Part I: Intruder Defense – Become part of a Solid Internet Security Solution (SISS)
The dark side of the Internet is darker than it has ever been at any point in history . Economic downturns tend to breed new tactics, and cybercriminal organizations now have the knowledge, tools, and capability to directly impact global financial systems. Everyone needs to become part of a Solid Internet Security Solution by making a concerted effort to proactively protect data, whether on an individual computer or a corporate network.
The use of Microsoft’s operating system leaves you vulnerable to possible infections and reinfections if your system is not patched. Security software can’t update definitions if the threat is under-reported and still in-the-wild.If you use a security suite that includes an anti-virus, anti-spyware, firewall, privacy/parental/phishing controls, — you are not protected against ALL Internet threats.
“Few will have the greatness to bend history itself; but each of us can work to change a small portion of events, and in the total of all those acts will be written the history of this generation.” — Robert F. Kennedy
Before connecting to the Internet you should make sure that your computer is safe to surf the Internet via a layered approach. Aside from using a good anti-virus suite you should also use browser security add-ons such as Finjan Secure Browsing, McAfee SiteAdvisor 2.9, and W.O.T. If you frequent social networking sites, you should become familiar with current security threats and take precautions seriously in order to avoid becoming infected. If you constantly connect to sites via shortened URLs, download and install AVG free LinkScanner, ( a free security tool that can detect malicious pages.)
If you use Twitter, download and install Immunet Protect: “The solution is clever. It leverages the idea of safety in numbers. Every time someone in the Immunet Protect network encounters a virus, the threat is identified, logged, and blocked on a centralized server platform. Instantaneously, because of the way Immunet works, everyone in the network can be protected from that identified virus.” –venturebeat.com
More recommended security tools to add to your arsenal
Secunia Software Inspector
Be sure to check your computer system and application software with Secunia Software Inspector as part of your regular security maintenance routine.
Secunia Software Inspector will detect vulnerable applications and provide you with the link to the update site. After you update your operating system or application software, be sure to re-scan to validate that the vulnerabilities have been corrected.
The Adobe Reader 9.x example screenshot listed below includes the application that is vulnerable, current version, and the version that you should update to in order to correct the problem.
If you want even better security update advice for your computer system(s) then you should use:
Home User, Personal Desktop:
Business User:
If you don’t have a regular security maintenance routine, be sure to stay tuned to this blog and I should have one available for download by the end of this month. If I forget about it, please tweet me up @teksquisite.
Trend Micro: RUBotted
The next uber cool security tool that I highly recommend is RUBotted: an anti-botnet detection tool from Trend Micro that sits silently in your desktop tray, while watching for incoming botnet activity. RUBotted co-exists comfortably with current AV software.
Update [10-18-2009]: This tool could use a bit of tweaking to give more information than “Detected DNS query of malicious domain.” (It would be nice to get the domain name and IP number too.) RUBotted only has one solution available, and that is to go toTrend Micro’s Housecall site to get it cleaned. The solution may become part of the problem for this particular tool, as more Internet security sites become blocked by malware.
“RUBotted monitors your computer for suspicious activities and regularly checks with an online service to identify behavior associated with Bots. Upon discovering a potential infection, RUBotted prompts you to scan and clean your computer.” –Trend Micro
This tool is a worthwhile tool to include in your security toolbox…
Using a “layered approach” is the suggested method to better secure your system(s). It is a dog-eat-dog Internet when we are dealing with the $$$ bad boys from the dark side over yonder. Being part of a “Solid Internet Security Solution” or SISS, is the ability to take responsibility for policing your own Internet security FIRST.
On a holistic level, what goes around comes around — don’t share your viruses or botnet connections with other Internet users. Stay tuned for Part II of Intruder Defense SISS in November! Comments are welcome at this blog 
I will close with my new Twitter #FF recommendation signature gratis Rik Ferguson, Senior Security Advisor at Trend Micro:
Until Next time — one-off, security terrior here, and I never let go of a bad guy (wink)
botnet, botnets, Immunet Protect, intruder, Malware, RUBotted, secunia, Trend Micro
8 Comments
I use PSI at home and I love it!
You don’t have to be a rocket scientist (or a sysadmin aka bofh) to see what is wrong and one of the nice things of PSI… it also shows how to update/upgrade programs & plugins with security problems
A big YES for everyone running Windows as OS
(and for private use it is free!)
I love reading your tweets, and I appreciate your corrections to my tweets (when my automatic postings from google newsfeeds sometimes grab a site that may have malware).
I’ve got two additional suggestions for you:
Steve Gibson and Leo Laporte’s weekly podcast called Security Now! does an AMAZING job of teaching about computer and Internet security. You can subscribe via iTunes, or download it (or the searchable transcripts of all of the podcasts) at http://www.grc.com.
I know you’ve had some trouble with firefox, but for those of us who do use it, NoScript is an essential add on. It selectively disables on webpages, and makes the web generally a much safer place.
I’d be happy to share with you the complete list of things I have in my freeware/shareware toolkit via email. I find that much of what I do these days is update people’s computers and teach them how to be safer on the Internet.
Thanks, and keep up the great work!
weird… I think the scrubber here cleared some of my text. What I wrote was that NoScript selectively disables java script on webpages.
thanks CB – love Secunia too
Jeff – because your comment included a link – it was held until approved – so no scrubber for you! You can feel free to share Your freeware/shareware toolkit here, email me, or both — I can’t wait!
I will defiantly be checking out Steve Gibson and Leo Laporte’s weekly podcast soon.
Firefox is behaving much better nowadays – not so frustrating either. BTW – I love FF because of the add-ons and extra layers of security that it offers. I have used noscript in the past, I should revisit it. I may have also mentioned it in an older blog post (last year.) Thanks for the compliments
Cheers,
/Bev
Do you have any experience with Back Track? It is a linux distribution designed for testing network security. Currently, I think it is in pre-release for the 4th version. I’ve seen videos explaining and demonstrating how to use it to check for various exploits, including the recent SSL man-in-the-middle attack (VERY scary).
I just emailed you Jeff – what a great security list you sent- thank you! I would like to add it to a new blog post today (hope I have time!)
I have not used Back Track yet – my Linux server is (literally) in the closet, as I have been mainly dealing with hardware and windows stuff lately, and I just putty in to a remote centos server when I need to use a shell. (which means the closet Linux box still needs more lock down before it becomes a primary server
I sincerely appreciate all of your security expertise that you have contributed during the past day. Great stuff!
[...] This post was mentioned on Twitter by Bev , Bev . Bev said: New Tekblog Post: Part I: Intruder Defense – Become part of a Solid Internet Security Sol.. http://bit.ly/1AXtnf [...]
[...] Go here to wager the original: Part I: Intruder Defense – Become conception of a Solid cyberspace … [...]