Security Series - Part 1 - The basics

Threats are a large part of I.T there is an entire section of I.T based for security, It is not as simple as putting a program in front of it, At enterprise level, For home though its easy to defend your self, Lets begin.

Spyware - Defense: Security suites (Recommended Malwarebytes Pro or F-Secure), This is a spying tactic, Imagine spys but cyber versions, they look for data they can see and steal, there are more advanced tactics to this from cam hacking to keylogging (Although keylogs can be there own area).

Viruses - Defense: Security Suites (Same as above). These are the damaging things, wonder why your system is so slow you can cook sunday dinner before its loaded? well here you go chances are you have these on your system.

Rootkits - Defense: Rootkit Removers (Malwarebytes Anti Rootkit, Linux) These are nasty things to fight against, they can hide almost as good as any other attack, and can take skill to remove, chances are you dont even know you have one without special tools.

Worms - Defense: (Common Sense, Security Suites) These come via emails so they can be defended from with browser based tools, but if you have clicked an email that was un-expected you may have been hit with a worm, I have seen multiple Amazon related ones recently, Common sense will beat any scanner, but always have a plan B.

Trojans - Defense: (Security Suites, Browser based tools) Imagine the Trojan from troy, there you go, Multiple nasty surprises in one package, A lot of attacks will come from these.

 

Okay so we have knowledge of what they are, what are the tactics used and how do we protect our selfs?

If you want to never bother with any of this, like no need for security get your self onto Linux, Linux is like steel, you throw something at it chances are it wont move and give up, and thats before security tweaks have begun, reason for this is the system its self, Its not a mess like windows and it cannot read windows files, to be fair scanners on linux are there just to defend networks with windows on them or remove then via live media.

If your on mac get your self something like NOD32 or Sophos, your still safer than windows but there are Mac viruses out there.

So if you stick on windows here what is what you do.

Get a suite on ASAP, F-Secure is the top atm, and to be fair I have seen it in action and it works well, Second that with malwarebytes free if you get F-Secure, dont let it run until you do your weekly scans, Malwarebytes is a tool that has some insane power under it, I havent had any viruses beat it yet and I have been against some sticky viruses.

Firewall is taken care of via suite so dont worry.

Get a linux distro on disk or USB, Fedora Security is recommended, use ClamAV to live scan windows, It can do more than windows will due to the fact windows is not running, Linux is, This is where systems get beyond the point of restores and windows apps (Stuff like Interpol scams which remove all user ability in windows, also network attacks like conficker)

Next


Your browser plays a massive part in security as most attacks come via the web, I use Firefox, its the most secure browser out there add in stuff like noscript, Web of trust, Adblock, HTTPSeverywhere etc and your set, Chrome can do similar and the fact no flash is needed is sweet, but to be honest I use chrome for youtube and firefox for everything else.

Keep windows up-to-date also, the update system is a nightmare after you have seen the linux one, but I can see why Windows is needed, I still use it but with VM instead of main.

 

So some basics there, I will be posting another guide later, More indepth on removals over general stuff, If you have ideas on editing this post or other guides let me know :)

 

Expanding on your point about Windows and Linux. They can be represented as two spheres, one has a tough exterior with a nice soft centre, whilst the other is tough all the way through.  

Windows is like the first sphere. Once your past the tough exterior, its very easy to get around from there on in. As for Linux, it is like the second and is tough all the way through and can be extremely hard to get through with security tweaks. This doesn't mean Windows can't be secure, it just takes a lot more effort. (Hence why Win Server has NO security exceptions as default and once you start adding them it becomes weaker)

 

As for criticism... Back your points up. You've said what some threats are and how/what can be used to defend against them, but why? Why use your suggested packages other something else? Just justify why you've chosen certain things to recommend.

Other than that, this is a nice start. I look forward to reading more of these. 

I will probably be using linux and windows on vm with new build. Do games run well on vm? I have only used vm for backtrack. Nice intro to information security. 

I do agree that linux and windows are two completely systems, but I will be explaining more in the next part, starting with linux :) 

And I will be backing up my points in the future posts, Just wanted to get an extremely basic start and move to more advanced stuff quickly but at a speed the readers can grasp on :)

But thanks for the comment :) I shall keep them in mind :) 

Yes using KVM with Virt-Manager, Zoltan did a brilliant guide on it.

Also steam is now native, although a lot of games are not linux supported some valve games are such as TF2 and it plays brilliantly, Its stupidly fast compared to the DX counterpart :) 

Here is the guide !!CLICK ME!!

Hope he helps :) 

1 Like

F-Secure is amazing