Unofficial site of group TATU


Unofficial forum of group TATU
Go Back   Unofficial forum of group TATU English forum Questions to the Moderators


Computer security Win/Mac OS :: Passwords, common threats, spywear


ReplyPost New Thread
 
Thread Tools
Old 13-09-2008, 20:54   #1
-Jon- -Jon- is offline
Новенький
 
-Jon-'s Avatar
 
Join Date: Sep 2008
Location: Scotland
Posts: 18

Exclamation Computer security Win/Mac OS :: Passwords, common threats, spywear

forre: This thread is a complimentary to the announcement Forum account security

This should help people with the passwords they choose.
I will keep it simple and since this is (general) it can be used anywhere passwords are used.

First I will explain how passwords work.

As you know you all have an account on this forum the name of your account is your username but you also have a 'user_id' this is the number that represents you.
If you view my profile look at the adress-bar you will see viewprofile&u=2381 <-- that number is my user id.
When you login to the forum you enter two bits of information you username and password.
The username is used to find the 'user_id' and then your password is checked to see if it is the same as the one that is accociated with the 'user_id'

If its the same it lets you in. If not you get a few attempts before it stops you from logging in for a while.

So now you know how passwords work. I didnt talk about how passwords are stored, if anyone want to know about that request it and I will talk about that a little more.

So why is it important you use a good password? Obviously so nobody can access your account, pretend to be you and more importantly delete stuff.

So their are a few rules to follow when you pick you password.

- Do not use words that are in the dictionary.
- Do not use names. (pets, places, people).
- Minimum length should be 8 characters.
- Do not use only letters and numbers Use symbols also like : !£$%&*

This will stop people from guessing your password AND stop computers from guessing your password.
Computers dont really guess they just try everything...! That is why you want a minimum of 8 characters because after that the time it takes a computer to guess your password becomes too long to attempt.

The longer the better.

Now their is the problem of trying to remember this long password.
So here are a few tips.

1 - It dosnt need to be one word you can use a passphrase
2 - You can repeat words to make longer words
4 - use numbers instead of some letters.

Examples:

1 - this_is-a_passphrase-2007
2 - tatu&tatu&tatu$22
3 - my_n4m3_1s_j0n

Finally you can check any current passwords you use to see how good they are.
It rates your password based on similar rules I posted above.
http://www.microsoft.com/protect/you...d/checker.mspx
Courtesy of Microsoft
~~~~~~~~~~~
Read This -> www.tatu.ru/forum/viewtopic.php?t=1163

TA Chatroom - Come and say Hello
The best times to check the chatroom are:
- 8am GMT
- 4pm GMT
- 11pm GMT (I am normaly online at this time)

Last edited by -Jon-; 14-09-2008 at 01:32. Reason: spelling, grammar!
  Reply With Quote
Old 13-09-2008, 21:03   #2
-Jon- -Jon- is offline
Новенький
 
-Jon-'s Avatar
 
Join Date: Sep 2008
Location: Scotland
Posts: 18

Computer security :: What is a Firewall? (general)

This is just some information about firewalls.

All of you (hopefully) have a firewall installed on your computer.
But am guessing some of you just have one and dont know why....?
I mean sure you have anti-virus program to get rid of viruses, but what dose a firewall do?

So if you ever wondered about that, you can read this and know why.

What a firewall dose is controll the access to your computer resources.
And if a program wants to access something it has to go through your firewall and you can the firewall to block or allow this access.

And thats all it dose. So why would you want a firewall?

Basically to protect yourself. You can use the interent to connect to other computers. And bad people can use the internet to connect to you.
Their are many reasons why people would want to access your computer.

- To steal your information.
- To crash your computer.
- To use your computer to do something for them.

The last one is the most important. As you know spam e-mail is everywhere.You would think it would be easy to locate and shutdown a spam server.And it used to be. But things change and the bad people develop new ways to annoy us.

What they do now is get your computer to send spam for them.
They do that by making a worm that spreads to thousands of computers.
After they control these computers they use them to send spam.
They tell their wormprogramso send spam from your computer.

This is where your firewall dose its job.
The worm program cannot send spam without using a resource on your computer.
That resource is your internet connection. So when it tryies to send something you will probaly be asked.
"Do you wish to allow 'some_program.exe' to access the internet? yes/no"
If you see a program you do not recognise enter its name into google and see what you can find out.

Keep in mind though someprograms do need to access the internet (like your web browser) so you should allow them.
This is just one example of how a firewall protects you. And why you should have one.

I havnt explained about services, your IP address or ports.
But if anyone wants the extra detail let me know.
~~~~~~~~~~~
Read This -> www.tatu.ru/forum/viewtopic.php?t=1163

TA Chatroom - Come and say Hello
The best times to check the chatroom are:
- 8am GMT
- 4pm GMT
- 11pm GMT (I am normaly online at this time)
  Reply With Quote
Old 13-09-2008, 21:04   #3
-Jon- -Jon- is offline
Новенький
 
-Jon-'s Avatar
 
Join Date: Sep 2008
Location: Scotland
Posts: 18

Computer security :: Common threats (general)

This is whats going to be covered in this post.

::: Malicious Software :::
- Virus
- Worm
- Trojan Horse
- Time / Logic Bomb

::: Spoofing :::
- E-mail Spoofing
- Spoofing (general)

::: Scanning :::
- Sequential Scanning (Brute-forcing)
- Dictionary Scanning

::: Misc :::
- Digital Snooping
- Spamming
- Tunneling
------------------------------------------------
::: Malicious Software :::

-Virus-
Definition Malicious software that attaches itself to other software. For example, a patched software application in which the patch’s algorithm is designed to implement the same patch on other applications, thereby replicating.
Comments Basically just like a biological virus like the common cold a computer virus if executed on your computer will contine to multiply and spread to other computers. However it must be spread by something, this could be by email or by copying itself to something that will be executed on another computer. This could be a word document you save onto a floppy drive or flash drive then open in another computer.

-Worm-
Definition Malicious software which is a stand alone application
Comments A worm is like a virus but can be used for many more things. Its different from a virus because it dosnt 'need to be spread' it spreads automatically through 'exploits' their is little you can do to stop worms from spreading thats is why you hear about them in the news.
The most common use for a worm program it to run a 'bot network' where all the computers it controlls become slaves and carry out any request the creator of the worm tells it to.

-Trojan Horse-
Definition A Worm which pretends to be a useful program or a Virus which is purposely attached to a useful program prior to distribution
Comments Just like when the Trojan army hid inside a big wooden horse to attack, worms do the same by hiding inside a program you would want then when you use that program the worm is activated.

-Time / Logic Bomb-
Definition
- A Virus or Worm designed to activate at a certain date/time
- A Virus or Worm designed to activate under certain conditions
Comments This is a tac-tic used by some attackers. They delay their worm or virus untill a certain time or untill the user dose a certain action before they attack. For example a wormmight be designed to attack the tatu.ru servers. BUT if tatu have really good servers a constant attack will not crash the server. So what you do then is delay your worm untill a certain date. Launch it it will spread through millions of computers then when the day comes they all attack at once.

::: Spoofing :::

-Spoof E-mail (Phishing)-
Definition Forging an e-mail header to make it appear as if it came from somewhere or someone other than the actual source.
Comments This is one of the most effective ways to steal paswords and other information. I will give an example that happened to me recently.
As you know if you use myspace, when someone requests to be added as a friend you will get an email asking you to approve them with a link.

I looked at my email but I didnt click the link. Instead I logged intomyspace and found their were no new friend requests. The email looked genuine and so did the link but after looking carefully it was a spoof email.

So if I did click the link I would have probaly gone to some site that 'looked like' myspace logged into tht site and when I did my password and username would be recorded, and to stop me from noticing anything they would then simply forward me to the real myspace site and log me in.

It is so easy to do, so simple to set-up, and so easy to fall for.
That is why I dont click any links in any emails I recieve I go to the actual site and login the only thing I do click are links to activate accounts but these links only perform an action they cannot be used to get any information.

I just want to say again be extra careful with email, it will probaly be the first point of attack against any translators or any other user.

-Spoofing (general)-
Definition Getting one computer on a network to pretend to have the identity of another computer, usually one with special access privileges, so as to obtain access to the other computers on the network
Comments This is when someone pretends to be you not by stealing password but usingother things like your IP or MAC address. Typically this is only something you see when an attacket is trying to break into a server on a trusted network. But the tac-tics used in thes attack can be used in others which is why authentication is important.

::: Scanning :::

-Sequential Scanning (Brute-forcing)-
Definition Sequentially testing passwords/authentication codes until one is successful
Comments This is the only full-proof form of attack that is guarenteed to work. However the time it take depends on your password that is why you need a strong password...! 6 or more characters including letters, numbers AND symbols will take a couple of months to be guessed but by then you would have changed your password.
If you have a longer more complex password it will take even longer.
And when I say crack I mean if you had a supercomputer trying all possable combinations. So if a dedicated supercomputer takes time to crack your password. Nobody will be able to do it via the login page because the administrator ofthe tatu servers would notice thousands of login attempts and the server itself can only handle so manyconnections at the same time.

-Dictionary Scanning-
Definition Scanning through a dictionary of commonly used passwords/authentication codes until one is successful
Comments This despite being a simpler form of attack actually works half the time, all that is involved is using a dictionary and commonly used words to guess your password. That is why one of the rules for choosing a password is not to use the dictionary. It dosnt take a computer long to try and login as you using all the words in the dictionary.

::: Misc :::

-Digital Snooping-
Definition Electronic monitoring of digital networks to uncover passwords or other data
Comments As the name suggests this is spying, when you type in your name and password it gets sent to tatu.ru but all that data is broken down into little packets of data that fly around the internet bouncing from router to router untill they eventually reach tatu.ru and get reassembled into what they originally were and the data is proccessed.

Any point between your computer and tatu.ru servers these packets of data can be intercepted and viewed. The only thing to prevent this is encryption. which is why any place that dealswith credit card transactions like shop.tatu.ru has to have a secure server and handle encrypted connections. Packet sniffing as its known is just one way to spy on someone but if your computer is infected by a worm it can be used for the same purpose.

-Spamming-
Definition Overloading a system with incoming message or other traffic to cause system crashes
Comments When I talked about Logic / Time bombs this is what happens. Its known as a DOS (Denial Of Service) attack you also get a distributed version DDOS attack. Your computer might even be attacking some server right now and you dont even know it. These days it tends to be servers that get attacked but somone mightjust hate another person enough to do this to them. Because we live in a world where you need to clean up after these stupid people a.k.a Scriptkiddies (google this term)

-Tunneling-
Definition Any digital attack that attempts to get "under" a security system by accessing very low level system functions (e.g., device drivers, OS kernels)
Comments I just wanted to touch on this bit last, this involves Rootkits which I will explain about in their own section. Normally this was only a problem for people who used Linux / Unix because thats the Operating Systems that run the internet and almost all servers in the world. But now Rootkits have become common on Windows.
So I will talk about them in another topic.

Thats it for now I hope this benifits some of you now you know whats out their waiting to or probaly already has go into your computer you will be able to protect yourself better.

If any one has any questions or needs something explained better then ask.
~~~~~~~~~~~
Read This -> www.tatu.ru/forum/viewtopic.php?t=1163

TA Chatroom - Come and say Hello
The best times to check the chatroom are:
- 8am GMT
- 4pm GMT
- 11pm GMT (I am normaly online at this time)
  Reply With Quote
Old 13-09-2008, 21:05   #4
-Jon- -Jon- is offline
Новенький
 
-Jon-'s Avatar
 
Join Date: Sep 2008
Location: Scotland
Posts: 18

Computer security :: Spyware (general)

Time to talk about spyware.

Spyware was developed by advertising companies (bad companies)
It was used to gather information about people through your computer.
Like what your searching for, what sites you visit and what you use your computer for.

But then it extended its control and now spyware will do things like. Redirect your web browser so a site selling something.
Or highlighting words that appear on webpages and turning them into links to buy stuff.

Its more annoying than anything. The first question is probaly, Whats the difference between spyware, adware, viruses and worms? And the answer is generally spyware dosnt self-replicate. It dosnt copy itself or try to infect others. It tricks you into installing it or it uses software exploits to take controll of your computer.

Also I should point out at this point, somtimes you get spyware bundled in with other programs and it is installed legaly onto your computer because if you actually read the licence agreement it mentions that spyware will be installed onto your computer. Since nobody normally bothers to read the licence of anything they install they just agree and click next, it means your agreeing to be spyied on.

Adware is software that displays an advert in it. You could even call MSN or ICQ adware because of this.

Quote:
"The installation of spyware frequently involves Internet Explorer. Its popularity and history of security issues have made it the most frequent target. Its deep integration with the Windows environment and scriptability make it an obvious point of attack into Windows. Internet Explorer also serves as a point of attachment for spyware in the form of Browser Helper Objects, which modify the browser's behaviour to add toolbars or to redirect traffic.

In a few cases, a worm or virus has delivered a spyware payload. Some attackers used the Spybot worm to install spyware that put pornographic pop-ups on the infected system's screen.[8] By directing traffic to ads set up to channel funds to the spyware authors, they profit personally."
I cant remember where that was written I just saved it as part of a quote from one of my assignments.
But them point is why everyone should consider "not" using Internet Explorer. Their are good alternatives out their.
I will just suggest Firefox. But you should also check out Opera (what I use), Netscape and Safari recently released a beta version of their browser for windows. Their is also Camio (mac only) and text browsers like Lynx. But most if not all of you probaly wouldnt use a text browser.

Finally a quick explanation of how your anti-spyware program works.

Your anti-spyware works in a similar way to your anti-virus program.
Some methods of detecting spyware fingerprints include:
Hard disk scans.
The anti-spyware software checks all the files on the PC's hard disk against a database of known spyware packages. The best solutions use a mathematical process called a checksum or hash algorithm to ensure that the files on the hard disk are exactly the same as those noted in the database. The worst anti-spyware uses file and directory names as a detection method, which is a very good way to get false positives and miss spyware that changes names.
Registry scans.
The software looks for modifications made by spyware to Windows configuration files.
Memory scans.
The anti-spyware checks currently running processes for any that match known spyware.
URL monitoring.
The software keeps track of visited Web sites and monitors cookies and executed ActiveX controls, and compares the sites and controls to its internal database of known spyware networks.
Heuristic scans
This is a technique that involves AI (artificial intelligence) to detect new and unknown threats for which signatures are yet to be released.

The only reason big companies have started offering anti-spyware programs is because as I already said most of the spyware on your computer comes bundled with other software and your tricked into installing it 'legally' because you agree to it in the licence agreement, so this prevents them from legally removing it.
~~~~~~~~~~~
Read This -> www.tatu.ru/forum/viewtopic.php?t=1163

TA Chatroom - Come and say Hello
The best times to check the chatroom are:
- 8am GMT
- 4pm GMT
- 11pm GMT (I am normaly online at this time)
  Reply With Quote
Old 13-09-2008, 21:06   #5
-Jon- -Jon- is offline
Новенький
 
-Jon-'s Avatar
 
Join Date: Sep 2008
Location: Scotland
Posts: 18

Computer security :: Rootkits (Linux / Windows / Mac)

This is purly extra information after this I will do a few topics on how to defend your computer then an 'overview' topic to sumerise everyything.

Then I will get started on the user-guides and software documentation.

Main things that will be covered.

Some information about Operating Systems
Background information on Rootkits
Rootkits and Linux
Rootkits and Windows
Rootkits and Apple Macs

:: Some info about OS'es ::
What is an OS? It is a program that runs your computer. Before modern computers People had to enter binary data manually and execute it.
It was the job of the computer 'operator' to enter whatever data he/she was given.

Now the job of an operator has been replaced by an electronic system, an Operating system.

The main program in your operaint system is the 'Kernal' this controlls what happens in your computer, it decides what programs can run. What resources can be accessed by thoes programs. And wether ot not it should kill a program...!

Your computer has many resources. It has a
-CPU (execution states, proccess queues, proccess managment etc)
-Memory (memory managment, page mangment, meta data etc)
-Disks (I/O requests, File systems, File managment etc)
-Ports (Physical : "Keyboard/mouse, graphics etc" Virtual : "80:web, 25:mail, 21:FTP etc")

These are just a few thing but your computer has many more resources and their are programs that manage these resources, and these programs are managed by the Kernal program.

The Kernal also handles security and is designed to protect our hardware.
For example certain commands like one to shutdown the computer can only be executed in kernal mode. The user sends a system call in user mode to the kernal and if they are alowed to shutdown th computer it switches to kernal mode and executes the command.

The point is their is always a check made to make sure the user is authorised to run that command. I will show an example for everyone in another topic when it will be relivent.

:: Background info on Rootkits ::
- What is a rootkit?
Basically it is a collection of programs that are installed onto a computer so it can be controlled by another person BUT it allows that person to hide things on the computer and prevents them from being detected, so they can continue to to controll this computer.

- How dose it manage that?
It overwrites system files like your kernal with modified versions and constantly alters system logs ot remove any trace of any actions performed by the Hacker (we will just call them hackers for now).

- What do you mean logs.....?
Your computer records everything you do. This information is recorded on your security logs.
Why not have a look...If you can access them that is.

Windows 2000/XP :
- Click Start -> Run
- Type "eventvwr.msc" without the quotes click ok.
From there you should be able to view your Application, System and Security logs.

Sorry to Mac users, I dont have a Mac, so I dont know a quick way to show your logs, but when I do more research on apple macs I will figure it out.

Anyway these logs record everything they should and if your running an important computer like a server for a bank. You would have a program that constantly checks these logs for unauthorised users. And a rootkit will edit out any actions performed by the account made by the hacker.

- What can be done with a rootkit?
Well it allows the hacker to use your computer like any other. For example they had a really big video file and didnt want to put it on their computer, they could store it on your computer, and you wouldnt know.

They can do this because a rootkit can control your file system and even though you might be looking at a folder you think has nothing in it. It could contain a few videofiles....But you probaly wouldnt even see a folder to begin with because they would hide that also.

:: Rootkits and Linux ::
This is where rootkits were first seen because if you are going to go to all the effort to controll a computer, you want it to be a good one.
Like a server, and most servers run Unix oe Linux. This is where the name comes from.

When you install Linux for the first time you need to create a 'root' account, this is the superuser account that controlls the computer and has the user privelage to do anything. (Like the admin of the forum) And all Linux computers must have this super user account called root.
Since hackers know the username they can then try to crack the password.

If they do they could destroy the system, but its more usefull to them to install a rootkit. Another way to do this is though an exploit. Typically an exploit will create another superuser account and from their a rootkit can be installed.

:: Rootkits and Windows ::
Just like Linux when you install Windows you have to create a root account, but it works differently. The Administrators account works in the same way but its common to have multiple Admin accounts on windows where their is only one root account on linux. If you are using windows right now try this....
Click->Start->Log Off->Switch user.
Then if your using XP press ctrl+alt+del 3 times to access the network login screen.
Type "Administrator" as the username and leave the password empty click ok.
Theirs a good chance you will now login as the default admin for windows.

From their you can do all sorts of things and since windows dose have server versions of their operating system these days why not install a rootkit.

Rootkits are a recent discovery on windows, in the professional security world. They simply dont know how long root kits have been on windows because they have gone undetected "in the entire world" untill a few years ago where big companies and some universities got lucky and detected a few.

:: Rootkits and Apple Macs ::
Apple Macs work in a similar way to linux as I understand you can login as a 'root' user on a mac and it functions in the same way as a linux root user would. Rootkits do exist for macs but are not as wide spread as linux or Windows rootkits.

And thats about it...Im kinda tired, I doubt anyone will read all of that, but anyway its their for reference. Keep in mind the people that actually have the ability to write these rootkits are not looking to destroy your computer so thats good. Chances are they work for a companies that make operating systems or work for governments and are trying to spy on other governments. Or even big compaines Energy, Automotive, Engineering etc and are trying to spy on their competition.
~~~~~~~~~~~
Read This -> www.tatu.ru/forum/viewtopic.php?t=1163

TA Chatroom - Come and say Hello
The best times to check the chatroom are:
- 8am GMT
- 4pm GMT
- 11pm GMT (I am normaly online at this time)
  Reply With Quote
Old 13-09-2008, 21:07   #6
-Jon- -Jon- is offline
Новенький
 
-Jon-'s Avatar
 
Join Date: Sep 2008
Location: Scotland
Posts: 18

Computer security :: Defence (Windows)

If you use windows then this is for you......

This is whats going to be covered in this post.

::: Access Control :::
- Windows default accounts
- Proper use of user accounts

::: Defending your Computer :::
- What could attack you
- What can you do to defend your computer

::: Maintaining your computer :::
- Software updates
- System utilites explained
------------------------------------------------
::: Access Control :::

-Windows default accounts-

Microsoft makes four accounts when you install windows, the Administrator / Guest / HelpAssistant and Support account. Other accounts may also be present (such as ASPNET) that were installed later and are used for special purposes or development.
These are special user accounts and are defined in the following registry entery: [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserLis t] you can check that out ir you know how to use the 'regedit' program.
And if you dont but still want to have a look let me know and I willtell you how.

Another quick way to see the accounts on your computer is to go the the command prompt 'Run -> type 'cmd' -> click ok' then in the black box type 'net user' you will then see a table of accounts present on your computer.
The important one is the 'Administrator' account this is because asI already said the Guest account is limited. The other accounts are also limited and not used by users they are used by services. The 'Administrator' account is important because its their and it is unprotected.
You can login with this account as it dosnt have a password. And since it is an administrator account it has unrestricted access to do anything on your computer. If a virus is executed and you are using an administrator account the virus has unrestricted access to do anything it wants on your computer.

-Proper use of user accounts-

This is the important bit. This is only one thing, one step, but it makes a lot of difference to the security of your computer system as you use it daily.
You put yourself and your whole computer at risk if you use an administrator like a normal account. You should only use the admin account for installing programs and setting up your computer and other housekeeping tasks, as their known. When you do everything else it should be done using a normal account.
Here is a quick test you can do....Right-click the time on the bottom right of the screen. Their should be an option 'Adjust Date/Time' if your an administrator you will be able to chnge the time and date, otherwise you will get a message saying you dont have permission to change the date.
Changing the time and date might not seem so important but it is. If you change the system time or date it effects the time and date for everything... This includes things like logs and your timestamps that get given to files. All sorts of things depend on your system time.
I have already mentioned about viruses but I will say it again, if you have a few people sharing your computer, the administrator account can view edit and delete their files. If a virus is designed to delete all files on a computer. Windows will protect the system files but since your using an admin account and you executed the virus on that account it will wipe out everything you can delete.
If you were using a normal account then the virus would be prevented from deleting another users files. It might be able to delete yours but atleast their is some damage control.

I cant stress this one enough because its only a simple thing that prevents many problems. What you do is simple. If your using an administrator account create a normal user account for yourself, move all your files to that account and login using the normal user account and use that instead of the admin account.
If you think "what if I need to install stuff, I cant be botherd loggin into the admin accoint all the time" their is a simple solution. While in your restricted account (if you cant install something) Right-click the installer or setup program and select 'Run as...' you will then be able to rin the installer program using your account or another account. Simply select another account and enter the username and password of the admin account.
The program will then be installed using the admin account while your logged in as a norml user. Thats not to hard and saves time. So their is really no reason for you not to use a normal account like your supposed to in the first place.

---------------------------------------------
::: Defending your Computer :::

-What could attack you-

First thing you should do is read the 'Common threats' topic for a general idea os what you need to defend yourself against. After that their are few 'windows only' things you need to be aware of. The first thing is Internet Explorer (IE), I encourage everyone that browses the internet to use a different browser. This is not a biased statment, I have nothing against the people who made the browser but you need to consider the following, which is also ture for the windows operating system itself.
It is the most used browser a few years ago about 80-90% of internet users used IE to browse with and as soon as someone finds a flaw in the program they can exploit it. Everyone who uses the browser is effected, meaingin a worm or virus that spreads through a problem with IE has the potential to spread into 80-90% of the computers on the internet. Today it is only about 70% of the people on the internet that use IE, this has mainly been down to Firefox and Opera. Firefox is an opensource browser meaining if a bug is spotted it can be imediantly fixed.
People who write viruses and other programs are trying to infect as many computers as possable. That is why they target IE and Windows. Its not only IE, Outlook express, MSN, MS-Word and other Office programs have all been exploited. So keep that in mind and look for alternative programs. For example Mozilla Thunderbird for email or Open Office to replace MS Office.

-What can you do to defend your computer-

First thing you can do is teach yourself, be informed and keep an eye out for the latest exploits. You have the internet at your disposal, it is possable to find information on nearly anything. I have found everything from the specification for 'chip & pin' to firearms manuals to assembling nuclear weapons. Do I have any use for that information not really, but its out their. The first thing you can do to help you find information is learning how to look for it. You will eventually find what your looking for but if you want to find it faster and find more sources. read about using search engines, learn how to do advanced google searches.
After that you wll be able to find what your looking for easier and ofcourse save yourself from looking through all the crap thats on the internet to get to it. Other places of interest are proffessional bodies. Their are organisations set up by governments around the world that montier viruses and worms and where they have spread / how they spread. And thoes sites have lots of information on them you, me and everyone can benifit and learn from.

You should also think about installing the veryminimum of defensive software. A firewall, Anti-virus and Anti-spyware program. Their are a few out their for windows some are free and some you pay for but these three programs are the minimum you should have. If your not sure then you have the internet. You can search for a program, but dont get the first one you find. Get a few names and then search again for opinions about these programs. Dont go on the opinion of the average person... Look on programming forums and security forums for opinions. And importantly dont listen to anyone who cant gire a reason for their opinion and back it up with evidance.

-----------------------------------------------
::: Maintaining your computer :::

-Software updates-

Can you take the source code for a program patch it and recompile it? If the answer is no then updates are important to you. The great thing is everyone that uses windows has to say no to this question because only microsoft has the source code and their not sharing it. Updates are crucial for all of your programs even the operating system itself.
As I said when someone finds a bug and exploits it, this effects everyone untill that bug is fixed with an update. Thats why windows has automatic updates now. But what good is that if it is disabled...? and its not only windows you need to update as every pregram is bound to be improvedor a bug spotted in it you need to get the latest version.
You should also make sure your anti-virus and anti-spyware programs are updated regularly. you should check this once a week minimum every few days is good, but if you are in charge of something important like a server, then you need to check daily. And yes it is that serious. if a new bug was found in windows tonight or microsoft released an update, the bug can be exploited instantly and the update can be reverse engineered into an exploit within a day. And from that your computer can be attacked.

-System utilites explained-

Their are a few programs that you get to help you keep your computer going, with windows you eventually need to reinstall it for some reason but if you make a small effort then you shouldnt need to do that too often and possably not at all if your lucky.
The first program in going to tell you about is the 'Disk Defragmenter' located in 'Start->Programs->Accessories->System Tools' all this program dose is defragment files, I could explain memory managment policies and why files fragment if anyone requests, but for now I will just talk about the reason why this is bad.
When you access a file you want it to load into memory as fast as possable, if the file is in lots of little pieces it takes time for the file to be loaded. a few miliseconds might not seem like a long time, but it is and the computer works better if it can get the whole file loaded in one Input/Output (I/O) request.
If the fileis fragmented it has to look for all the difererent parts and this requires many I/O requests to the hard-drive. What the Disk Defragmenterdose is look for all the fragments of a flie, combine them and save them to another location on the disk. The file is now a 'Contiguous file' meaning all the memory blocks that are used to store the file are beside each other and so the file can be loaded quicker.
If the file can be loaded quicker then your computer will run faster. Programs will also run faster because they also have to be loaded into memory just like your music and pictures, and again if your listening to music on a media player it has to load the fle before it can play it. thats why sometimes if a videofile has been on your hard-drive for a longtime and you try to view it it takes a few seconds or a few minutes to load.

Next is the 'msconfig' program. Go to the start menu click run and type 'msconfig' and click ok. This will run the system configuration utility. You will see a few tabs at the top but you interested in the 'Startup' tab you can uncheck every program on the list, but their are a few things you do want to load when your computer starts, and thats your firewall your anti virus and your antispyware program. Thats it. and if you do have a computer that takes a long time to start then removing some of theseprograms fromloading at start up will improve that. So figure out what you need and dont and get rid of everything you dont. You will also ant to look in the Startup folder located in 'Start->programs' because if you place a shortcut to anything in that folder it will also load at startup.

Finally im going to talk briefly about is the windows restore point feature. Which is a good feature. But you have to be carefull. If you create a restore point and your computer is infected with a virus or something else and you restore that restore point you also restore the virus. Thts why its best to back-up manually.

That is the end of the windows section, if anyone has any questions or needs something explained or wants to point out something I might have missed, please do.
- Jon.
~~~~~~~~~~~
Read This -> www.tatu.ru/forum/viewtopic.php?t=1163

TA Chatroom - Come and say Hello
The best times to check the chatroom are:
- 8am GMT
- 4pm GMT
- 11pm GMT (I am normaly online at this time)
  Reply With Quote
Old 13-09-2008, 21:08   #7
-Jon- -Jon- is offline
Новенький
 
-Jon-'s Avatar
 
Join Date: Sep 2008
Location: Scotland
Posts: 18

Computer security :: Defence (Macs)

If you use an apple mac then this is for you......

Before we begin I have to say, I dont have a mac and have never owned one. So this imformation is research from the internet I dont know if it is accurate for different versions of mac. But if anyone spots a mistake let me know and I will edit this. Thanks.

This is whats going to be covered in this post.

::: The difference between PCs and Macs :::
- Hardware and Software

::: Access Control :::
- Proper use of user accounts

::: Defending your Computer :::
- What could attack you
- What can you do to defend your computer

::: Maintaining your computer :::
- Software updates
------------------------------------------------
::: The difference between PCs and Macs :::

-Hardware and Software-

If you have a Mac then you know that when you want to upgrade your computer you have get an upgrade from Mac. You cant go to any computer shop and buy a new graphics card or memory and stick it in. This is for a good reason. With Windows and Linux it has to support all this different hardware and the people that make the hardware write the programs that Windows then uses to support that hardware these are 'Hardware drivers'.
Macs dont do that, the Mac operating system only supports Mac hardware, and since they make the hardware they can develop the software to work really well. And they dont need to rely on other companies for this software. These other companies might not write a good driver program and this would effect the computer. For example if I had a hard-drive in a Windows PC that used a new standard that Windows dosnt support yet and the driver program I installed to use this new hard-drive was crap. My hard-drive wouldnt perform as good as it can, and this would slow down the whole computer.
You dont ge tthis problem with Macs because apple make the hardware and design and develop the software specifically to run that hardware, instead of making a 'general' program that covers everything. This is the main difference between Macs and PCs And while it is good it is also bad because of cost. If I wanted to build a computer I can get a better deal if I shop around for components. And if I wanted to play the latest PC games I can build a machine for gaming.

Their are also other differences with the software I will compare Windows XP to OSX. In general security is better for OSX. You might have saw the advert that Mac made about Windows always crashing hand having millions of viruses, "while mac dosnt" this is just not true. Yes security is a little better and yes their are fewer viruse. The reason for this is because OSX has a similar design to Linux and their are not as many Macs as Windows PCs, so macs dont get targeted. But their are viruses for Macs they do exist. So dont think your safe.

------------------------------------
::: Access Control :::

-Proper use of user accounts-

This is where Mac users have a little advantage over the Windows users. As I said 'OSX has a similar design to Linux' and that is here. OSX creates a 'root' user when you set it up. And then the account you use is a normal account. Where in Windows you might be using an Administrator (root) account and not know about it. Finally I dont know if this is a fact but I think OSX only allows one 'root' account. Which is what you want. Not like windows where their can be multiple Administrator accounts.
If you want to know why its dangerous to use a root account like a normal account. Then read this section in the 'Defence (Windows)' topic.

---------------------------------------------
::: Defending your Computer :::

-What could attack you-

First thing you should do is read the 'Common threats' topic for a general idea os what you need to defend yourself against. After that their are few 'mac only' things you need to be aware of. There are enough Linux and Mac computers running that it is now worth a virus writer or cracker's time to attack these systems. Office for Mac has provided a way for some virus writers to attack Macs. And they use it to do just that. Another common way Macs can be attacked is through 'Cross-platform applications' Thats things Like Java and Flash that run on Windows, Mac and Linux. Really any machine where you can install Java or Flash. Mobile phones for example that run the Symbian OS.
This might not be 'Mac only' but you need to be made aware of it. This is because while Windows users and Linux users already take extra precautions against these threats. Many Mac users dont know about them and feel protected simply because they believe the adverts Apple make.

-What can you do to defend your computer-

First thing you can do is teach yourself, be informed and keep an eye out for the latest exploits. You have the internet at your disposal, it is possable to find information on nearly anything. I have found everything from the specification for 'chip & pin' to firearms manuals to assembling nuclear weapons. Do I have any use for that information not really, but its out their. The first thing you can do to help you find information is learning how to look for it. You will eventually find what your looking for but if you want to find it faster and find more sources. read about using search engines, learn how to do advanced google searches.
After that you wll be able to find what your looking for easier and ofcourse save yourself from looking through all the crap thats on the internet to get to it. Other places of interest are proffessional bodies. Their are organisations set up by governments around the world that montier viruses and worms and where they have spread / how they spread. And thoes sites have lots of information on them you, me and everyone can benifit and learn from.

Macs like Linux provide a decent firewall, but you should make sure its activated. Whats the point in having a door if you dont lock it? To activate the firewall go to: 'System Preferences->Sharing->Firewall' then click Start to activate the firewall. Stop will de-activate the firewall. Next you will want to disable automatic login. Automatic log in will automatically log the computer into your account allowing access to your files and services. To disable automatic log in, open: 'System Preferences->Accounts->Login Options' and un-check 'Automatically log in'. Next it is important to get an Anti-virus and Anti-spyware program. Their are a few out their for macs but you should have them installed. The number of Mac viruses and other bad programs is increasing, so it is something you need to find out about and protect yourself against.
-----------------------------------------------
::: Maintaining your computer :::

-Software updates-

Updates are crucial for all of your programs even the operating system itself. Apple Software Update will provide both security fixes as well as product upgrades, so you might receive a new version of iTunes and security updates both at the same time. Software update options are available from: 'Apple menu->Software Update...->Software Update->Preferences' If someone finds a bug and exploits it, this effects everyone untill that bug is fixed with an update. Thats why . Its not only the operating system you need to update as every program is bound to be improved or a bug spotted in it. So you need to get the latest version.
You should also make sure your anti-virus and anti-spyware programs are updated regularly. you should check this once a week minimum every few days is good, but if you are in charge of something important like a server, then you need to check daily. And yes it is that serious. if a new bug was found in OSX tonight, the bug can be exploited instantly. And from that your computer can be attacked.

That is the end of the mac section, if anyone has any questions or needs something explained or wants to point out something I might have missed, please do. But keep in mind I have limited knowladge of Macs sosome of you, that actually have Macs, will know more than me.
- Jon.
~~~~~~~~~~~
Read This -> www.tatu.ru/forum/viewtopic.php?t=1163

TA Chatroom - Come and say Hello
The best times to check the chatroom are:
- 8am GMT
- 4pm GMT
- 11pm GMT (I am normaly online at this time)
  Reply With Quote
Old 13-09-2008, 21:14   #8
-Jon- -Jon- is offline
Новенький
 
-Jon-'s Avatar
 
Join Date: Sep 2008
Location: Scotland
Posts: 18

Computer security :: Defence (General)

I have moved these sections to a general topic because their really the same for all systems.
And I dont want write the same thing twice. Also it makes reading things easier if it isnt in one big chunk of text.


::: Access Control :::
- What is a user accounts
- What types of user accounts are their

::: Defending your Computer :::
- Common sense, or is it?

::: Maintaining your computer :::
- Backups

------------------------------------------------
::: Access Control :::

-What is a user accounts-

Security feature. Each user on a network has a user account. This account determines what name the user uses to log in to the network, the groups the user belongs to and what trustee assignments the user has. User accounts are maintained by the network supervisor.

For example your account here on this forum and anywhere else it what a system can use to identify you and give you access to the things you need. Like your PMs and when you post the post appears with your name and signature/avatar etc.
A user account makes life easier. for example, would you be able to recognise people if all you saw was their user ID number...? Do you know who member 1649 is...? You dont unless you look it up http://www.tatu.ru/forum/profile.php...profile&u=1649 the forum also dosnt know who that is but it dosnt need to all it needs toknow is the user id because then it can look at the user account. Your account stores other informtion about you, most of which you will recognise as things you use but of it you will have no control over as its used by the system.
This is what a default phpBB user account table stores.

  • user_id
    user_active
    username
    user_password
    user_session_time
    user_session_page
    user_lastvisit
    user_regdate
    user_level
    user_posts
    user_timezone
    user_style
    user_lang
    user_dateformat
    user_new_privmsg
    user_unread_privmsg
    user_last_privmsg
    user_login_tries
    user_last_login_try
    user_emailtime
    user_viewemail
    user_attachsig
    user_allowhtml
    user_allowbbcode
    user_allowsmile
    user_allowavatar
    user_allow_pm
    user_allow_viewonline
    user_notify
    user_notify_pm
    user_popup_pm
    user_rank
    user_avatar
    user_avatar_type
    user_email
    user_icq
    user_website
    user_from
    user_sig
    user_sig_bbcode_uid
    user_aim
    user_yim
    user_msnm
    user_occ
    user_interests
    user_actkey
    user_newpasswd


And thats what you need to have before you can have an account on this forum, that will function correctly.
And hopefully after explaining this a little and showing you what your forum account stores you will have a good idea about user accounts.

-What types of user accounts are their-

Their are normaly two types of acounts on a computer system.

Administrator accounts also called 'root' or 'superuser' accounts. These types of accounts are used to control the system. They have unrestricted access to all functions in the system and can do anything.
User accounts these are what normal users have. They are restricted accounts but thats a good thing, because most users dont need to and shouldnt be able to delete other users or view their files unless they have permission. Everyone should use a normal account when using their computer and not an admin account. If you have the authority to delete other users, then if someone gets into your computer so do they.

You also get guest accounts these are normally even more restricted than typical user accounts and are only their to give anyone quick access to the system.

I will also talk a little about user groups since its relivent here. In both windows and this forum their is an option to group users, a user might an admin or a normal user but when they are in a group they also gain any privelage that is assigned to that group. For example forum moderators are essentially normal users with extra privelages that can be given to them individually or given to them when they are added to a group.
Even now you have been added to a usergroup that has the privelage to view this development forum.

----------------------------------------------
::: Defending your Computer :::

-Common sense, or is it?-

Have you ever heard of someone getting conned out of all their money and though. Thats so obvious it wouldnt ever happen to me. You might be right, and you might be as paranoid (but in a good way) about online threats. But if you got an email and it looked like it came from 'jam_one@tatu.ru' and said, "you have a new private message click this link to read it : http://www.tatu.ru/forum/privmsg.php?folder=inbox
How many of you click the link, then login and read the message? Was that tatu.ru you just logged into....? How would you know if I wrote a program on that page that took your name and password saved it, logged into tatu.ru and then redirected you to your actual inbox.
And agian im just using the forum as an example a simplething like this is so easy to set up, emails are so easy to fake. What you should do is go to the actual site and login. But it is not only the forumthis can happen, it can happen anywhere. Their are even programs out their that use fake login screens on you PC and record the information.
So while we all have a little common sense you have to be extra carefull. Especially now people have another reason to target you.
Hopefully the Moderators and Administrator of this forum already know this.

One final thing I would like to point out is. When downloading something, can you trust where it came from? You should always scan anything you download or recieve from smoeone. "Before you open it" Even if you know them. I mean have any of you downloaded The game I made, or the fanmap program, or even the media player skin. From another site and used it. That site could have easily attached a virus to the file and now its on your computer. And you cant blame me for that, that what they do. They look for things people would want to download and they attach viruses or anythingto them in the hope youwont scan it before you play it, or use it.

---------------------------------------------------
::: Maintaining your computer :::

-Backups-

You dont back up, I dont back up, nobody really can be bothered to back up.... Boom your computers down you lost everything. Backups are important. If you backup your files then you can reinstall your computer with no worries and you dont need to spend lots and lots of money on data recovery people.
In business a typical backup policy is the 'child, parent, grandparent' policy. The child is the most recent backup and whe it is time to mke another backup you overwrite the grandparent, it becomes the new child, the child becomes a parent and the parent becomes the new grandparent.
This way you always have three consistand backups of your system. And no you dont keep them in the same place and no you dont keep them where peoplecan easily get them. It is also important to keep your backups safe because its your private data and if possable keep atleast one in another location incase your building burns down.
External hard-drives are coming down in price and they are a good solution. It wont be long now before we will be able to afford a Blu-ray or HD-DVD drive and then bcking up will be even easier.
~~~~~~~~~~~
Read This -> www.tatu.ru/forum/viewtopic.php?t=1163

TA Chatroom - Come and say Hello
The best times to check the chatroom are:
- 8am GMT
- 4pm GMT
- 11pm GMT (I am normaly online at this time)
  Reply With Quote
Old 13-09-2008, 21:16   #9
-Jon- -Jon- is offline
Новенький
 
-Jon-'s Avatar
 
Join Date: Sep 2008
Location: Scotland
Posts: 18

Computer security :: ---Overview---

Hello everyone,

If you read all the 'computer security' stuff I just wrote then you will know nearly everything I know about computer security. You will also be a much safer computer user then the average person.

But to be honest with all of you, even though it might seem as though I know a lot about this, I dont. I know really very little, everything I wrote can eb considered advice. Their are people in the world that know much more then me, and I still have lots to learn. I am not really interested in the 'Hacker' culture of computing.

So if your wondering why I did write all of this I will tell you. When I was asking people I know about how to improve the security of the sites I manage, most of them said this...

"You can only do so much as a programmer. You can have the most secure code in the world. But what use is that is somone emails your admin and tricks them into giving their password?
To prevent this educate your users, tell them about all the threats that exist, tell them how to secure their computers. Let them know that the security of the entire system is partly their responsability."


And so I hope I have done that, I hope you will all be safe and this site will be safe, and no-one will be able to get in and delete and or destroy anything.

And if ever you have any questions or need something explained, I will do my best.
~~~~~~~~~~~
Read This -> www.tatu.ru/forum/viewtopic.php?t=1163

TA Chatroom - Come and say Hello
The best times to check the chatroom are:
- 8am GMT
- 4pm GMT
- 11pm GMT (I am normaly online at this time)

Last edited by -Jon-; 13-09-2008 at 21:43.
  Reply With Quote
ReplyPost New Thread

Bookmarks

Tags
backdoor, computer security, login, password, spywear, trojan, virus, worm


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump



All times are GMT +1. The time now is 19:29.




© 2001-2008 Unofficial site of group TATU

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.