Software Archives - Network Security Matters

Anti-Virus and Firewalls

redrover61 — Mon, 04 Dec 2017 23:14:40 +0000

Ok, let’s talk about anti-virus. Ugh. This one is like opening a nasty can of worms. But it’s gotta be done. Your network security would have a big leak in it if you’re running without it. But believe it or not a lot of people do. Some of the frustrations over anti-virus is the simple fact that there are so many options available. There are also so many differing reviews. Then there’s the question, should I buy separate anti-virus and firewall or buy a security suite? Or, should I purchase my anti-virus and firewall. Or should I use free products? How can anyone possibly make an educated decision on which to choose. I say read a bunch of reviews, pick your top three or four, then throw the names into a hat. Shake it up and pick one out. Here, I’ll make it simpler. I’ll pick the top four (in no particular order). Kaspersky, Bitdefender, McAfee and Comodo.

If you’re going to choose a paid for option, make sure you carefully read what you are getting and shop around the various sites. To make a point take Comodo for example. You can get their Comodo Internet Suite for$39.99 here. Or you can go here where they offer a ‘Go for Pro’ option for $27.99. Then if you click on the ‘Free’ button in that same window, they will again offer you ‘Go for Pro’ for only $19.99. All three options are for the same exact suite. Whats more I don’t see what features are offered between the paid options and their free download. The paid and free options both include the firewall and anti-virus.

You will find other security vendors to be just as confusing. I think they are counting on people getting so confused that they just click on the ‘Total’ packages just to be sure they are protected to the fullest. Well you may not need the extra bells and whistles that make the ‘Total’ package total. You may even find the free version to offer everything you do need. I’ll discuss the free options in more detail below as I think you can get everything you need without spending a dime.

As for whether you should use a separate firewall or use a security suite, those in the know will say to keep them separate. I don’t think it matters much anymore as the security suites available today do a pretty good job at both. In fact, you can get a top-notch security suite such as Comodo Internet Security (CIS) for free, which has been rated for years as having one of the best firewalls available. I purchased their CIS Complete package three years ago and was impressed with the customizability of the firewall and how easy it was to learn it. I occasionally had virus’s slip by the antivirus however. Plus the price was a bit steep. I’ll always go for free unless there is something I really need and can’t find for free. As for an anti-virus/firewall suite, I really don’t need the extra’s they put into their ‘Total’ package. In fact, the only feature I was missing was password management which we’ve already discussed in a previous blog.

As for the free anti-virus and firewall’s there are plenty of good options available that are as good or maybe even better than the premium packages. No anti-virus will protect you from everything, none of them have scored perfect scores in all the tests. Paid or free. You can find free options such as AVG, Avira, Avast, Bitdefender, Comodo or Sophos Home which have high scores in the tests as well. I’ve had viruses get through both Comodo and Bitdefender paid versions in the two years I used their products. Yet I’ve used a free product (Sophos Home) for the past year and haven’t had anything get through yet. Is it better than the paid for options or am I just lucky? I don’t know, maybe a little of both.

I do a lot of on-line research so I come across more than an average amount of the bad stuff. I also put my protections to the test by running them in a virtualized environment and deliberately go out looking for the bad stuff to see how it holds up. So far Sophos Home has held up 100% with no false positives. Since it’s free I’ll continue to use it until it lets me down.

It is a simple set it and forget it application. You can run it on up to 10 devices, which can be monitored and controlled remotely via a cloud based dashboard and it uses the same antivirus engine they use to protect fortune 500 companies. It has absolutely no nag screens to upgrade or buy additional features. It’s free, give it a shot. You can find it here. You’ll have to sign up for a free account with them so you can download the software and manage it remotely. Another nice feature of Sophos is their web filter by category as seen below. These filters are per user so you can have separate profiles for each end user device and they are only accessible via the on-line admin account. I have also never recieved an email from them so no worries about spam.

As for a firewall, like I mentioned earlier Comodo’s free firewall is an excellent choice and worth a try. You can learn more and download Comodo Firewall from here. Or if you prefer they are offering the Comodo Internet Security suite for free as well from here. It features the same award winning firewall along with their antivirus.

