Jump to content

How to prevent hacking, anyone?

MolotovCocktail

By MolotovCocktail
in Computer Science

 Share

Recommended Posts

MolotovCocktail

MolotovCocktail

Posted
Posted

Does anyone know the most effective way to prevent anybody from hacking into your computer? My emails and probably my computer was hacked into, and on Symantic Anti-Virus I had to delete a trojan that was on my computer. I changed my email, and the password for this account just in case. Does anyone know how to prevent it in the first place?

the tree

the tree

Posted
Posted

Odds are, your computer is as secure as it needs to be and the only significant weakness is the human element. No offence, but this is just how it usually is.

Phishing websites and e-mails will always try to get at your passwords, avoid them. And plenty spyware will try to get at your info more sneakily, don't download crap.

 

In general, use a secure browser (Firefox or Opera, I guess), keep your security and antivirus programs up to date. Don't put your password on a post-it-note on your monitor at work. If something suspicious appears on your computer, kill it. Avoid file sharing (this is really just an elaboration on don't download crap). Don't make your passwords easy to guess (you can find plenty of advice on this all over the place). If your computer is really that important to you then consider using a more security centred operating system.

Klaynos

Klaynos

Posted
Posted

The MOST effective way is to no let any one touch it, never to use software from non-secure sources, and DO NOT CONNECT TO THE INTERNET!

 

The second best option is to not use windows.

 

The third best is to not use IE or outlook express.

 

The Fourth best is to not open email from people you do not recognise and not to access dodgy websites.

YT2095

YT2095

Posted
Posted

and don`t use Symantic! it`s been around too long, and is and HAS BEEN a specific target for a LONG TIME!

 

I like Security through Obscurity :)

 

use something just as good that`s little known instead ;)

 

I`ll say no more!

the tree

the tree

Posted
Posted
Security through Obscurity
Really now.
So stupid a policy so as to earn the name Security through Obscurity

But Klay is right, especially about using Outlook, don't ever use Outlook.

Klaynos

Klaynos

Posted
Posted
why is it you've not to use outlook(i use gmail on the web anyway)? i've not heard anything bad about outlook. whats wrong with it?

 

I said outlook express as it's full of holes, but they both execute a scripting language which is notorias for exploits. I don't have a massive problem with outlook, just outlook express...

Dak

Dak

Posted
Posted
why is it you've not to use outlook(i use gmail on the web anyway)? i've not heard anything bad about outlook. whats wrong with it?

 

in addition to what klaynos said: email clients, web browsers, and instant messangers are all common aplications that make 'holes' in your firewall; the common and insecure ones (read, internet explorer, outlook, and, to a lesser but increasing extent, MSN-messanger), are all frequently targeted as ways to get malitious informaiton onto firewalled computers, or unfirewalled computers without the 'do you want to download and run this' box popping up.

 

----------

 

Atomica:

i'd more-or-less second klaynos, but with a minor modification -- tho it really depends on what you use your computer for.

 

the most secure option, for a variety of reasons, is using a non-microsoft computer; if you do online-banking, it's worth at least having a dual-install (ubuntu's quite good) or a live cd (in which case i'd check out puppy linux) to fire up whenever you want to throw your bank details across the internet.

 

other than that, the most inportant things you can do are, AT LEAST:

 

USE A LIMITED ACCOUNT!

 

use an in-bound firewall (hardware is the best, so if you have a router with a firewall, that's all groovy; if not, sunbelt make a lightweight inbound firewall if you choose the 'simple' mode)

 

use non-microsoft browsers (firefox or opera), e-mail clients (web-based email or something like thunderbird)

 

have some kind of auto-scanning anti-virus; on-access scans, for example, or -- if you're doing all the above -- just auto-scanning CDs/floppys and stuff downloaded from the internet should be ok

 

scan regularly (1 a week to 1 a month, depending how much porn you look at) with an anti-virus and anti-spyware (avg antimalware is quite good for the latter).

 

keep your software -- espescially your OS -- up to date

 

for a non-bear-minimum, you could add:

 

two-way firewall (zone alarm, or somesuch)

 

complete on-access anti-virus scanning (if you dont allready have it)

 

on-access anti-spyware scanning (have to pay i'm afraid),

 

non-microsoft IM (trillian or gaim are good choices)

 

scan a rootkit detector (like microsoft/sysinternals rootkitrevealer) 1 a month

 

either way, none of this will protect against fishing or craply configured wireless routers...

 

if your a bit computer savvy, it might be worth looking into one of the new-fangled HIPS... spybots teatimer is one example (will notify you when key registry values are changed), as is anything that monitors other keys sistem stuff, such as the system32 folder, the hosts file, etc... tho you kind of have to know what the relevence of 'blah.exe is trying to change HKCU/clisd/.gif' before it becomes any use...

foodchain

foodchain

Posted
Posted
in addition to what klaynos said: email clients, web browsers, and instant messangers are all common aplications that make 'holes' in your firewall; the common and insecure ones (read, internet explorer, outlook, and, to a lesser but increasing extent, MSN-messanger), are all frequently targeted as ways to get malitious informaiton onto firewalled computers, or unfirewalled computers without the 'do you want to download and run this' box popping up.

 

i'd more-or-less second klaynos, but with a minor modification -- tho it really depends on what you use your computer for.

 

the most secure option, for a variety of reasons, is using a non-microsoft computer; if you do online-banking, it's worth at least having a dual-install (ubuntu's quite good) or a live cd (in which case i'd check out puppy linux) to fire up whenever you want to throw your bank details across the internet.

 

other than that, the most inportant things you can do are, AT LEAST:

 

USE A LIMITED ACCOUNT!

 

use an in-bound firewall (hardware is the best, so if you have a router with a firewall, that's all groovy; if not, sunbelt make a lightweight inbound firewall if you choose the 'simple' mode)

 

use non-microsoft browsers (firefox or opera), e-mail clients (web-based email or something like thunderbird)

 

have some kind of auto-scanning anti-virus; on-access scans, for example, or -- if you're doing all the above -- just auto-scanning CDs/floppys and stuff downloaded from the internet should be ok

 

scan regularly (1 a week to 1 a month, depending how much porn you look at) with an anti-virus and anti-spyware (avg antimalware is quite good for the latter).

 

keep your software -- espescially your OS -- up to date

 

for a non-bear-minimum, you could add:

 

two-way firewall (zone alarm, or somesuch)

 

complete on-access anti-virus scanning (if you dont allready have it)

 

on-access anti-spyware scanning (have to pay i'm afraid),

 

non-microsoft IM (trillian or gaim are good choices)

 

scan a rootkit detector (like microsoft/sysinternals rootkitrevealer) 1 a month

 

either way, none of this will protect against fishing or craply configured wireless routers...

 

if your a bit computer savvy, it might be worth looking into one of the new-fangled HIPS... spybots teatimer is one example (will notify you when key registry values are changed), as is anything that monitors other keys sistem stuff, such as the system32 folder, the hosts file, etc... tho you kind of have to know what the relevence of 'blah.exe is trying to change HKCU/clisd/.gif' before it becomes any use...

 

1) Dont use the internet:D

 

2) I just try to keep everything backed up.

Comandante

Comandante

Posted
Posted

I have Netgear router with 2 types of firewalls' on it (or so it says, normal firewall and SPI (stateful packet inspection) for protection against DoS attacks), then I have Zone Alarm firewall on each pc on the network(have a very good reason for that), along with NOD32 antivirus system on each. I use Mozilla for web browsing (not the best but fine with me), and Mozilla Thunderbird as email client. I also occasionally scan with Ad-Aware, spybot S&D and a full system scan (every month) with NOD32 which takes about 7hrs due to my 270GB of HDD space. For wireless I use MAC filtering, WPA-PSK protection and hide my ssid in the broadcast. My passphrase is over 50 characters in length and key lifetime set to 60minutes (default).

