2006 Security Watch - What is this year going to have in store for us?

There is a lot going on in the information security space. 2006 looks to be an interesting year in these regards. Below are some things to watch for in 2006, some of them are good and, unfortunately, some aren't.


First the good news:

• We are getting a lot more serious about our security. This has a lot of reasons behind it. For example, new privacy laws are mandating organizations to tighten their security. Look to see more consumer privacy laws passed in the coming year and more tightening of security systems.

• Authentication requirements are increasing. This is closing in large security holes. Corporations are requiring a great deal more of authentication to get into secure systems (this also is on the bad news side)

• There is a plethora of sophisticated programs to help us be more secure and they will continue to get better. Competition right now is strong in the security industry sparking a lot of innovation.

• ISPs are now taking on the responsibility to help us with our security. Take AOL's recent commercials as a good sign that others will follow the trend.

Now the bad news:

• Securing our networks is costing us. Most companies are globalizing their organizations and making them secure costs a lot of money. It will get worse before it gets better.

• Authentication requirements are increasing. This is getting claustrophobic. Corporations are requiring a great deal more authentication to get into secure systems (This is also on the good news side) Unfortunately, for the end user, it is one more thing to be unhappy about, not unlike airport security lines.

• Hackers are getting more sophisticated. For example, Botnets are becoming more complex and harder and harder to catch and stop. Do a search on botnets on the Internet. They really are causing a whole lot of problems, but it does not stop there. The number of viruses and malware out there is staggering.

• Spammers keep finding more creative ways to fill our email boxes. Don't look for this trend to stop anytime soon.

Protect Your Privacy

Cookies

Companies try to personalize web site experiences for their visitors. Some remember your login name and password for your convenience upon subsequent visits. Others offer news, stock quotes, and weather tailored to people's interests and location. This is done with a cookie, a small file created by the site, that collects specific information about your preferences or web browsing activities and stores it on your PC. Allowing all cookies, however, is unacceptable for those who care about privacy.

Tracking networks such as DoubleClick and MSN LinkExchange use cookies to monitor which site you were on when you clicked a particular banner ad and what you did once you got to the advertiser's site. They can put cookies on your PC and then read them across many sites - tracking your surfing habits and building a profile about your preferences.

Though this can be alarming, you are not left without the option to take control of the cookies that are used to invade your privacy. You can completely close this privacy gap as long as you apply basic cookie management techniques. Cookie filters will allow you to accept or deny each cookie upon arrival. Cookie filters can also be instructed to always deny "third-party" cookies - those that do not directly originate from the site you are currently visiting. Third-party cookies are most often used by advertisers and marketers.


Handling Spam

Take advantage of the built-in junk mail filters inside your e-mail client. In addition, configure your own filters to automatically trash or delete incoming e-mail that contains certain keywords. By using a combination of various filters you can noticeably reduce the amount of spam reaching your inbox.

You can set up as many filters as you like in your e-mail client. It is always wise, though, not to automatically delete the filtered mail until you are certain the filter is properly configured. You can always change it later.


ActiveX and Java Class

Never accept and run an "ActiveX Control" or "Java Class" unless it comes signed and from a trusted site. It is best to force your browser to prompt you for permission. If you are using Internet Explorer, these settings are located under Control Panel - Internet Options - Security - Internet, Custom Level. Mozilla, Opera, and Netscape users are prompted by default.
Install on Demand
Disable "Install on Demand" if you are using Internet Explorer so your browser will be forced to prompt you if additional components are needed in order to display certain content. This setting is located under Control Panel - Internet Options - Advanced.


Use a Personal Firewall

Use a good bi-directional firewall that will monitor all incoming and outgoing traffic and will alert you for access permission if such traffic is detected. It also has the ability to hide your presence from intruders by completely blocking access to the ports that are used for the transfer of information. Select the highest security level for your Internet zone and set all programs to prompt you for access - even those you use frequently. When in doubt, deny access of a program until you know for sure its identity.

It also has the ability to hide your presence from intruders by completely blocking access to the ports that are used for the transfer of information. A firewall plus anti-virus protection are rule number 1 to Internet security. For Windows XP users, be aware that although its Internet Connection Firewall (ICF) will detect inbound traffic, it is useless for detecting outbound traffic - you need a bi-directional firewall - one that will detect both.


