Computer Vulnerabilities

January 08, 2008 by sharky

Other solutions to vulnerabilities

MS Windows (all versions) is extremely susceptible to security breaches, backdoors and other unwanted entry. This leaves the door open to a number of identity theft scams via keylogger programs, password hacking and cached browser accessing to get at your personal data. Here’s a few solutions to close those holes and unwanted programs that run in the background.

CurrPorts v1.31

FREEWARE

This tiny utility shows exactly what is using your TCP/UDP ports for Internet activity. Developer’s description:

CurrPorts displays the list of all currently opened TCP/IP and UDP ports on your local computer. For each port in the list, information about the process that opened the port is also displayed, including the process name, full path of the process, version information of the process (product name, file description, and so on), the time that the process was created, and the user that created it. In addition, CurrPorts allows you to close unwanted TCP connections and kill the process that opened the ports.”

HijackThis v2.0.2

FREEWARE

HijackThis™ is a free utility which quickly scans your Windows computer to find settings that may have been changed by spyware, malware or other unwanted programs. HijackThis creates a report, or log file, with the results of the scan.”

Note: HijackThis does not determine what is good or bad. Do not make any changes to your computer settings unless you are an expert computer user.

AutoRuns v9.02

FREEWARE

AutoRuns shows all computer processes; including: browser addons; programs that launch at startup (logon); toolbars; and anything else that is running in the background with or without your knowledge. You’ll probably be surprised at how many executables are launched automatically! Publisher’s description:

This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. These programs include ones in your startup folder, Run, RunOnce, and other Registry keys. You can configure Autoruns to show other locations, including Explorer shell extensions, toolbars, browser helper objects, Winlogon notifications, auto-start services, and much more. Autoruns goes way beyond the MSConfig utility bundled with Windows Me and XP.

Identity Theft (Internet ‘Phishing‘ Scams)

There are a variety of worms, trojans and malware that are trying to gain access to your personal data. The usual methods involve saving user keystrokes typed in on the keyboard (for account usernames & passwords); accessing cached secure browser pages (from online banking and purchase transactions), among others. But most Internet identity theft is inadvertently caused by the victims themselves. Usually this involves scammers sending an email to a victim requiring urgent attention to update account information (this could be seemingly from eBay, PayPal, or any bank/Financial Institution or credit card company). A web link within the email will almost always be provided, and the phony site will look similar or identical to the official version. It is here that the bogus transaction is carried out, totally unbeknownst to the victim.

Listed below are the underground market values for your personal information:

A Storm is coming (the Storm botnet)

Never heard of the ‘Storm botnet’? If not, that’s because it’s fairly new with it first being detected in January 2007. To quote Wikipedia,

The Storm botnet or Storm worm botnet is a botnet, a group of “zombie” computers controlled remotely. In September 2007, it estimated to run on as many as 1 to 50 million computer systems linked by the Storm Worm, a Trojan horse that has spread through E-mail spam. The botnet reportedly is powerful enough as of September 2007 to force entire countries off the Internet, and is estimated to be able to potentially execute more instructions per second than some of the world’s top supercomputers.”

What the Storm botnet does:

Unlike Storms’ worm and malware predecessors, there are no real symptoms if you are infected. It just sort of lays in wait until called upon. Nobody really has any idea what future tasks are planned for the botnet; however, most experts point out it is assumed to be mostly financial (identity theft, click-fraud, keylogging, etc.).

Storm operates through Microsoft Windows computers (only) which translates to more than 90% of PCs used worldwide. And home PC users are just as likely (if not more so) to be infected and used in the botnet army. Read what the FBI says about it here in ‘Operation Bot Roast‘. Even Symantec has cashed in with a new product called Norton AntiBot - pricetag: $30.

Aside from it being able to take out poor old Luxembourg, and probably Belgium, too - it probably isn’t much concern to average joe computer. That is, unless you’re actually part of it, and don’t realize it yet. And if you are indeed a part of it, we recommend that you turn off your computer at night :-), and…ah…run a scan for RootKits on your system to see if you can oust it. Be sure to run antivirus/antispyware software as well.

Rootkits are used to hide the presence of malicious objects like trojans, worms or keyloggers on your computer. Anti-Rootkit software does not need to be run every day, just periodically. Try one of these free ones - we endorse AVG’s Anti-Rootkit.

AVG Anti-Rootkit

FREEWARE

RootKit Hook Analyzer v3.02

FREEWARE

SpyCatcher Express 2007

FREEWARE

Archived by FSFmirror