PDA

View Full Version : Why your internet isn't safe and what you can do to protect yourself




hotbrownsauce
05-08-2009, 06:50 PM
The internet and computer technologies are full of loopholes. While back doors to computer systems have been closed and computer security in general has increased over the last few decades so has the threat of Viruses, Worms, Trojans, Adware, Spyware, Cyber Espionage, Cyber Terrorism, rootkits, DoS attacks, DRDoS attacks, and DDoS attacks.

Do you think you are safe? Do you think your servers are safe? You and your servers are not as secure as you might lead yourself to believe.

A Virus is a self replicating program like an .EXE. A virus can do any number of undesirable unauthorized things to your computer. Such as delete files, enable error messages, prevent your computer from starting, and enable backdoors for some unauthorized user to later come along and hijack your computer for any purpose they can think of that their skills will let them carry out.

A Virus can spread by sharing files with another person. The most popular way a virus spreads is by running code that allows it to send an e-mail to each of your contacts on your e-mail list. In this case you probably got the virus in the same way.
Prevent getting viruses by not opening up attachments that are unexpected. Download the latest updates to all your software including your Operating System. Run a virus scanner daily. Purchasing a well constructed software Firewall or even getting a free one will stop almost all traffic you do not want going in or out of your computer.

A Worm is a kind of Virus. A Human is a Mammal like a Worm is a Virus. The main difference is that a Worm can replicate its self on other computers without human involvement. Meaning you don't have to share files that has the Worm on it for someone to get it. Nor does a Worm necessarily spread by e-mail. A Worm can spread on the Network your computer is on by using features that are used for file sending. Prevent problems by following Virus prevention suggestions. Also it is important that you block all ports that aren't vital to the programs you use.

A port is a number that software uses in order to establish connections to websites, file transfer servers, streaming video, etc. Ports are used for connection a computer to something else.

A Trojan is also a type of Virus. What sets a Trojan apart is that a Trojan is designed to look like a file you want or need to keep. Such as if you download a game called "Poker.exe" or has a file called "Poker.ini" but unknowingly downloaded a Virus. By the time you figure out you installed a virus along with the game the Virus has usually installed its self in other areas. These kind of viruses can find out important information about you and send it to an unauthorized person.

Adware is a piece of software that will, by its self, show or play advertisements to you such as pop ups. Adware can infest your registry and change settings.
Prevent Adware by knowing what your downloading. Search the net. Buy or get Free Adware/Spyware removing programs. Be careful programs that claim to help you can actually install malicious programs (some do!).

The Windows Registry is where file settings are stored. Modifying these through Ware's can cause great headaches.

Spyware is software that is installed secretly on your computer usually without the users consent. Spyware spies on you by collecting your web viewing habits, and personal information. Some spyware can contain key loggers.

A key logger is software that logs every press of the keyboard and or mouse.

Cyber Espionage is a serious threat take the example of GhostNet. GhostNet is a computer based espionage attempt from an entity in China (probably the China Government) towards South and South Eastern Asian countries and organizations. No one is sure how all the malware was installed on the over 1 thousand computers that included some embassies and the Dali lama. Some malware was found that showed it was introduced to the computer systems via e-mail attachments that were created with great care, looked real, and spoofed source addresses. The computers were linked back to different servers where commands were given to copy files, e-mails, and server information along with turning on web cameras, microphones, key logging, and screen captures. None of the information what was stolen has been used yet. So the motive of who is involved with GhostNet is unclear. GhostNet continues to infiltrate computers each week. Firewalls should be installed on all sensitive computers to protect internet connections. Checking running programs can help or using Packet Sniffers.

Cyber Terrorism isn't really seen yet because many conventional terrorist of today do not possess the know how to use computers. But in the future terrorist my higher crackers or they themselves may conduct Cyber Terrorism. Cyber Terrorism could be as simple as cracking a military website and changing where supplies for soldiers go. Cyber Terrorism could also consist of jamming government networks.

A rootkit is a program or set of programs that gives an unauthorized person complete control of your computer and the programs can usually conceal their existence. Anti virus program will help.

DoS attack stands for "Denial of Service". This attack is as simple as the attacker has more bandwidth than their victim. The attacker sends so many pieces of data that even if the victim never accepted any of the data their internet line would still be full of bad requests making it extremely difficult for them to send or receive a legitimate request. Sometimes a DoS attack doesn't require huge bandwidth. If the victims computer isn't set up correctly the attacker can send multiple requests for a connection. The victim's computer will dedicate part of their computer memory for the supposed incoming data packets. The connection will remain open until it times out because the attacker never follows through with the connection. By that time the attacker has sent several more request for connection. By the time you know it the victim can't send or receive data because their memory is full.
So the name "Denial of Service" comes from the fact that you can't communicate with the internet, you don't have service because your blocked, so you are denied service.

A DDoS stands for Distributed Deanial of Service. DDoS is essentially the same thing as a DoS attack except that it uses many attacking computers instead of one, there for it is "Distributed".

A DRDoS attack is similar to DDoS. DRDoS stands for Distributed Reflection Denial of Service. In this scenario an attacker uses one or many computers to send packets of data with a spoofed IP that is the same IP of the victims computer (or server). These packets go to many different servers and routers in which use a type of reflection technology that reflect requests to other mirror servers. These entities (servers and routers) see what appears to be a legitimate request for TCP connection from what looks like the IP of the victims computer. So all of these entities respond by sending an ACK packet back to the victims computer. When the Victims computer (or it could be a server) doesn't respond these entities keep sending more packets towards the victim. With all of the packets coming in it overwhelms the internet connection. This kind of DRDoS attack can keep up until the attacker stops, or each server and router owner is contacted and they modify their equipment.

Because DoS attacks are very hard to be traced, if not impossible, and even if your router could ignore all the bad packets you are receiving, the network will get so clogged in a DoS attack none of the legitimate packets can get through. For this reason no internet connection is safe.


Summary
The more ports you have open the less safe you are.
Opening random e-mail attachments increases your risk of malicious activity.
No Firewall leaves your network open.
No virus scanner means you'll never see what malicious code is on your computer.
Not updating your Operating System and all of your programs regularly, creates risk.
Downloading files from the internet places you at high risk. (Most virus creators try very hard to get their virus out on the net. Sharing infected files on peer to peer networks is very popular.)
Not knowing what your installing increases risk of malicious activity.

Anything you see here the government has the ability to do. We are "right wing extremist" and part of some "militia" as reports say. So what makes you think they aren't following us? I guarantee they are watching. Some judge may allow them to infest our computers with programs to record and watch us. Se saw what happened in the Bush years and still continuing to happen.

Find out about encryption(!!!) techniques to encrypt your hard drive beyond recognition so only you know how to access the files. Send encrypted e-mails and files and use secure passwords. Anything you send through the internet can be monitored VERY easily. Simple encryption techniques guarantees your privacy.

hotbrownsauce
05-08-2009, 06:55 PM
There are many other security concerns.

Take for instance cookies that track where you go. Or websites monitoring you. Using "Proxy" servers allows you to connect to a computer that gets website information for you. This way you never actually connect to the website that gives you that information. They never see your IP or know anything about you. Find the right Proxy service that deletes all of its history within a few days. I've seen some that delete history within a few hours.

Or it can be as simple as using scroogle.org's scrapper instead of google.com

If you want to monitor what is going in and out of your computer try a program called "Active Ports" this will show you what programs you currently have running and it will list what they are doing online.

*Edit* it wouldn't be right of me to not include the following.

If you feel your computer is under attack and you want to secure it do the following.

(Search the web for info on the following and reply back if you have problems or questions.)

If in Windows XP create a system restore point. (Create restore points as many times as it makes you feel comfortable.)
(If you want to... Download "Active Ports" take notes on what you see. (You can also try wireshark))
Click "Start" select "Run" type in "msconfig"
*Warning do not uncheck anything you are not positive will hurt your machine*
after "System Configuration" pops up select the "Startup" tab. Scroll up and down... Each thing that is checked loads when you start your computer. Search the internet to see what the programs are (Make sure they are trusted sites!) and uncheck anything you need to. If your scared or this is out of your range, no worries! Everything will get cleaned anyway.

Download ZoneAlarm's Free Firewall and install it and configure it. You'll notice any suspicious activity right away.
Update windows.
Download Norton AntiVirus 15 day free trial edition (or try McAfee's free trial)
install norton
update norton
do a full system scan with norton

Try the following adware and spyware removers until your system is clean. Make sure to update them before running them.

Download Spybot Search & Destroy
Download LavaSoft Adaware
Download ComboFix
Download Malwarebytes
Download Microsoft Windows Defender (You should already have Defender if you have an updated XP machine)

(Run "Active Ports" again and look for changes.)
Use Zone Alarm features to look for any suspicious activity that is left behind. (If you don't like the Ask bar that is installed with Zone Alarm go to C:/Program Files/(The folder starts with the letter A maybe it is "Ask"?)... find it and double click the uninstaller)

Time for Change
05-08-2009, 07:16 PM
Candidate for best off topic thread of the month!

ChooseLiberty
05-08-2009, 07:41 PM
Don't forget "Flash cookies"

They track your use of Adobe's Flash.

Speaking of Adobe - do they seem very intrusive lately?

kathy88
05-08-2009, 07:42 PM
Candidate for best off topic thread of the month!

