Suggest A Fix PC Support Forums > Security programs and links

Full Version: Security programs and links

Suggest A Fix PC Support Forums > Security > Security Tools and Articles > Tools and Utilities - read only

AnnMarie

Jun 10 2002, 01:19 AM

Posted by Interceptor-Security Forums Moderator
--------------------------------------------------------------------------------
Of all the threads in this forum, this is one of the most important you'll ever see. In this thread are links, tools and procedures that will enable you to secure your systems. Check back every so often as I am constantly updating this thread with more information.

1. If you use any IRC's (AIM, Icq, MSN), make sure they do not start with your machine. Once they do, you do not want to be visible (if that option is available) or have your ip visible. Any other security features in there you should use as well.

2. While no firewall is infallible, ZoneAlarm http://www.zonelabs.com will defeat nMAP scans thru ports 65000+. It also is faster than most firewalls (yes, even ATGuard/Norton Internet Security, Tiny). It will also not crash as easily as many firewalls if they are scanned at high speed and bombarded with many packets. I allowed nMAP scans to pound away at my system for 2 hours and they were useless. Another good firewall that recently made it's debut is Outpost from http://www.agnitum.com . If you prefer rules based firewalls and are an advanced user, Tiny http://www.tinysoftware.com Norton Internet Security http://www.symantec.com/product/home-is.html and Sygate http://www.sygate.com are probably your best bet.

3. For everyone using ZoneAlarm and does not know about the many log analyzers there are available to assist you in determining what all those alerts mean, you can go to http://www.zonelog.co.uk/]http://www.zonelog.co.uk/ or http://www.angelfire.com/falcon/icewatch2000/ (for BlackIce) and obtain free versions. Add-ons for ATGuard/Norton Internet Security may be obtained at http://balder.prohosting.com/~bud01/utils.html
A new freeware addition for ZoneAlarm and BlackIce analyzers is VisualZone Report Utility from http://www.visualizesoftware.com

4. Defeat those nasty .VBS scriptworms as well as the new trojan/virus embedded hostile web pages. This free tool from Symantec http://www.symantec.com/avcenter/venc/data...pt.hosting.html is all you need to protect you from them. This next tool (HTAStop) will disable the new virus embedded HTML issue. http://www.nsclean.com/psc-exe2.html

5. Maintain your operating system security updates. This is a must, because if they're important enough for Microsoft to take the time (finally) to address them, you should have them.

6. Whatever antivirus you decide to use must be maintained and upgraded constantly. I use PC-cillin http://www.antivirus.com (free online scan is also available) . Antidote from Vintage Solutions http://www.vintage-solutions.com/English/A...uper/index.html (if you want a free scanner, then this is the only free one you want). If you want a free antivirus then look at Antivir from http://www.hbedv.com/index.html
http://www.symantec.com , McAfee http://www.mcafee.com, AVP is a good product at http://www.kasperskylabs.com/products.html and Sophos AV is available at http://www.sophos.com Panda antivirus is athttp://www.pandasoftware.com/ It's whatever you prefer. Having nothing at all is the worst thing you can do.

7. Tauscan from http://www.agnitum.com and The Cleaner http://www.softseek.com are two very effective add-on trojan scanners. PestControl from http://www.safersite.com/ has become the quiet contender for the crown.

8. Ah, the famous "Toybox" from our esteemed "rmbox"....some of the handiest little utilities I've ever seen. These work on 95/98 and to a point, ME. http://home.earthlink.net/~rmbox/Reticulated/Toys.html

9. RegistryProtect from http://www.diamondcs.com.au/web/htm/regprot.htm is a free registry monitor that will alert you to sudden changes in your system's registry.

10. AdAware
is available at http://www.lavasoftusa.com is the perfect way to get rid of that pesky spyware. SPYBOT Search and Destroy is now recommended by SAF. You can download it at http://spybot.eon.net.au/ ).

SpyBlocker allows you to use the adyware infected programs you like and disables the embedded adware: http://noads.hypermart.net/ Another program users have been introduced to is SpyBlocker. SpyBlocker lets the adware connect...but not to your system. http://noads.hypermart.net/
A new form of advertising hijacks your browser. This has been appropriately nicknamed "scumware". One site that has taken the fight to the advertisers that utilize this practice is http://www.scumware.com
They have links and information users can research to assist them in fighting intrusive Internet advertising practices. HijackThis is another tool that can remove even the most stubborn browser hijacker. Use it in conjunction with Spybot for complete spyware removal. A user tutorial for HijackThis can be found here. SpywareBlaster is a great tool that will prevent most spyware from ever downloading onto your system, and the program doesn't even have to be running. You only start the program to update the database. A new version was released on 9/22, and best of all, it's also free.

SpyBlaster

11.SpyChecker is the perfect way to check if that free program has spyware in it. www.spychecker.com
An additional site that you can also check is here: http://www.infoforce.qc.ca/spyware/enknownlistfrm.html

12. Netlab http://www.webattack.com/download/dlnetlab.shtml
is freeware that you keep on your system. It's small and does WhoIs, DNS, ping, finger, quote, trace and time on those ip addresses that keep popping up in your firewall logs. Pretty nifty and you don't have to go to a separate site.

