Security Help

Free Firewalls

Kerio and Kerio Manual
Sygate
Sygate Manual
ZoneAlarm
ZoneAlarm Guide 3rd Party Guide
FireWall Info


Test Your Computer’s Vulnerability!

Shields UP
Steve Gibson’s Home Site
Security Testing Site’s

Online Virus Scanners

HouseCall
eTrust Antivirus Scanner
Panda
RAV Antivirus Scanner

Malware Scan
Jotti’s Malware Scan

Virus Information

Symantec
Trend Micro
McAfee
Sophos
eTrust
Security information from Secunia Secunia
Security information sites. Security Intelligence

Popular method of Web Site Spoofing
Anti-Phishing site and info Phishing Work Group
Anti-Phishing Work Group Phishing Archive

Spyware Research Links

Spyware Guide
Doxdesk Parasite Removal Information
PestPatrol Parasite Removal Information

Free Virus Fix and Removal Tools:

Grisoft AVG Download
AVG Special Removal Tools
Symantec
Trend Micro Damage Cleanup
BitDefender
McAfee Avert Stinger

Parasitic:

Microsoft Anti-Spyware (Beta)
Spybot Installation[br />
Ad-Aware
Spyware Blaster
Spyware Blaster Tutorial
Hijack This
Hijack This Tutorial
LSP Fix-Repairs Winsock 2 settings, caused by buggy or improperly removed internet software, that result in loss of internet access.
LSP Fix
Winsock Fix specific to XP
SpywareInfo

CoolWebSearch Removal Tool
Kazaabegone and other tools
CWshredder


HijackThis Help

Tutorial
Lists:
BHOs and Toolbars (02,03)
LSPs (010)
Filter:Text (018)
Appinit(020) SSODL (021)
Microsoft Security Information

Security Update Bulletins
Security and Privacy
Understand and Maintain Security with IE
Security Updates for IT Pros
XP Service pack 2 support
Microsoft Network Hotfix Checker

Browsers

Firefox
Avant
Opera
Internet Explorer
CubicEye

:shrug: Sorry I just didn't want this to sink out of site.

:kick:

:kick:

This would be a good thread to have pinned at the top of the page, I think.

Now ---- can we have some reviews of some of these? For example, I've just downloaded ZoneAlarm, not knowing there were other alternatives. Are there people who think the others are better in some way? If so, how/why? Etc.

I'm running Firefox but I can't say I like it. Once upon a time I tried Opera and really didn't like it, but if it offers as much security as Firefox, maybe I could try again. Does it?

I have LOTS of questions. C'mon, people, speak up!! ;-) tell us what you know about these.

:hi:

Point your browser to Broadband Reports look for forums, and go to the security forum. It is a great site, with tons of info, and many many people, ready, willing and able to help. They also have comprehensive forums on all sorts of computer related things. They have tests that allow you to find out speed, packet loss, and other arcane things about your Internet connection.

Personally, my security 'suite' includes, AVG Antivirus, Kerio Firewall, Spybot Search & Destroy, AdAware, and Firefox. Stay away from that Micro$oft stuff.
I use Open Office for my office suite, which is as good as MS office, only free, and instead of Photoshop, I use The GIMP, also free.

There are a lot of great apps that are free on Sourceforge Make sure that you have the right package when you download.


I'll also give this opener a good kick!

I notice when it goes through its daily Scan routine, it tells me tht it will not open a lot of files.

Should I be concerned? I mean, can't a virus slip inside certain file(s) and if the file is not being opened and scanned, I would be in trouble Right?

In general - what files should always be immune to being opened. Are there some like that?

Thanks

Carol

AVG has a free virus scanner download. I use it.

:kick:

Since the original post is very comprehensive (thank you), I thought it might be of help to those who feel intimidated by the number of tools available to just list a few that I think in combination do a pretty good (and very important) job of defending one's computer from the several threats out there.

Listed in order of priority (i.e., no firewall then the rest are just bandaids, viruses are deadlier than spyware, Browser choice is less critical once the other defenses are in place).

Firewall - Sygate Personal Firewall
Virus - AVG
Spyware - Spybot and Ad-Aware (both because each may pick up stuff the other misses for a while)
Browser - Firefox
Email - Thunderbird

These are my choices, others may recommend different ones, but I mainly wanted to point out that only a few new programs need to be added to provide very effective security.