Use Anti-Virus software

Use a virus scanner (anti-virus), keep the virus data files current (check for updates at least once a week), enable the "Heuristics" or "Bloodhound" feature (for detection of virus-like activity of yet-to-be discovered viruses), and set it to scan all downloads and e-mail attachments - before they are opened. Let it quarantine and destroy anything suspicious. If it has settings for scanning ActiveX Controls and Java Classes for potentially harmful content, use that too. For even greater protection and a wider range of configuration options, combine the use of a virus scanner with a trojan scanner.
Installing an anti-virus or anti-virus/anti-trojan program on your system is probably the easiest of all security measures you'll find. Upon detection of a virus, the program will move the infected file to a quarantine area for disinfection or removal before it has the opportunity to make contact with you or any other program. Configuration is simple and detection is reliable as long as you keep the virus data files or rulesets up to date (check at least once a week), and apply all updates and program or scan engine patches as they are released.


Trojan Scanners

Trojans, or often referred to as Trojan Horses, are disguised as innocent programs and most often arrive hidden inside e-mail attachments or programs that are downloaded from the Internet. Upon execution, they place sets of instructions in various places then wait silently until you restart your computer to begin their nasty deeds.

Some anti-virus programs will also detect trojans, yet the use of a separate anti-trojan program is a popular and recommended option that provides you with a wider range of configurations and more extensive Trojan Horse protection. These programs are meant to be used in conjunction with your anti-virus program.


Peer-to-Peer Security

Be extremely careful when using any P2P (peer-to-peer) network service like Kazaa, Gnutella for sharing/swapping files across the Internet. Be sure you are not exposing any drive folder other than the one designated for access by these services, and keep your virus scanner active at all times.


Instant Messenger Security

Secure your IMs (Instant Messengers). It is wise to use an IM encryption utility to secure your AIM, ICQ, MSN, or Yahoo! Messages, but be aware that the encryption will only be effective if the utility is used on both ends.

Disable file transfers in IM programs, as this feature, if configured incorrectly, can enable the sharing of more than you intend. AIM, .NET Messenger, and others let you disable file transfers from the Preferences or Options menus. If someone wants to send you an image or file, use e-mail to verify that the request is legitimate.


Protect Your Registry

Use a registry guard to protect your registry, startup directories, and startup files from malicious programs. Incoming Trojans can go undetected. They will place a specific set of instructions in the registry or other system files and will activate the next time you shutdown/restart your computer. A registry guard will alert you before the damage is done. It is also a useful tool for alerting you of changes when installing new software.

Home Computer Security

A personal computer connected to the Internet without a firewall can be hijacked in just a few minutes by automated hacker ''Bots''. The only way to make your computer 100% secure is to turn it off or disconnect it from the Internet. The real issue is how to make your computer 99% secure when it is connected. Not having protection is like leaving your car running with the doors unlocked and the keys in it which a thief might interpret as "please steal me". Stated another way, when was the last time you handed a stranger your wallet and encouraged them to take your social security card, drivers license, cash and credit cards? Locking a car, using a "club" or installing a security system makes stealing a car more difficult. Internet security and privacy products provide adequate protection by making it difficult for "outlaws" to find and take control of your computer.

A layered approach is best to protect your security and privacy:

• Use personal firewall, anti-spyware, anti-virus, anti-Trojan, anti-spam, anti-phishing, and privacy software on your desktop computer.
• Update and tighten Windows before installing new security software.
  
• To avoid conflicts, do not use two software firewalls or two anti-virus products at the same time. Completely uninstall one before installing another.
  
• After installing any security software, immediately check for updates at the vendor's website.
  
  
  

Spyware: What It Is

What is Spyware?

Spyware is Internet jargon for Advertising Supported software (Adware). It is a way for shareware authors to make money from a product, other than by selling it to the users.

Do I have Spyware on my machine?

If you've ever gone on the internet with your computer, mostly YES, you have spyware on your machine. You can get it by installing certain software or just by surfing the internet.

Why is it called "Spyware"?

While this may be a great concept, the downside is that the advertising companies also install additional tracking software on your system, which is continuously "calling home", using your Internet connection and reports statistical data to the "mothership". While according to the privacy policies of the companies, there will be no sensitive or identifying data collected from your system and you shall remain anonymous, it still remains the fact, that you have a "live" server sitting on your PC that is sending information about you and your surfing habits to a remote location.....

Are all Adware products "Spyware"?

No, but the majority are. There are also products that do display advertising but do not install any tracking mechanism on your system. These products are not indexed in our database. Adware isn't necessarily spyware. Registered shareware without ads may be spyware. Purchased out-of-the-box software may contain adware and may also be spyware. Updates may change a previously ad-free version into an adware product. All this makes for a confusing mess and users need to be on guard when installing any type of software.

Is Spyware illegal?

Even though the name may indicate so, Spyware is not an illegal type of software in any way. However there are certain issues that a privacy oriented user may object to and therefore prefer not to use the product. This usually involves the tracking and sending of data and statistics via a server installed on the user's PC and the use of your Internet connection in the background.

