Keep up to date on Internet Security with the
Firewalls and Virus Protection "Security Alert Blog"
Sep 20, 06
Sep 10, 06
Sep 2, 06
Sep 1, 06
Visit our Internet Security Website
|.Get Cyber Alerts|
We respect your email privacy
your No.1 Use of the Internet?
Internet Security Information for the everyday Non-technical Computer user, Internet
User and Web Surfer who just wants to be safe doing basic stuff
without the hassle of viruses, spyware, or worse.
I'm very pleased that you're here today, and look forward to your early return to the Security Alert Blog.
Using the Web Feed or book-marking this page will make it a lot easier to visit again. Thanks, Richard Rossbauer
( Save This Page )
|Don't hesitate to express your views and opinions on my Security Alert Blog Cyber Alert postings (easily done by clicking on the highlighted 'COMMENT' | 'TRACKBACK' at each post|
Sep 20, 2006
How to Find a Security Suite
that meets your needs
This is our eighth weekly 'Security Review-Day
While the use of security suites and other security products can significantly reduce your risks, there is no magic wand that you can wave to eliminate 100% of your risk - there is no such thing as a secure operating system or web browser.
Lets review some of the numerous ways in which the security of your computer can be breached. The most common threats come from worms, viruses, Trojans, phishing, Hackers and Crackers. Potential security breaches can come in the form of downloading unfamiliar email attachments, being monitored by spyware, maliciously attacked by malware, or probed through port scanning.
Port scanning involves someone attempting to break into your computer through the open ports in your system. Once an open port is located, the Hacker attempts to collect your personal data or install a malware program. Dshield.org, a company that works with individuals and businesses to track, among other things, port scanning violations, recently reported that on average, they log over 1.1 billion attempts of port scanning each month. These are the results of just their monitoring efforts. Imagine how many more incidents occur each month in the general population of computer users.
They also reported on survival time, or how long it could take before an un-patched PC is attacked or infected. They found that if you have a Windows-based operating system and an un-patched PC, you could be attacked or infected in a little over 2 hours. Some authorities report even shorter times. When looked at in these terms, securing your computer becomes a serious mission.
Here are a few reminders of easy steps you can take to immediately protect your computer.
1. Dont run unfamiliar programs on your computer. It sounds like common sense, but many of the most prominent attacks have involved spyware and email attachment worms. If you dont recognize the sender, dont download its attachments.
2. Dont allow unrestricted physical access to your computer. If you have sensitive or proprietary information on your computer, allowing other employees or family members to use your computer can lead to potential breaches in your computers security.
3. Dont use weak passwords. Use passwords which are difficult for someone to figure out. People frequently use the names of children, pets, anniversary dates, or birthdays. Because there seems to be a password needed for everything, it is not uncommon to see many people using the same password for everything. Big mistake! The use of only one password provides a hacker with easy access to a smorgasbord of personal information
4. Dont forget to regularly patch your operating system and other applications.
Every day, new viruses, worms and Trojans are being created and distributed. They are looking for the weaknesses in your computer system. Having outdated software is basically the same as holding the door open and inviting them in for a visit.
5. Dont forget to make regular backups of important data. Always keep a copy of important files on removable media such as floppy/ZIP disks or recordable CD-ROM disks. Store the backups in a location separate from the computer.
Selecting Security Software - how to pick the best product for your needs? Start by asking yourself a series of questions. Do you need password protection for individual files, your desktop, a network, or to block someones access to the Internet? Is your computer used only by you or do multiple users have access to it? How many users in total do you expect on your computer? What are your system requirements? How much do you want to spend?
Once you answer these questions, you can begin to research which security suite will best meet your needs. Product reviews and user statements provide a great starting point. PCMagaine (www.pcmag.com), Zdnet.com (www.zdnet.com), and Consumer Reports (www.consumerreports.org) are just a few informative sites that offer research on various computer software products. You can read my tips on doing this type of research HERE .
tags:security suite, Hacker
Botnets and Honeypots - what
This is our seventh weekly 'Security Review-Day
In previous weeks we talked about Botnets and how they can steal web surfers' information and cause even worse trouble. Today we'll learn how honeypots are being used to try to track and identify those botnet operators.
By way of review - Botnets are networks of computers that hackers have infected and grouped together under their control to spread viruses, send illegal spam, operate spyware, and carry out attacks that cause web sites to crash.
What makes botnets exceedingly bad is the difficulty in tracing them back to their creators as well as the ever-increasing use of them in extortion schemes. How are they used in extortion schemes? Imagine someone sending you messages to either pay up or see
your web site crash. Botnet operators can easily carry out those threats.
