Identify the type of attack
did not know it would not be love. This sentence made reference seemed fitting to start securing your PC, because without you it is impossible to know the enemy can make a strong bulwark.
Basically, the computer attacks come from two sources, namely the network and local. Passing attack is an attack that utilizes a network connection between the computers as the main media. Usually the attacker to collect system data when the victim is connected to the network. Another method is to plant a small program into the system if the victim was not intensive use of network (Internet), and will be active when the Internet route is opened.
While local attacks are attacks that come from the media PC input, such as floppy disks, CDROM, or the most recent is the flash, memory cards and the like. These attack usually have a rate of spread is much slower, and only limited to a virus, worm or a root kit. to be clearer, here are some types of attacks that often come to the PC.
Virus (Network & Local)
Yes, thanks to the Internet there is a virus can spread and multiply in high speed. If the first spread of the virus is still in a matter of months, now the newly created virus can spread in a matter of hours (Zero Day). Besides the Internet, viruses are also great at duplicating itself to a variety of data storage devices such as floppy disks, flash, CD-ROMs, and memory cards.
The virus itself is also composed of three types, namely the virus file, virus partition, and network viruses. Files and partition the virus is a virus of the oldest, while the virus is a network of new entrants made specifically to disable computer networks.
Spyware (Network)
Despite its danger level is much lower than the viruses, Spyware and equipment should be aware of. The reason is that an attacker can steal important data on your PC unwitting victim. So do not be surprised if an email address or credit card numbers stored on my hard drive could change hands without your knowledge. The Internet is the main media channels to plant spyware.
Spyware is important to note because, according to independent research institute IDC, 60% PC connected to the Internet in 2004 had been infected with Spyware. While the U.S. Federal Bureau of Investigation (FBI) found that 80% disturbances arising on the PC in 2005 caused by Spyware. A fantastic number for a computer attacks.
Worm (Network)
Unlike a virus, worm is a small computer program that can be spread without having to ride on certain files (independent). Media distribution is also still using the network, either local or the Internet. Some worms are created to disable a network, but there is also designed to retrieve data (Sobig and Mydoom) and delete files (ExploreZip worm).
The good news, this worm could be prevented with an updated antivirus program. Or by relying on program patches (the patch program) made the operating system manufacturer. It's just that often times the patch comes slightly longer than the velocity spread of the worm.
Rootkit (Network)
Rootkit is not a program that is dangerous, because it was created to protect patent rights for digital entertainment products such as Audio CDs and DVDs. Only over time, rootkits misused certain parties to profit.
A modified rootkits get into the operating system with administrator privileges. As a result, owners of rootkit have complete control over the victim PC. The danger again, this clever rootkits to hide themselves and disguise as a module, driver or other parts of the operating system, so that's not easy to find. Rootkits can also work in almost all operating systems currently available, such as Microsoft Windows, Linux, MacOS, Solaris, and others.
Spam (Network)
Thanks to help from worms and spyware, Spam can be present on your computer. Spam itself was completely harmless, while not carrying the virus, rootkit or other malicious files. Attacks that come through email are usually used for means of offering products or services. It's just that if too much, it's not your network may be occupied only by e-mail traffic that is not clear destining.
Phishing (Network)
Phishing is actually more fit into the category of fraud. This is because phishing is very easy to make, but it has caused substantial losses. To create a phishing attack, you do not have to have a sophisticated system hacking skills. Quite understand what is called social engineering, or the weakness of people now interprets the information in the computer.
Taking advantage of people's perception of the word "KlikBCA" (clickbca, click-bca, etc.), maker of phishing can easily "trap" the victim into the false site. Phishing success was also driven by the spread of good information, one is a spam.
Denial of Service (DoS) Attack (Network)
Denial or commonly known as "Ping of Death" is a difficult blocked mass attacks. Because these attacks using legal components commonly used in the network, one protocol ICMP (Internet Control Protocol Message). It's just that, with minor modifications, this protocol can make a point of working efficiency due to loss of network data packets flooded a lot.
