Tool
Up against Viruses, Spyware ,Trojans
updated
6 Aug 2003
If
it's about online security, barely a story can go by without mention
of two protection essentials : anti-virus products and firewalls.
Yet there are other kinds of safety-focused programs hoping to earn
a place in your toolbox.
Like
a handyman's favourite gadget, some of these tools have just one
or two specialist functions. They can ward off browser hijackers,
remove spying software or reject the ploys of hackers.
Most
were born of necessity, created by irritated experts, annoyed developers
or victims who decided to get their own back.
A
friend of mine was a victim of a Trojan - a sneaky program used
by hackers to control other people's computers. It only happened
once, however, and my buddy turned the experience into an Australian
software success story.
"One
of my systems was infected with one of the first remote access Trojans
ever released, called NetBus," says Langlois, who was a security
researcher at the time.
"I
was made aware that the system was infected when the CD-ROM drive
opened on its own and abusive messages started to show on screen
- it was quite obvious that somebody was 'inside' the system, due
to that level of control. You can't remotely open CD drives, you
need to be running inside the system to be able to do that."
"So,
from there it was just a matter of basic forensic analysis to find
the culprit file and trace back to the hacker. I was easily able
to obtain the hacker's IP address [a computer's address on the net],
and after I started running scans on his computer he quickly realised
that I had found him."
It
was enough to persuade the hacker to leave and to give Langlois
a business idea, the result of which is a highly regarded security
product called Trojan Defence Suite (TDS). These days, many anti-virus
products also detect Trojans, but there's room for a specialist
solution, argues Langlois.
"Viruses
and remote access Trojans are physically different, they work differently
and they have different approaches to infection."
"If
you're infected with a Trojan and I connect to your system, I can
literally make your computer do anything ... I could plant material
and then call the police."
Langlois
now leads a team at DiamondCS; the company is the only anti-Trojan
system with daily database updates.
TDS
is just one of many useful tools that allows internet users to take
control of some of the problems they face online.
Hijack
defender
Product:
Start Page Guard
Website:
www.pjwalczak.com/spguard
Some
programs and web pages can use malicious code, JavaScript or ActiveX
to alter browser settings so a home page is stuck on a particular
site - often not a very tasteful one at that! Browser hijacking
is particularly a problem for Internet Explorer. Sometimes the solution
is as simple as changing the home page yourself. Other times, it's
not so easy. Depending on the hijack technique, the settings can
revert back the next time you restart. So, you may have to edit
the windows registry (delicate work) or locate a malicious program
that's hiding on your computer.
Piotr
J. Walczak's free program StartPage Guard stops unwanted changes
to the browser, including Start and Search pages, and it can get
rid of many known offenders. Other tools for protecting your browser's
health can be found at Mike Healan's anti-spyware site Spywareinfo.com.
Spyware
spies Product: Ad-Aware
Website:
http://www.lavasoftusa.com/
Okay,
not all advertising-supported software is bad, but those systems
that aren't up front about how they work, the information they collect
and the resources they drain are certainly giving the rest a bad
name. As insidious as the name suggests, "spyware" is a pet hate
of internet users (not far behind spam in the unpopularity stakes).
Ad-Aware won the gratitude and allegiance of thousands when it offered
an easy way to identify and remove all traces of the worst offenders.
Happily, Spybot Search & Destroy (spybot.safer-networking.de)
is building on the foundations. Both programs are free.
Firewall:
ZoneAlarm and ZoneAlarm Pro
Website:
http://www.zonelabs.com
Their
products have been called everything from "top-notch"
to "tour de force" to "the perfect personal firewall."
Symantec's Norton and the McAfee anti-virus packages adequately
counter these threats and are suitable for most home users. But
Zone Labs, a San Francisco-based company specializing in computer
security, offers a more effective product.free download here http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp
Help
with helpers
Product:
BHODemon
Website:
http://www.definitivesolutions.com/
Browser
Helper Objects (BHOs) are small programs that run whenever you start
the browser. They can be helpful and powerful, but as with most
good things, there's a dark side, too. Privacy exponents worry that
these can be installed without a user's knowledge and put in place
by another program. For example, the notorious Go!Zilla program
uses a BHO to track advertisements surfers see. The free program
BHODemon from Definitive Solutions lets users manage BHOs, see which
ones are installed, what they're up to and offers to disable them.
The
Trojan horseman
Product:
Trojan Defence Suite
Website:
tds.diamondcs.com.au
History
buffs will know of the Trojan horse. In a computer, a Trojan stealthily
provides a hacker with means into your files and ultimately control
of the system as if they were seated in front of it.
TDS
can identify more than 8000 Trojans (plus 10,000 or so variants)
and promises to raise the alarm even if a previously unknown program
starts behaving suspiciously. It costs $49 for a single user. Other
Trojan fighters include Trojan
Hunter, BOClean
and The Cleaner.
Health
checks
Product:
ShieldsUP!
Website:
grc.com
The
creator of the first spyware removal tool (the predecessor of Ad-Aware),
Gibson Research Corporation offers a variety of tools, but the most
popular is a security check-up called ShieldsUP!, which is free
and performed online. There are plenty of other bits and pieces
to interest the security conscious. One is a LeakTest - a testing
tool to check if your firewall can be easily tricked. Another colourfully
named Windows utility is UnPlug n' Pray, which will automatically
disable a service Gibson says is downright dangerous.
Symantec
Antivirus Research Center
Latest Virus Threats
Security Advisories
Download Virus Definitions
Download latest updates to security related software
Use Symantec’s two online tools, security check and Virus scan
Download virus removal tools for specific viruses that have become
prevalent in recent years
Read FAQs, articles, and more documents on security measures
SARC can be found at: http://www.sarc.com
Spybot
S&D - 100% Free
Here is another very intensive Spyware removal tool, that also has
several other features built in.
Here is a short about page of the product: http://www.safer-networking.org/index.php?lang=en&page=about
Also, there have been three or four (or more Now) rip-offs of this
program, and he has a list here:
http://www.safer-networking.org/
So, obviously,
don't use those other products - use the original.
SpywareGuard
SpywareGuard
provides a real-time protection solution against spyware that is
a great addition to SpywareBlaster's protection method. An anti-virus
program scans files before you open them and prevents execution
if a virus is detected - SpywareGuard does the same thing, but for
spyware! And you can easily have an anti-virus program running alongside
SpywareGuard. SpywareGuard now also features Download Protection
and Browser Hijacking Protection! http://www.wilderssecurity.net/spywareguard.html
There
are other great security sites out there. Wilders.org Security Advisors has a great
listing of security products, including free anti-virus tools, anti-virus
add-ons and firewall accessories such as report-makers and log analysers.
Meanwhile, The Home PC Firewall
Guide's motto says it all: The internet is a hostile network
like the Wild West without a sheriff.
Spring
Cleaning Your PC
by Jason Levine
Your computer can do some amazing things, but at its core it's a
machine. And like many machines, it might not be performing properly
if it's not maintained well. http://www.jasons-toolbox.com/Articles/SpringCleaning/
