1. You can protect your system by requiring that users log on and use strong passwords. It is a good idea to let the screen lock after a period of inactivity and require the user to log back on.
2. Your anti-virus software can be set to scan for malware and viruses. Use anti-spyware, anti-malware, anti-adware software and keep it updated. Keep abreast of the news and be aware of threats as they arise. You should be aware of keylogger programs that record your keystrokes so an unauthorized user can steal your information. Good article here: http://www.securityfocus.com/infocus/1829 (see note below)
3. You can use either a software or hardware firewall. If you have a network you can combine a proxy firewall with a packet-filtering firewall greater defense.
4. Keep all your software and operating system updated so that any security patches will be installed.
5. Keep file sharing to a minimum.
What type of threats might you be securing yourself from?
1. One type of threat would be an unauthorized user getting passwords or other data off of your computer either by getting into your computer from the Internet or by capturing your information when you are on the Internet.
2. Another type of threat is malicious software installing itself on your computer.
3. If you have a network, you do not want any unauthorized users to have access to your data, your web pages, or any of your user information.
Note on keyloggers from http://www.securityfocus.com/infocus/1829
To prevent keyloggers on the desktop level two types of anti-keylogging software is available from various vendors:
1. Signature based anti-keylogger. These are applications that typically identify a keylogger based on the files or DLLs that it installs, and the registry entries that it makes. Although it successfully identifies known keyloggers, it fails to identify a keylogger whose signature is not stored in its database. Some anti-spyware applications use this approach, with varying degrees of success.
2. Hook based anti-keyloggers. A hook process in Windows uses the function SetWindowsHookEx(), the same function that hook based keyloggers use. This is used to monitor the system for certain types of events, for instance a keypress/mouse-click -- however, hook based anti-keyloggers block this passing of control from one hook procedure to another. This results in the keylogging software generating no logs at all of the keystroke capture. Although hook based anti-keyloggers are better than signature based anti-keyloggers, note that they still are incapable of stopping kernel-based keyloggers.
P.S. I know you are aware that there are classes on computer security, I can't even begin to cover it all here.
But I gave it a shot :-)
P.P.S. See Snort in the entry below.
No comments:
Post a Comment