13. All kinds of virus removal tools, and for free! http://www.symantec.com/avcenter/tools.list.html http://www.pandasoftware.com/
McAfee's Manual Removal and tools page: http://vil.mcafee.com/virusSupport/virusSupport.asp? . (Click on 'Top10' 'Command line' or 'Misc.' links from that page). Or, try the AVERT page, here: http://www.mcafeeb2b.com/naicomm....ols.asp http://fireav.com/downloads/

14. Clean out your system after surfing. Window Washer is a great shareware utility for removal of Internet cache, cookies and other junk. It also has mega-free plugins to clean out tracks from dozens of programs!http://www.webroot.com/down1.htm
It works with MSIE, Netscape, AOL.

15. Need to filter everything from cookies to url referrers, popups and advertising? WebWasher is a great addition to your firewall system and is free for home or educational use. I've rarely seen such a configurable utility: http://www.webwasher.com/en/products/wwash...sh/download.htm

16. Here's one more site that has alot of very good security utilities: EPIC Online Guide to Practical Privacy Tools http://www.epic.org/privacy/tools.html

17. A site that has literally cyber-tons of security programs and utilities is Simtel.net File shredders, access conrol, keyloggers, lots of good control programs if you have kids or the system is shared, etc. http://www.simtel.net/pub/win95/security/diskvac2.zip

18. If you do not use print and file sharing, TURN IT OFF! This is basic security. It's very simple to write malicious code that will allow someone to enter your system and do pretty much what they want with this function enabled. Turn off the PREVIEW feature in Outlook Express if it's enabled. This function basically opens your mail before you open your mail and allows malicious code to run. Disable OE's "Automatically put people I reply to in my address book" as this addresses another vunerability.

19. This is the MS patch that disables .VBS scriptworm's ability to propogate in your system.
MS Scriptlet.typeleb Eyedog patch http://www.microsoft.com/technet/security/...in/ms99-032.asp

20. Patch Available for "Malformed E-mail Header" Vulnerability http://www.microsoft.com/technet/security/...in/MS00-043.asp

21. Incorrect MIME Header Can Cause IE to Execute E-mail Attachment Patch

22. Disable WinXP's vunerable plug n play feature with "Unplug n Play" http://grc.com/UnPnP/UnPnP.htm

23. MailWasher is a great program! With it users are able to view, remove and bounce mail before it reaches their regular email client. Finding it hard to be removed from mailing lists? Getting harassed by someone on your email? Tired of getting junk email from unknown sources? Why not make them think you no longer exist by bouncing back their email so it looks like your address has been closed down.
Are you tired of getting forwarded e-mails with large attachments that take ages to download? Are you scared of getting an email virus? Why not delete the email directly off the server so you don't have to download it.
http://www.mailwasher.net/

24. Block DoubleClick's pesky cookies with 0Click
This small utility allows you to "disconnect doubleclick from the internet" and this in turn prevents their banner ads, their cookies and their tracking of your activities. You can dowload it at http://www.simtel.net/pub/dl/16025.html

25. A form of spyware that comes included with most P2P programs is New.net

New.net spyware comes with the following software:

iMesh
KaZaA
Mindset Interactive (NetPalNow)
RadLight
Subtitle Studio
Babylon
BearShare
Cydoor (LingoWare)
GDivx
Go!Zilla
Grokster
Webshots

DO NOT DELETE THE .DLL AS IT WILL PREVENT YOUR INTERNET ACCESS DUE TO MODIFICATION OF THE WINDOWS WINSOCK FILE.

Click on My Computer.
Click on the C: drive.
Click on the Program Files folder.
Locate and click on the NewDotNet folder. If there is no folder, use the uninstaller listed below.
Locate and click on the uninstall executable; it will be labeled uninstallX_XX.exe. (“X” represents the version number of the uninstaller)
Reboot

New.net uninstaller

Download and save uninstall4_50.exe to a 3-½ floppy disk.
Insert the floppy disk into the floppy drive of the computer that needs to have our software uninstalled from.
Click on Start.
Click on Run.
In the Open window type, A:\uninstall4_50.exe.
Click on the OK button.
Reboot

Oftentimes, uninstall procedures for this spyware become obsolete as the software is constantly updated. So if is not able to be removed via Add/Remove, then this is the safest method.

LSP-Fix repairs corrupted Winsock stacks. This can be used to remove entries left behind by New.net and similar software, restoring access to machines that cannot connect to the Internet.
LSP-fix **

** If for any reason these 2 files become unavailable, please contact me via PM and I will send them to you.

26. PestPatrol is a tool that detects hacking, advertising tools and intrusion methods like New.net

27. Port Explorer from DiamondCS is a unique and advanced (yet easy-to-use) state-of-the-art socket analysis, exploration and packet sniffing utility, designed for both novice and advanced users alike. Port Explorer

28. Stop the new Windows Messenger (NetBIOS) spam (not to be confused with MSN Messenger, the IRC chat program) with THIS utility from Stopmessengerspam.com

29. RapidBlaster is a scumware version of advertising spyware. It combines advertising (pornography) and data mining. In addition, it can download and execute arbitrary unsigned code pointed to by its controlling servers. Is known to install diallers such as DialerOffline. Because it has such close association with legitimate system files once introduced into the system and has some stealth/morphing capabilities, it can be difficult to detect and remove. An automatic removal tool has been developed to make removal simple and safe. RapidBlaster Killer. Another nasty hijacker/spyware file is CoolWebSearch. This spyware is the cause of a myriad of operating problems. CoolWebShredder can help remove this from your system safely and easily.

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.