I personally now use a little known free firewall called Tinywall. It works hand in hand with Windows firewall and does an excellent job, (sorry but this one by its nature is not available for Mac). It works off a whitelist principle blocking everything until you ‘allow’ it access. And it’s a simple matter to setup initially or to add a program later. You can add things manually but the best way is to click on the taskbar icon and change the mode to ‘Autolearn’ mode, then you can startup whatever application you want to allow internet access to and it will create the firewall rules for you. A nice feature other software manufacturers should copy, just don’t forget to put it back into ‘Normal’ protection mode once the new application is learned. You can learn more and download Tinywall from here.

The big problem with internet security is that it has so many different threats to contend with and no software manufacturer has offered a single solution that covers all the threats well. That’s why it’s best to have several layers of protection for your valuable data. The problem is getting these layers to play along with each other and not hog up system resources, or your budget. Therefore, I gravitate more towards the free yet viable options out there if I can. Sophos Home, Tinywall, Windows firewall, Keyscrambler (covered in an earlier blog post), and other security solutions I use (to be covered in future posts), play along very well with each other and don’t eat up system resources. They are very good at what they do and they do it for free. I will of course always continue to test new solutions, paid and free, and will post those findings as well. I will only suggest paid applications where there are no other free viable options available.

Until Next Time

The post Anti-Virus and Firewalls appeared first on Network Security Matters.

Browser Security

redrover61 — Mon, 27 Nov 2017 22:38:29 +0000

Next up is Browser Security. The browser is actually a pretty sophisticated piece of software. It has to translate all that stuff on web servers into something user friendly. The browser also handles all of the security details associated with the communications with an https secure site. It is your portal into the World Wide Web after all.

Think about it, a good portion of your bandwidth goes through your browser. You may have a few programs running that poll the internet for data every so often, like email clients, Windows services and antivirus software. But all that audio, video, text, graphics and downloads are all happening in the browser. Being as such, it is also your portal for the majority of malware out there in the wild.

Firefox and Chrome go at it while Internet Explorer sits it out eating glue. ; )

The major browsers available today are already pretty secure, as long as you keep them up to date. But there are a few add-ons I’d like to suggest to aid in keeping your browsing adventures a little more secure. Be aware though that every add-on you have installed in your browser is another possible point of failure in the security chain. So try to keep the add-on’s at a minimum and only use add-on’s from a reputable source. You can get an idea of whether or not a plugin is from a good source by the popularity of the plug-in and by reading any user comments.

The next add-on I’d like to suggest is Adblock Plus. It works wonders. After you install it head over to: https://fanboy.co.nz/filters.html and click on the ‘Add Fanboy Ultimate Adblock List’ link which will bring up an Adblock box where you need to click on ‘add subscription’. That’s all there is to it. There are other lists available as well, these two highly recommenced. Feel Free to add as many as you like.

You can click on the red Adblock stop sign icon in your browser and then click on ‘Filter Preferences’ which will open up a box listing the filter lists you’re subscribed to. Click on the ‘filter list’ for the ultimate list and take a look at it. I didn’t count them but there must be thousands of ads in there and it’s updated frequently. There was and is a lot of work put into those lists. You can see they block a lot of the bad stuff out there that you may come across while surfing.

You can disable Addblock Plus on a site by site basis if you prefer to see the ads on a particular page. This is handy if you want to support your favorite YouTube channels by allowing the ads. All around it’s an awesome plugin to have in your arsenal. You can check them out further or install from here.

The next add-on I’d like to suggest is Click&Clean. Basically what it does is delete your typed URL’s, Cache, Cookies, your Download History and Browsing History, all with one click. You can pull up the dropdown menu and select just cookies. I do this once in a while when I want to leave my history intact but delete my cookies in case there are some tracking sites latched onto me. You can also have it run CCleaner on closing of your browser. This is a file cleaning application I’ll be going over in a future blog.

Click&Clean dropdown menu’s for ‘Chrome’ on the left and ‘Firefox’ on the right.

