| ShieldsUp |
Shields up is a service offered by
Gibson Research Corporation that tests your connection. You want the
ports of your router to be stealthed. From the GRC home page, select
ShieldsUP! from under the Services menu. |
test at grc.com (free) |
DNS can be configured at an individual computer or from your router. Changing settings on your router means that all computers on your local network will be using the selected DNS server.
I strongly recommend using OpenDNS. This requires that you change the DNS settings on your router from the default to the settings for OpenDNS. The instructions are pretty good on the site.| OpenDNS |
OpenDNS replaces your default DNS server
and provides additional protection against sties that are know to be
bad. Since it intercepts the outgoing traffic, it protects you
irrespective of what program is trying to reach out to the internet |
follow instructions at opendns.com
(free) |
| Google Public DNS |
Google Public DNS is a free, global Domain Name System (DNS) resolution service, that you can use as an alternative to your current DNS provider. | follow instructions at google.com
(free) |
| DNS testing |
Testing DNS requires that you install a program on your computer to probe DNS speed. I like DNS Benchmark from GRC (for Windows only). It is small, fast and throrough. Namebench is available for Windows, Mac and Linux. I haven't tested it, but it comes from Google. |
(free) |
| Firefox |
Firefox is an open source web browser. Firefox added tabbed browsing at version 3. It allows many add-ins
give additional functionality. It is available for PC, Mac OSX and
linux. The user experience is virtually indistinguishable on the
different platforms. Statistics for December 2008 report that
Firefox is used by over 40% of internet users. This level of
popularity means that most everything on the net will be Firefox
compatible. There are occasional sites that require ActiveX components
that will not run in Firefox. Unfortunately, this means that Internet
Explorer must be maintained on PCs. |
get it from
mozilla.com (free) |
| Thunderbird |
Thunderbird is the open source email and
newsgroup complement to Firefox. |
get it from
mozilla.com (free) |
| Chrome | Google Chrome is Google's browser. Nice look and does great job with images and video. Does not yet have the add-in ability of Firefox. |
google.com/chrome (free) |
Most problems exploit weaknesses in the browser or browser user. There are several things that you can and should do to improve the security of browsing. The steps described here are intended to prevent you from getting infected with malicious software.
Google Safe Browsing:
| Safe Browsing |
Service to let you check
websites for known malware. |
Safe
browsing. (free) |
Browser Settings:
| Check Browser
Settings |
Site uses javascript to check and report settings. |
supportdetails.com (free) |
Browser Settings /Add-ins: Add-ins
to Firefox allow you to customize the browser experience. These are
readily available from the Tools>Addins menu. Several settings should be
changed as well to increase safety in any browser. The options that I
prefer are:
| Cookies |
Cookies are little bits of information
exchanged between the server and you most commonly to save information
about you as you navigate around a site. It is how Amazon knows its
you when you first call up the site. It is also how you can be
tracked as you move about the net. |
turn off third party cookies
at a minimum
|
| Default file location |
Saving executables to the desktop can be
dangerous since it is easy to trick the computer into running them. |
change the default location
for saving files to a folder or, as I prefer, make the browser always ask
where to put files |
| NoScript | Scripts are programs that come in a web page. They do many powerful things, but can also mess with your computer. NoScript is an example of security being a trade-off with convenience; it can get in the way and it requires some set-up. The idea is that you can set sites that you know and use often to let scripts run, but for all other sites, you block scripting. One key it to turn off notification or it is painful. |
noscript.net or from within Firefox (free) |
| PDF Download | PDF download pops a window any time a pdf is clicked on, not so much for security as convenience. By allowing you to choose whether the browser should open the pdf or whether it should simply be downloaded, stability is improved. No more waiting while a gigabyte pdf downloads by mistake. Also available for Internet Explorer |
pdfdownload.org or from within
Firefox (free) |
| foxit | Adobe Acrobat Reader has become increasingly bloated and prone to severe attacks. Foxit is a PDF reader that replaces Acrobat Reader both as an add-in and as the stand-alone application. |
foxitsoftware.com (free) |
Anti-Virus: Never buy anti-virus software!!!