Botnets can consist of thousands of compromised machines. With such a large network, they can use (DDoS) Distributed denial-of-service as a method to cause chaos. For example - a small botnet with only 500 robots (also called Zombies), can cripple corporate web sites by using the combined bandwidth of all the computers to overwhelm a businesses computer system and cause its servers to crash and their web sites to go offline.
Jeremy Kirk, IDG News Service on January 19, 2006, quotes Kevin Hogan, senior manager for Symantec Security Response, in his article "Botnets shrinking in size, harder to trace", Hogan says "extortion schemes have emerged backed by the muscle of botnets, and hackers are also renting the use of armadas of computers for illegal purposes through advertisements on the Web."
One well-known technique to combat botnets is a honeypot. Honeypots help discover how attackers infiltrate systems. A Honeypot is essentially a set of resources that one deliberately sets up to be compromised in order to study how the hackers break the system. Unpatched Windows 2000 or XP machines make great honeypots given the ease with which one can take over such systems.
Keep you computer clean to avoid becoming a zombie. ...Richard
Sep 2, 2006
Have you taken your Summer
Vacation? I just finished mine - but the cyber thieves
and criminals kept right on working while we rested
In their current report on malware and Internet security, PandaLabs reported that Eighty-eight percent of the new malware detected in the second quarter of 2006 was related to cyber-crime.
The report offers a day by day global vision of malware activity over this period and can be downloaded, free of charge, from PandaLabs.
According to Luis Corrons, director of PandaLabs: the results show how malware creators are concentrating on profiting from their efforts, creating increasing numbers of Trojan Horses and bots."
These pests are installed and operate silently without users noticing any of the typical symptoms of infection. Victims aren't aware that their computers are 'Zombies' being used to steal from them or even from third-parties. This false sense of security works in favor of the attackers.
Bots present a serious problem for everyday Internet users and network administrators of large businesses. A week ago, a federal judge in Seattle sentenced one bot herder to 37 months in prison for creating a network of compromised machines, or bot net, that severely impacted operations at a Seattle area hospital. Prosecutors believed that at its peak, this individual's network of infected machines (his bot farm) could control more than 1 million compromised computers.
To protect your computer from being a part of a cyber-crook's bot farm, keep your anti-spyware and firewall programs up to date. Scan your systems regularly. Be cautious about opening programs or links in your email that are suspicious.
And be aware, it's becoming more and more difficult to tell the difference between valid and phony email messages, especially those that seem to come from your financial institutions. TrendMicro Company publishes an extremely helpful list of active and current phishing exploits. Check out their Phishing Overview to learn if your own financial institution is listed.
During my two week vacation, I started to write a new eBook that will consolidate all of our recent articles, reports, blog posts, and the latest security advice in one easy to read and use guide for everyone who uses the Internet. Watch here for the publication date announcement.
tags:Trojan, Bot net
Sep 1, 2006 (Repeated)
A breach in your personal privacy
protection could easily lead to
hackers, online, and offline thieves stealing your identity.
The threat of Identity Loss exists on more than the Internet. The potential for the theft of our identities is everywhere around us. Read on to learn how you can protect yourself- for Free.
Nearly everyone is aware that Identity Theft is a serious crime and that people whose identities have been stolen can spend months or years - and their hard-earned money - cleaning up the mess thieves have made of their good name and credit record.
Despite our best efforts to manage the flow of personal information or to keep it to ourselves, skilled Identity Thieves use a variety of methods to gain access to our personal data.
Can we fight back? Yes! One of the best ways is to be informed of the tricks and ploys used by Identity Theft criminals and to understand how they attack. Forewarned is Forearmed!
And you can be fully armed with all of the vital information you need to secure your identity, know where to turn, what to do, and how to respond if you ever have the sad misfortune of becoming a victim.
There's a lot to know, and you can learn it from our Free
"MASTER E-COURSE in IDENTITY THEFT and OTHER SCAMS".
With the generous assistance of Victor K Pryles, a popular media consultant, radio broadcaster, publisher and Author, we developed this e-course to arm you, your family and your friends against the devastating consequences of Identity Theft
It really does cover everything you need to know to protect yourselves.
In fact, it is so meaty with USEFUL, VITAL information that the lessons arrive every four days - so you can implement what you learn AS YOU GO THRU THE LESSONS. There are ten lessons, in total.
After taking this Free course, you'll be protected, wise, savvy and safe, because you'll learn
This is a Free course for followers of my Security Alert Blog,
newsletter and website and you will not get any commercial
announcements after registering for it.
I'd like to hear from you.
Your comments are really appreciated. Try to avoid anything inappropriate (hateful, abusive,
explicit, etc.), they'll be deleted before posting.
Please stick to the theme of "Security Awareness and Safety on the
Internet'. Your email address will never be displayed and will not
be shared with third parties.
.... Richard Rossbauer
CLICK to Visit our
Internet Security Website
Subscription to the