Called DoS attacks involve the mass because many terminals are instructed to send data to other terminals as much as possible. Sometimes the data sender also did not realize that he had used as a tool to attack any other point, because it was planted with hidden programs like worms.
Man-In-The-Middle (MITM) attack (Network)
These attacks often occur in a single Internet users that are not secure lines of communication when it is sending important data. As the name implies, Man-In-The-Middle is an attack by "listening" data is passed when two terminals are communicating. Unfortunately, two terminals were completely unable to know the existence of a third party in the center of their communication channels.
Of the several types of attacks above, can be seen that the attacks now, almost all using the network as the media works. In other words, if you are an intense use of the network then it is time to secure your PC. Here is some information you can refer to help secure your PC from dangerous attacks there.
************************************************
If You are Windows users
Windows is already thinking about a security system for its users. However, not many users of Microsoft's operating system is really used it to secure the PC. Several security features (either integrated or extra) on the operating system Windows XP and Vista, among others:
Windows Defender
Windows Defender is anti-spyware applications can be downloaded free for users of Windows XP from Microsoft site. These applications are already built-in for users of Windows Vista. Defender in charge of protecting computers from spyware in two ways: the system scan to check for spyware that may be installed, and monitoring (monitoring) were active against the possibility of the activities of spyware on the computer work.
Defender is an excellent integration with Windows to provide extra benefits to users, namely:
* Place an integrated signature updates with Windows Update / Automatic Update so that the renewal process could be through one door only (without adding the routine work to do separate updates)
* Monitoring status has been integrated with the Security Center (Vista) which allows the user has a single dashboard contains the protection status of their PC and various other protection features.
Windows Defender will also alert the user when signature update has expired (expired) and reminds the user to scan within a certain interval.
Anti-Spam in Windows Mail
Windows Vista users will get Windows Mail, which is the replacement for Outlook Express. Windows Mail has a built-in spam filter in it. Spam Filter will check every message received and when suspected spam message, the message will be dumped into the Junk E-mail folder. Windows Mail Spam Filter Spam Filter is based on existing in Outlook 2003.
There are several filtering options in Windows Mail, the Low and High. Low is the default option is recommended for those who only received a few spam every day. However, if the intensity of spam increases, the High option is recommended for the more aggressive spam protection. In High mode, there is the possibility of non-e-mail spam is also captured when in an e-mail there are indications parameters spam. Therefore, users are advised to always check in advance the contents of the folder Junk E-mail to the possibility of non-spam e-mails before deleting the contents of the folder.
Anti-Phishing
There is two anti-phishing protections available on the Windows built-in: Phishing Filter in Internet Explorer (IE) 7 and the Phishing Filter in Windows Mail. Both are already available in Windows Vista. For Windows XP users can download the latest IE 7 at Microsoft's site.
Phishing Filter in IE7 performs two actions when a user visits a website:
analyze the content of the web to get an indication of phishing techniques, such as checking to check whether the domain name spoofing and web sites visited are included in the reported as a phishing site. For information, the phishing filter in IE7 is off by default. Users need to specify options when you first run on IE7.
Phishing Filter will give a warning (warning) through a color change in the address bar in IE7 if found to suspected phishing sites on the web. If a site shown to be a phishing site, the address bar will be colored red and will block Web sites with information that this site is dangerous. If your website is on the level of suspicion (as a phishing site), the address bar will be colored yellow and the user can get more information on this web site by clicking on the title Suspicious Website.
Windows Firewall
Windows XP SP2 is the first Windows provides a built-in firewall. A firewall will lock the various ports and prevent unwanted access into the machine users at once makes the machine becomes invisible (invisible) when scanned (in-scan). Windows Vista is Windows Firewall upgrade to a more sophisticated level. Now, in addition to support bi-directional connection (for data traffic incoming and outgoing / incoming & outgoing traffic), the Windows Firewall in Vista also supports multiple interfaces feature exceptions, multiple ports, IPv6, and command-line.
Protection of two-way (bi-directional) adds protection against Trojan horses (application intruders) that unknowingly had been installed and tried to send data to the outside. Outgoing protection was going to block this effort.
