latest updates from easySERVICE™
At this point, everyone should be aware that security management is essential for everyone. Whether you are operating a home system, overseeing a small startup, or performing security governance for an enterprise, everyone can benefit from paying attention to security. I won’t delve into the security basics here, such as:
Network Security Tools
Most of you have already addressed these concerns and want to know the next steps in the pursuit of a more secure computing system. To that end, following are a list of security tools or security tests for windows operating system that everyone should know how to use. These are products and services that will assist you in confirming that your security is robust, checking out suspicious issues, and keeping ahead of new risks and threats.
Once a system has been updated, configured, and otherwise “secured,” the next step is to test and evaluate the established security. There are a wide range of security scanners and vulnerability assessment tools available. One of the best is Tenable’s Nessus.
For personal use, Nessus Home is free to use to scan up to 16 systems. Nessus Home offers a thorough security scanner, which assesses configurations, patches, malware, mobile devices, and more. The commercial version of Nessus is suitable for scanning enterprise networks. The Nessus Home product is just as robust, but not overly complex. The scan reports from Nessus are amazingly detailed. By following up on each issue discovered by Nessus Home, you are sure to improve your overall security stance.
Everyone encounters suspicious files from time to time. Files from unknown sources or that could be infected by malware. There are a number of online virus scanning services. Of these, VirusTotal is one of the best. To quote their own description, ” VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans, and other kinds of malicious content detected by antivirus engines and website scanners.”
VirusTotal maintains about 50 malware and spyware scanners, which you can use to check out files. You can either upload a file from your local system or provide a URL to a questionable file. In either case, VirusTotal will perform a real-time scan of the suspicious file and provide you with the results.
You can use this free online service to keep your infection risk low. Since only a single real-time scanner can be run on your own local machine, having 50 scanners available for use is an invaluable asset. The range of different detection engines, scanning features, and custom definition databases amongst the wide range of anti-malware products can be brought to bear without having to maintain dozens of separate systems yourself.
Keeping current with patches and updates across all of the software on a computer can be quite challenging. Your operating system typically will automatically download and install new updates (a few of your applications likely do this as well). But not every installed application is able to auto-update. Those that do often run an additional background service that periodically checks for updates, but having dozens of these background services eats up system performance. I recommend replacing the one-off updater services with one solution that will keep all products current across your entire computer. That tool is Secunia PSI.
Secunia PSI (personal software inspector) regularly scans your system for applications, and then checks those applications against their available versions. If a new or updated version is available, Secunia PSI can automatically download and install the update or just notify you of its availability.
Note: Secunia PSI does not automatically replace the per-app background checkers. You will need to manually uninstall or disable those.
The process task list on a typical computer includes dozens of applications and services. Many of these are not essential to your normal activities or the software products they are associated with. Background updaters, speed boosters, pre-loaders, etc., all get installed when you install or update applications, and then these little “helpers” launch at each system reboot. These unnecessary components slow boot time and consume system resources, often making your computer act far below optimum performance levels. The solution is to remove or disable the offending items. The tool I recommend for this is Autoruns.
Autoruns is a tool offered by Microsoft. It was created and is maintained by Mark Russinovich and Bryce Cogswell (formerly of Sysinternals, before being acquired). Autoruns scans your system for all of the things that get launched at bootup or login. You are presented with an organized list of items. You can select the disable any item or to completely remove an item. I recommend disabling items first, then test that the element isn’t actually needed. In most cases, leaving items disabled is sufficient. If you determine that an item needs to be completely removed from your system, then you can opt to delete it. However, the deletion only removes the Registry elements that cause the auto-launching, it does not remove or uninstall the item from the system overall.
ShieldsUp is a free online service for testing your firewall and how exposed you are online. ShieldsUp operates from the Gibson Research Corporation’s website (https://www.grc.com/), and offers a quick assessment of your attack surface as exposed online. Go test your system and find out what hackers can see when they network scan your IP address. Follow the recommendations to improve your security and lock down your vulnerabilities. The ShieldsUp service is found at https://www.grc.com in the Services menu.
While at GRC, you might want to explore the other amazing tools and services, such as DNS benchmark, HTTPS Fingerprinting, and SpinRite.
Malwarebytes and HijackThis
Often your anti-malware scanner just isn’t enough. Using advanced supplemental tools to detect and remove malicious code is an essential part of being an Internet user. Two great tools to have on hand are Malwarebytes and HijackThis. These tools can usually operate on your system concurrently with an existing real-time anti- malware scanner present, a feature which is not true of many malware products. Whenever you suspect an infection or if you think you have inadvertently performed a risky activity, and your anti-malware scanner is staying suspiciously quiet, run one of these tools to discover if your fear is justified.
NoScript and ScriptSafe
Surfing the Internet has become a dangerous activity. If you are using a Web browser with default configuration, you are vulnerable to a wide range of exploitations and attacks. Most of these issues are due to the fact that most Web sites transmit mobile code to Web browsers for client side execution. While most of this code is safe and benign, there is no way for an end user to know when malicious mobile code is being offered until it is too late (i.e., it is already running on the user’s system).
The only way to mitigate this risk is to disable client-side execution of scripts and mobile code. While this can be done in most browsers directly, it can be difficult and it usually applies universally. A better solution is to use a browser extension that adds quick access to a range of features including being able to target the settings on a per site basis. For Chrome users, the tool ScriptSafe is a great choice. For Firefox users, the tool NoScript (http://noscript.net/) is the clear leader. These tools can be quickly located in their respective browser’s extension/add-on marketplace.
Note: If you are using a different browser, switch to Chrome or Firefox.
Just using your computer will cause a plethora of detritus to build up over time. This includes temporary files, histories, cached content, cookies, downloads, MRU (most recently used) listings, orphaned files, and stray registry entries. Some of this stuff is left over when uninstalling legitimate or malicious software. From time to time, performing a deep cleaning of your OS will result in improved performance.
Sometimes files get deleted by mistake. Important files. Files that you don’t have backed up (you have a backup, right?). Fortunately, the standard delete function removes the directly listing and pointers to storage clusters, while leaving the actual file data in place. If subsequent write activities overwrite these “available” clusters, the data is lost. However, if you can attempt a reclamation of the lost file before the data is actually lost, the act of undelete may be possible.
Bonus Tool: WDO
Sometimes your system will become infected by something that your native or standard detection and removal tools are unable to address. When you think you are in this situation, before giving up and low-level formatting or replacing hardware, try an offline scanner. Microsoft’s Windows Defender Offline (WDO) is used to scan your system while the OS is not active. This can give the security scanner the boost it needs to detect and remove some of the nastiest forms of malware.
It is everyone’s responsibility to be more secure. Having the right tools helps you achieve better security. Be the IT expert for yourself on your home systems by using these tools to get a better handle on the security of your systems. And be on the lookout for other great tools to expand your security toolbox.
Note: Most of the tools we have recommended are Windows only. If you know of Mac or Linux solutions that offers similar functionality, please send me a message. Also, most of the items I list are free. Some have paid versions you might consider if you discover the free version is indispensable.
Author: James Michael Stewart