Next up that I’d like to suggest is ‘NoScript’. What it does is allow JavaScript, Java, Flash, and others only for trusted sites of your choice. It blocks script by default requiring the user to allow whatever scripts they choose. You can enable JavaScript, Java and plugin execution for sites you trust by left clicking on the taskbar icon or using the contextual menu. This one is only available for Firefox and Seamonkey browsers however Chrome has a similar plugin called ‘ScriptSafe’.

In the image shown below you’ll notice a yellow bar across the bottom of the browser page. This is the NoScript status bar. The menu on the right is displayed by clicking on the options button. Here you will select any elements you wish to allow or if it’s a site you trust just click ‘Allow All’. I use the ”Temporarily Allow All’ option quite a bit. This will allow those elements until the browser is closed.

You can also choose to use a ‘Private’ window in Firefox or an ‘Incognito’ window in Chrome. Both work in a similar fashion by not saving your history, cookies and searches once you’ve closed all the tabs. Both have disclaimers to remind you that ‘you are not invisible in these modes’. Your employer, Internet Service Provider and the site you visit will still know where you’ve been if they so choose.

I can’t talk about browser security without talking about secure browsers. This is for those of you that don’t mind putting aside your favorite browser altogether. Comodo offers a secure browser in two forms. Dragon browser which is based on Chromium and Ice Dragon browser which is based on Firefox. These are similar to browsing in ‘Private’ or ‘Incognito’ mode. I prefer to use the standard version of Firefox and use Click&Clean to clear my tracks. It gives me control over what exactly is or is not deleted.

I’d also like to mention the Tor Browser. This browser, which is built off Firefox, offers anonymity by routing your requests through several relay servers before reaching its destination. This method of privacy has one major drawback in that it is very slow. I’ve tried it a few times but I didn’t have the patience to use it on a regular basis so I switched back to Firefox. If you must have your plugins, then Tor Browser isn’t for you as it rejects plugins by default. If you don’t mind using a bare bones browser that offers exceptionally good privacy, then by all means give it a shot. If you don’t like it simply uninstall it. Tor Browser is available for Windows, Mac and Linux.

If you follow the advice on this page (and elsewhere on this site), you should be fairly safe. However no amount of browser security will protect you unless you maintain vigilance while surfing. Be careful what you click on, that’s all it takes to get infected nowadays with all of the drive-by infected sites out there. it’s like a minefield. Stay safe and happy surfing.

Until Next Time

The post Browser Security appeared first on Network Security Matters.

Keyloggers, Keylog Detectors and Key Scramblers

redrover61 — Mon, 20 Nov 2017 18:50:19 +0000

Ok, now that we have our passwords secured and everyone’s sleeping better at night, how about we talk Keyloggers? I’m fairly certain most all have heard of and know what a Keylogger is. Basically what it is, is malware designed to record every keystroke made on your computer and log it (sending it out periodically) or transferring it in real-time to the bad guys. They are also capable of sending screenshots, recording from your microphone and operating your webcam incognito. Yup, they’re pretty nasty boogers.

Don’t be a victim of identity theft. Learn how to stop hackers from stealing your information with keyloggers.

Gaming information is being hacked just for the game points or screen name. Twitter accounts are being hijacked just for the account name or followers. These creeps will steal just about anything. They use webcams to capture incriminating images or video and use it to blackmail the victim. Just the fact that there may be some creepy person out there watching and listening to everything I do is enough for me to take action. I’ve read they can and do monitor for weeks or even months before they’re satisfied and move along with all your data. I would think that that must apply to corporations though. I can’t see the added benefit of monitoring a household for that long.

The main purpose of these programs is to steal username and password information for financial accounts. But they can use other account information as well. For instance, Netflix account information is being stolen and put up for sale on the dark net. They can go for as little as 25 cents a piece. Definitely not your high achievers working these scams.

Keyloggers in their own right have legitimate uses as well. IE: It can be used as a parenting application to monitor their child’s usage on the internet or by businesses to monitor employees. However, for the sake of this blog, I am referring to the bad malware type of Keyloggers. The wiki on keystroke logging can be found here.

