|
Posted by MowGreen on April 7, 2010, 3:05 pm
If you were Registered and logged in, you could reply and use other advanced thread options
1) Make sure that the Operating System is kept up to date.
2) Make sure that *every* installed program and application is kept up
to date.
Report: Malicious PDF files comprised 80 percent of all exploits for 2009
http://blogs.zdnet.com/security/?p=5473
Secunia: Average insecure program per PC rate remains high
http://blogs.zdnet.com/security/?p=3673
3) Use a Limited User Account (XP) or Standard User Account (Vista/Win7)
for day to day use. Log in to a User Account with Administrator
privileges when installing software, hardware, or changing system's
settings.
Report: 64% of all Microsoft vulnerabilities for 2009 mitigated by Least
Privilege accounts
http://blogs.zdnet.com/security/?p=5964
4) Use a router that includes a hardware firewall that is NAT enabled.
Most wireless routers have this feature. In combination with a hardware
firewall, the native Windows firewall provides sufficient protection. No
3rd party firewall will be needed.
5) Use a web browser that can block *all* scripts on websites until
*you* can inspect them.
Use IE 8's InPrivate option with InPrivate filtering set to allow *you*
to block content; use the NoScript add on for Mozilla based browsers
(Firefox;SeaMonkey,etc) to block *all* scripts from running until *you*
allow them to run.
6) Install ToggleFlash for IE7/8 which blocks all Flash content from
running until *you* allow it to.
Toggle Flash Instructions
http://flash.melameth.com/togflash.html
Or, install Spyware Blaster and allow it to block Flash content, ActiveX
controls, etc:
http://helpdeskgeek.com/free-tools-review/block-activex/
7) Install a trustworthy, dependable antivirus and keep it updated.
Opinions vary on which AV's qualify. I find Avast, NOD32, Vipre,
F-Secure, and Kaspersky AVs to be trustworthy and dependable without
adversely affecting system performance.
PLEASE NOTE: I do not include security suites as they do too many things
rather then just focus on preventing malware infestations.
MowGreen
================
*-343-* FDNY
Never Forgotten
================
banthecheck.com
"Security updates should *never* have *non-security content* prechecked
mwebb wrote:
> I just read a scary article by a security firm in Europe that malware is
> being delivered by browsers hooking into site like Yahoo and Fox. For the
> malware to be installed all that is needed is to connect to the page with the
> ad.
>
> Is there anything to this? If so what is the defense?
>
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map