This post kinda goes in line with the last post. I kinda hoped to get all of this in one but I forgot to add this. In the last post, I talked about some good things to do to keep your home systems safe. This, of course, only pertains to Windows systems. It is part of my answer to "What should standard home users do, to secure their systems and information?"
Another issue that people run into is that they tend to use the same password in many places. Their password on their bank site, is their password on their Facebook account, is their password for their email. Others may use one password for "secure" things like banks, credit accounts, etc. Then another password for simple things like Facebook, blog sites, fantasy football sites etc.
This is not good! This is how people get their identity stolen a lot. There are many times where a criminal will find information on a Facebook or Myspace wall or posts that can lead them to either a password to get into their email or worse yet their bank. Another problem is that some banks and more secure sites will give you some questions to answer to reset your password. People use information like birthdays, pet names, favorite sports teams etc. The problem is that home users are also posting this information to these social network sites.
So what do we do Curt? Download a password manager such as the one I use here. A few things I like about this application is that it can generate good passwords for you. If you go the properties of a new entry you will see a password policy. I would recommend using 15 or more characters and use all available types of character such as !#%^ etc. Then click the Generate button on the main page of the new entry. This will create a password with the length you specified with the values you specified. (note: some passwords can contain such odd characters that your site or application might not accept them. You will then need to read the FAQ on that site to know what their password policies are and possibly make some adjustments).
After you have your new super strong password, your probably thinking how am I going to remember this? The good news is that you don't have to! When you create a password database, it will ask you for your main password. Make this as strong as you can, but the key here is to make one that you can remember. If you forget this password, there is no going back! No one I know can retrieve lost passwords from this system. Thats a good thing from security, but bad if you forget.
Now I will say something that you won't hear from me often! In this case, it might make sense to write down the password on a piece of paper and keep it in your home safe. You can also ask me for some whimsical ways to store this information in your phones contact lists and such as well. The only reason I say this is because if you loose it, you will not get this data back!!!
So if you run the Password Safe application, it will ask you for your password. Once you enter the correct password, you will see a list of all of your entries. Right click the entry and you can choose to copy the password. You can then paste this into your browser when the website asks for it. So you never have to remember this. You can also choose edit and display the password if you need to.
There is another nice option here. If you have an entry for a secure site such as a bank, it has a notes section. What I do when they ask for password restore questions, I give completely bogus information. To remember what questions and answers I used where, I put it in the notes section. This helps protect us against someone that might be trying to harvest information for our questions on the Internet because the information is completely false and off the wall. That is why I need to keep track of what I put :)
The only other thing I can add to this is to not save passwords in the browser. Do not use a site's (or browser) functionality to remember passwords. This is a bad idea. In some cases this information can be pulled by an attacker to obtain your passwords. Just keep your password safe handy and your passwords will be very secure.
But what happens when I'm away from home and don't have my laptop and password safe. Good question! Password Safe has an option to install to a USB drive. You can get a 1GB USB Thumb drive for $5 or $10 bucks tops these days. If you do that, you will always have your password safe with you.
One final recommendation is that some secure sites, banks especially, offer what is called multi factor authentication. If your not sure if your bank offers it, ask. This is basically a token that they will send to you, put on your card, or they can text to your phone. This value is a random number that changes normally every 30 seconds or so. When you enter a password on a site, you will also need to put a PIN number along with the numbers that are on this token at that very moment. This is probably one of the most secure ways to access secure data across the Internet at this time. Even things like online games are offering this type of security. When in doubt if they do offer it, ask.
Wednesday, November 24, 2010
Sunday, November 21, 2010
Need a little more security?
OK, so you have your Anti Virus and you keep it up to date. You are running some sort of Anti Malware program (such as Malwarebytes) once in a while to try to get things that your AV might have missed. Maybe you even downloaded the application I talked about in my last post to let you know when you have out of date applications. What else could there be you ask?
Glad you asked. Adobe finally released their "sandboxed" version of Adobe Reader. This is supposed to be their response to the problems they had. Guess what though? If your not running Windows Vista or higher, then it doesn't matter. If you are running Windows 7 or Vista, I recommend you go and install Adobe Reader X now, you can get it here.
But wait...there is more!
A while back, Microsoft released a tool called EMET. This stands for Enhanced Mitigation Experience Toolkit. You can download it here. I highly recommend you do that after you get the rest of your applications up to date. This program adds some additional protections for your programs. I have tested this in my lab environment and I have been unsuccessful in getting standard Adobe exploits to execute properly while running this. If you add it to the new Adobe Reader X, I can only image it will get even better (I haven't fully tested with Adobe X yet to say for sure).
Download and install EMET. After installing it, go to your Start menu and locate EMET 2.0 (note: it may be under the Enhanced Mitigation Experience Toolkit folder under All Programs.)
Once the application is running click the Configure System button. Change the values for DEP, SEHOP, and ASLR from Application Opt In to Always On or Application Opt In if Always on is not available for you. Click the OK Button.
Next you want to click the Configure Apps button in the lower right hand corner. This will bring up the Configure Application Window. Click the Add button in the lower left hand side. Double Click on your C Drive. Double click on Program Files (or Program Files x86 if your running a 64 bit machine. You will know you are if you see a Program Files x86 folder here). Double click the Adobe folder. Double click on Reader 10.0 (if you installed Adobe X as instructed, if not, choose the version you have listed such as 9.0). Double click the Reader folder. Finally double click AcroRd32.exe Ensure all of the boxes are checked for DEP, SEHOP, NullPage, HeapSpray, EAF, and Mandatory ASLR.
Click Add again. This time, click your C drive, Program files (or Program Files x86), and then double click the Java folder. Double click the jre6 folder. Double click the bin folder. Double click the java executable and ensure all of the check boxes are selected.
Next click Add again. This time navigate to C:\Program Files\Internet Explorer. (note: if your running a 64 bit machine and have the Program Files x86 folder, you will want to do these steps for both C:\Program Files\Internet Explorer and C:\Program Files (x86)\Internet Explorer files. In each of those folders, choose the iexplore.exe file. Ensure that the check boxes are all checked for these as well.
You will want to do these same thing for any other browser you might use such as Firefox or Google Chrome. Just find their exe files and choose them. (note: you can normally find these by right clicking the icon on your desktop or Start menu folder and choosing properties.) I would also recommend you do the same thing for your Anti Virus, Anti Malware applications and Office applications.
When your done adding all of your programs, click the OK button. This will bring you back to the main screen of EMET. Click the Red button with the white X in the upper right hand corner. This will pop up a warning saying the changes you made will require you to restart your system. Click OK. This does not force you to restart. Save all your documents and what not and reboot your machine.
This is not a silver bullet to keep you safe, but I can guarentee it will make it more difficult to be infected with malware if you do the following:
Keep your OS and third party applications up to date.
Keep your Anti Virus application and signatures up to date.
Keep your Anti Malware application and signatures up to date.
Upgrade Adobe reader to Adobe Reader X.
Install EMET and configure it to protect all of the commonly exploited applications (Adobe, Java, Anti Virus applications, web browsers, Office applications etc)
If you have any questions, please let me know!
Glad you asked. Adobe finally released their "sandboxed" version of Adobe Reader. This is supposed to be their response to the problems they had. Guess what though? If your not running Windows Vista or higher, then it doesn't matter. If you are running Windows 7 or Vista, I recommend you go and install Adobe Reader X now, you can get it here.
But wait...there is more!
A while back, Microsoft released a tool called EMET. This stands for Enhanced Mitigation Experience Toolkit. You can download it here. I highly recommend you do that after you get the rest of your applications up to date. This program adds some additional protections for your programs. I have tested this in my lab environment and I have been unsuccessful in getting standard Adobe exploits to execute properly while running this. If you add it to the new Adobe Reader X, I can only image it will get even better (I haven't fully tested with Adobe X yet to say for sure).
Download and install EMET. After installing it, go to your Start menu and locate EMET 2.0 (note: it may be under the Enhanced Mitigation Experience Toolkit folder under All Programs.)
Once the application is running click the Configure System button. Change the values for DEP, SEHOP, and ASLR from Application Opt In to Always On or Application Opt In if Always on is not available for you. Click the OK Button.
Next you want to click the Configure Apps button in the lower right hand corner. This will bring up the Configure Application Window. Click the Add button in the lower left hand side. Double Click on your C Drive. Double click on Program Files (or Program Files x86 if your running a 64 bit machine. You will know you are if you see a Program Files x86 folder here). Double click the Adobe folder. Double click on Reader 10.0 (if you installed Adobe X as instructed, if not, choose the version you have listed such as 9.0). Double click the Reader folder. Finally double click AcroRd32.exe Ensure all of the boxes are checked for DEP, SEHOP, NullPage, HeapSpray, EAF, and Mandatory ASLR.
Click Add again. This time, click your C drive, Program files (or Program Files x86), and then double click the Java folder. Double click the jre6 folder. Double click the bin folder. Double click the java executable and ensure all of the check boxes are selected.
Next click Add again. This time navigate to C:\Program Files\Internet Explorer. (note: if your running a 64 bit machine and have the Program Files x86 folder, you will want to do these steps for both C:\Program Files\Internet Explorer and C:\Program Files (x86)\Internet Explorer files. In each of those folders, choose the iexplore.exe file. Ensure that the check boxes are all checked for these as well.
You will want to do these same thing for any other browser you might use such as Firefox or Google Chrome. Just find their exe files and choose them. (note: you can normally find these by right clicking the icon on your desktop or Start menu folder and choosing properties.) I would also recommend you do the same thing for your Anti Virus, Anti Malware applications and Office applications.
When your done adding all of your programs, click the OK button. This will bring you back to the main screen of EMET. Click the Red button with the white X in the upper right hand corner. This will pop up a warning saying the changes you made will require you to restart your system. Click OK. This does not force you to restart. Save all your documents and what not and reboot your machine.
This is not a silver bullet to keep you safe, but I can guarentee it will make it more difficult to be infected with malware if you do the following:
Keep your OS and third party applications up to date.
Keep your Anti Virus application and signatures up to date.
Keep your Anti Malware application and signatures up to date.
Upgrade Adobe reader to Adobe Reader X.
Install EMET and configure it to protect all of the commonly exploited applications (Adobe, Java, Anti Virus applications, web browsers, Office applications etc)
If you have any questions, please let me know!
Subscribe to:
Posts (Atom)