There are a couple other categories of security measures that I am less familiar with, but which might become more important over time. One is for those using peer-to-peer programs (Peer Guardian is one such tool - http://methlabs.org/ ) and the other is anonymizers, but I don't have any recommendation.

(edit to provide better link to Peer Guardian)

and I admit it is the bare minimum. But what I wanted to do is share with the people that do not know how easy it is to protect themselves against the bad stuff they encounter on the Internet. Security is easy!

Skinner was kind enough to pin this thread to the top of the forum a few weeks back. Don't need to be kicked no more, but the thought is I'm sure definitely appreciated. :-)

for reposting this. I need to get busy and add a few things.

One of the best posts here ... Just needs a :kick:

that pinning this thread would be a great asset. Security is so important and we non-techies really appreciate this kind of trusted resource. As a non-techie, I check this forum on a nearly daily basis to see what I need to do or what's new or what else I can try to learn.

Thank you to all who share your knowledge here!

Aren't you glad the election wasn't stolen? Guess they felt they'd get caught what with everybody on alert this time. Eh?

Although not strictly in the 'security' field, one other handy-dandy little utility not mentioned is Belarc Advisor. It will give you an inventory of what hardware and software is installed on any given machine. Even shows info on MS Security Updates and license numbers of other installed software.

button and you can't log when you click internet explorer or firefox and nothing happens or if it does it may shut down.
It also seems to not let my friend go on to some sites for virus fixes or removal tools. So what should I tell her to do she can log on once in a while, should she change her browser.

Malwarebytes. My sister recently picked up the Personal Anti-Virus and Spybot Search & Destroy didn't find it and AVG Firewall didn't stop it. Here computer was freezing up and a mess. She was finally able to download Malwarebytes and it found the Personal Antivirus and deleted it quickly.

SeekService. I couldn't figure out where it was coming from. It would install itself on Firefox as an addon. It came from Free Sound Recorder I downloaded. When I went to delete the SeekService it wouldn't allow me to delete it. I opened Malwarebytes and used it to delete the file. It has an option to delete locked files.

I was searching in Google (I think I was using IE, but maybe Firefox) for a Kristof article, and it found the link in New York Times. I clicked on the link, and this Personal AntiVirus thingy started up, supposedly looking for stuff on my computer. Really bizarre. I closed it, then researched my computer, rerunning scans. Nothing showed up. Totally freaked me out. Everything appears to be okay, but is something lurking in this computer?

it's making you crazy, go here. Read the stickies and follow the instructions.
It's free, they're very professional, and they'll fix you up.

http://www.cybertechhelp.com/forums/forumdisplay.php?f=25

courtesy of Skinner and Elad

Here ya go
Introduction to Computer Security Threats
http://www.democraticunderground.com/discuss/duboard.php?az=show_mesg&forum=437&topic_id=72&mesg_id=91

Introduction to Computer Security Threats

There is no guaranteed way to avoid computer security issues unless your machine is always completely isolated from the outside world. Whenever you connect to the internet, and whenever disks or drives that have been connected to other machines are used on your machine, there is a possible security issue. Dangers can be reduced substantially by your cautious behavior and intelligent use of existing security tools, but the risk cannot be eliminated completely. Possible problems include, for example, compromise of banking or credit card information or other personal data, unauthorized use of your machine for criminal purposes by third parties, and prankster vandalism of software programs on your machine

We focus here on free resources. Consider doing further research, as this Topic will not be exhaustive and may not be up-to-date

Computer Security, Defense-in-Depth

Safeguarding your personal information

It is easiest for someone to steal your important personal data (such as bank account numbers or credit card information) if you provide it to them. So do not post such information online. You should be careful when transmitting personal data by electronic methods such as emails, since eavesdroppers may be able to retrieve such information by intercepting parts of transmitted packets; it is preferable to transmit such data in a secure fashion. Also be aware that if you send personal data by email, even in a form you consider secure, it may reside in the recipient's inbox in cyberspace for an extended period; the longer it remains undeleted, or insecurely deleted, the more opportunity there is for someone to obtain it by hacking into the email system. Do not engage in any online banking or online purchase activities without first assessing the security of the transaction. Spammers have been known to spoof legitimate websites in order to collect private information. Some (but not all) efforts are painfully amateurish and obvious; others can be quite sophisticated. Hyperlinks may not actually point to the address indicated

