Security on the Internet Hey kids, remember to keep your tube covered. If you have no anti-spy/anti-virus software, GET SOME NOW! With the very real desire to remain anonymous and safe in these current activities, you need to keep yourself from being infected by exploits, keyloggers, viruses etc etc. With most big name products, you can usually get a free 30 day trial download version. They are anti-virus with anti-spy attached. Norton Internet Security: 15 Day Trial (pretty much considered the leader in PC security, though HEAVY. If your computer isn't fairly new, can cause a significant decrease in performance) http://shop.symantecstore.com/store...ntTheme/ThemeID.106300/pbPage.Trialware_en_US McAfee: 30 Day Trial (never tried it, not really sure) http://us.mcafee.com/root/downloads.asp?id=freeTrials Kaspersky Internet Security: 30 Day Trial (heavy protection, like Norton, but much lighter. Won't slow your computer down) http://www.kaspersky.com/trials If you can't do the free trials, here is my list of favorite opensource/freeware ones: Spybot - Search & Destroy (scary name, but really powerful, and free anti-spy) http://www.safer-networking.org/index2.html Ad-Aware (I haven't used it since about 2001, so I can't really comment on it) http://www.lavasoftusa.com/software/adaware Avira (better than AVG, but English only) http://www.free-av.com/ Avast (never used it, no comment) http://www.avast.com/ AVG (has multi-language versions) http://www.grisoft.com/ If you are concerned that you might be infected with something (for Windows users): 1. Make sure you have the latest updated databases for your anti-virus/anti-spy program. 2. Restart your computer in Safe-mode - Start/ Run/ msconfig.exe - Find the Tab for Boot/Startup, and check Safe-mode (smallest) - Restart 3. Once in Safe-mode, only a minimum of required programs are running. From here, open up your security software. Run a full system scan. Unfortunately, this may take several hours. 4. When the results come up, Disinfect. 5. Go back to Start/ Run/ msconfig.exe and select the Boot/ Startup tab. UN-check the Safe Mode box. 6. Restart Once you've rebooted your computer, open up your security software again and do a quickscan. Hopefully, everything should be kosher. And remember, when you are browsing and doing stuff related to the Anonymous movement, make absolutely sure that your protection setting is set to STRONG/ HOSTILE ENVIRONMENT. As well, Trend Micro's HijackThis is a nifty little freeware program that examines and analyzes all your running processes so that you can neutralize what you need to. I must warn, though, as it should be used with caution. You don't want to erase something that you really need. HijackThis! Process Analyzer http://www.hijackthis.de/ Remember kids, play safe. The internet is SERIOUS BUSINESS! EDIT: Fixed. Added some more info. Added URL's
Agreed, Adaware 2007 is a very fast update for the old Adaware, it cleared quite a few trojans for me.
Any tips for Mac users? I've never had a virus/spyware in my life, so net security is not something I'm used to thinking about.
Could someone give some links to avast and/or AVG? And someone informed me a while ago that you need to uninstall old antivirus software before getting new stuff, that's true, right? (My computer illiteracy is showing, isn't it?)
You are protected. (The reason you haven't had a problem is that there hasn't been any wide spread malware/virus attacks on Mac computers, same goes for *nix users.)
Yeah, I know. There's just too small a user-base for it to be worth it, generally. But I figured I'd ask anyway, in case someone had some insight. Thanks, though, Mascaria, I feel better already. I can just imagine some poor scilon trying to install a .exe keylogger on my comp or something... "ZOMG! Not working?!11 H4X!one!" [Note: I'm not a hacker, I don't even know if that's how they do it. And in case I'm wrong, leave my fantasy alone, it's a fun mental image. ]
I'm a Linux user and my first few days I kept trying and trying and trying to install a *.exe (because I'm pretty stupid really) and couldn't figure out why it wasn't working. Turns out this is a good thing! ^5!