Keyloggers come in a variety of flavors. Some can be detected by the simplest of anti-virus software and some may not be detected by anything shy of professional forensics analysis. The toughest of them are those that are attached to rootkit software, this is software that runs at the root or admin level of your pc with the highest privileges so as to be able to mask their existence. Note that rootkits of and by themselves are not necessarily malicious. What you have is a legitimate software like a keylogger paired with a legitimate rootkit software to perform a nefarious activity. That’s when it can be classified as malware. The two pieces separately are harmless.

As stated earlier and to make a point. not all malicious keystroke loggers are rootkits. Some may no doubt be blocked with your normal anti-virus, some may be blocked by anti-rootkits and others may never be detected at all. So we have to do the best we can with what we’ve got. Determining that proves to be a difficult task as there seems to be no definitive leaders in this realm of malware protection. Add to this all the mixed reviews to be found. It appears to be the most dangerous and least understood of all malwares.

The anti-rootkit and anti-keylogger software companies will boast on what their software blocks and how it does it but they don’t mention those malwares it does not block. And some of the reviews I read by a supposed third party I noticed were actually reviews written by the software maker themselves. I saw one blog by a company talking smack against one of the posters saying he was a SpyShelter employee, could be I guess. I had a hard time placing faith in any of the reviews on the subject.

So how can I decide how best to protect myself with all of these misleading reviews? Well, I think it’s a crap shoot. However, because of the undeniable fact that these malwares do exist, anything protecting you is better than nothing protecting you. You eventually have to place trust in something and hope you never get a rootkit or keylogger. Unfortunately, they say you can’t or shouldn’t run two of the same types of protection software on the same machine as they will conflict with each other. (A theory I will put to the test) it seems if you run two or three of them together you might catch the majority of these malware. So how to pick just one, hmm…

Well, I initially attacked this from two directions. First in using anti-keylogger software and the second by encrypting all my keystrokes using a program called a key scrambler or key encryption software. There are a few of these types of applications out there. The one called KeyScrambler is the one I chose and can be found here. If something slips by the anti-keylogger at least your keystrokes will be encrypted when the bad guys (or gals) get it.

I was leaning in that direction until I found out the anti-keylogger software I was looking into was no longer free for the full version of the software. KeyScrambler still has a free version but it only blocks stuff you type into your browser (which for me would cover most of what I would consider sensitive data). They have two pay versions of the software, KeyScrambler Professional for $29.99 for up to 3 PCs and KeyScrambler Premium for $44.99 for up to 3 PCs. Pro covers more applications than the free version and Premium covers more applications than the Pro version. They provide encryption on a per-application basis rather than just encrypting everything out of the keyboard which would make more sense but I guess it wouldn’t be as profitable. Go here to compare the different versions. Depending on your needs you too may find the free version to be satisfactory. However, they do cover a lot of additional applications with the pro and premium. I didn’t find a trial version of the software so I recommend installing the free version to see it in use before making the decision on whether or not to purchase.

The two anti-keyloggers left standing when I was done researching were Zemana Anti-logger and SpyShelter. Both initially started out as free software but both are now premium software with a stripped down free version. Both also include key scrambling which negates the need for two separate applications. So we now have two programs which offer anti-keylogging plus key scrambling, yay. Let’s take a look at both of them.

1. Zemana is priced at $34.95 for 1 year with discounted pricing for 2 and 3 years and/or 3 or 5 PCs. They offer a free 15-day trial if you want to check it out. They offer a scanner function and anti-ransomware protection. The scanner has two modes – a smart scan and a deep scan. I ran the deep scan and it found 5 pups’ (potentially unwanted programs) that were in my downloads folder for over a year and were never picked up by the plethora of anti-malware/virus software I’ve researched. This was impressive. The anti-ransomware feature also was a nice inclusion as this is normally offered as a separate program by itself. They also include an anti-screenshot feature, Webcam protection and microphone protection. Unfortunately, the software blocked keyboard input into Outlook and MS Word, I emailed the company about it and received a 40% discount coupon code which was a nice jesture but nothing mentioned about the problem with Outlook and MS Word. You can read an assessment of their Ransomware software by mrg–effitas here. It received a perfect score of 40 (covering 10 ransomwares), Malwarebytes Anti-Malware scored a 23, Cryptoprevent scored a 20, Hitman Pro Alert scored a 19 and Bitdefender Anti-Ransomware scored an 11.