Phishing
Requests for your account information ('phishing' scams)
Anti-Phishing Work Group
SPAMfighter: Free spam and phishing filter for Windows

Careless online purchases with disreputable companies can cause you major headaches. Amateurish webpages can be a warning sign. To reduce the risk of identity theft, be sure your credit card transaction is transmitted securely. Investigate unknown companies before engaging in business with them: reviews from other customers can be helpful; in general, these reviews may be more reliable when hundreds or thousands of reviews are available

Double-checking companies
Better Business Bureau: Check Out a Business or Charity
Reseller ratings: Find a store
Ripoff Report - disgruntled consumers, sometimes with company rebuttals
Complaints Board


Preventing infection by viruses and malware

Your browsing habits, choice of browser and browser settings, use of anti-virus and firewall software, and choice of operating system can all affect your risk of being infected by viruses or worms, your chance of installing malware and trojans, and the possibility of malevolent control of your machine by third parties. If you have a network connected to the web, protect it appropriately. A wireless network (for example) should be protected by a secure password, so that unauthorized persons cannot connect to it. Downloading material from the web is not a risk-free activity. The risk presumably increases if you download free material from nonstandard sites and increases even more if the material is pirated. However, some viruses have also spread through mass-produced CDs or similar commercial products. As a general rule, do not click links in unexpected emails

A number of anti-virus and firewall products are available. Some of these may be provided with operating systems; some can be obtained for free; and some are pay-to-use commercial products. When using such products, it is important to keep them up-to-date

Unfortunately, however, there are also various scams involving nonfunctional "security programs" designed to obtain your money or credit card number. A common scam involves malware that is downloaded to the user's computer during websurfing; the malware later displays a pop-up window indicating that a virus has been found and encouraging the user to buy a particular "antivirus" product. The call-to-purchase may be reinforced by increasingly frequent pop-up windows that can render normal computer use impossible. The malware can sometimes be difficult to remove. Examples include MS Antivirus and AntiVirus Pro 2010 (which masquerades under dozens of different names)

Anti-Virus Guide
Freebyte's Guide to Free Anti-Virus Software
SuperAntiSpyware Free Edition
Web of Trust

Online help forums
Bleepingcomputer
GeekPolice
GeeksToGo

Operating System Specific Advice

As a rule of thumb, one expects the most popular operating systems to a more frequent target of malicious software. So there is some advantage to using (say) a Linux distro or OS X instead of Windows, since the majority (but not all) of software threats are directed against Windows

Users do not uniformly agree about whether anti-virus programs are worth the effort to protect Linux and OS X systems; however, if you use Linux or OS X in a work environment where filesharing is necessary, it may still be prudent to take some precautions, especially if you share files directly or indirectly with Windows system users, in order to avoid the possibility of transferring a virus to another machine

Linux
Linux firewalls for newbies
Avira AntiVir: free antivirus
AVG Anti-Virus Free Edition 8.5 for Linux
ClamAV: Unobtrusive Anti-Virus for Linux
GUFW: GUI for ufw firewall

OS X
Under the Security tab, Snow Leopard offers a firewall that can block all incoming connections. At a lower level of security, it can also be set to allow or disallow software to receive connections with a security certificate and to allow "stealth mode" browsing so that the computer does not respond to pings and similar connect attempts. It is also possible to use secure virtual memory

Macintosh Internet Security Guide
Apple security updates
Mac OS X Security Checklist (U Illinois advice)
New Mac Security News (SecureMac)
ClamXav
iAntiVirus

Windows
Microsoft Security Essentials
Microsoft Security TechCenter
Microsoft Malware Protection Center
Windows Defender (Microsoft)
SafeXP (free version) - adjust XP security and privacy settings
Pros and Cons of Windows 7 Security
Active Scan: online infection scan for Windows and IE or Firefox
ESET: free online scan
F-Secure Online Scanner: Requires browser plug-in
HouseCall: online virus and worm scan for Windows (small download required)
Threat Scanner: online virus and malware scan for Windows and IE
Belarc Advisor - Free Personal PC Audit
avast! Home Edition
Avira: free and commercial tools
AVG Anti-Virus
Free Virus Removal Tools (BitDefender)
Panda Cloud Antivirus
Comodo Free Firewall and AntiVirus
Malwarebytes
Iobit Security 360 Free:malware/spyware scan
Superantispyware (free edition)
SpywareBlaster
ZoneAlarm
ZoneAlarm 3rd Party Guide
Secunia Personal Software Inspector

