|08-29-2007, 04:34 PM||#1|
Join Date: Jul 2004
Mkay's Guide To Computer Security
Mkay's common sense guide to Computer Security:
Those two words can mean the life or death of your Steam account. I've created this guide in an effort to educate the forums about computer security, and provide the tools needed to protect yourself and your computer.
What is Computer Security?
Basically, it's a branch of computers which deals with how vulnerable you and your computer are against Virii, trojans, keyloggers, hackers, and data theft. :P
Two types of computer security:
There are two types of computer security, Hardware and Software.
What is it? Essentially, it is a piece of hardware that intercepts incoming connections and checks them to make sure that they are not intended for malicious acts. A good example of this would be a router with a firewall.
You may be saying, wtf is a firewall? A firewall can be either hardware-based or software-based. Either way, they both serve the same function. Firewalls are designed and configured to regulate the flow of internet traffic to a computer, based on the properties of the traffic. For example, if someone tried to scan your system for open ports (think of ports as windows), the firewall would kick in, automatically intercept that packet and drop it from the network. In essence, it's like the gate/moat to a castle OR in HL2 Terms, the gigantic wall around the Combine Citadel . These firewalls usually run for around 30$. Here is an example of a hardware based firewall.
There are software-based firewalls on the market too. Windows even comes with its own built-in firewall. This can be accessed by going to:
Start -> Control Panel -> Security Center
A software firewall is the exact same thing as a hardware firewall, BUT, it is stored on the user's system rather than a piece of external hardware. Think of them as the Knights in the castle OR in HL2 Terms , the Combine Soldiers in the citadel. They work to repulse threats that may have penetrated through the first line of defense. Windows comes with one, but you can buy your own. A popular choice is ZoneAlarm.
Software-based Security and exploits:
In this section, I will talk about ways to secure your computer through the use of Software. I've already covered firewalls, so here, I will talk about anti-virus software, spyware, keyloggers, and the like.
Undoubtably, you've heard of computer viruses wreaking havoc on other people's computers. Just what is a virus? It is a computer program that can copy itself and infect a computer without permission or knowledge of the
Viruses can be spread in the following ways:
-Downloading and executing attachments from email files that are sent by unknown persons.
-Downloading and running files from dodgy websites (i.e. skin packs, programs) without virus scanning them first.
-Some viruses can infect your computer, stay in memory, and infect other disks (Such as floppies/usb drives). This method is very uncommon nowadays.
Viruses cannot be spread in the following ways:
-Downloading models/sounds/skins from a Counterstrike server or any server for that matter.
-Be transferred from one player to another in a server.
Keyloggers are programs that run in the background without your permission, and log every keystroke that you make. Keyloggers may be spread in the following ways:
-The same ways that viruses can.
-A hacker can invade your system and install one without your knowledge.
Keyloggers cannot be spread through any game servers or from player to player.
Trojans are programs that are designed to install malicious software while disgusing themselves to look like a harmless piece of software. Trojan horses must be executed in order to infect a computer. Their actions can range from installing a virus or keylogger to opening ports, to changing your homepage. They can be spread in the ways listed above under the virus section.As per keyloggers, they cannot be spread in-game in any way, shape, or form.
Undoubtably, you've also heard of spyware. It's quite a big thing in the news. Spyware is a program which secretly records a computer user by capturing all keystrokes, websites visited, and chat conversations. You may be thinking, "Isn't that what a virus/keylogger does?"The answer is yes but with one key difference. Spyware is installed without the user's informed consent. What is "informed consent"? It means you install the spyware without actually knowing that it is spyware. It may be disguised as a browser helper (BonzaiBUDDY is a good example), or a program (SpySheriff). Both of these programs decieve the user and record certain browsing activites. The difference between spyware and trojans is that spyware doesn't necessarily destroy your data or replicate itself. It just makes your computing experience much worse.
Things spyware may do to lower your computing experience:
-Change your browser homepage to something else (commonly advertisements).
-Constantly display popups which contain ads.
-Consume valuable system resources.
-Report your activites to a website for data collection.
-Annoy the living crap out of you .
+How to protect yourself:
Whew! That was a lot of writing . In this subsection, I will show you how to protect yourself from the various baddies on the internet. The first thing you should always do, is make sure windows is fully updated. This is crucial when securing your computer as Microsoft occasionally sends out patches. The SECOND thing you should do is:
-Never open up email attachments from people you do not know.
-Do not use pirated software (this should be a given.)
-Don't go to dodgy websites (I.E. Websites that offer you free CD-Keys and the like)
-DO NOT FALL VICTIM TO SOCIAL ENGINEERING! (I will add this in when I get the chance).
I will try my best to provide links to free tools, but if anyone else knows of any I've missed, just let me know :P.
The best defense against viruses is a good anti-virus program. These programs have a list of virus definitions which they compare scanned files against. If any part of the file's code matches a definition, it is flagged as infected. For more info on how Anti-Virus software works, click this link. You should run a virus scan on your PC every three days or at the bare minimum, every week.
Free anti-virus software:
-AVG antivirus software
-A comprehensive list of free anti-virus software. [Thanks Artic Ice!]
Commercial Anti-Virus Software:
(Remember, this list is in no way complete, let me know if you've found more)
Anti-spyware programs work the same way that Anti-virus software does. For more info on anti-spyware software visit this link. Here are some links to
Free anti-spyware programs:
-Ad-Aware anti-spyware. *It's on the right side*.
-Microsoft's own Windows Defender.
-TrendSecure's Hijackthis .
Commercial Anti-Spyware Software:
-A thread by qUiCkSiLvEr with some great resources.
-kldetector. A program which scans for keyloggers running in memory (ty bltsponger!).
<SEE POST #3 FOR PASSWORD PROTECTION AND SOCIAL ENGINEERING>
Last edited by Mkay: 11-04-2008 at 03:05 PM.