Security & encryption

This page was written by Christopher Spry.

Links to security resources:

• Microsoft's TechNet Security Center provides links to technical bulletins, advisories, updates, tools, and prescriptive guidance designed to help IT pros keep Microsoft servers, desktops, and applications up-to-date and secure.
• Ad-aware by Lavasoft. Software to remove 'spyware' installed by rogue online resources.
• CTSG's Cryptographic Toolkit to enable U.S. Government agencies and others to select cryptographic security components and functionality for protecting their data, communications, and operations.
• SecurityFocus Security news.
• Sencap Network Security Corps a provider of comprehensive managed security services.
• Spamcop.net A free service to send reports on spam emails to service providers, to help close down spamming sites.
• 'my | NetWatchman' advice and reporting, if you consider that your computer or network is being attacked.
• 2600, 'The Hacker Quarterly' magazine: security information by 'hackers'.
• 'BO2K' software to control of computers remotely. System administrators need to study this potential threat to their systems.
• CERT, 'Computer Emergency Response Team': Internet security expertise, at the Software Engineering Institute, Carnegie Mellon University.
• CIAC, 'Computer Incident Advisory Capability' computer security incident response team for the U.S. Department of Energy. It publishes information on current and new security issues with suggestions for fixes.
• GFI's Email Security Testing Zone tests anti-virus programs by sending simulated emails to test known vulnerabilities.
• McAfee security software
• 'PGP International' provides free versions of the software. Software for all operating systems can be downloaded here. Help files, front ends etc. are also available. The PGP FAQ.
• 'Private Idaho', email encryption and security.
• RSA security software.
• SANS, System Administration, Networking and Security Institute. A free mailing list is available.
• Computer Security Incident Response Team (CERT-UU) University of Utrecht, Holland.
• Security and clinical data, Ross J Anderson, Cambridge. Comments in 1996 on the nationwide NHS network, which has led to concerns about security.
• SecurityFocus details of current computer security issues.
• 'Stamper' free email-based resource to digital 'timestamp'  files and provide 'proof of posting certificates' for email, using PGP.  It was launched in 1995 by Matthew Richardson.
• VeriSign security software
• 'ZedZ Consultants Inc.' Security software resources in Holland. Formerly 'Replay.com'.

What to do, if you think you may have a virus infection or a Trojan issue. This is from advice given at Experts Exchange: 

• 1) Run your virus scanner. Then carry out a free online virus scan: 'Housecall' at Trend Micro. Even though you probably already have a virus scanner, it is sensible to have another opinion.
• 2) Adware from Lavasoft and Spybot-Search & Destroy both check for spyware of various types.
• 3) HiJackThis is a tool that lists all installed browser add-on, buttons and startup items and allows you to inspect, and optionally remove selected items, etc.
• 4) Microsoft's 'Windows Defender'.
• After this, reboot and install prevention measures:
• 1) Virus software: If you can, buy Kaspersky, otherwise use AVG, which is free. Kaspersky blocks malicious scripts from the web, which where a large percent of spyware comes from. It also has definitions for adware, riskware, malware etc.
• 2) Install a software firewall, such as 'ZoneAlarm'  - both the commercial Pro version and a free edition can be used.
• 3) Run Windows updates to make sure you are fully patched. You also might want to use Microsoft's Baseline Security Analyzer (MBSA) to analyze your system.
• 4) Spyware Blaster - This is for blocking diallers and other spyware from accessing your computer and it works with both IE & Mozilla and updates and is free. It does not have to be running. Just install it, update it, then "enable all protection" and follow those steps once a week or so.
• 5) Use an alternative browser to Internet Explorer, as many exploits are publicly released against it. Firefox is recommended.
• Additonal clean up measures:
• CCleaner - This program will clean out the 'temp' directories including temporary internet files and other unwanted files. This will also help the computer's performance.
• RegCleaner - This program will remove any missing or invalid registry entries as well as perform a complete backup of changes you made. It is a useful addition to system maintenance.
• Resources/References:
• SANS Institute: This site has a daily diary that keeps on top of all the latest threats. I live by this site.
• McAfee Portal Site: provides the latest virus/exploit threats daily, which is the most active, etc.
• Analyst's Diary (virustotal.com)

The US National Security Agency (NSA) has released a set of guidelines and templates to help secure Windows 2000 systems. The materials contain five templates to use with Microsoft's Security Configuration Editor, 17 guides to secure various aspects of the OS, and three supporting documents with in-depth defence coverage and details about various popular software packages. 

Firewall security programs::

• BlackICE Defender firewall
• Sunbelt Software Kerio firewall
• 'ZoneAlarm Pro' firewall

Go to the 'home page'

© Christopher Spry mailto:cspry@cspry.co.uk.  This page was last updated on 13 July 2006 10:24:23.