|
|
|
Boston Bar Foundation renews their gomembers PSA for pinnacle
Herndon, VA --- gomembers, Inc. (http://www.gomembers.com), announced today that the Boston Bar Foundation (BBF: http://www.bostonbarfoundation.org) has elected to renew its PSA (Preferred Support Agreement) for its gomembers' pinnacle solution. ...
Creating Effective Opt-in E-Mail Campaigns
Its been said before, but important to re-emphasize, e-mail is the "killer application" of the information age. According to the latest Forrester Research numbers, the permission based e-mail industry is projected to grow from $164M (USD) in 1999...
Got a Small Business? Choose the Right Domain Name
Choosing a domain name can be daunting. Research the subject (after all, you're the type of marketer who researches, right?) and you'll be hit with a landslide of opinions, most contradictory. There is, however, two points that everyone agrees...
Internet Scams 102 -- Hijackings and Spyware
My friend Janice is afraid to go on the Internet because of the terrible things that might happen to her. She views a simple trip to get e-mail the way she views going alone, late at night, to a dangerous part of town.
Please . . . it’s not...
What is it with FireFox?
I don't like FireFox. I'm not afraid to divulge the fact that I don't like it. I don't like people who insist on running on about how great it is, or people who try to push it in my face. I can't ignore it though, and this is why: Whilst looking...
|
|
| |
|
|
|
|
|
|
THE ABC's of Hacking
THE ABC's of Hacking
Recovering from a system compromise.
What to do if you've been hacked.
If you find you've been hacked, simply deleting the Trojan horse or closing the open share is often not enough. Using the initial security breach as an entry point, an attacker could easily have created other backdoors into your system or even modified the actual operating system itself. Because of this there is only one real way to secure a system which has been compromised and that is to reinstall it from a known-good source. This document describes the steps involved in recovering a typical windows system from a security compromise.
Step 1 : Isolate the affected machine.
You should disconnect any compromised machine from both the internet and any local network as soon as you realize it's been compromised. This helps limit the potential damage both to your own systems (remote attackers can no longer gain access) and to other systems on the internet (your machine cannot be used to attack others). It's important to physically disconnect the machine from the network. That's right, unplug the network cable or power off the modem . Cable and DSL modems in particular often feature 'standby' buttons which claim to isolate the computer from the network - in several cases this is simply not true, even with the modem in standby mode the computer is still connected to the network.
At this point you should consider what other actions you need to take. Do you for example store bank or credit card details on your PC? If you do, you should inform the appropriate organizations that your accounts may be compromised at once. Have you used your credit card number online recently? Again, if you have you should inform the credit card company that your number may have been compromised.
Any password or secure data stored or used on your PC should be assumed to have been compromised and changed at once. This includes ISP access passwords, FTP, email and website passwords as well as any other service you use which requires a secure login.
Step 2 : Find out how serious the problem is.
If you only have one computer you can safely skip this section, those with home networks should read on.
A compromised machine on a network can lead to the compromise of all other machines connected to that network. The risk of this happening depends on a number of things, including :
The length of time the security breach has gone undetected.
Be honest with yourself and assume the worst case scenario is true when evaluating this. When did you first suspect something might be wrong? When did you last scan your network for viruses and Trojan horses? When did you last verify that your files hadn't been tampered with? The longer a compromised machine has been on a network the greater the chances of other machines on the network being affected are.
The type of network you run.
If all machines on your network have unrestricted access to and from the compromised machine, the chances of a network-wide security breach increase dramatically. On the other hand, if you restrict access between machines either by using desktop firewall products or by means of username/password authentication the risk falls.
The presence (or absence) of anti-virus and desktop firewall software.
If each machine runs properly maintained, independent anti-virus and desktop firewall software the risk of a network-wide security breach falls sharply.
Step 3 : Begin the cleanup.