Added links. Your friend pretty much told you the right thing. Anti-virus suites are EXTREMELY protective of themselves. I mean, if you were going to write a virus, what is the first thing you'd want to disable? The anti-virus software, of course! So, it's built into the anti-virus program to take its own protection as seriously as possible (even if all you want to do is upgrade from an old version of the same program to a newer one :roll:...). But, if you are going to do that, make absolutely sure that you download the new program's installer BEFORE you uninstall the old anti-virus. Try to keep non-protected time as small as possible.
Keeping yourself Anonymous In addition to keeping your machine protected from little nasties that people want to send to you, if you are going to engage in dangerous activities (such as pissing of CoS), you'll want to make sure that your computer leaves as little a footprint as possible. This means obfuscating your identity, and especially you IP address. The easiest way to do this: 1. Do not use Internet Explorer. 2. DO NOT USE INTERNET EXPLORER. 3. Download your local version of Mozilla Firefox http://www.mozilla.com/en-US/firefox/ 4. After setting up Firefox, install the NoScript add-on https://addons.mozilla.org/en-US/firefox/addon/722 5. Install the Tor/Privoxy/Vidalia/Torbutton bundle http://www.torproject.org/download.html.en Installation guide http://www.torproject.org/docs/tor-doc-windows.html.en 6. DO NOT, I insist, DO NOT, EVEN UNDER TORTURE, USE PANDA ANTIVIRUS. Apparently, Panda Antivirus is made by a CoS group. You wouldn't want to let them get their claws into your files, would you? After installation, make sure you enable Tor on your Firefox browser. In the lower right, it should have an indicator whether it is activated or not. Check out the Tor Detector while not anonymous. http://torcheck.xenobite.eu/ Then, activate Tor in your browser and check that page again. You should see that it's different. For the most part, this should keep you safe from being identified -- at least if you are keeping yourself within the realm of legality. If you start doing illegal things, which I DO NOT condone, you will most likely want to set yourself up on a secure HTTPS connection. Since I am not condoning illegal activities, I can't give you help in that area. Anyways, surf safe. Edit: Added point #6
If it's running, double-check your IP address at http://whatismyipaddress.com/ as well. When Tor is running (it's an onion icon -- layers upon layers, amirite?), your connection speed WILL decrease, but it shouldn't be too bad if you are running on a modern day Cable LAN or ASDL. If you find your connection to be overbearingly slow, right-click on the green onion icon in your taskbar and click "New Identity". It will randomly assign you a new IP obfuscation route, and, depending on the place, it could help speed up your connections. Edit: Actually, could a moderator move this thread to General? When I started it, I wasn't quite sure where to put it, but I feel like security is something that EVERYONE should be aware of, in this situation in particular.
May I add point 6? 6. DO NOT, I insist, DO NOT, EVEN UNDER TORTURE, USE PANDA ANTIVIRUS. Why? Panda is linked to $cientology![/url:11s2iutr] And you don't want to give $cientology a full access to your computer... no?
I think it is also worth pointing out that you should only use one antivirus program at a time. I'm amazed at the amount of people who didn't know that you shouldn't run both Norton and McAffe. Personally, I like Avast+Spybot.
Honestly, I'm an AVG+spybot fan. I'd say NOD32+spybot, but I'm too cheap to buy anything. (Does it even run on x64?)