2.SpyShelter is offered at 29€ (or $32.48 USD) for 1 year or 69€ (or $91.73 USD) for a lifetime subscription, yikes. In addition, SpyShelter also offers a free version, here, It’s pretty much the same as keyscrambler free in that it only works in one of the popular browsers by encrypting keystrokes. They also offer a free trial of the full version for 14 days. The full version comes with a ton of customizable features and a nice GUI to manage it all. I particularly liked that the home screen has nothing but on/off switches for all the features so you can quickly disable something if it’s blocking you. They also include Webcam Protection, Microphone Protection and several other features.

If you still want a free alternative you can also try something like Oxynger Keyshield which is a good on-screen keyboard type of anti-logger. I personally think the on screen keyboards that you peck at with your mouse are ridiculously tedious. I would much rather just use keyscrambler free or some other free key scrambler software. But if you don’t mind the on-screen type by all means head over to Oxynger, their free software also includes anti screenshot. You can find them here.

Overall, my entire adventures into the realms of rootkit and keylogger software was rather disappointing. There’s not a whole lot of information about either subject, and except for a couple instances (IE: the mrg-effitas assessment) all the write-ups were years old. Malware is an ever changing enigma, it needs to be covered in more depth and more accurately and frequently. It’s like the malware community’s hidden secret or something. As far as I’m concerned these two softwares are the only viable solutions out there for anti-keyloggers. Look how many decent anti-virus softwares we have available. There should be a similar market for anti-rootkit, anti-ransomware and anti-keylogger software. I also think it’s about time we have a program come out that covers all the different types of malware and covers it well.

During this research I’ve read several times how anti-Keyloggers aren’t necessary because your anti-virus or anti-malware will protect you. Some of the people in the forums even seem to get resentful or defensive about it. These people are just simply misinformed. I trust what the wiki says about rootkits and Keyloggers over most everyone else’s opinion. Not just because it’s wiki but because I agree with what it says about the severity of this software.

Here’s a real life scenario to back my words. While I was doing my research for this blog I downloaded a test application from SpyShelter to test the anti-keylogging features. I didn’t think much about it until the next day when I loaded up Zemana for more testing and it immediately detected and quarantined the test application. As it should because the test application acts exactly like a malicious keylogger. The program wasn’t even running at the time, Zemana must have found it either by signature or by looking at the code. Either way it found a keylogger and put an end to it. Which is what it’s supposed to do. What was really surprising though was that my main anti-virus (Sophos Home) and my main anti-malware (Malwarebytes Anti-Malware) did not catch this program. I even ran the program while testing SpyShelter and it’s been on my PC for over a day yet never got picked up. So much for not needing an anti-keylogger.

I can tell you without a doubt that having even the best antivirus is not enough. The thing about anti-Keyloggers is that they’re written with one intent, to stop Keyloggers. The software writers can pool all their resources into that one goal rather than trying to fix a dozen different things. They can remain focused on that one goal. I can speak from experience that even when you think you’re adequately protected, along comes the bad man and turns it all to mush. Hopefully the day will come when you can trust one piece of software to stop all forms of malware. In the meantime, we’re stuck henpecking our way through all the different types of protection.

Back three years ago, immediately after I was hacked, I was determined to learn everything I could about protection software and network security as a whole. I read every article I could find on the subjects. To make a very long story short, the two top contenders for best ‘Home Security Suite’ at the time were Comodo and Bitdefender. I first tried one, got hacked, tried the other, got hacked, plus I had Malwarebytes anti-malware the whole time. Even though there was keylogger software found on my machine I never saw a single alarm stating so. That is why I am a big proponent of anti-rootkits and anti-keylogger software. Maybe the fact that they specifically target these malwares they may also raise some red flags that something malicious is going on.

