Hackers and spyware Help

[h2odawg79]

I thought a thread about Hackers and Mal-ware, Ad ware, spy ware might help us all to be a bit more vigil and up to speed with the trends and tactics of these Unscrupulous individuals and entities...

Personally, I am Not an I.T. Geek and would Love to have some of you soft ware wizards help the rest of us out just like the Equip., Technique and Boat help that we find on the typical threads here on BOS.

For starters, check out this link:

http://finance.yahoo.com/news/Five-Ways-to-Keep-Online-nytimes-705997581.html?x=0&.v=1

-

How can we stay up to speed with the Mal-ware trends?

- 

Whats is our Best protection? -and why?

- 

Any advice would be worth its wgt. in Gold...

- 

Updates to this post would be priceless!

-

Thoughts???

[Thomas Wayne]

How can we be sure this is really you, Horton, and not your malware zombie clone?  Have we established a "safe word"?

TW

[h2odawg79]

Wow T.W. ! In-Lieu of this past w/e's  events @ BOS that's a VERY Good Question!!!

[Gern Blanston]

I've had very good luck with a number of free utilities.  I like CCleaner.  It's a cache cleaner.  It will get rid of any and all temporary files that are serving no purpose.  I will use the disk and registry components of that to remove unused reg keys.  The best anti spyware utility I've found is called Malwarebytes Anti-Malware.  The free version of that does a very good job of cleaning.  I do the updates and scan about once a week.  I also use Super Anti Spyware because it has a memory resident component that offers real time protection.  All three can be obtained from majorgeeks.com 

I also periodically use the Wise Registry and Disk cleaners.  The coolest thing about the wise reg cleaner is that it has ability to defrag your registry. 

Obviously you also want and need virus protection.  I like McAfee a lot better than Symantec.  Symantec seems to have too many issues.  AVG is pretty good - for free.  Microsoft just came out with a free anti virus program, but I haven't played with it yet.  There are others of course.  The main thing is to 1) make sure you're checking for updates at least once a day; and 2) make sure to scan your system at least once a week.  Something may have gotten on before a def came out.  Running the scan will find it before it goes live.

Within Internet Explorer, make sure to delete your temporary files when the browser is closed.  Tools, Internet Options, Advanced.

 Get rid of older versions of programs.  Java (which I can't stand) is the worst of them all.  Each new version is not an upgrade, but a brand new program.  The idea behind Java is great, but they, and many java developers, fail miserably in maintaining backwards compatibility.  So, your app that was written for one version may not work on the latest.  Go into control panel and remove the ones you don't want or need.

 Once infected, many viruses/spyware will prevent you from installing utilities to remove them.  For that, boot into safe mode - hit F8 when you see the "starting windows"  CCleaner has a slim version that doesn't install the program.  It just runs.

Make sure to keep up with the latest patches.  Upgrade to 7 or Vista if you're still on XP.  The kernel is much more protected.  If still on XP, I'd try the Root Kit Revealer.  The gotcha is that you have to know what the system is supposed to look like when it's clean to be able to compare.   If still unsure, MS (the company, not the guy) has some cool utilities that they purchased from Sysinternals.  The one that works best to see exactly what your machine is doing is called Process Explorer.

remove anything from teh startup folder that's not necessary.  Remove stuff from auto running.  Start, Run Regedt32.  Navigate to hklm, software, microsoft, windows, current version, run.....google any executables you don't recognize to see what they are.  Nuke 'em if they're not important.

ah...I could go on and on.  It's tough to condense years of practical advice into little snippets that people can use. 

 hope that helps

Jon

[h2odawg79]

WOW Gern! -thats pretty deep! (At least for me...) I'm not affraid to admit that I have No idea what you are saying a lot of the time! (I told you I was not an I.T. geek or software junkie!)-ha,ha! Maybe you are our only gifted wizard and now we'll all be counting on you!

Thanx for all the great info...  

[SM]

Was it your PC that was affected or the website?

[h2odawg79]

SM, if your refering to "last w/e's events" I was refering to the BOS situation... As for me, with kids and myself surfing the web it's an on going battle that I am Not qualified to fight... I figure there's a lot more guy's on line like me, that probably don't know the half of the things that someone like Gern has already forgot! 

[Horton]

Your personal PCs were never in danger.

There was and (maybe) still is a problem at the host server level. I am freak'n mad and working on it. This may mean changing web hosts and spending a chunk of money

[SM]

FWIW, I use Dreamhost (.com) very reasonably priced and I've never had any serious issues. My company has several websites hosted there. I don't have a bulletin board on any of my sites though and I'm by no means an expert. They were just hugely cheaper than the local provider we used before.

[Horton]

Thanks - I really need a better host and some help with the back end. A basic host is not going to do it.

[Gern Blanston]

Horton -

for what it's worth, there seems to be a lot of rogue viruses in the wild at the moment.  I've seen LOTS of spyware problems over the last couple of weeks for those pc's that are not as fully protected as I would prefer.  Many sites are getting hacked, downloading garbage to the clients.  So, I'm not sure I totally with your statement that your PC's were never in danger.  This type of attack is called a drive by and is how the virus, trojan, worm, etc propagate.  The more traffic your site gets, the more likely you are to be hacked again.

I obvioulsy know nothing about the cause of the latest round of issues, but if I'm correct, the answer is not necessarily changing providers.  It's enhancing the security of the host server and the software running on it.  Easier said than done, of course.

Hackers generally fall into one of two categories.  The first is the degenerate that has no life and is PO'd at the world.  He googled some hacking scripts, deploys some bots, and feels superior.  As soon as that guy gets a girlfriend, we don't have to worry about him any longer.  The second and more dangerous are the guys that do it for a living for some company selling advertising, or something similar.  Here's a list of some of them  http://www.spamhaus.org/rokso/ 

[Horton]

Well yea – to some extent we are never safe. You should not web surf at all if you do not have good Virus protection. I user NOD32 from ESET.

I do not think that my security issue spread any virus. These guys are big time. They created pages on BallOfSpray that looked like bank pages to get account log in and passwords from victims. This is more common then you would think. This only went on for a few hours but that is why I shut down the site.  

My host GoDaddy has had a LOT of problems in the last month and I am just along for the ride.

[Gern Blanston]

thanks for all the hard work in getting the site up and running again.