Microsoft now provides anti-virus software. I recommend using Microsoft
Security Essentials. Anti-virus scans incoming e-mails for bad
stuff and periodically scans the entire computer for malicious software. Most
ISPs - that's your cable or phone company - will offer free security software. Do not purchase security software from a store. It will likely be a waste of
money and the chances are that you will get a product that has traits that are
somewhat onerous. Norton, for example, used to be very good. It is now
bloated, slow to update and reduces performance unacceptably. I have been
very pleased with AVG Anti-virus, which has a free version for home use. I
don't see a reason to pay based on the information I have found and my
experience.
| Microsoft Security Essentials | Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software. |
security essentials (free) |
| Malicious Software Removal Tool | Every monthly security update from Microsoft includes a little utility that can be used to scan for infections. Go to the run box and type MRT(return) to start a scan of your system. |
MRT.exe (free) |
| Spybot |
Spybot S&D is a powerful tool for protecting and diagnosing issues with Windows. Once loaded, it prevents spyware from installing. It also allows you to determine what is being loaded at startup too. | get
spybot (free) |
| Secunia PSI |
Secunia PSI keeps a database of current versions of software and it scans your computer and checks the programs installed against it. It then flags software that is out-of-date and with known vulnerabilities. | secunia.com
(free) |
| DropMy Rights |
DropMyRights is a utility from Microsoft that you invoke with the program that you want to run as an argument. In practice, you create a shortcut that looks like: "C:\Program Files\DropMyRights\DropMyRights.exe" "C:\Program Files\Internet Explorer\iexplore.exe". You can then change the icon of the shortcut such that it looks just like the original Internet Explorer. When you use the shortcut, it reduces the rights only for Internet Explorer |
get
dropmyrights (free) |
| overview |
Many browsers now are sandboxed. For a nice decription, see |
comparitech
|
| Steady State |
This is a free utility from Microsoft used most commonly for multi user machines. |
steadystate
(free) |
| VMWare |
VMWare Player allows the loading of virtual machines that have web browsers. It is particularly useful for running Linux. You can surf in Linux to insure that you won't be infected by Windows malware. Many of these are available as Virtual Appliances already. |
get player (free) |
Analysis Tools: If you want to see what is actually loaded in your system, I
have found HijackThis very useful. It is a geek tool and probably not useful
for most users.
| Highjack This |
Hijack This allows you to look and see if there are events occurring as the computer boots and to turn them off. It is a real geek tool. |
get from Trend Micro (free) |
Network Analysis: Seeing the computers on your network is handy sometimes.
| Nmap Zenmap |
Zenmap allows you to probe aspects of your
local network. I find it most useful for determining what computers
and devices are on a local network. The port spec for scanning a
typical network (where the router is 192.168.1.1) is: 192.168.1.0/24 |
get Zenmap (free) |
Quick Recovery: If malware does strike, the best recourse is to wipe the disk and reinstall. This is made considerably easier with utilities that create an image from which you can restore the hard drive. Norton Ghost did this well until they tried make it run in the background all the time at version 9. Currently I like and have tested DriveSnapshot.
| Drive Snap Shot |
Drive Snapshot is a utility that makes an image of your disk from within Windows. Full functioning trial is free but continued use requires payment. |
drivesnapshot.de (free
trial) |
Remote Assistance: If you want to help or be helped by someone remotely, check out CrossLoop. It works like Timbuktu or NetMeeting, but is free. To use it for free, you don't have to have an account. Once loaded, click skip on the opening screen. It is great.
| Chrome Remote
Desktop |
Another great freebie from Google allows you to operate someone elses computer and works for both Windows and Macs but only within Chrome |
support.google.com/chrome (free) |
Resources: Web sites and organizations
| Shadow Servers |
The Shadowserver Foundation is an all volunteer watchdog group that gathers, tracks, and reports on malware, botnet activity, and electronic fraud. It's mission is to improve the security of the Internet by raising awareness of the presence of compromised servers, malicious attackers, and the spread of malware. |
shadowserver.org (free) |
| GRC |
GRC.com is the home of many security articles and pieces of software. Links to show notes from Security Now are also there. |
grc.com (free) |
| disposeamail | disposable email for those times when you're uncertain about the site |
disposeamail.com (free) |
| tweakhound | site / blog on all things windows including free resources for keeping a Windows computer humming | tweakhound.com |
Setting up Gmail to send from different email addresses
| tips of Gmail
config |
Gmail now
requires two-factor and use of app passwords in order to use Google SMTP
servers to send email from a non-gmail account |
instructions from kinsta
or link here |
By Mark Jones on 19 January 2009. Last updated 11 October 2020.