The Bottom Line:

Avoid adware. If you're broke and can't buy a clean shareware product, find an ad-free, non-spying equivalent of the program you need. Avoid spyware at all costs. Install a firewall and pay attention to what is asking for permission to connect online.

Quick List for Virus Protection

1. Don't open email from someone you don't know.
   
2. Don't open unexpected email from someone you know that has an attachment and a subject that seems strange to you.
3. Make sure your virus protection is up to date
4. Make sure your software is up to date
5. If in doubt call technical support
   
6. Keep updated on the latest threats:

• http://www.itap.purdue.edu/security/alert/
• http://www.symantec.com/
• http://us.mcafee.com/default.asp
  

What are the symptoms of spyware

Spyware can affect a PC or network in various ways. Here is a list of common symptoms to help you decide whether or not you have spyware installed on your machine.

For Consumers

• Slower PC Performance. One of spyware's many effects is the significant slowdown of the performance of your PC. Your computer may seem sluggish, take longer to start when you turn it on, or take longer to get to the Internet. For example, a computer with as little as two adware applications could take more than 14 minutes to boot.
  
• New Toolbars. Certain types of spyware such as hijackers can add new toolbars to your Internet Explorer that you did not knowingly install.
  
• New Desktop Shortcuts. Some spyware may add new shortcuts on your desktop.
  
• New Default Homepage. Browser hijackers change your default homepage to a different default homepage. Some homepage hijackers may prevent you from changing your browser's homepage back to its original default or prohibit you from visiting certain websites.
  
• New Search Results. Hijackers can also change the results of a web search and point you to designated websites that you did not request in your search.
  
• New Error Pages. Error hijackers will display a new error page when a requested url is not found. Excessive Full-Page and Pop-Up Ads: Adware can inundate your computer with targeted ads based on web surfing habits that have been tracked. Adware can slow down your PC to a crawl.

For the Enterprise

All of the above and the following:

• Slow Network Performance. Spyware robs your network of speed and Internet access efficiency. For example, a computer with as little as two adware applications could take more than 14 minutes to boot. This can significantly affect employee productivity.
• Congested Network Traffic. Spyware transmits and receives information across a network causing significant overhead and therefore bandwidth waste.
  
• Modified or Deleted Files. If you notice that files have been modified or deleted for an unknown reason, this could be the result of spyware.
  
• Lost Control of PC. Certain types of spyware such as RATs can take control of a PC or an entire network.
  

Securing Your Computer System

Today, more and more people are using their computers for everything from communication to online banking and investing to shopping. As we do these things on a more regular basis, we open ourselves up to potential hackers, attackers and crackers. While some may be looking to phish your personal information and identity for resale, others simply just want to use your computer as a platform from which to attack other unknowing targets. Below are a few easy, cost-effective steps you can take to make your computer more secure.

1. Always make backups of important information and store in a safe place separate from your computer.
2. Update and patch your operating system, web browser and software frequently. If you have a Windows operating system, start by going to www.windowsupdate.microsoft.com and running the update wizard. This program will help you find the latest patches for your Windows computer. Also go to www.officeupdate.microsoft.com to locate possible patches for your Office programs.
3. Install a firewall. Without a good firewall, viruses, worms, Trojans, malware and adware can all easily access your computer from the Internet. Consideration should be given to the benefits and differences between hardware and software based firewall programs.
4. Review your browser and email settings for optimum security. Why should you do this? Active-X and JavaScript are often used by hackers to plant malicious programs into your computers. While cookies are relatively harmless in terms of security concerns, they do still track your movements on the Internet to build a profile of you. At a minimum set your security setting for the "internet zone" to High, and your "trusted sites zone" to Medium Low.
5. Install antivirus software and set for automatic updates so that you receive the most current versions.
6. Do not open unknown email attachments. It is simply not enough that you may recognize the address from which it originates because many viruses can spread from a familiar address.
   
7. Do not run programs from unknown origins. Also, do not send these types of programs to friends and coworkers because they contain funny or amusing stories or jokes. They may contain a Trojans horse waiting to infect a computer.
8. Disable hidden filename extensions. By default, the Windows operating system is set to "hide file extensions for known file types". Disable this option so that file extensions display in Windows. Some file extensions will, by default, continue to remain hidden, but you are more likely to see any unusual file extensions that do not belong.
   
9. Turn off your computer and disconnect from the network when not using the computer. A hacker can not attack your computer when you are disconnected from the network or the computer is off.
10. Consider making a boot disk on a floppy disk in case your computer is damaged or compromised by a malicious program. Obviously, you need to take this step before you experience a hostile breach of your system.