Locate the original software distribution disks for your operating system, any drivers you need for your system and any license information you'll need during the installation. You will be performing a clean install on the affected machines, so you will loose any data stored on them unless you have backups. If you haven't got recent backups, follow the procedure below :
Start up the compromised machine without connecting to any network.
Copy any data files you wish to keep to floppy disks or cd-r media, if at all possible in non-executable form (ie. save word files as rich text since it can't contain macro viruses). DO NOT COPY PROGRAM FILES!
Label this media clearly as potentially infected and store it safely.
You are now ready to begin rebuilding your machine. To be absolutely sure that your system does not remain compromised, follow the steps below before installing your operating system.
Restart your PC in DOS
mode (NT/Win2k users should boot from the cd-rom or setup disks)
Use the FDISK command to delete all partitions on the disk (NT/2k users should follow the appropriate prompts in the setup program)
Power cycle your PC with the setup disk in the floppy drive or CD-Rom drive as appropriate (switch off, wait 10 seconds, switch on). This applies to all versions of windows including NT and win2k (power cycle after removing the partitions, don't worry about still being in the setup utility) and ensures that any memory-resident or boot sector virus is removed.
Reload your operating system & required drivers from the original disks.
At this point you'll have a working system with no software installed other than the operating system & drivers. Assuming you used only original media, the system will be free of any Trojan horse or virus but may not be secure.
Step 4 : Secure your system and load additional software.
You now need to obtain and apply the latest security patches for your operating system. Ideally you should download these from their source using another machine and apply them from disk. If that is not possible, connect your rebuilt system to the internet for the minimum period possible to obtain the patches you need. Apply them at once. You should be aware that this opens your system to potential compromise while you are downloading the patches so keep the connection as short as possible. Windows 98,ME and 2000 users can use the 'Windows Update' function to automatically update their systems.
Once your system is updated, you can begin installing additional software. Be sure only to use software you know has not been tampered with, ideally from original distribution media. If necessary, download a fresh copy from the source and use that. Install software in a logical order, beginning with security-related products (anti-virus, firewall etc.).
Step 5 : Finishing off
Once you've installed and configured all your software you are ready to begin restoring the data from backups. Before doing so, you may wish to make an image copy of your system using a utility such as Norton's ghost. This will allow you to quickly restore the machine to a known clean state in the event of future compromise. If you do this, store the image on non-volatile media such as CD-Rom. You may also wish to take a 'fingerprint' of the files installed on your machine to enable comparison in future. See 'Attack Mitigation' for details on this.
When you eventually restore the data, do so gradually especially if you copied the files from an infected machine. Virus scan each one first and discard any with unexpected macros.
That's it, your machine is now rebuilt and ready to reconnect to the network and the internet. It's been a lot of work but you now know for sure that your machine is virus-free and reasonably secure against attack in future.
Attack Mitigation
There are a number of steps you can take to limit the damage done by a system compromise. Not all apply to all systems and some require additional software but they can make you life considerably easier if you are unfortunate enough to be hacked.
File Signatures
Keeping a database of file signatures can help you pinpoint any files which change unexpectedly. This is often one of the first signs of a security breach. You can get free file signature checkers from a number of sources, we suggest WinTerrogate (all versions of windows, basic but effective) from http://winfingerprint.sourceforge.net or LANGuard File Integrity Checker (NT/2000 only, more advanced) from http://www.gfi.com/languard
Image Files
Taking an image of your disk regularly can dramatically reduce the amount of work involved in recovering from a security breach. The best known tool for doing this is Norton's GHOST although there are other options. You should keep two or three images files on non-volatile media and update them regularly.
Keep the data on a separate partition.