Completely removing unused programs and old files may also help reduce vulnerabilities
Ccleaner
Revo Uninstaller (freeware)


Online Testing of OS Settings
ShieldsUP!: attempts port scans and reports the results

Rootkits
Sophos Anti-Rootkit
Rootkit Buster (TrendMicro)
Antirootkit.com

DNS issues
To access an address such as "http://democratic.underground," it is necessary to reference an online dictionary (the DNS) and then look-up a numerical version of the website name, indicating how to find the website. Master copies of the DNS are widely recopied for local use

In principle, it is possible to corrupt these dictionaries and to send the websurfer off to a phony site. The fact that you see the expected domain name in your browser navigation window is not necessarily proof that you have navigated to the expected website: this can happen if the DNS server you are using has a poisoned cache. Security certificates should therefore be taken seriously. For the same reason, you may want to be cautious about using software that promises to connect you to the fastest DNS available, if you cannot ensure connection to a DNS secure from cache poisoning

An Illustrated Guide to the Kaminsky DNS Vulnerability
OpenDNS
Google Public DNS
http://code.google.com/p/namebench/">namebench - open source DNS benchmarking, checks cache poisoning vulnerability by querying a service

Browser Specific Advice

Become familiar with security setting options for your browser. Current versions of some common browsers (such as Internet Explorer, Foxfire, and Safari) allow the user to automatically block known malicious sites, including phishing sites

Keep your browser software updated and realize that add-ons and plug-ins can introduce security gaps

Understanding the Web browser threat
Comparison of web browsers
One Security Prediction for 2010
Comparison of web browsers

Chrome
Attempts to limit security threats by sandboxing
Firefox
Allows control of Java and Javascript in Preferences
Ghostery
Firefox addon notifies about webpage spying
NoScript
Firefox addon prevents executable content in webpages unless allowed by user
Known Vulnerabilities in Mozilla Products
Vendor information for Firefox, SeaMonkey, and Thunderbird
Opera
Allows control of Java and Javascript in Preferences or by checkboxes in the chrome
Safari
Allows control of Java and Javascript in Preferences

Wi-Fi Security
7 tips for working securely from wireless hotspots (MicroSoft)
How do I stay safe in an internet cafe?
Practical Wi-Fi security (HP)
Best Security for Wireless Networks
Top Ten Free Wi-Fi Security Test Tools
PacketProtector - "WARNING- installing third party firmware (like PacketProtector) will void your warranty"
Nasty New Worm Targets Home Routers, Cable Modems

The Chinese Google Hack (January 2010)
This attack involved sending emails with links to targeted employees at various companies. Clicking the link downloaded sophisticated malware that exploited vulnerabilities in Internet Explorer and perhaps also in several Adobe products

Operation “Aurora” Hit Google, Others (McAfee)
Microsoft Security Advisory (979352)
Microsoft Security Advisory (979267)
How to protect yourself against the Chinese Google hack (ComputerWorld)
German Government: Stop Using Internet Explorer
Adobe Reader and Acrobat ... APSA09-07

Further Reading:

The Difference Between a Computer Virus, Worm and Trojan Horse
Virus, Spyware and Trojan Removal
CyberTech: Malware Removal Forum: Read the stickies and follow the instructions
Major Geeks: Malware Removal Guide
Geeks to Go: Malware and Spyware Cleaning Guide
Ransomware: Extortion via the Internet
Spyware
How Spyware Works
Spybot Search and Destroy
How to Detect and Remove Annoying Spyware/Adware (SecureMost)
The Best Security Suites for 2009: PCMag's take on security software
15 Free Security and Backup Utilities (PC Mag)
Common Windows PC Issues: Tips to Diagnose and fix a slow running computer
DSLReports: Security Forum


Online Databases
Threat Explorer (Symantec)
Threat Encyclopedia (Trend Micro)
Security analyses (Sophos)
Virus Encyclopedia (CA)
Secunia Advisories
VirusList

Some Recovery Tools
Guide to Saving your Windows System with Thumb Drive (Lifehacker)
Put System Rescue CD on USB using Windows
Create multiboot rescue USB flash drive

:hi: