BearWare Comprehensive Security Plan

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
If you would like to use your skills and expertise to pick this apart:
I'm all ears:

http://goo.gl/7wPH2 +

or (without the links):


Comprehensive Security Plan

PRIVACY
Remember: There is no privacy on the Internet and you can only protect
yourself by not doing or divulging some things at all. Identity Theft
and Financial protection plans are crucial.

IDENTITY THEFT
Some of the better identity protection companies are LifeLock, IDENTITY
GUARD, TrustedID, ID Watchdog, and Guard Dog ID. These are not free
though important, as identity theft is one of the most serious and
numerous threats today. Research the companies available and choose one.
Identity Theft Labs  Top Ten Reviews  TomUse.com

FINANCIAL TRANSACTION PLAN
Be sure all financial transactions are with trusted sites and an HTTPS
connection (secure web connection) such as https://website rather than
http://website. Also, secure web browser services are available. One
such new free service is very good: MyProtect. A history of MyProtect
can be found here.

KEYLOGGERS
Keyloggers are one of the more serious threats and a good free program
to DETECT AND PREVENT them is SpyShelter which uses special algorithms
to protect your data against Spy and monitoring software that are used
to steal or reveal your data to other parties such as extremely
dangerous and custom-made keyloggers. It actively scans when any spy
program, keylogger or Trojan attempts to store your private information.

It is designed to be compatible with other well-known security products
such as anti-virus and firewall software. System protection (HIPS), Anti
-keylogger, AntiScreenCapture, and AntiClipboardCapture. Minimal
resource usage. It can be configured to launch an on screen keyboard
when logging into your system. A better on screen keyboard than what
comes with Windows to use with SpyShelter or anytime you type secure
information is SafeKeys.

IMAGING YOUR SYSTEM
Imaging your system is the single most important thing anyone who owns a
computer should do first and foremost.

The single most important aspect of a computer recovery due to any
catastrophe is to be able to restore your entire system easily. There is
no silver bullet or suite of software that can guarantee you will not
become infected or prevent hardware failure. There is no guarantee or
certain way to know that you will be able to clean all of the malware if
you become infected and even so, that process can actually take longer
than restoring an image to your computer. Making an image of your system
is the surest, fastest and best solution to recover from hardware
failure or malware infections.

ANYONE can easily do this regardless of their level of technical
knowledge.  LINK TO IMAGING ARTICLE
BACKING UP YOUR DATA
My preferred choice of protecting my data files in between images, is to
use SugarSync. I use SugarSync (5GB of storage) to sync MyDocuments
folder which contains all of my datafiles and portable programs.
Therefore there is no need to make incremental backups of data files
between images. SugarSync is automatic real-time backup of the data in
the folders you point it to. If you restore an image, SugarSync will
automatically update those folders and files to your older image files.

If you choose not to use such services or such isn't suitable for your
needs, use backup software between images like FreeFileSync routinely to
sync your data files to a different folder than your backup Images
folder on your external hard drive. This will help make reverting to
your last image more painless if you ever have to do so and those
backed-up data files you changed since the last image can be then
restored back to your system after you load your image. Just remember,
FreeFileSync is not real-time backup, though it can be scheduled.

Your important data should always be backed-up off-site or online,
though some people decide to use methods such as 'fireproof containers"
which could still become lost, stolen or receive damage. Also, truly
sensitive data should never be kept on computers/storage that allows or
has Internet access.

LINK TO EXTERNAL HARD DRIVE DATA BACKUP ARTICLE
LINK TO ONLINE DATA BACKUP ARTICLE

ANTIVIRUS, ANTISPYWARE AND FIREWALL SUITE
Standalone Suite  Comodo Internet Security

OR
AntiVirus Suite  avast!
Firewall  Comodo Firewall
Anti KeyLogger  SpyShelter
Anti Malware HIPS  WinPatrol or ThreatFire

ALTERNATE ANTI-VIRUS Suite
AntiVirus  Panda Cloud Antivirus Beta The new Panda Cloud Antivirus Beta
is here which also incorporates a full fledged firewall with application
and system rules. More details  Close
ALTERNATE FIREWALL
Windows firewall is good enough, but if you want more control though
much noisier, use Comodo Firewall (without the antivirus) instead of
Windows firewall.
KEEP YOUR SOFTWARE UP-TO-DATE
Vulnerable and out-dated programs and plug-ins expose your PC to
attacks. Attacks exploiting vulnerable programs and plug-ins are rarely
blocked by traditional anti-virus and are therefore increasingly
"popular" among criminals. The only solution to block these kind of
attacks is to apply security updates, commonly referred to as patches.
Patches are offered free-of-charge by most software vendors, however,
finding all these patches is a tedious and time consuming task. I
recommend Secunia PSI as it automates these necessary updates and alerts
you when your programs and plug-ins require updating to stay secure.
ROUTINE MANUAL MALWARE SCANS
Many system tools can disable your operating system, especially
attempting to clean malware or registries. Do not use these tools to
clean your machine unless you are very competent. Only collect the data,
determine if it is actually malware, and then use the Malware Removal
Guide to remove malware.

Perform routine manual scans periodically with:
Comodo Cleaning Essentials
Emsisoft Emergency Kit
Malwarebytes
TDSSKiller to check for rootkits

DETERMINE IF SUSPICIOUS FILES FOUND ARE ACTUALLY MALWARE
Use the following services to determine if suspicious files found by
your scanners are actually Malware:
Comodo File Verdict Service
VirusTotal
Comodo Instant Malware Analysis
Anubis

REMOVING INFECTIONS
Malware Removal Guide for Windows will help you clean your computer of
malware. If you think your computer is infected with a virus or some
other malicious software, you may want to use this guide. It contains
instructions that, if done correctly and in order, will remove most
malware infections on a Windows operating system. It highlights the
tools and resources that are necessary to clean your system. Malware is
a general term for any malicious software, including viruses, Trojans,
rootkits, spyware and adware.

First and foremost always have a current clean image of your system and
your data automatically real-time backed up via the likes of SugarSync
(or an external hard drive but preferably off-site). After that, if your
machine becomes infected...simply restore your image, your data files
will take care of themselves. If you do this, you won't ever need help
from anyone restoring your system.
If you don't have a current clean image and your machine becomes
infected, the first thing you should immediately do is disconnect that
machine from the Internet. Then make an image of the infected machine so
you have the ability to recover if cleaning tools disable your system,
which also will preserve your files for recovery after re-staging.
Cleaning a machine is a temporary fix and it is best to re-stage your
system (which takes many hours and sometimes days) as soon as possible
as you can never be sure you have completely cleaned all of the
infections.

Of course, if you want to attempt to clean your machine for informative
purposes by all means do so, but after you are done, re-load your latest
clean system image, as you can never be sure an infected machine has
been thoroughly cleaned without many hours of expert inspection of every
file on the computer. Re-loading an image only takes a few minutes, very
little effort and you won't need help - I can't stress the importance of
imaging enough.

If you think you are infected, perform a deep scan with your anti-virus
and then with the above manual scanners. If you are infected which is
causing management issues in normal mode, you can try to clean these
infections with the above scanners by booting your system into SAFE-MODE
(without networking) by re-booting and pressing F8 during boot and be
sure to use safe-mode without networking.

Tip: Sometimes malware will prevent these programs from running and a
good trick is to rename the executable file before running it.
RESCUE CD
SARDU (Shardana Antivirus Rescue Disk Utility) can build one multi-boot
support CD, DVD or a USB device. The disk or USB device may include
comprehensive collections of "antivirus rescue CD", collections of
utilities, popular distributions of Linux Live, the best known Windows
PE , recovery disks and Install of Windows XP , Windows Vista and
Windows Seven. All you need for troubleshooting. SARDU does include a
few utilities, but is primarily a tool for managing the software (ISO
image files) that you download from other companies and developers,
which can be also done with this tool. Video Example by Mr Izos

Video Example by Languy99 in three parts (older version of SARDU but
shows you how to use it.)
VIDEO 1rst part
VIDEO 2nd part
VIDEO 3rd part


There are no anti-malware programs that are bullet proof...therefore it
is more important to have a real time back up of your data and portable
programs, and a very current image of your system. Why...because *when*
you become infected, it takes more time to try to clean than re-image,
and you can never be certain you've cleaned it all. If you do not have
such a plan, SARDU is the best type of approach to cleaning. Trying to
use programs to clean your system while your system is booted is
definitely a crap shoot.

Tip: If you are so heavily infected requiring rescue CD's, it is much
faster and more reliable to use the backup Image you made with EaseUS
Todo Backup and restore your computer to the last image you made in 30
minutes or less. You must however, boot with the EaseUS Todo Backup boot
CD to restore your image.
PASSWORD AND FORM MANAGEMENT
LastPass is the most secure solution for encrypted automated password
management, and form filler. There is also nothing easier to use to
manage your passwords with as many features although some folks prefer
computer based programs such as KeePass.

Steve Gibson, renowned security expert, reviews LastPass in depth in a
podcast. Here is a text transcription of that podcast.

DNS PROXY
Google Public DNS allows you to use Google's DNS servers coupled with
their malware databases which block websites known to contain malware.
This gives you an additional layer of security without adding additional
burden to your system resources. It is also faster and has more valid
results than your ISPs. Look up how to change your DNS settings for your
particular operating system.

WIFI ENCRYPTION
If you use wireless connections in your home network, it is imperative
that you encrypt the connection. Anyone within range of your wireless
transmission could connect to your network and use it or capture your
computing sessions.

WEP is no longer recommended. The FBI has demonstrated that WEP can be
cracked in just a few minutes using software tools that are readily
available over the Internet. Even a long random character password will
not protect you with WEP. You should be using WPA or preferably WPA2
encryption. Check with your WiFi router manual to determine how to do
this.

To encrypt your Wifi, reset the wireless router to factory: press and
hold reset 20 seconds. On the main computer connected by wire to the
router, use any browser and go to 192.168.1.1 to enter management page.
The router's login password is usually on one of the "Administration"
pages. The other settings are all found in the "Wireless" section of the
router's setup pages, located at 192.168.1.1.
LINK TO WIFI ENCRYPTION ARTICLE

PREY PROJECT
Prey lets you keep track of your phone or laptop at all times, and will
help you find it if it ever gets lost or stolen. It's lightweight, open
source software, and free for anyone to use. And it just works.

With everything set up, you can log into the web site and see a list of
all the devices you're tracking. And that's all there is to it. Until,
of course, one of those devices gets stolen. At which point, log into
the web site again and mark the device as missing. Or, if the device is
a Smartphone, send it an SMS message that contains the secret word you
specified when you installed the client app on it.

Prey Project Introduction from Carlos Yaconi on Vimeo.

Once the device has been instructed to go into "missing" mode by the
Prey web site, the installed client springs into action, and does
whatever you've told it to do. If the device has the ability to work out
its location, either via the mobile phone network or GPS, it'll send you
a map of where it currently is. If there's a webcam on there, you can
tell it to take a photo of the current user and display that on the web
site too. Or, you can have it take regular screen shots instead.
Needless to say, you can also protect your data. You can remotely lock
the device or delete the files on it.

It's worth remembering that such software isn't just useful for tracking
stolen hardware. If you'd like to know where your kids are, or perhaps
you want to keep an eye on an elderly relative who values their freedom
to roam, Prey will do it. As for the morals regarding how you use it,
and on whom, that's entirely up to you.

Right now, Prey lets you track three devices free. If you want to track
more devices for free, simply create another account with a different
email address.

SAFE HEX

Use an anti-virus, anti-spyware and a firewall.

Backup/Image your operating system (active partition).

Backup your data files.

Scan your computer regularly for spyware.

Keep Windows and programs updated. (download critical updates
automatically.)

Use strong passwords with a manager and never use the same password for
multiple sites.

Never click on email attachments from unknown sources.

Use plain text settings for email.

Encrypt sensitive information on your computer.

Scan every file downloaded from the Internet before using it.

Download Internet files from trusted sources only.

Check unknown URLs before visiting with a webservice that offers that
ability.

Phishing scams: Always use your own links that you know are authentic -
not theirs.

Install a website rating browser plug-in like WOT and only visit
websites rated "Green".

Do not use P2P networks or distributed file sharing.
  
Be wary of unknown USB devices and never plug your USB Device into
unknown computers.

Never accept free toolbars, or other unsolicited files/software offered
to you by a website.

Password protect Wifi and use encryption.

Ignore pop-up warnings except from your own software - be sure.

Internet Messaging can be dangerous, know your partners.

Don't ever enter sensitive information into a public computer.

Use common sense - you usually have to click to allow danger in most
cases.

*If you do not understand an item listed above, perform an Internet
search and learn more about it*

--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-
mail

Re: BearWare Comprehensive Security Plan


Quoted text here. Click to load it

I have some updates for this plan which I will be incorporating this week-
end and your suggestions may help improve it...or you can just have fun
trying to pick it apart.

--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: BearWare Comprehensive Security Plan

Bear wrote:
Quoted text here. Click to load it

I clicked on this link <gasp> and it brought me to a google page that
gave me information about the link it maps to. The long version wasn't
any more informative than the shortened version was - so I clicked on it
also; it's not that I'm non-linkophobic, it's just that I don't consider
*any* links to be 'safe'.

My opinions on the content have already been voiced, and haven't changed.

[...]

Re: BearWare Comprehensive Security Plan

email.me:

Quoted text here. Click to load it

Well, I miss posted the link, though I corrected it right away with a
followup.

I looked at your opinions, and those I deemed worthwhile, if any, were
adopted.

--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: BearWare Comprehensive Security Plan

FromTheRafters wrote:
Quoted text here. Click to load it

I don't consider any links
to be 'unsafe'.

Re: BearWare Comprehensive Security Plan

ASCII wrote:
Quoted text here. Click to load it

Safe|unsafe - it only matters in retrospect. *Never* click on a link. If
you can't follow this simple rule - you're taking your chances and
you'll just have to learn to live with it. After that, it's just a
matter of extent. You reduce your risk by not clicking on everything you
see just because it's highlighted in blue.

I think a URL could be considered to have been unsafe if visiting it
resulted in a vulnerability being successfully exploited - including any
PEBKAC vulnerabilities. You take a chance every time that you bring new
information to the machine.

Re: BearWare Comprehensive Security Plan

Bear wrote:
Quoted text here. Click to load it

As I'm of the bulletproof your system
and damn the torpedoes philosophy,
I'd have to agree.

Re: BearWare Comprehensive Security Plan


Quoted text here. Click to load it

LOL...I like that:

Bulletproof your system and damn the torpedos!

As far as I know, there is only one way currently to do so. I'd love to be
proven wrong...I would adopt such immediately, but alas....

--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: BearWare Comprehensive Security Plan

ASCII wrote:

Quoted text here. Click to load it

Safe|unsafe - i want people offering links to have the courtesy
to divulge where they want people to go.


--
Nah-ah. I'm staying out of this. ... Now, here's my opinion.


Re: BearWare Comprehensive Security Plan

Etal wrote:
Quoted text here. Click to load it
Indeed, and then it's all about trust in the poster, not trust in the
link based on the text characters it contains.




Re: BearWare Comprehensive Security Plan

email.me:

Quoted text here. Click to load it
It's a choice both ways. You can choose how you post links and which posted
links you utilize. If you think links I post are unsafe...don't use them.

If you can show where I have posted a link ever that was unsafe...present
it.

--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: BearWare Comprehensive Security Plan


Quoted text here. Click to load it

Scams are unsafe!

--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp



Re: BearWare Comprehensive Security Plan

David H. Lipman wrote:
Quoted text here. Click to load it

Only to the gullible!

Re: BearWare Comprehensive Security Plan

ASCII wrote:
Quoted text here. Click to load it

Exactly, one has to be vulnerable in order to be exploited - goes for
both the software and the user.

Re: BearWare Comprehensive Security Plan

email.me:

Quoted text here. Click to load it

I /wish/ it were that simple. I just can't for the life of lil ole me
figure out why so many high level sites are hacked if it were so.

--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: BearWare Comprehensive Security Plan

Bear wrote:
Quoted text here. Click to load it
It *is* that simple at its core.

Re: BearWare Comprehensive Security Plan


Quoted text here. Click to load it

Nothing unsafe about that link. Your decisions about it are up to you.
It has not been proven to be a scam as yet, if it is.

Next example as that is not an example of an unsafe link.

--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-
mail

Re: BearWare Comprehensive Security Plan


Quoted text here. Click to load it

I rest my case that you are a troll.



--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp



Re: BearWare Comprehensive Security Plan


Quoted text here. Click to load it

You do not understand the definition of a troll. You and your buddies are
more akin to that definition.

Your game is that of someone trying to protect what they think is their
turf.

If you disagree with my ideas, plant your reasons and opinions why.

The slimy approach you and some of your buddies are taking is disgusting.
Bullying does not work with me.

--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: BearWare Comprehensive Security Plan

Bear wrote:
Quoted text here. Click to load it
I haven't made any such claim (at least not any more unsafe than any
other link) so why challenge me to produce one?

Site Timeline