I'm a fan of Kaspersky, if you couldn't tell. No, I don't work for them. I just think it's cool that the founder is an ex-KGB cryptologist... 8)
I use NOD32, its great. I use my normal IP on here, and on most other websites, but i dont go on Scientology or anything. Under the circumstances you talk about, if your going to bash them, you've got to have a platform where they can obtain your IP. If you just happen to post up on here, I'm sure Scientology have no chance of obtaining the IP. They are nicely stored within the database and I doubt that any host would bottle under pressure from a cult. If your going to start a blog, or something similar, be wary. These blog sites (blogspot, blogger etc) have a history of freely willing to release personal information. So, at that point it is worth protecting yourself to the max. If we're really going to dive deep down here, i'd recommend getting Linux. I know a lot of people are wary of Linux because of a dual boot etc etc, so i'd recommend getting Wubi[/url:1y397aho]. Wubi is basically a loopmounted partion stored within a virtual disk file. It allows a 100% functioning version of Ubuntu, and all from a neat installer package from within Windows. It also allows you to remove it from Add/Remove software in Windows. Basically, the software installs a registry key within the boot manager to handle the loopmount and the migration of the physical to virtual disk. If you just happen to like it, i'd then recommend LVPM[/url:1y397aho]. This can allow you to transfer your virtual loopmounted partition to a physical partition making it a standard installation of Ubuntu. Wubi is a great piece of software, but like with all pieces of Cross OS software, be careful. You are running something that is totally foreign to the system and anything unexpected could ruin it. I've used Wubi for ages, and its great, never had a problem. But ive never hard reset it, or put it in a position where it could fail. The only time its ever failed on me, was on a Seagate Barracuda in a AMD 3800+ (my computer is an AMD itself, so interesting) made by Tiny (says it all). If your worried it may be causing problems, uninstall it.
I was just thinking of a situation where you click on a link posted here by some sketchy person (CoS spai?) that leads you to a page full of nasties that either gather your info or plant some kind of malware on your machine. Lulz at the thing about Tiny.
I've heard that Norton may be a bad idea - just based on how a large number of computer users have Norton, it's usually the the one that hackers know how to get through. Also, are there any idiot's guides out there for using NoScript?
ALSO I recommend the KeyScrambler app for Firefox https://addons.mozilla.org/en-US/firefox/addon/3383
I tried using FoxyProxy for my firefox but whenever I activate it, I can't use the internet. What gives?
Re: Security on the Internet If you are really paranoid, run a CD/DVD/USB bootable Linux distribution for anti-scilon activities. These will allow you to bypass any spyware, adware, or lurking trojans that may be inhabiting your Windows partition. They are also great for using on public terminal where someone could easily have installed a keylogger or some other nastyware. A few good ones are: Damn Small Linux: http://damnsmalllinux.org/ DSL is designed to be super light weight (as in < 50 MB). However, it can do pretty much anything one of it's big brothers can do. It can fit on a wallet-sized mini-CD for easy concealment and use at public libraries and universities, too! Knoppix: http://www.knoppix.org/ Knoppix is the gold standard of portable Linux distros. Knoppix has excellent driver support and should run on pretty much any system imaginable. It also has an excellent pre-installed software list. Highly reccomended for newcomers to Linux who just want to test the waters of GNU/Linux whilst laying waste to our foul opposition. Ubuntu: http://www.ubuntu.com/ While not specifically designed as a portable distro, the Ubuntu installation CD is also bootable, and will provide the default Ubuntu desktop experience if you want to try it out before installing. With the intuitive GNOME desktop, anyone should be able to use it. Chances are that Ubuntu will be the major distribution that puts desktop Linux on the map as a real alternative to Windoze, so learning a thing or two about it on the side would probably be beneficial. On a final note, remember that none of these will alter anything on your hard drive unless you explicitly tell them to. There is no danger of damaging your system, as the Linux OS will reside largely in the system RAM. May Tux be with you.
Ick, I hate Ubuntu since I had to use it for computer class. Sometimes it doesn't respond to commands. I guess that's why it's free
The reason it didn't respond to your commands is because 90% of public school computers are made of ancient, slow and ooooooooooold. At work I run an Ubuntu desktop with 256 MB of ram on an early model P4, and it runs just fine. My lappy has a Celeron M, a Radeon 200 M (lol), and 512 MB ram and I am able to run with 4 desktops, mulitple open windows, and Compiz Fusion (better desktop effects than Vista on modern hardware) without any slowdown. tl;dr School computers suck.
Also, paying money for things doesn't make them better, otherwise scienLOLogy would be the most winnar religion ever.