Keeping your data on a separate partition (ideally on a separate disk) will reduce the amount of work needing done if you have to rebuild the system. It also makes backing up much easier and can improve overall system performance.
www.str8junk.com
About the Author
An elite team of regular "Joes's" fighting back & making huge cash online one day at a time.
dDawg as a team has been able to create a profit on the internet.
http://www.str8junk.com
|
|
|
|
|
| Tucows Downloads - Download Freeware and Shareware Software |
| Download freeware, shareware, and demos. Maintains over 45000 software titles that are tested, rated, reviewed and ready to download. |
| www.tucows.com |
|
| Free Software Downloads and Software Reviews - Download.com |
| Download shareware, freeware and Demo software for PC, Mac, Linux, and Handhelds categorized into categories, plus software reviews. |
| www.download.com |
|
| Computer software - Wikipedia, the free encyclopedia |
| This includes application software such as a word processor, which enables a ... Application software is often purchased separately from computer hardware. ... |
| en.wikipedia.org |
|
| Shareware.com - Search for shareware programs and free software ... |
| Search for shareware programs from more than a dozen downloadable software directories. |
| www.shareware.com |
|
| Jumbo: Free & Shareware MP3 files, Games, Screen Savers & Computer ... |
| Source of free and shareware computer programs and utilities for PC and Mac. Evaluate software and read product reviews. Download games and screen savers. |
| www.jumbo.com |
|
| Computer Software in the Yahoo! Directory |
| Browse categories featuring sites devoted to computer software, including shareware and freeware download sites, operating systems, desktop customization, ... |
| dir.yahoo.com |
|
| IEEE Software |
| IEEE Computer Society's magazine covering all aspects of software, including software engineering. |
| www.computer.org |
|
| Free Downloads on ZDNet | Shareware, Trialware, Evaluation Software |
| ZDNet's Software Directory is the Web's largest library of software downloads. Covering software for Windows, Mac, and Mobile systems, ZDNet's Software ... |
| downloads.zdnet.com |
|
| FSF - The Free Software Foundation |
| Free software is a matter of liberty not price. Think of "free" as in "free speech". |
| www.fsf.org |
|
| Apple - Software |
| Software products for your digital life. ... The perfect addition for professional review. QuickTime Broadcaster. Encoding software for live events. ... |
| www.apple.com |
|
| Open Directory - Computers: Software |
| In Partnership with AOL Search. about dmoz | report abuse/spam | help. the entire directory, only in Computers/Software. Top: Computers: Software (38471) ... |
| dmoz.org |
|
| freshmeat.net: Welcome to freshmeat.net |
| About: The Web browser is probably the most frequently used software today, ... Web professionals can use the software for functional testing and regression ... |
| freshmeat.net |
|
| Software - GNU Project - Free Software Foundation (FSF) |
| Listing of the GNU software packages. |
| www.gnu.org |
|
| Sun Software |
| Get enterprise-class software--Solaris 10 OS, the Java Enterprise System, ... Sun Java StorageTek Software reduces cost and complexity with a single, ... |
| www.sun.com |
|
| Internet Real Estate.com -- owns and operates a portfolio of the ... |
| SOFTWARE.COM · SWEEPSTAKES.COM · PHONE.COM PODCAST.COM ... Software.com | Sweepstakes.com | Phone.com | Podcast.com | Shop.com | Safety.com ... |
| www.internetrealestate.com |
|
| Joel on Software |
| A weblog by Joel Spolsky, a programmer working in New York City, about software and software companies. |
| www.joelonsoftware.com |
|
| Amazon.com Software: Computer & video games, business, accounting ... |
| Online shopping for computer & video games, business & office productivity software, software from Microsoft, Apple, Adobe & more; accounting, antivirus, ... |
| www.amazon.com |
|
| IBM Software - Home Page |
| IBM home page for all of its software products, including Lotus and Tivoli, with keyword search, category browse and AZ product names. |
| www.ibm.com |
|
| Opera web browser: Homepage |
| Copyright © 2006 Opera Software ASA. All rights reserved. Skip navigation. Opera Software ... Copyright Opera Software ASA . All rights reserved. ... |
| www.opera.com |
|
| Google Directory - Computers > Software |
| Search only in Software Search the Web ... Software Categorized by Letter: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ... |
| www.google.com |
|
|