| Computer and Internet Security |
Abuse/Spam  - General security, abuse, spam, and DoS related resources and sites.
Guide to Secure Practices - General computer security awareness and tips.
Security Advisories - Security news, system advisories, and vulnerability/anti-virus databases.
|
| Operating System Advisories and Updates |
Apple/Mac Security - Apple, Macintosh system advisories, updates and patches.
Microsoft Security - Microsoft Windows system advisories, downloads, updates and patches.
UNIX Security - UNIX system advisories, updates and patches.
|
| Security and Virus Assessment Tools/Info |
ClamAV - Excellent anti-virus/phishing/malware scanner and detection open source software/data, available for UNIX, Windows and other projects/apps.
Gibson Research - Live web-based port and security scans (ShieldsUP), tools and news.
SecureMac - Apple/Mac OS X news, security advisories and software like MacScan.
Sygate Online Scan - Live web-based port security, protocol and trojan scan.
Secunia OSI - Live web-based Online Software Inspector security, program and vulnerability scan.
Symantec Security Check - Live web-based anti-virus and port security scanner.
TrendMicro Housecall - Live web-based anti-virus scanner and cleaner for Microsoft Windows.
AntiVirus Rescue Bootable CDs List - Listing of bootable anti-virus/malware and rescue/recovery software for download gathered by TechMixer.com
|
| Guide to Secure Practices and Policies |
It is extremely important for all computer users, especially those who use the
Internet, to be "security aware" and do their part to protect themselves and
others. Everyone must keep their Operating Systems, software and devices
up-to-date, as there are constantly new security patches and upgrades that are
CRITICAL to protecting data and networks from hackers, virii and trojans.
ALL computers on the Internet are scanned for vulnerabilities by hackers who
scan whole ISP's and IP Address ranges randomly. They are looking for computers
that are vulnerable to an attack, virus or trojan.
There are several reasons why hackers attempt to hack or "own" computers, the
most common reason is so they can USE your computer to:
- Hide themselves from you and others
- Use your IP address to use the net (as you)
- Attack or flood others, knocking or crashing them offline (as you)
- Spam other users in chat and email (as you)
- Hack other people, systems and networks (as you)
If you do not run upgrades, security patches, firewalls or anti-virus often
(or ever) then there is almost a 100% chance that you are a carrier of a virus
or trojan that harms and attacks you and others. You may even be one of those
"email spammers" or "hackers" you so despise, and not even know it!
Most users will want to pay particular attention to and follow items 1, 2 and 3
below. Item 4 is also very important if you are running any kind of local or
wide area network.
[1] SOFTWARE UPGRADES, UPDATES AND INSTALLATIONS:
WATCH FOR SECURITY ADVISORIES, SOFTWARE UPDATES AND PATCHES FOR NETWORKING
PROTOCOLS, HARDWARE AND SOFTWARE. UPGRADE OFTEN.
During and/or after every installation of any Operating System, all the
updates, file patches, or upgrades available (usually from the manufacturers
website or your distributor) should be performed. Following a system install,
always install a firewall package or rules. Always install virus and trojan
detection and protection. Update often.
Windows users will want to visit http://windowsupdate.microsoft.com/ often
and for anti virus they may want to visit http://www.grisoft.com/ for AVG.
Both are free.
UNIX users should check their distribution site for upgrades often. Most are
free.
[2] - FIREWALLS:
CLOSE UNECESSARILY OPENED PORTS, SERVICES AND PROTOCOLS ON NETWORKED
ROUTERS, SWITCHES, HUBS AND COMPUTERS OR DEVICES. BLOCK, FILTER OR
QUALIFY NEW PROGRAMS, SERVICES, PLUGINS, DOWNLOADS, AND SCRIPTS.
Know what you're allowing in or out so an unauthorized program cannot access
the net and so the net can't talk to you unless you or a program you
authorize allows it.
Windows users that don't have a hardware firewall will want to try a software
firewall like the free ZoneAlarm at http://www.zonelabs.com/
UNIX users that don't have a hardware firewall will want to learn more about
their systems firewall rules or ipchains or whatever their OS uses. Most are
free.
[3] - BEHAVIOR AND PRACTICE:
BEHAVE IN DISCUSSION GROUPS, EMAIL AND CHAT, JUST BE QUIET AND COOL OFF.
DON'T SEND SENSITIVE INFORMATION OVER THE NET WITHOUT ENCRYPTION.
Don't use easily guessable words in passwords. Change your passwords often.
Use appropriate encryption like SSL for email, web, and secure telnet (SSH)
when possible.
[4] - NETWORKS:
KNOW YOUR ISP/UPSTREAM/NOC, VERIFY THE SECURITY OF NETWORKS, ROUTERS,
SWITCHES AND HUBS FROM YOUR SIDE ALL THE WAY TO THE NET.
Know the vulnerabilities of devices and protocols so you are not snooped or
able to have your IP or traffic hijacked and redirected. Learn about ARP,
RIP, ICMP, TCP, and UDP type protocols and what to disable or block.
|
|
|