Ubuntu is built on Debian which is a world renowned distribution of Linux. So as for it not responding to commands its very likely your PC isnt up to spec, or its not installed properly (Very much doubt it)
I am no security expert by any means, but I remember reading about that swedish security consultant that put up a Tor exit node to be able to snoop on the traffic passing through and was apparently able to get lots of sensitive emails and passwords. What are the odds that the CoS will set up Tor nodes and intercept our passwords and shiznitz? I know next to nothing about the Tor protocol, other than that it just is bounced around a bit and not particularly secure unless it's over SSL. DISCUSS!!?
If you send personal info through tor, yeah it can be snooped by the exit node or anyone after that. However, tor does provide good privacy if you don't post personal information. This post is "safe" so long as I don't mention my email address or other identifying information. If you post things through tor, the NSA, russian government, and so forth probably have the resources and mathematicians to figure out who you are. The CoS does not, it is way out of their league. Just make sure you have it configured correctly.
I hear that advice a lot when it comes to Tor. Any heads up on what a "correct" configuration entails? Or rather, what are the common pitfalls that would make the configuration incorrect? edit: Alright, I'm set with Tor+Privoxy+Firefox+TorButton+NoScript+CookieMonster. Sweet.
This site has some good info: http://www.hermann-uwe.de/blog/howto-an ... e-pitfalls The biggest pitfalls are assuming that tor encrypts traffic (it does not, it simply anonymizes it), and installing tor but not actually using it for your applications. Other problems include: DNS leaks (solution: use Privoxy and firefox) timing correlation attacks (this need to spy on both ends, feasible for governments but not the CoS. Also some software automatically randomizes the timing) applications like javascript phoning home through non-tor means (solution for javascript: firefox noscript plugin. Also, turn off cookies, and use Privoxy) node frequency attacks (if an attacker is watching the activity of all nodes, your node will be active statistically more than others as intermediary nodes go online and offline. Again, this is probably not feasible for the CoS to watch all tor nodes) Linguistics attack (your pattern of writing could probably be deduced by a professional linguist and/or computer scientists with access to a lot of your writings. For example, scientists have recently found out the true identity of the authors for several century-old books written under pennames)
I use NOD32 for anti virus, Spybot search & destroy whit system immunity turned on for anti-spyware and TOR proxy (http://www.torproject.org/) when i get too paranoid. thats all anybody needs, and using another browser than IE, whit maximum secruity setings turned on and spoofing browser signature.
Umm... no. Although it is much less of a problem, there is still malware out there. Mac Specific Security Tidies: Make sure you run software update every day like you have ADD. Turn on FileVault. VirusScan by McAffee is a a very good antivirus solution for Macs. Use Tor for proxies. It is available for Mac as well as Windows. Also: Go to your system preferences/sharing settings/firewall settings, then go to Advanced, and click all the boxes: Block UDP, Enable Logging, Enable Stealth Mode. Disable remote login SSH in your firewall if it is on. If you're running windows on an intel mac you need to do all the things windows users here recommend.
Anyone able to produce a short, sweet, idiot's guide to running Knoppix/DSL distro's just 4 secure web-browsing? Think this may b of use 2 many, but can't say I'm overly familiar with Linux full-stop. Window$ whore me :lol:
Right, I'm getting a cockload of problems with Firefox, and that means I still have to IE for some things, and I'd rather not. Help guys? Firstly, whenever I try to view videos on youtube or need to use flash/javascript, I get a message along the lines of "Please install Flash Player", "Please install and enable Javascript"... In the options menu, I've enabled Javascript, but still nothing works. I use a Windows XP-64 bit edition. Halp? I'm trying to use FireFox as much as possible, but this is stopping me. Thanks. EDIT: FYI, I've downloaded and installed all of those Firefox extension/add-on thingy ma-bobs, e.g. Tor. I also use NOD32. And I know, I suck at this.
I use Avast! and I love it! This anti-virus software has saved my hide more then once. I use the "Free" version and am well pleased.