Since my goal is to cover all aspects of Network Security I thought I should briefly mention hardware keyloggers. These are physical devices placed between your keyboard and your computer. They also come as a USB dongle device meant to sniff out the signals from a wireless keyboard. A quick physical inspection will rule those out though. They also come in stealthier forms as circuits that are mounted in either the keyboard or inside the computer. These hardware devices are really outside the scope of this blog but I thought I should at least mention them because they do exist.

I hope that I helped clarify a few things and not cause more confusion. These malwares are the most technically advanced malwares out there so of course understanding them may prove difficult. Because of their complexity I plan to revisit this area in a follow-up in future days. Please post any questions, comments, concerns.

Until Next Time

Want new articles before they get published?
Subscribe to our Awesome Newsletter.

The post Keyloggers, Keylog Detectors and Key Scramblers appeared first on Network Security Matters.

LastPass Password Manager

redrover61 — Sat, 11 Nov 2017 08:23:08 +0000

I thought I’d start right off with what is probably the most disregarded yet easiest to implement security practice of all. Password management. We all have many websites we frequent and so many logins to keep track of. So what do most of us do? Well, most of us don’t pay heed to what the security experts tell us and use a different complex password for every site we’re signed up with. No, what we typically do is memorize one really good password and use it on everything we come across.

Some antivirus software packages come with password management built in. I have yet to find one that lives up to my expectations however. So that leads me to, as you probably surmised by the blog title, LastPass password manager.

There are a couple other competing password managers out there and I’ll discuss them another time. I have used all of the top applications to great extent and LastPass is hands down the best manager out there in my opinion. And it’s free. For single device use.

It supports multi-device synchronization but that will actually cost, but it’s only $12/yr. That’s only a dollar a month. Well worth it for the peace of mind you’ll get from using it on all of your devices. I have it installed on my laptop, desktop, android phone and iPad. Best twelve bucks I ever spent.

How does it work?

Pretty simple. You install a plugin to your favorite browser, set a single master password which is the only password you’ll have to memorize. Then just go about your normal activities and whenever you login to a site, LastPass will capture the data and ask if you want to save the login. Click yes, give it a name and that’s it.

The next time you go to that site LastPass will have your login information available and fill in the login boxes with your credentials. All you need do is press the ‘log in’ button. It will even auto log you in if you choose that option. It also has a very nice password generator, secure notes, security auditing, and can save multiple accounts for a single site. So if you have six Gmail accounts it will juggle those for you as well and give you a drop down menu to allow you to choose which one you wish to log into.

You can also launch a site by just opening the lastpass vault and clicking on a site. You will be directed to the site and auto logged in lickity split. Pretty neat. They’ve also covered all the bases. Available plugins for Firefox, Chrome, Safari, Opera, Internet Explorer, Seamonkey, and also comes in flavors for Windows, Mac, Linux and mobile. They even have several options for two factor authentication if you want that added security. (I highly recommend it).

I’ve been using LastPass for about five years now and couldn’t get by without it.

A word of advice, don’t ever forget your master password, you will never get your login information back again if you do. I learned that the hard way three years ago when I got hacked, I hastily changed my master password, didn’t write it down and promptly forgot it in all the confusion.

Now what I do is once I have all my accounts in LastPass I first export all the login data to a CSV file and then print it all out (and then delete the file) I then scribble my master password on it and toss it in my safe. That way if anything happens with anything, I’m covered. If someone breaches my backup in the safe I have much bigger issues to deal with than website logins. ; )

You can hop on over to their site; https://lastpass.com/ for a more detailed description. And then download and install the plugin, only takes a couple minutes guys and gals. Once you have it setup I suggest you go login to all your sites and use the password generator to change the passwords to something that’s a bit more difficult to hack and unique. Then come on back here and we’ll see what else we can work up.

Until Next Time

The post LastPass Password Manager appeared first on Network Security Matters.