Tuesday, November 13, 2007

Virus and Syware Prevention: Security

Do not use Internet Explorer

Using Internet Explorer as your main browser is the worst thing you can do for your PC. The only thing it should be used for is getting Windows and Office updates since they rely on ActiveX to install software, the same reason why it shouldn't be used for surfing. ActiveX is responsible for the "Drive-by Downloads" that some spyware uses to install itself on your PC. I personally use Firefox as my main browser on all the Operating Systems I run. Other good choices to use are Mozilla, if you want a full featured browser along with a mail client. Another good choice is Opera, Opera is not "free" but does allow for a fully featured free browser that does display ads. Purchasing and registering Opera removes these ads. They are not intrusive however, and I also use Opera alot, it is quite fast. I do not suggest MyIE2 or Avant since they are just frontends to IE and use IE's core, so in my mind atleast, they are just as vulnerable as IE.

Remove the Microsoft Java Virtual Machine, and install Sun's Java

One of the most common and also hardest to remove browser hijackings come from the malware known as CoolWebSearch. This is cause by exploiting the way that Microsoft's Java Virtual Machine handles byte-verifiers. This is not exploitable in Sun's Java. Microsoft no longer supports its VM either, and it was removed in the SP1a version of Service Pack 1, and is not included in SP2. Click Here for instructions on how to remove it.

Install an Antivirus and Firewall program

Most PC's come with an Antivirus program installed on them, but they are usually only a 90-day trial, or similar. Alot of users forget or simply don't know that they need to renew their subscription. This is a must, you must have an Antivirus that is updated weekly, even daily to keep you protected. You should be able to set your program up to automatically update. If you do not want to pay for an AV application, you can use AVG's free edition, it is just as good [some would argue even better] as most of the commercial antivirus applications. I use a mixture of AVG Professional and AVG Free on all of my personal PC's.

You also need to install a firewall program to protect you from incoming attacks. XP's SP2 firewall is not bad but third party applications will give you more control. I like and use Sygate's Personal Firewall, which is also free.

Keep Windows, Office, and your Antivirus up to date

I can't stress this enough, you must keep your programs up to date. Microsoft is constantly patching holes in their operating system. The Blaster worm outbreak a few years ago would have been fully avoided if everyone had applied the patch that was available weeks before it hit. Always install all critical windows updates. The same goes with Office, Office 2000, XP, and 2003 all have a similar update to Windows via the web. Crirical vulnerabilities and bugs are fixed in patches released here, so it is necessary to always install these as well. You Antivirus doesn't do you any good if its definitions are old since the new worm/virus is usually going to be the most circulated at that time.

Disable unnecessary services

I am not going to go into detail here, as BlackViper's Service configurations cover it much better than I would. Point is, if you do not need the remote registry service running, the only purpose it would serve running would be to be exploited. Disabling the large amount of services XP runs by default will also make your PC snappier since it can free up significant amounts of memory.

Run Spybot Search and Destroy at least once a week

I guess this doesn't fit into the prevention category really, but running Spybot Search and Destroy weekly can save you a lot of hassle. This program should be able to clean most infections barring some real nasty ones.

Install Spyware Blaster

Install Spyware Blaster. This program adds known bad sites to your Internet Explorer restricted zone so they cannot hit you with those "Drive-by Downloads" and also blocks tracking cookies from Internet Explorer, Mozilla, and Firefox. Remember, an ounce of prevention is worth a pound of cure.

No comments: