Although many realize the importance of safety & security online; not many know how to actually achieve it. At least from a software perspective, people can be pretty close-minded. For example, a firewall shouldn't be simply installed and left on "auto-pilot", without any further configuration. Anti-Virus programs also do not catch spyware. Knowing all this, I have written yet another article on computer security. This write-up contains information that you probably won't find else where.
Unwanted Remote Access when an attacker gains control of your computer from any given location, via the internet. Usually, these 'hackers' will find a way to implant a certain virus onto your computer (known as a Remote Access Trojan). The hard truth is, AntiVirus programs will not stop these types of "cyber-attacks"; and a firewall will only prevent attacks if configured properly.
One commonly misunderstood idea of remote attacks; is the notion that you have to download and run a program in order to be infected by a remote access trojan. While it is true you have to download the virus, the definition of download in this context can be quite vague. You also don't have to necessarily "run a program". Especially for newbie's, this is confusing. By download, it can mean something as simple as opening an image infected with a trojan, or even opening a web page that has a video embedded in it. That video most likely contains java script needed to stream it's contents, and java script is a programming language that can be easily exploited to run trojans. That means, even something as simple as playing a youtube video *could* get your computer infected.
So how do you stop it ? Well. One way is to configure your windows firewall very thoroughly to block ALL incoming ports. Ports serve as the key to unlocking remote access.
To do this, go to your start menu and click Control Panel. Next click system and security, then windows firewall. On the left hand side, click 'Advanced Settings'. A window saying "Windows Firewall with Advanced Security" should pop-up. In the left tab, hit 'Inbound Rules'. Now you will see a list of programs and services associated with your machine, and (probably) a green check next to most of them. This process will take a while, as all of those green check marks need to become red (crossed-out) - indicating they are blocked. Right click on each and every rule listed, click properties, then select 'block connection', hit apply and then O.K. After you are done with that. You need to add services to the block list.
**Sources**
http://www.irchelp.org/irchelp/security/fwfaq.html
http://technet.microsoft.com/en-us/library/cc730951%28WS.10%29.aspx
http://reviews.cnet.com/4520-3513_7-5053016-1.html
One commonly misunderstood idea of remote attacks; is the notion that you have to download and run a program in order to be infected by a remote access trojan. While it is true you have to download the virus, the definition of download in this context can be quite vague. You also don't have to necessarily "run a program". Especially for newbie's, this is confusing. By download, it can mean something as simple as opening an image infected with a trojan, or even opening a web page that has a video embedded in it. That video most likely contains java script needed to stream it's contents, and java script is a programming language that can be easily exploited to run trojans. That means, even something as simple as playing a youtube video *could* get your computer infected.
So how do you stop it ? Well. One way is to configure your windows firewall very thoroughly to block ALL incoming ports. Ports serve as the key to unlocking remote access.
To do this, go to your start menu and click Control Panel. Next click system and security, then windows firewall. On the left hand side, click 'Advanced Settings'. A window saying "Windows Firewall with Advanced Security" should pop-up. In the left tab, hit 'Inbound Rules'. Now you will see a list of programs and services associated with your machine, and (probably) a green check next to most of them. This process will take a while, as all of those green check marks need to become red (crossed-out) - indicating they are blocked. Right click on each and every rule listed, click properties, then select 'block connection', hit apply and then O.K. After you are done with that. You need to add services to the block list.
- On the right tab; with inbound rules selected, click 'New Rule'.
- Then select 'Port' in the next window.
- Keep 'TCP' selected, now in the 'specific local ports' selection box, enter in the list of port numbers from this web page.
This is a long process, so you can repeat steps 1-3 and input only, say, 20 numbers per time. Then in that case you are creating separate rules for each set of trojans you block. What this is doing, is disallowing the trojans to gain access to your computer's services, which will block a hacker from doing the same.
Another security precaution you can take, is by blocking remote assistance capabilities from your computer; this is a function designed to allow microsoft and other support groups to remotely assist and fix your computer - but it can also be used to the advantage of hackers. Only modify this option if you do not want remote assistance from any one.
To change this setting; open the start menu, type in "remote access" (without the quotes), and then hit enter on the first result. Now un-check the box that sais "Allow Remote Assistance Connections to this computer". Click apply and OK.
To change this setting; open the start menu, type in "remote access" (without the quotes), and then hit enter on the first result. Now un-check the box that sais "Allow Remote Assistance Connections to this computer". Click apply and OK.
That's it ! Your computer should now be 99% impervious to hack attacks. As a final precaution you can also secure your computer/s internet connection by investing in a VPN Service such as nVPN, this will also prevent governments and other nosy organizations from spying on your internet activities.
**Sources**
http://www.irchelp.org/irchelp/security/fwfaq.html
http://technet.microsoft.com/en-us/library/cc730951%28WS.10%29.aspx
http://reviews.cnet.com/4520-3513_7-5053016-1.html
No comments:
Post a Comment