:31 AVG Update v8.0. AVG v8 causes USB devices to become disconnected, with driver errors.

If you run Windows, do yourself a BIG favour and use PopTray, NOW!!!!! This allows you to keep your e-mail client closed and will also block unwanted spam (by installing the example Rules.ini file given here):

Install PopTray - tick green

Example Rules.ini file. File last updated: 2010-07-31 12:36:50Z Size: 257k B

Current Internet performance Global Internet Traffic Report Global graphical Traceroute

Stop Badware Alerts and Reports

Spam

Where’s the latest Spam coming from?

EVERYTHING YOU TO NEED TO KNOW ABOUT PHISHING – Thunderbird eliminates this

More Phishing Info - Thunderbird eliminates this

REDUCING Spam - in detail

A good article about “Why so much spam”

Security

THE DNS vulnerabilty - check your ISP's DNS updates - an overview of the worldwide patching

Microsoft's Security Vulnerability Research & Defense Blog a "must read"

Symantec summary useful information

Real Time Top 10 Vulnerabilities from Qualys. High end vulnerability news [professional]

Trojan & Virus News (live) Trojan info, but with Virus news & ratings [normal user]

TruSecure News mixture of vulnerability & virus news [medium user]

CERT mixture of vulnerability & virus news [medium user]

Zdnet security mixture of vulnerability & virus news [medium user]

Central Command all virus data [low end user]

SANS Institute mixture of vulnerability & virus news [power user] – Top 20 Threats

VirusBuster mixture of vulnerability & virus news [low end user]

MessageLabs Very nice presentation of stats and latest news [normal user]

Trusted Source Threats and Trends McAfee [medium user]

Trend Micro highly rated, but stats seem older [medium user]

Security Geeks as you can guess this is higher end [professional user]

Virus Threat Centre

Notes for your Security & “Well Being”:

Our recommended – essential – programs carry a 5 tick rating

PROTECT YOURSELF

Install an anti-virus program. NOW.

Keep all security tools up to date EVERY DAY

Make sure you or your machine spend at least 15 minutes per day looking after your security

Get the latest patches and updates for your operating system

NEVER automatically open e-mail attachments

Always download or purchase software from trusted, reputable sources.

Make backups of important files on a regular basis – otherwise you’ll be very, very sorry.

Frequently Asked Questions:

Q. Why is this page a bit disorganized?

A. Viruses, spam and Security have become so inter-connected that to consider each in isolation is almost impossible. Writing a page which covers this subject is a vast job!

Q. Does that mean I should install everything on this page?

A. To be absolutely sure, yes. Of course, don’t install two anti-virus programs or two firewalls.

Q. Should I be constantly on the alert for the latest threats?

A. Within reason, yes. Without spending all your time doing it.

Q. What prevention measures are in place on your server?

A. The first thing an incoming email hits is an absolute brickwall which refuses email from some addresses and domains. This blocks very well known spammers. On a daily basis, this list is updated on the basis of real received spam. Next, the email passes through SpamAssassin. This is the highest rated server spam blocker in the industry. Finally, our latest feature, special files in the web site areas prevent spam-bots from harvesting email addresses automatically from your webpage. Webmasters must not remove these files, or this protection will be lost.

Q. How often should I update my programs?

A. Whenever and as soon as you can

Q. Why do I get so much spam?

A. With all of these measures in place, you should see a reduction in spam, especially with our new spam-bot blocker. However, spam is growing at at least 10% per month, so our latest measures, whatever they are, may seem to do no good.

Why so much spam, or why does some of your email “go missing” went sent to others?

The longer your email address is in service, the more you will receive. Period.

How to attract spam:

Visit “bargain” sites and sign up for email alerts.

Simply register with many web sites.

Allow pop-ups & cookies (at the very least it’ll tempt you to “break the rules”).

Leave your email address wide open on your website for spam-bots to collect.

Catch a virus.

Have somebody you know catch a virus and flood the internet with your email address from their address book.

How to “lose” email sent to others: (trigger spam filters)

Use an empty subject line.

Use an empty From: line.

Use subjects such as “Check this out”, “Re:”

Attach .exe, .pif, .scr and other file types.

Use a bulk email service (they break nearly all of these “rules”)

Use lots of HTML tags.

Use phrases such as “click here” or “to unsubscribe”

What’s an “acceptable” amount of spam? Anybody who “plays by the rules” will still receive spam, probably at the rate of 2-3 per day i.e. if you log on on Monday morning you should almost expect there to be 8-10 spam emails awaiting you after a weekend off.

Q. Aren’t you a bit anti-Microsoft & other big companies?

A. Well, yes, but for good reasons. Ours and our customers findings have been that many of the open-source or free versions of anti-virus, firewall, email clients & browsers are superior in speed and performance than “mainstream” applications. Example: a machine infected with 18 viruses failed to have them detected by up-to-date versions of McAfee and Norton. AVG detected them and removed them on the first pass.

Frankly, we all know the faux-pas’ made in security by many of these companies. Not that open-source is perfect; but the time from finding a problem to fixing it is often much less than in the big corporations.

Now, let’s get on with fixing things!

OK, let’s do your Virus, Spam & Security Fixes now in one go

START HERE

Download and install Zone Alarm(don’t ever go on the internet without it!) (DON'T USE Comodo)

Avira tick green [Firefox Add-onto test version] To update this you can use "C:\Program Files\Avira\AntiVir Desktop\update.exe" /DM="0" /NOMESSAGEBOX /receivetimeout=120 in a Scheduled task in Windows. (running this in scan mode will take about 60 mins on a typical system) or AVG

Download and install Visualzone backtrack attacks (OPTIONAL). Out of date - try Wireshark or Wallwatcher

Download and install Noscript Windows Scripting Host Stopper

Windows Update

UnPnP

Mozilla Firefox Secure Browser and industry standard plug-ins

Mozilla Thunderbird Secure email and industry standard plug-ins tick green

Remove Outlook and Outlook Express and stop using Internet Explorer!

Spybot remover – SpyBotS&D tick green To automatically update this you can use "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /taskbarhide /autoupdate /autoclose in a Scheduled Task in Windows (running in scan mode will take about 45 mins on a typical system) [don't enable TeaTimer]

Also Anti-Malware tick green To automatically update this you can use "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /update in a Scheduled Task in Windows (running in scan mode will take about 45 mins on a typical system)

Install PopTray - tick green

Example Rules.ini file. File last updated: 2010-07-31 12:36:50Z Size: 257k B

Test your Security

ShieldsUp

How can I see if my machine is sending out spam behind my back? You can look at Internet activity on your PC. A simple visual proof is to install NetMeter from it's home page. If you see attempts to send out data every few seconds then you might have a problem. To test it further, you can download the rather complex Wireshark which will give all the details of what is going on. When you do this, makes sure that your browser, email client and any other programs that talk to the internet are not running.

Useful links - Wilders

Anti-Virus Software (JUST FOR YOUR INFORMATION)

AVG anti-virus (free). tick green

Avast4 (free) – very complex user interface

F-Secure

Kaspersky

ClamWin (free)

PC-cillin anti-virus

McAfee anti-virus

Norton anti-virus

Specific removal tools (just in case your anti-virus tool misses it!) and another one too

Anti-Spam (JUST FOR YOUR INFORMATION)

PopFile Bayesian filtering for POP servers

Mozilla Thunderbird email client with Bayesian filtering built-in tick green

Not only is Mozilla secure, but you can add calendar functions and PGP, GPG Enigmail encryption to your messages and attachments.

footer