Anti-Spyware and Least-Privilege Accounts
Tip 3 -- Anti-Spyware Programs
Although most security professionals group all forms of nasty software (viruses, trojans, worms, etc.) under 'malware' -- many of us reserve a special evil category for 'spyware.' Although this term was originally given to software that had the intent of gathering information (web preferences, etc.) about users without thier knowledge, it has been broadened to include keystroke loggers, web-cam launchers, remote-execution systems, and more. The simplest approach is to simply think of it as a different version of malware - still evil, just different.
As with malware - a good initial strategy is to have installed, updated and running good anti-spyware programs. Luckily there are many available, both free and commercial. As with anti-malware software, this protection is only good if you update it frequently and run it frequently. You do not have to worry about having both anti-malware and anti-spyware protection. Think of it as having multiple locks on a door.
Many commercial anti-malware products include spyware protection. You get what you pay for. Even so, it does not hurt to have multiple layers of protection.
My favorite anti-spyware program for Windows is Spybot- however Ad-Aware also has a very good reputation.
The best Mac anti-spyware program I've found so far is ClamXAV.
Linux users generally will not have a problem with spyware, unless they are running Windows or Mac applications (same deal with viruses) -- I did find a program that will help in both areas Panda Software
As with malware - a good initial strategy is to have installed, updated and running good anti-spyware programs. Luckily there are many available, both free and commercial. As with anti-malware software, this protection is only good if you update it frequently and run it frequently. You do not have to worry about having both anti-malware and anti-spyware protection. Think of it as having multiple locks on a door.
Many commercial anti-malware products include spyware protection. You get what you pay for. Even so, it does not hurt to have multiple layers of protection.
My favorite anti-spyware program for Windows is Spybot- however Ad-Aware also has a very good reputation.
The best Mac anti-spyware program I've found so far is ClamXAV.
Linux users generally will not have a problem with spyware, unless they are running Windows or Mac applications (same deal with viruses) -- I did find a program that will help in both areas Panda Software
Tip 4 -- Least Privilege Account
This tip is so simple to enact that I am totally astounded that so many people do not do it. The problem is that many people get a personal computer, turn it on, and proceed to run everything from the single, administrator account, that is set up by default. The reasoning is that they should not worry since they are the only person using the computer.
Wrong!
If you are browsing the Web, or checking e-mail, with an administrator account you are allowing all kinds of malware to make changes to your computer without your knowledge! This is one reason the famous 'drive-by malware' and 'cross-site scripting' attacks are so successful.
What is a least-privilege account? It is a user account that DOES NOT have administrator privileges. They are very simply to set up and they do not prevent you from doing things you want to do.
Basically - use the Control Panel of your computer to create a new account that does not have administrator privileges. If you are the only user then your computer will have two accounts - one with administrator privs and one without. If you have other users (wife/husband, kids, etc.) they each should have their own account without administrator privileges.
Any time you try to do something (or a program tries to do something) requiring administrator privileges you will be prompted to enter the administrator password. If you know, for example, that you are installing new software, then go ahead and enter the password. But if the password request box opens and you were NOT intending to install new software or make system changes then this protects you! According to Microsoft, 64% of all vulnerabilities during 2009 could have been prevented by having a least-privilege account!
I suggest using LPA on the Mac as well - why take the chance?
And by the way, any Linux administrator with an ounce of knowledge would NEVER run applications as root! They reserve this for required system maintenance.
Tip 5 -- OS and Application Updates
Once an operating system is installed and applications are installed and configured that is all you have to do, right?
Wrong!
Security patches and upgrades are constantly being issued for operating systems and applications. They are extremely important to install because once they are announced every hacker on the planet knows about the vulnerabilities they represent. In organizations 'patch management' has become a strategic activity for keeping systems and information secure.
For most people the solution is pretty easy - both Windows and Mac have automatic upgrade options -- simply turn them on. If you use Linux you should have the savvy to periodically check the Web site for your free or commercial version and obtain patches there.
Applications are a bit trickier. Few applications will notify you of the need for patch downloads and application. Some, like Firefox, will do this automatically, and will not run until the patch has been applied. Others, like Adobe products, will notify you but then allow you to opt out until later -- which is NEVER a good idea.
Many companies use programs to help identify popular applications and plug-ins in need of patches. One great program for Windows is Secunia PSI -- this is a free vulnerability scanner that runs on all current versions of Windows. I strongly urge getting it and running it about once a month.
Another good vulnerability scanner is Nessus -- this scanner runs on Windows, Mac and Linux. For Mac users I recommend MacNessus.
Wrong!
Security patches and upgrades are constantly being issued for operating systems and applications. They are extremely important to install because once they are announced every hacker on the planet knows about the vulnerabilities they represent. In organizations 'patch management' has become a strategic activity for keeping systems and information secure.
For most people the solution is pretty easy - both Windows and Mac have automatic upgrade options -- simply turn them on. If you use Linux you should have the savvy to periodically check the Web site for your free or commercial version and obtain patches there.
Applications are a bit trickier. Few applications will notify you of the need for patch downloads and application. Some, like Firefox, will do this automatically, and will not run until the patch has been applied. Others, like Adobe products, will notify you but then allow you to opt out until later -- which is NEVER a good idea.
Many companies use programs to help identify popular applications and plug-ins in need of patches. One great program for Windows is Secunia PSI -- this is a free vulnerability scanner that runs on all current versions of Windows. I strongly urge getting it and running it about once a month.
Another good vulnerability scanner is Nessus -- this scanner runs on Windows, Mac and Linux. For Mac users I recommend MacNessus.
This page created and made available for educational purposes by Dr. Gerry Santoro - [email protected]