Wednesday, August 10, 2011

[www.keralites.net] സുരക്ഷിതമായ ഇന്റര്‍നെറ്റ്‌ ബ്രൌസിങ്ങ്നു ...

 

How to Stay Safe While Online

With the amount of malware currently prowling the internet it's become increasingly important to adequately protect your computer. This is important for everyone, not just the overly security conscious (or perhaps you wouldprefer the term paranoid).Therefore I've separatedmy advice into twomain sections. Don't worry, every program, or service, mentioned is completely free. The firstsection contains the methods that I believe anyone from a novice to anexpert user should follow.The other section isdirected moretowards intermediate to advanced users.These methods may be more difficult to use, but your computer will be more secure.

Security for Beginning to Intermediate Users

1) Traditional Protection Layers (Antivirus, Firewall,HIPS)

A) Protect your system from infection

Fun & Info @ Keralites.netInstalling anactive antivirus programis one of the most important steps in keeping your computer secure.See this review of theBest Free Antivirus Software.All of the programs reviewed in that article scan for all types of malware. They are not limitedin what they will detect. However, the problemwith relying entirely on an antivirus to protect you is thatno programcan catch all malware. It doesn't matter what its detection rate may be in different tests. In the real world it will perform much worse. No detection based program can provide what I would consider to be adequate protection.

To compensate for that weakness Iwould advise that you also use a firewall with a built inHIPScomponent. I would highly recommend that you try eitherComodo FirewallorOnline Armor Firewall. If you like you can even installComodo Internet Securityas it comes with an antivirus, firewall, HIPS, andan automatic sandbox. All programs mentioned are completely free. If you do choose to install Comodo Internet Security, or Comodo Firewall,thenyou should check outmy guide onHow to Install Comodo Firewall. For help deciding which programfitsyou bestyou can read their reviews in this articleabout theBest Free Firewall. However, do realize that all HIPS programsrequire a little patience in setting up, and initially answering the warnings, but after that they're relatively easy to maintain. I would advise that you try one and see if you can deal with the alerts. If they're really toodifficult for youthen install a simple firewall that lacks a HIPS, but be aware that the protection offered is much less.

If you do decideto notuse a proactive firewall, then a good alternative is toinstall a behavioral blocker, such as ThreatFire. These attempt to detect malware by its behavior, and should have significantly fewer popup alerts that a HIPS.This is a potent second layer of active defense. However, remember that just as with an antivirus, no program can detect all malware.

B) Scan for Existing Malware

If you want to ensure your computer is not infected, or perhaps you suspect it is, then Iwould advise scanning your computer with a few of the programs inthis review. Also, run a scan with your current antivirus. The programs in the articleare specialized scanners, but between them most malware will be detected.

If you find that your computer is infected then please follow the advice given in thisMalware Removal Guide for Windows. If you follow all of its steps then it should be possible to remove almost any infection and get your computer back to working order.

After ensuring that your computer is not infected it's now important to keep it that way. Part of doing thatis to ensure that any files you downloadare not malicious before you run them. To learn how to do this you can read my guide onHow to Tell if a File is Malicious. By following those methods, and using common sense, you should be able to avoid manually running any risky software. However, this still doesn't protect you fromfiles that are runautomatically.

2)Secure Your Browser

A) General Browser Protection

Almost all popularweb browsersnow provide some general protection.Firefox,Opera,Google Chrome, andComodo DragonhaveFun & Info @ Keralites.netencryption support (with SSL & TLS), deletion of private data, and popup blocking. They also produce warning screens to help you to avoid known malicious sites (anti-phishing, anti-malware protection). All of them also have private browsing modesthat clear your tracks when you close the browser. This has to be activated manually. Also, Chromium browsers, such as Google Chrome and Comodo Dragon,have built-insecure sandboxing. Thismakes them especially difficult for outsiders to exploit, even when hackers do find a vulnerability. One of the most convincing reasons to try Comodo Dragon over Google Chrome is thatitdoesn't have the privacy concerns that come with Google's browser. In additionComodo Dragonwill warn you if the site you are visiting has a SSL certificate that may not be trustworthy.

For blocking tracking cookies Iwould advise that you enable the option to block third-party cookies in your browser. This will prevent sites from loading cookies that are not from the site you are currently on. Thus almost all tracking cookies will be blocked. The only time you may have problems, and need to disable this, is sometimes when a site redirects you to another page. That said,in most cases it will work fine.

B)Security Add-ons/Extensions

The website ratings freeware such as WOT, LinkExtend, and SiteAdvisor, and link scanners are reviewed onthis page.

  • Web of Trust (WOT)(IE, Firefox,Opera, Google Chrome):With this installed if you happen upon a potentially dangerous site, WOT covers the screen with a warning and waits for you to decide whether to stay or leave. This is my favorite sort of approach since it leaves the final decision to the user. If you combine this with your own good sense in avoiding untrustworthy sites, then you have a solid web shield. Also, if you choose, you can ignore the WOTwarning and go to the site anyway. You can even rate the site if you disagree with the current rating.

