Contact Computers Networks Websites Online Training Engineers
 
  Computer and Internet Solutions  


Infallible Trinity Series
Volume I: Web Protection

-----

CIS Advice
Do I need help?
Make it fast!
Keep my stuff safe!
Keep costs down!

Infallible Trinity Volume I: Web Protection

What is an Infallible Trinity?

It's simply three things that are the most effective at dealing with the subject using my custom configurations. In this case it's Web Protection.

Web protection. What is it? What are you protecting yourself from?

Virus's and Trojans -- any rogue programs that mine information, wreck havoc, cause unidentified problems. This also includes those "helpful" search assistant add-ons that are simply unwanted bloat that we don't need.

So what's the best way to protect against these useless tidbits of code that we are forced to deal with?

Before I answer that, I must put out a disclaimer. First of all this is what I do myself. This is what I do for my clients. This is my way of Web Protection, and it's based on years of experience and proven effectiveness. You don't have to agree with me, or use the same things I use, but if you need guidance on this matter it paves the way to a proper approach. I change applications once in awhile, and I'll keep this updated so you know what I'm always using. So lets start...

 

The Story:

I have people who ask “How did I get a virus or trojan on my computer?” They stare at me in disbelief. I'm usually very understanding and comforting while I explain how easy it is to get one, but sometimes I ask “How did you prevent the virus or trojans from infecting you?” Oddly enough, the answer to both questions often is “I have no idea...”...

The Rules:

• You must have a clean system. If in doubt, clean slate it.
• You must plug security holes. This means Software and OS updates, and disabling of highly unsecured services. This includes SSDP Discovery Service, Universal Plug and Play Device host (UPNP), Remote Desktop Sharing, Remote Access Auto Connection Manager, Remote Desktop Help Session Manager, Remote Registry Service, Telnet, WebClient, Windows Time, and Terminal Services. If in doubt, look it up and decide if you need it in any state other than disabled.
• You must secure your applications. Example: If you use Outlook Express, make sure to read all messages in Plain Text and don't open unsolicited attachments. If you use a sharing application like a p2p, disable sharing and any kind of open connections. If you use MS Office, disable the macros and only open documents you trust. Etc etc... Know the software you use.

The Assumptions:

• Your Operating System is Windows XP, though this works with Win2k as well.
• You are not using your PC as a server in a networked environment.
• You already use a hardware router/firewall (Linksys, Dlink, etc).
• You are on a connection better than 56k Dial-up.
• You have Administrators rights and have no need to protect against a physical local attack (like your Brother or Father or Friend).
• You have some cleaners like AdAware or MS Defender with current definitions downloaded and ready to install. Should you suspect an infection or if an infection disables your Internet access, you are prepared.
• You are welcome to use any program you prefer, but my Infallible Protection is based on the ones I use and my custom configurations.
• You install the programs in something other than their default location. This prevents some programs from circumventing or disabling based on known defaults.
• You are adept at searching the Internet to answer questions that I don't answer or address.

and now...

 

The Infallible Trinity


The Antivirus: Grisoft AVG. www.grisoft.com

• Download the latest AVG (free if it's for personal use) and install it. Remember... don't install these programs in their default directories. Follow the instructions and perform any steps you feel is necessary. I just update the definitions and let it do it's job keeping everything else at default. It will update the definitions automatically at intervals, but you should manually check occasionally to make sure it's being updated.

The Browser: Mozilla Firefox. www.mozilla.com/firefox/

• Download the latest Firefox and install it. Make it your default Browser.
• Load the NoScript Plugin. Tools | Extensions | Get More Extensions. Search for NoScript, it's usually at the very top anyway. Click on it. Click on Install now. Click on Install Now on the pop-up. When it's done restart Firefox and you'll see the NoScript at the bottom (NOSCRIPT PNG). You'll want to learn how to use it, it's easy just look at it's options and it will make sense.
• In Firefox go Tools | Options | Privacy | Cookies. Where you see “Keep Cookies”, change it to “Until I close Firefox”. Then go to Tools | Options | Privacy | Cache and change “Use up to” to “0”.
• Get familiar with the options. I personally don't have Firefox remember History, Passwords, or Saved Forms. I only let NoScript allow sites I'm intimately familiar with and totally trust.

The Firewall: Zonelabs ZoneAlarm. www.zonelabs.com

• Load the latest ZoneAlarm (free if it's for personal use) and install it.
• Go through the tutorial if you are not familiar with the program.
• Set it up to ask on every application you think you'll need, except the ones you know you always want to have unrestricted access. Program Control | Programs: I only have Generic Host process and AVG Update Downloader allowed Internet access. Firefox has to ask for Internet access. It's not necessary, but it helps (if there's some program that might try to load up your default web browser it won't have automatic access to whatever site it's trying to reach).
• Keep most applications on Block. Internet Explorer and Windows Explorer is blocked, Media Player is blocked (I use VLC), Java is blocked, etc etc. If you think you'll need one of these applications to access the Internet, simply change it to Ask. The benefit is you'll always know what needs access and have complete control over when it's allowed. If you need Java for some site you use often, enable it. Just don't let everything have unrestricted access – should you ever get a trojan you'll be able to tell before it does anything.


Thus ends my Infallible Trinity - Volume I: Web Protection. When using these programs as outlined, you will resist far more attacks and accidental invites. Should they manage to invade, you'll be better prepared and have greater success removing them.

 

 
 
© 2010 Computer and Internet Solutions. All rights reserved. | Terms of Use. | Reprint Information