 

I also make sure I ocassionaly check my processes and msconfig for any abnormalities in the system startup programs. And last but not least, I always turn off my cable modem during the night (i.e. - when I go to sleep or am not home) and place my router's wireless antenna to horizontal position to decrease it's coverage domain.

 

To evaluate, I have not had any problems with this setup, and it's been running for a while. There was 'something' - a virus or something of a kind, that tried to spread over the network at one stage but NOD32 caught it in flight and carbonized it on the spot (not to mention ZA's eager allow/disallow system which does the job well too). This just reminded me of another little program that I Must have - and I do - a piece of software called BC Wipe. It utilizes a patent to delete a file from a hdd for good (leaving no chance for it to be revived, also used by the military or so I hear) which I sometimes use to delete sensitive files and even some tough adware from safemode.

 

My bad on using Win XP but hey, noone's perfect :) . So if you use XP you can use my setup, it will keep you safe.

Pangloss

Pangloss

Posted
Posted

I've recently switched to NOD32 as well. All those big commercial products have just gotten outrageously beefy in recent versions. Like I've got nothing better to do with my CPU cycles than look at their pretty interface. Pfft.

MolotovCocktail

MolotovCocktail

Posted
  • Author
Posted

Thanks for all of your help guys! Now my computer is much safer. Also, I made some of my security passwords between 18-25 digits long. And they only have 2 tries to get it correct before it locks them out for an hour. Lets see a hacker get through that!

the tree

the tree

Posted
Posted
Now my computer is much safer. Also, I made some of my security passwords between 18-25 digits long. And they only have 2 tries to get it correct before it locks them out for an hour. Lets see a hacker get through that!
Are these passwords for things that your accessing from your computer, or things to access on your computer?

 

If it's the former then good for you. If it's the latter, just don't ever do remote access to your home computer, ever.

the tree

the tree

Posted
Posted

O.k. "ever" was a bit over the top. My point was that it's a lot of security risk for limited gain. While the convenience of getting at your files via SSH or whatever is nice, it's opening the door to a whole other world of exploits that I'm quite happy without when I can really just get my stuff around with a USB key.

Klaynos

Klaynos

Posted
Posted
Why not? I do remote access for my computer and nothing bad has ever happened.

 

Most people don't need it, and it's another attack frontier.

1veedo

1veedo

Posted
Posted

Yeah, I guess, but I like it. Everything is logged anyway and on Linux I just dont see how it's going to matter. The user can't write anywhere but one folder, though read access is just about universal. Plus the service is in a hidden directory that only I and maybe nosy system admins know about.

MolotovCocktail

MolotovCocktail

Posted
  • Author
Posted
Are these passwords for things that your accessing from your computer, or things to access on your computer?

 

If it's the former then good for you. If it's the latter, just don't ever do remote access to your home computer, ever.

 

they are passwords for things to access on my computer. I figured that as long as they can't access any of the important files, I should be fine. Besides, I don't want to be locked out of my own computer in the event that I should confuse or get my access passwords mixed up. And I don't remote access my home computer, much better and safer to just use a USB (which has a password too :) )

  • 2 weeks later...
EtheriumGold

EtheriumGold

Posted
Posted

Hello group

 

 

i just have to mention something before I'm off to work.

 

 

Recently, a company known as H2 TECH cc developed an encryption algorithm based on a new concept they designed in a 4 year long study on cryptography and encryption dynamics.

 

Their "Random Secure Data Encryption" or known as "RSDE" algorithm boasts a lot of new possibilities.

 

Anyone here familiar with encryption or cryptography ?

 

You can go and checkout their test site they are publicising all over.

http://www.h2tech.co.za/rsde.aspx

 

chow for now.

 

 

EG

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.