|
Click here
for Africabiz Online RSS Feed Sample.
 -
YOU NEED MORE THAN A VIRUS SCANNER
AND AN EFFICIENT FIREWALL TO BE SAFE SURFING THE NET!
In
last delivery
it was explained that you need to regularly update your
browser in order to seal security holes. However, even
if you do that on regular basis and have an efficient
desktop Firewall installed, plus a virus scanner (regularly
updated) you are still in the shooting line of hackers
if you do not take some additional security measures
to protecting your system.
Let's consider that you have a firewall installed. Most
of the time a desktop firewall likes ZoneAlarm
can be configured to granting permanent Internet access
to some utilities you have installed on your system.
Your browser for instance. And once
the browser has the access authorization granted, it
may become the perfect Trojan horse, which opens your
system to the attacks of malicious Java applets, executable
files. Etc.
Sometimes
ago I was surprised, working on my desktop with NoteTab
- a text editor, which has nothing to do with the Internet,
to see a pop up message of another application asking
authorization to enter the Internet traffic. (I have
Zone Alarm installed on my desktop). Puzzled,
I refused the authorization and instead fired up the
scanning device of Lavasoft's Ad-aware Plus.
Surprise, surprise: the scanning process revealed several
cookies and executable files - which I haven't voluntarily
downloaded - nested
into my system. I cleaned up the system from
the intruders and started wondering how come that Lavasoft's
Ad-watch, which was running with the Firewall
had not detected the intruders.
That was the first time I got the palatable evidence
that a Firewall plus a virus scanner and a spyware are
not enough to seal my computer from intruders. I have
to mention that my browser is up
to date.
Then I came across an article by Majik in xatrix.org,
dated November 7, 2002, titled: Personal firewalls
spring security leaks, revealing the false security
illusion given to surfers by existing Firewalls. The
article explains that as far as Firewalls give authorization
to applications to enter the outbound Internet traffic,
it is possible for ill intentioned hackers to use these
applications or makeshifts to perform inbound Internet
attacks. Particularly the browser is very easy to
trigger to performing such attacks. Furthermore the
article gave a listing of applications capable of bypassing
Firewalls to performing whatsoever they wish on the
attacked system. Such as FireHole,
Tooleaky
and YALTA
(standing for Yet Another Leak
Test Application).
In addition to the false illusory security sense given
by Firewalls, there is more to the
insecurity you are exposed to when surfing on the Net,
depending on how you configured Security tabs of Internet
Explorer. When you perform following sequence on
your IE browser's menu, i.e. 1- Tools. 2-
Internet Options. 3- Security, you reach a panel,
which contains the following field:
 |
And instruction asking you "To select one of the
Web content zones to specify its security settings"
The default settings for Trusted sites' zone is Low.
And the default settings for Restricted sites' zone
is Medium. You can customize any of these zones
as you wish.
However, if you do choose High security level
for Restricted sites' zone, your surfing experience
may become a painful one with regards the surfing speed;
and you will notice that most sites you visit load blank
pages. Why?
Because IE is just making sure that any web site
added to the Restricted sites' zone is impeded to performing
certain actions, which could compromise your privacy
and security, such as installing and / or running: ActiveX
controls, Java applets, JavaScript, Cookies Download
and installation of Desktop items, Use of email address
as anonymous FTP password, Hijacking your Home page
and / or Search page Installing their "Sleazeware",
etc.; without your knowledge.
When your settings for Restricted sites is set to default
Medium level, above listed malicious actions may occur,
if you visit Dirty Sites, or get a malicious
Javascrips packed pop under screen, which drop
Javascript viruses, executable files, malicious Cookies,
Worms and Trojan horses onto your system, bypassing
Firewall, Virus Scanner and Gatekeeper.
-
HOW TO SQUASH BACKDOOR ACTIONS
PERFORMED BY DIRTY SITES WITHIN YOUR COMPUTER
You
can see, reading above exposition, that your system
is not safe from hacking even if you have installed
a high performing Firewall like ZoneAlarm, an
up to date Virus scanner, a Gatekeeper like Lavasoft's
Ad-watch. You are still at risk when visiting
dirty websites configured to drop Javascripts' bombs
within your system.
Several developers are now concentrated on solving the
problem.
ZoneAlarm makers are promoting on their electronic store
PestPatrol
a powerful anti-hacker utility that finds and eliminates
hacker tools, spyware and Trojans from your personal
computer or corporate network.
BullGuard
2.0 combines anti-virus and 'spywall' features into
a single protection solution called SpyWall,
an enhanced type of firewall that monitors system, cookies
and scripts' activity, making it an extremely effective
gatekeeper.
Trojan
Guarder detects and destroys Trojan horses and worms.
Strengthens Windows and protect your computer while
on the Internet. Once a Trojan or a worm appears, even
hiding in other programs, Trojan Guarder displays a
warning and kills it immediately.
SpySites
works closely with IE' Security Zones as above
explained. SpySites assists you using efficiently
IE's Restricted sites zone. By using SpySites to
set policies to the Restricted zone, you will prevent
dirty websites from intruding on your privacy and possibly
taking over your PC. Annoying popups may still appear
but their ability to set Cookies or perform other JavaScript
actions on your Computer will be blocked. Furthermore
they will appear blank if they packed with dangerous
Javascripts viruses, cookies. Etc.
SpySites Plus features a database of more than
1,800 (October 2002) Dirty Sites and amongst these the
Worst Offenders ones. In one click on the Worst Offenders
List's tab you will quarantine those havoc builders
(51 in October 2001 database) into IE' security Restricted
Zone. And the remaining suspicious dirty sites are closely
watched in real time by an array of tools: 1-
Cookie Manager. 2- Cookie Scanner. 3-
Page Scanner. 4- Add current page to the Restricted
Zone. 5- Cookie Monitor.
When you activate Cookie Monitor, Spysites Plus
seats in the system tray and seamlessly monitors your
surfing. It warns you in real time when a webpage is
dropping a cookie into your system. You have the possibility
to check right away for the characteristics of the intruding
cookie and delete it immediately if you wish.
First time I run SpySites Plus' Cookie Manager,
I found more than 500 cookies nested into my system.
Some of them already dead - but still clogging the hard
disk;. and several hundred with life time set at 26-37
years. I even found one, which lifetime was set at 6,685
years! I used Cookie Manager to clean up all
these intruders to keeping only cookies related to websites
I have registered to.
Watching Cookie Monitor in action, you will be amazed
to see the number of cookies some clean websites could
drop onto your system.
SpySites
Plus puts the security level of IE's Restricted
sites zone at High level without making the surfing
experience a painful one as when you do the same directly
through the sequence here
described. It is also very user friendly; adding a dirty
site to the Restricted sites zone is done from the system
tray with just one click.
-
YOU STILL NEED TO BE WATCHFUL
Even
if you have a powerful FireWall, a Virus Scanner and
a Sentinel / Gatekeeper as above listed installed on
your system, you have to be on alert when surfing the
net. Like you keep your house tidy with a vacuum cleaner,
you should perform some cleaning of your system after
each surfing sessions.
Running SpySites Plus' Cookie Scanner will remove spy
and tracking cookies from the cookies' vault. Cookie
Manager will assist you eliminating any non necessary
cookie, particularly those with extravagant extended
life time. And from time to time it will make good for
your security sake if you scan the whole system with
Lavasoft's Ad-aware
to see if some beasts or pests are not nested into the
registry and or program files.. And more important
never leave your computer unattended; to be in the position
to squash any suspicious action using the Internet Blocking
System of ZoneAlarm.
Regularly checking
for the the "tightness" of your browser's
ports is also a very useful preventive action.
Gibson Research Corporation performs
"Test My Shields" or and "Probe
My Ports" sessions.
-
WARNING: BEWARE! SOME SENTINELS
/ GATEKEEPERS ARE JUST DISGUISED SPYWARE!
Beware of which Sentinel / Gatekeeper you choose to
protect your system from malicious intruders. You won't
believe it, there are now fake Sentinels / Gatekeepers
and PopUp fighters, which are simply disguised Spyware.
When you install them on your system, they just freely
perform some dirty tricks inside your computer with
your authorization as you have accepted Terms &
Conditions!
I strongly urge you to spare some time to read from
A to Z a paper - A
New Spyware Tactic? - by Jerry Cambell of Camtech2000.com,
who described two of these bamboozlers. Obviously some
marketing companies are ready to do anything to take
control of your desktop. Stick to well known Gatekeepers
/ Sentinels and take time to read available press reviews
and peruse Terms & Conditions. Don't play into the
hands of unscrupulous people.
-
A TIP
The last release
(first week of December 2002) of ZoneAlarm
Pro version 3.5.166 makes also a tight use of Internet
Explorer' Security Zones.
If you do click Firewall at the left side of
the control panel of ZoneAlarm and then Main
on the top, you reach a field on which are displayed:
1- Internet Zone Security 2- Trusted Zone
Security.
The default settings for 1 is High and the default setting
for 2 is Medium.
A- If you do accept these settings, your surfing
speediness will crawl down very significantly even if
you have a broadband connection plus even a BroadBand
Booster.
B- If you opt for Medium for 1 and Low
for 2, your surfing speediness will not be harmed.
Anyway you are not taking any risk if your option is
B, as Gibson Research Corporation
"Test My Shields" and "Probe
My Ports" sessions
give the same results.
|
.
-
