Check your own system out! Malware may take you to rogue sites without your knowledge.
Details here.
Details here.
FBI Warns of possible hacking.... this might be a biggie!
- Thread starter 480sparky
- Start date
- Status
1793
Senior Member
- Location
- Louisville, Kentucky
- Occupation
- Inspector
I have seen this brought up in two different News stories. I went out the website: WWW.DCWG.ORG and checked my computers. All tested fine.
Fulthrotl
~Autocorrect is My Worst Enema.~
- Occupation
- E
without getting all techno geeky on y'all....
the CERT article on how to check your pooter, and see if your DNS numbers have been spoofed
is excellent, and i'm a bit cautious on clicking on any "check your computer here" links.
it's easy to check the numbers yourself...
probably one of the best things you can do for your computer, is use a browser other than internoodle
explorer.
mozilla is excellent, but a bit slower than google chrome, which is my favorite.
the SINGLE biggest thing you can do to protect your computer, is connect to the internet thru a VPN.
(virtual private network)
i use VyprVPN, on my laptop, ipad, and iphone. it's fast, secure, and easy to configure.
what it does, is create a point to point encrypted link between your computer, and the VPN server.
so you have a tunnel from your com port to their server point. nobody can see what data goes thru
that pipe, and nobody can tell where you are located geographically. for someone to hack into my
stuff, they have to go thru the vpn server, hack it's firewall, then hack my routers firewall, then hack
my firewall on my laptop... then they have to hack my user id password, cause i'm using a solid
state drive, and it's encrypted on the drive. without logging into a terminal window as me, the
drive is unreadable... so just getting hard drive access doesn't do anyone any good.
and anyone running trace on my connection, goes in my case, either to downtown LA, dallas, or somewhere
in europe.
the other thing, is backups. if you don't have a backup strategy, you are in for a world of hurt.
as i've now switched over to a mac, my backups are done by a time capsule, and that makes
a backup every hour, running in the background... and if anything ugly happens, i can go back
in "time" in the backup matrix, say 6 hours, and restore the computer to six hours ago. operating
system, data, everything.
one thing that is important, is securing your computer with passwords, to log on, and to make
any changes in the operating system. the mac as delivered wasn't all snugged down, and it took
me a couple days of reading to find out where things needed to be locked.
ramsy
Roger Ruhle dba NoFixNoPay
- Location
- LA basin, CA
- Occupation
- Service Electrician 2020 NEC
Thanks for that. A few more ideas:
1)Comodo Dragon is a secured version of chrome, which attempts to strip its tracking data before Google can sell it to 3rd parties. Browsers use IP addresses, single-bit gif's, cookies, xml, java, html headers, & such to track people perfectly over VPN & encryption.
2) TOR is the only secure project, I'm aware of, that masks IP's along with browser tracking. Tor is cross-platform & bootable media (Tails).
3) Add all this to a VPN, and you may attract the Dpt. of homeland security, who approach ISP's with TAP orders to monitor raw data ahead of encryption protocols. Such monitoring schemes are not documented, or are deliberately excluded from virus-scanning software.
4) Free Smart phone apps are loaded with tracking schemes, and until some kind of heuristic or malware scan can detect it, no amount of prevention works after a malware-infected download, or click-executed key logger phones home.
Fulthrotl
~Autocorrect is My Worst Enema.~
- Occupation
- E
well, i'm not ready to make a tinfoil hat yet.
for the tinfoil hat people, there is always ironkey.
https://www.ironkey.com/
encrypted secure TOR from the usb port to the
net... you don't even access the host computer.
can't brute force it either... 10 failed logins and
it is irreparably destroyed internally.
(insert theme music from mission impossible here)
note: not available for purchase outside USA,
per cryptographic restrictions of homeland security.
most of us just want to make sure our checking account
isn't emptied, or credit cards aren't maxed, and a 14
year old from des moines doesn't kill our hard drive.
as for "online security", well... there are other forums,
particularly on usenet, that address that in painfully
introspective detail.
Well, I have been on the internet since CompUsa was big, since AOL had 100K members. Never had a virus that crippled me. A few times I had things that raised my eyebrows in regards to my computer performance, but all in all I've been pretty "lucky"
I TOTALLY HATE upgrades, antivirus and anti whatever programs. Not sure what's worst: the virus or the cure? Antivirus programs running in the backround tend to slow down computers more than the virus itself, the upgrades.......SHEESH, every hrs I got a notice:"An update is available for your windows blah blah" Download the update, wait to install, wait to restart, wait some more to install.