  • McAfee SiteAdvisor(IE, Firefox):This operates much the same as WOT. In addition it also hasfiltering features,which block links, and a search engine to help prevent unwanted,or potentially dangerous, sites from appearing in your search results. This problem with filteringbecomes apparent when you considerfalse positives. If the filter draws from a false, or controversial, security rating for a site, then you won't even see the site in the search results to judge for yourself whether it is somewhere you want to go.However using it in that way is optional.

  • LinkExtend(Firefox): This scans links with eight online services and gives you the verdict of whether it is dangerous or not. Thus you are given the information, but the decision is still in your hands.

  • KeyScrambler(IE, Firefox): This encrypts your key strokes so that even if you have a keylogger on your computer yourpasswords, and personal information, will be protected. If you have a good HIPS installed this shouldn't be necessary.

  • HTTPS Everywhere(Firefox): This forcesmany sites that have the option to encrypt your connection to actually encrypt it. Thus your information onthese sites will be much better protected than it otherwise would have.

  • USEHTTPS(Google Chrome, Comodo Dragon): This is the same type of extension as HTTPSEverywhere. It will force many sites to use HTTPS if they offer it.

  • LastPass(IE, Firefox, Google Chrome, Comodo Dragon):This is an effective password manager, with automatic password and form filling. It not only helps protect your passwords, and sensitive data, but also allows you to confidently create strong passFun & Info @ Keralites.networds and change them often.

  • Adblock Plus(Firefox): This allows you to subscribe to many differentfilter lists,which help block unwanted or malicious content. This can include malware domains or unwanted privacy threats (tracking,web bugs, and marketing-analysis strings). You can subscribe to any of the lists on that page, but be aware that subscribing to too many will slow down your browsing experience. I'd advise subscribing to either Fanboy's List or bothEasyList and EasyPrivacy. In addition it may be a good idea to subscribe to Malware Domains.

  • Adblock Plus for Google Chrome (Beta)(Google Chrome,Comodo Dragon): This serves the same purpose as Adblock Plus, except it works on Chromium browsers. You can even use the samefilter lists.

3)Keep Your Software up To Date

Fun & Info @ Keralites.netSecunia PSIwill scan your computer for programs thatneed to be updated, or are end of life. This way if one of the programs youuse has a knownvulnerability you will be alerted so you can update it.Secunia PSIprovides you with helpful links to update software as well as a rating of how critical the vulnerability is.However, it automatically adds itself to the task scheduler, without asking, andis generally slow. For regular updating pleasesee this article onSoftware Update Monitors. That said, Secunia is a well respected sourceof information. If you like you can search its site to read about possible security threats and vulnerabilitiesbefore determining the trustworthiness of an application.

4) Use a Secure DNSService

There are many good free DNSproviders currently available. They are relatively easy to setup and require no software. These services use servers that are more secure than your regular ISP, and they even filter out any known malicious content before it ever reaches your computer. If you want to understand the technical details about how they work you can read aboutthem here:IP Addresses Explained,DNS Primer.

Below I have listed three of the best services currently available.Just choose the one that best fits your needs. None of them will slow down your connection.In fact, you may even notice an increase in speed. Each of these has malware blocking capabilities, but at the moment it appears that Norton DNSand ClearCloud DNSare more potent at preventing malicious downloads than Comodo Secure DNS. HopefullyComodo Secure DNS will improve as the service matures. I have listed the server names you will use to set up the DNS servers below, but if you're not sure how to set them up you can follow the directions provided by the service onits page.

ClearCloud DNS

  • 74.118.212.1
  • 74.118.212.2

NortonDNS

  • 198.153.192.1
  • 198.153.194.1

Comodo Secure DNS

  • 156.154.70.22
  • 156.154.71.22

Security for Intermediate to Advanced Users

The methods discussed here maytake more work to setup and manage, but if you're willing to put up with the extra hassle they will also provide you with superior security.

1)Limit Program Rights

A) Use Least-privileged User Accounts (LUA)

If you're not running a strong HIPSprogram then I highly suggest that you use alimited/standard user account(LUA or least-privileged user account)instead of a normal administrator account. Running your computer in a LUA should be able to protect you from the majority of malware. This is essentially whatUser Account Control(UAC) is in Windows Vista and Windows 7. However, you will have to answer alerts for many of your programs in order to get them to work. If you want to use UAC, but don't like the alerts, you can useTweakUAC. This has an option to run UACin "quiet mode". In this mode UAC will not display the elevation alerts. For information about whether this makes your system less secure you shouldreadthis article.

If you're running Windows XP then Iwould suggest you downloadDropMyRights. This willallow you to selectively reduce rights for particular applications.However you willhave to manually create, or modify, shortcuts. Also, XP users who are running their computers in a LUA may want to useSuRunto run some applications with more privileges.

B) Isolate Malware from Your SystemFun & Info @ Keralites.net

You can improve your online protection further by isolating, or sandboxing, applications that frequently use the Internet. Thus the vast majority of malware cannot get a foothold on your system. If you are willing to put up with the slight learning curve ofSandboxie, orGeSWall, then I highly recommend that you use one of those products. Personally Ilike Sandboxie, but as always use whichever best fits your needs. Both programs are reviewed in this article about theBest Free Protection Utility.Eachprogramshould be able toprotect you from infection, even if the malware is zero-day andnot yet detected by any scanner.

A general approach to using the methods discussedin this sectionisgivenin this articleaboutHow to Surf More Securely.

2) Additional Browser Add-ons/Extensions

  • NoScript(Firefox): This addon will block nearly all scrFun & Info @ Keralites.netipts, and other possibly dangerous content, from executing. This means that even if you stumble onto a dangerous site you cannot be attacked unless you manually add the scripts on that site to your whitelist. Thus you are protected from harmful scripts and many privacy threats. However, many sites use such scripts, and plugins, for legitimate purposes. These sites will not work correctly unless you manually add the scripts on that site to your whitelist. You can alsoconfigure it to block web bugs to help protect your privacy. For this go to "Options > Advanced > Untrusted" and forbid web bugs. Using NoScript takes some getting used to, but if you are serious about staying safe online this addon is a must have.
  • NotScripts(Google Chrome, Comodo Dragon): This provides much of the same protection for chromium browsers as NoScript provides for Firefox.
  • Cookie Monster(Firefox): This addon extends your privacy protection by allowing you to block all cookies by default. It allows you to quickly allow/block cookies globally and then manually add exceptions for individual sites. Like NoScript this takes some getting used to, since many sites will not work correctly without cookies, but if protecting your privacy is important then this is another must have.
  • Vanilla(Google Chrome, Comodo Dragon): This is a cookiemanager for Google Chrome. Unlike CS Lite it doesn't block cookies automatically, but in the options you can select to "Auto delete unwanted cookies after 30 minutes". I would suggest enabling this feature. You can also configure it to clear unwanted cookies on startup. Justas with CSLite you have the option to add the site you're on to your whitelist. This is a great extension to get if you use Google Chrome.

3)Block Hosts Known to Be Dangerous (or too Inquisitive)

There are many free programs thatallow you to block sites based on a site's IP address. The very best type of IP Blocker that I've tried isPeerBlock. It's a very simple program that monitors IP connections and blocks connections that are on one of its lists of bad, or unwanted, sites. It comes with default block lists andallows you to easily download others. You can also create custom ones.PeerBlock will automatically update the lists for you.As long as youdon'tsubscribe to too many lists italso uses very few resources. Itevenprovides privacy protection for P2P users.You can read more about the program onthis page.

In addition to this Iwould advise usinghpHosts,Hostsfile,orMVPS Hosts. ThesFun & Info @ Keralites.nete not only focus on preventing malicious content, but willalso help reduce ads. However, they do not provide any protection for P2Pusers. All of these Host providers frequently update their block lists, but you will have to manually download them on a regular schedule (perhaps monthly). Choose only one of the three if you manage them on your own. However, you can useHostsManto quickly update host files like hpHosts and MVPS Hosts. You can even download both of them, combine them together into a single Host file, and automatically optimize them by deleting duplicate entries. MVPS highly recommends setting the default update method to "overwrite current Hosts file", since it will prevent old entries from remaining in the file.

Note that there is always a possibility that malware may try to worm its way into the file.For this reason some programs lock the Hosts file.WinPatrol, and most proactive firewalls (Comodo, Online Armor, etc.), will also detect attempts to access or changeit. Also, users with Windows Vista, or Windows 7, may have to shut their DNS client service downto avoid slowdowns.All of the host providers above give directions on how to do this. Note that if you use too many of these lists, such as a large hosts file and many IP blocklists, then they may slowdown your connection speed. Choose them wisely. Oneapproach is to get just a few at first, and then later decide whether you want more filtering. It's important to get to know what they do, and learn which list blocks which content. This way you can build the protection that bestsuits your needs.


Mukesh
+91 9400322866
www.keralites.net   

__._,_.___
Recent Activity:
KERALITES - A moderated eGroup exclusively for Keralites...
To subscribe send a mail to Keralites-subscribe@yahoogroups.com.
Send your posts to Keralites@yahoogroups.com.
Send your suggestions to Keralites-owner@yahoogroups.com.

To unsubscribe send a mail to Keralites-unsubscribe@yahoogroups.com.

Homepage: www.keralites.net
MARKETPLACE
A bad score is 598. A bad idea is not checking yours, at freecreditscore.com.
.

__,_._,___
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)