+1

Time for Change
05-08-2009, 08:48 PM
Here's a couple sites that explain the flash cookie situ and provide a means of controlling such invasions.

http://www.ghacks.net/2007/05/04/flash-cookies-explained/
http://epic.org/privacy/cookies/flash.html

nullvalu
05-08-2009, 09:00 PM
Run Linux. http://software.opensuse.org/ If you've never run it, grab that Live CD (KDE), burn the ISO & boot off the cd to experience linux without making any changes to your PC.

Dr.3D
05-08-2009, 09:16 PM
I have often wondered if the Windows system itself doesn't have a built in back door. I would almost guess Bill and his company are on the dole by the government and have already given them the keys to a back door.

hotbrownsauce
05-09-2009, 01:25 AM
I failed to mention how DoS attacks can help be prevented.

If all ISP's checked the out going packets to make sure they possess the true identity of who sent the packet. This would stop someone from lieing about who they are.
However this only stops part of the problem. This solution doesn't prevent someone from gaining use of other computers, commonly referred to as bots or zombies, and using them to attack someone.
Implementing the proposed solution would be much better than not. It would force attackers to have to work extra hard on finding computers to crack into. Any network administrator should know that any random Jane or Joe can spoof an IP packet and send them to routers and thus clog a network of their choosing. (If anyone doubts this then give me your ip address and permission to flood you for a few minutes.)

DamianTV
05-09-2009, 01:49 AM
Don't forget "Flash cookies"

They track your use of Adobe's Flash.

Speaking of Adobe - do they seem very intrusive lately?

If you want to adjust your Flash Cookie settings, or at least see what websites are currently tracking you, use the following link:

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

Unfortunately there is no built in application in Flash to manage these settings directly on your computer, although I think there should be.

---

Norton Anti Virus is the WORST anti virus product on the market. It might catch more viruses than some other anti viruses but thats not the biggest problem with Norton. Norton is not an Anti Virus as much as it is an advertising tool. The average computer user will not know how to handle Nortons advertising Threats that it gives you. Warning! Your copy of Norton Anti Virus is expired! Click here to PURCHASE an upgrade! Or update.

This is Advertising, not Anti Virus.

coyote_sprit
05-09-2009, 01:50 AM
I failed to mention how DoS attacks can help be prevented.

If all ISP's checked the out going packets to make sure they possess the true identity of who sent the packet. This would stop someone from lieing about who they are.
However this only stops part of the problem. This solution doesn't prevent someone from gaining use of other computers, commonly referred to as bots or zombies, and using them to attack someone.
Implementing the proposed solution would be much better than not. It would force attackers to have to work extra hard on finding computers to crack into. Any network administrator should know that any random Jane or Joe can spoof an IP packet and send them to routers and thus clog a network of their choosing. (If anyone doubts this then give me your ip address and permission to flood you for a few minutes.)

I think you as a citizen have a right to use fakes names and aliases. If you were forced to include your real name in every packet then anonymity would be dead and so would the ISP that is doing it.

coyote_sprit
05-09-2009, 01:52 AM
Norton Anti Virus is the WORST anti virus product on the market. It might catch more viruses than some other anti viruses but thats not the biggest problem with Norton. Norton is not an Anti Virus as much as it is an advertising tool. The average computer user will not know how to handle Nortons advertising Threats that it gives you. Warning! Your copy of Norton Anti Virus is expired! Click here to PURCHASE an upgrade! Or update.

This is Advertising, not Anti Virus.

Norton is nagware and are they still updating there virus definition only once a week?

You can also use NoScript to help avoid intrusive flash cookies.
http://noscript.net/

Time for Change
05-09-2009, 07:34 AM
I think you as a citizen have a right to use fakes names and aliases. If you were forced to include your real name in every packet then anonymity would be dead and so would the ISP that is doing it.

Barry Soetoro...I mean Barack Hussein Obama can do it, why cant the rest of amerika.

hotbrownsauce
05-10-2009, 09:01 AM
I think you as a citizen have a right to use fakes names and aliases. If you were forced to include your real name in every packet then anonymity would be dead and so would the ISP that is doing it.

Well obviously the ISP's at this point in time don't care about the spoofing. But because your using their service they have a right to make terms and agreements with their users. Anonymity wouldn't be totally dead.... proxy servers will still be around. A market for privacy could expand if ISP's started checking for IP spoofing. ISP download limits aren't a sensation yet many ISP's are adopting this business model.
Using the download limits as an example makes me feel that an ISP wont go under just because a handful of customers want to be able to spoof their IP. Perhaps someone has a good argument for doing so? The only real popular protocol that can utilize IP spoofing is UDP. I can forsee some very limited use of spoofing for that reason. (As I said very limited in my opinion.)