Secure? You want to be secure? Let me show you how!

What, there's bad people online!?
Yes, there are people online who are out to get you.  Either your personal information or to mess with your computer.  I've learned a lot, how to identify threats and make sure they don't get to me.  It's because of this I've decided to do things a little differently when using the internet at home, at work or at school.  Firstly at home I always keep my computer up to date and especially my antivirus.  It takes a lot to get me to trust something I'm downloading.  I stay away from shady websites, never give out any personal information and always keep my bank accounts away from my computer completely.  Haven't had a problem ever using the computer!  Here you can see a report of how well my system has held up since I last installed windows.

At school, I refuse to log into any of my personal accounts (whether it be my email, facebook ect) I stick only to the secure Angel site that is protected by the school.  This way I am sure that none of my information is stolen or used in a way that I don't know about.  I never touch the internet at work.  I know the network is unsafe and unsecured so I simply refuse to use it at all.  But if I was to use it, I would follow the same steps I take at school.  No personal information, not to download anything that I don't need or don't know what it is and to stay away from any shady sites.  There is nothing worse than not only losing all your information but risking your companies information as well!


Know Your Enemy, Cause they Know You!
Before you can begin to secure your system you need to be able to identify all the threats out there.  Whether it be from someone phishing for your information to a nasty virus looking to cause you some trouble, knowing the enemy is one of the best ways to assure you are safe when online.  Wanna know how many different virus' are out there or how many threats there really are?  Take a look at this webpage and click the tabs to see all the different kind of threats out there.  http://www.symantec.com/security_response/  It is because of this I have made some adjustments to my security at home.  Below is a picture of the basic setup of my router.

As you can see, my routers firewall is NOT disabled and I have made sure not to respond to pings on port 80 (default internet port).  Next you need a good antivirus software, personally I choose Kaspersky because Norton and McAfee have had issues in the past of releasing / spreading exploits to boost their sales.  Below is a list of some of the helpful tools that comes with Kaspersky.

Ahhh nothing like a finely tuned, secure machine to get the blood pumping.  As you can see I have some great tools to great a backup disc, tune up my browser, permanently delete sensitive data and everything else in the picture above.  Of course you need to keep your AV up to date or it does you absolutely no good (what's the point of having protection that's good only against threats from a few months ago?).  Lets imagine the worst has happened, someone gets to my system and removes all the files in my System32 folder.  My OS is done, I need to reformat to be able to use my computer again.  What about all my pictures, music, videos and school work?  Ahaha!  Thanks to the beauty of cloud computing, I don't have to worry about losing that information ever again.  Dropbox is a free cloud service that gives you 2gb of storage on their secure network.  All the files get automatically synced and I can just download them again when I fix my computer.  Check it out!

To basically sum everything up, here's a basic guideline to how your security should be.

• Always keep your AV up to date
• NEVER download anything that you don't trust or know what it is
• Look into a cloud or online backup service to keep your files safe offsite
• Make sure to configure your firewall settings properly

The Trojans did a long time ago, but it still goes on today!
Another important tip is to be aware of fake antivirus programs.  Just because something seems like a legit program doesn't mean it is.  It could possibly be just another scam to get your money or mess with your system.  If you take a look at this video, you'll get a lot more information on these fake AV programs and how you can be sure to avoid them!  Always stick with the most reputable sources and be sure not to download anything that seems to good to be true!


In addition to fake AV's, you need to be sure your computer isn't a zombie.  A zombie is an infected computer that someone else has access to that will be used to do harm in some way.  A zombie is just 1 computer in a whole network of infected computers called a botnet.  These botnets can be used to send massive amounts of spam, or even worse perform DDoS (Distributed Denial of Service) attacks.  You can read more about this here.  http://www.nytimes.com/2008/10/21/technology/internet/21botnet.html

Think you have been infected and your computer is now a mindless killing machine?  Fear not, this webpage has all the information you need to turn your computer from killer, to a well tamed, flawlessly working machine in now time.  http://electronics.howstuffworks.com/how-to-tech/how-to-fix-zombie-computer.htm

How simple it really is!
Here is a screenshot of me updating my AV.  It as simple as clicking a button!

I've been using the computers on campus to do most of my work, as such I needed to update and badly!  

Back to the Future?  Kinda.

Here is a short video I made explaining how to do a system restore.  It was a spur of the moment idea so excuse the lack of professionalism.  

Wait, run what? Okay? What the!?

My tale is a simple one, plain and simple I messed up.  It was a late night and I was browsing around on an image board trying to kill some time.  Seeing nothing interesting I decided to fire up some World of Warcraft.

After about an hour or so once again I lost interest.  So I decided to check back on the image board and something finally caught my attention.  That's where I got myself into some trouble.  The old saying that "if it's to good to be true, it probably is" rang true.  I couldn't believe it, the owner of the website was going to make someone a moderator (one of the most sought after positions of power on the website)!

The poster posted a link to a tinychat room where he would broadcast who he would make a moderator.  The only thing that seemed a bit suspicious was the address was in all caps (TlNYCHAT.COM/MODDD).  A red flag should have gone up but it didn't..  When I visited the page it looked very legit and it asked me to run java so I could see the webcam and hear the broadcast.  I hit run in anticipation and hopes of becoming a "mod" on the website.  That's when everything went wrong.

It soon hit me that I was the victim of a java drive-by.  My mouse started to go haywire and the internet was laggy and unresponsive half the time.  I quickly checked my process' and there was nothing strange going on there.  I soon realized the hacker melted the process into one of my windows process'.  He infected one of the core process' or drivers windows loads on start up.

Instantly I was sent into a rage!

I quickly unplugged my internet cord and did a full system wipe on my system.  I knew this wasn't anything serious enough to be a rootkit so I felt safe wiping my hard drive and re-installing my operating system.

For a more detailed explanation read below or click here.  This is taken from wikipedia:

Drive-by download means two things, each concerning the unintended download of computer software from the Internet:

1. Downloads which a person authorized but without understanding the consequences (e.g. downloads which install an unknown or counterfeit executable program, ActiveX component, or Javaapplet).

1. Any download that happens without a person's knowledge, often spyware, a computer virus or malware.^[1]

Drive-by downloads may happen when visiting a website, viewing an e-mail message or by clicking on a deceptive pop-up window:^[2] by clicking on the window in the mistaken belief that, for instance, an error report from the computer' operating system itself is being acknowledged, or that an innocuous advertisement pop-up is being dismissed. In such cases, the "supplier" may claim that the person "consented" to the download although actually unaware of having started an unwanted or malicious software download. Websites that exploit the Windows Metafile vulnerability (eliminated by aWindows update of 5 January 2006) may provide examples of drive-by downloads of this sort.
Hackers use different techniques to obfuscate the malicious code so that antivirus softwares aren't able to recognize the code and it is executed in hidden iframes so that the user can't recognize it visible - and even for experienced user it is hard to read.^[3]A drive-by install (or installation) is a similar event. It refers to installation rather than download (though sometimes the two terms are used interchangeably).

There are more ways for hackers or scammers to get your information and cause you a headache.  Check this video below to learn about phishing and how to be aware of it!