Windows Firewall in Vista has a sophisticated console that allows advanced users to create a variety of more complex rules to improve security. The console can be opened by running the command wf.msc in the Run box. This command will run the MMC (Microsoft Management Console) snap-ins from the Windows Firewall with Advanced Security. Default settings are configured for the novice user.
Network Access Protection
Network Access Protection (NAP) is a favorite feature of IT Administrator. What happens if one of the computers in a network is infected? In a short time of infection will spread to other computers in a network that has the same security holes. This will be a nightmare for the IT department. Windows Vista along with Windows Server "Longhorn" provides solutions through a simple feature that the NAP will be able to isolate the infected machine so as not connected to the network.
Windows Vista will run the NAP Agent will check the hygiene status of the computer, which includes examination of whether there is any latest patch, there is at least the latest antivirus signatures, and whether other security settings are inserted properly. Before you logon to the network, Agent Net status will be reported whether or not the computer to the server. If the computer is not up-to-date, the computer is not allowed to logon to the network. In this isolated condition, the computer can only connect to a server that serves the security update automatically through service management.
**************************************
If you’re Linux User
many say Linux is more resistant to attack than Windows operating system. This statement is not wrong, but also not completely true. Each operating system must have access gap that can be used to infiltrate inside. In order not to miss, you'll want to follow a few tips:
Secure Single User Mode
Single user mode or single user mode function to perform a rescue of the system, enabling the root user can be accessed without a password. With a few parameters at the boot loader, the user can directly enter into single user mode as root without using a password. However, this can be overcome by doing a little editing on a file called / etc / inittab. Add a line like this: ~ ~: S: wait: / sbin / sulogin.
Add these lines just below the line id: 5: initdefault:. After that, save the changes, then exit the editor.
Turn off the Service (Service) is Not Required
Sometimes, several major distros such as Mandriva and Fedora Core to provide convenience to the user by not showing a variety of options "weird" that can confuse the user. This includes a bid to shut down the service (service) that runs by default when the system has successfully been installed. Not infrequently, the service is running is not so necessary. Unfortunately, many of which allow users of different services running by default. It can be imagined if the service contains a flaw / hole, various services must become easy targets of criminals. For that, turn off various services that are not needed and arrange to various services that are not needed it does not run when your computer is restarted.
If you are using Fedora Core Linux, just type this command, then select the service which will be turned off: # ntsysv. But if you are using Mandriva, just use the Mandriva Control from the K menu, and select the "System" and select the settings for the service.
Enable Firewall
If you still want the service running, the next option is to enable a packet filtering function or built-in firewall that exist in Linux. Firewall in Linux kernel versions 2.4 and 6.2 are known by the name of iptables. Basically to enable the firewall or packet filtering function is conducted by typing iptables and summarizes a variety of syntax in a script. However this is quite difficult for beginners to understand the rules of writing the iptables syntax. However, you need not fear. At various major distros such as Fedora Core and Mandriva, users are given easy to activate the iptables packet filtering without having to understand the rules of writing iptables syntax.
For Mandriva users, once again, please use the Mandriva Control Center. Then select the menu and select the firewall security,
But if you are using Fedora Core, you can enable packet filtering or firewall functionality through the Security Level Configuration menu.
Enable SELinux
SELinux (Security Enchanted Linux) is a Linux kernel feature created by the National Security Agency (NSA). This feature is intended to improve the security at the kernel level. This feature has been integrated by default in the Linux kernel version 2.6. To activate this feature required some knowledge about the concept of security in Linux. However, Linux distributions like Fedora Core Linux makes it easy for users to enable SELinux in the kernel default feature fedora core. Utility to enable and set the SELinux on Fedora Core is also a GUI-based utility.
Always Update (Update) Your System
Finally, the easiest way to keep your Linux desktop systems remain safe is to always perform the update (update) your system. The Internet is the key word. If you are connected to the Internet, Mandriva and Fedora has an online update facility. Simply activate the facility and your Linux desktop systems will remain up to date.
{ 0 comments... Views All / Send Comment! }
Post a Comment