Here's a few things I did to be so lucky:
1: NEVER CLICK on "DETAILS HERE" links. THAT'S RIGHT. 480Sparky account could have been hacked and hundreds in this forum could have clicked on a malware link. Things I do if I think the link is legit: move the mouse over the link: in the bottom of the browser it'll show the actual address it'll send you to. But that's not all. I look at the adress, in this case it said:"FBI.GOV/NEWS/something something. OK, fbi.gov looks like a legit name, STILL didn't click on link. I opened a new tab and typed FBI.gov, took me to fbi.gov, went in the adress bar and added to fbi.gov the "/news/stories/2011". And so on. Sure, not foolproof, but helps a little.
2: NEVER CLICK on email links. EVEN IF IT'S FROM SOMEONE I KNOW. Or sites I know. Hackers are getting very smart. For a while I was getting a lot "of invitations" from "linkedin". The email looked JUST LIKE THE ONES Linkedin sends when you get an invitation. Except moving the mouse over the link it showed something else than linkedin.com, and when checking my linkedin.com, sure enough there was no invitation. Same from your bank or pay pal account. If you think they DID send you a mail, just log into your account and you'll find the mail there as well, but don't click the link from the email. Recently I have noticed another trick: email with a line:"if you can't see the pictures click here". Microsoft Outlook has a feature where you can block pictures from being downloaded, so people think it's the same thing. It's not, on that feature MS Outlook requires to "right" click and chose download pictures. And of course there's the hijacked email accounts of people you know and the virus sends itself to you and when you click, it hijacks your email and sends itself to everyone in your address book. I've noticed most of these to be from Yahoo, gmail, hotmail, etc accounts. Apparently on these servers the hacker doesn't NECESSARY need your password to send from your account to all your contacts in the address book. I don't even open emails from my brother unless the subject is meaningful and I expect an email from my brother.
3: Never open attachements when you're not sure where they come from, or you don't expect them. Furthermore, most attachements you'll get are pictures, videos, pdf, doc, etc, files. These types of files are viewable only, they don't have scripts(or it takes a LOT OF WORK to insert scripts). However, it may be masked as a PDF, but be an executable file. If I'm not 100% sure about the file I use the "OPEN WITH....." menu and chose the word, pdf, video, picture viewer application.
4: Last, but not least....every year or so, I save all the files I need, I reformat the hard drive and reinstall the whole operating system from scratch. Takes me 3-4 hrs, but well worth all the time I would spend chasing ghosts (real or not)
jaylectricity
Senior Member
- Location
- Massachusetts
- Occupation
- licensed journeyman electrician
And pay attention to where the dots are.
www.mikeholt.com/somethingorother is a Mike Holt website.
www.mikeholt.com.scammer.ca/freestuff is a canadian website scammer.ca where they can add all kinds of stuff before the domain name to make you think you're clicking on something familiar.
I don't know if there's a scammer.ca, just using that as an example.
www.mikeholt.com/somethingorother is a Mike Holt website.
www.mikeholt.com.scammer.ca/freestuff is a canadian website scammer.ca where they can add all kinds of stuff before the domain name to make you think you're clicking on something familiar.
I don't know if there's a scammer.ca, just using that as an example.
- Location
- New Jersey
- Occupation
- Journeyman Electrician
This has been somewhat blown out of proportion by the FBI. Malware like this has been around for quite a while and the number of current infections is pretty minuscule. The one good thing that may come out of it is that people may actually pay attention to the possibility that their systems have been compromised and actually fix them. Everyone should have an antivirus. Microsoft has one that's pretty good and it's free, Security Essentials. Also Microsoft has a tool installed in the background on all modern Windows computers called the Malicious Software Removal Tool. Type MRT in your explorer search box and it will open. If you find that you already have the DNS exploit it's likely that you're infected with something else too.
Although some object to the inconvenience of updates everyone should install updates as soon as they're available. Updates are sent out to close holes and eliminate flaws in software that can exploited by bad guys. My 2 cents.
Although some object to the inconvenience of updates everyone should install updates as soon as they're available. Updates are sent out to close holes and eliminate flaws in software that can exploited by bad guys. My 2 cents.
- Status