Help ATS with a contribution via PayPal:
learn more

How to browse the Internet safely like an IT pro!

page: 1
38
<<   2  3  4 >>

log in

join
+3 more 
posted on Aug, 26 2012 @ 06:21 PM
link   
Are you tired of worrying about contracting a computer virus? Are you tired of manually editing your NoScript block/allow list? Do you wish to feel secure on your computer without having to pay a monthly fee for a professional grade antivirus program? Then I have you’re solution here. I will be giving a step by step lesson that even the most basic computer user will be able to follow with ease.

To give you some background information, I am currently a senior in a CyberSecurity program with a concentration on Digital Forensics. And like you, I despise spyware, viruses, and having to worry about losing my computer.

One of the hottest topics currently in the digital forensics community is the use of virtual machines, which we will be creating today. A Virtual Machine can be a very powerful and useful tool, however, the “bad guys” have learned that the use of them makes our job (digital forensics) much more difficult. This is due to the simple fact that Virtual Machines leave behind very little evidence as they typically do not write to a computer’s hard drive




posted on Aug, 26 2012 @ 06:24 PM
link   
reply to post by VonDoomen
 


doesnt work if you happen to download a root kit trojan horse virus. it will infect the vm then your computer



posted on Aug, 26 2012 @ 06:30 PM
link   
reply to post by VonDoomen
 


Is this a sales pitch i see?



posted on Aug, 26 2012 @ 06:36 PM
link   
I'm throwing money at the screen but it does not work!

Great sales pitch




On a serious note. Thanks for this advice. Certainly will take it in once I sort out my computer.



posted on Aug, 26 2012 @ 06:38 PM
link   
Good post, S&F!


Trying to help people is a great thing... but being in a similar business that you are, I can say for 100% fact that the typical end-user is not going to do this, and they are also not fully protected. There are options in VMWare for sharing hardware on the host that a crafty virus can still take advantage of. Sanboxing only works if you turn off all of those options and are not connecting to a shared network from within your VMWare environment.

A worm that can traverse network drives and look for other hosts to infect could still use a sandbox VM as a launch point into the network. The LoveBug virus did an excellent job at this, and any attempt at running it in a sandbox failed unless the sandbox was completely disconnected from the network and internet. I can attest to this first-hand.

However, I give you props for trying to help people.

A simpler, yet less secure solution, is to make use of tools like NoScript, ad-blockers and good anti-virus software as well as changing your HOSTS file to blacklist all of the known infectious sites on the internet so that your computer can't even connect to them if you wanted to. I've used this combination for friends and family for years with significant success.

With 64-bit computers, all of the age old 32-bit infections are becoming a thing of the past and malicious software developers are having to re-write everything since the core set of files to be hijacked and registry keys are in completely different places. And not everyone runs Linux VonDoomen...


~Namaste
edit on 26-8-2012 by SonOfTheLawOfOne because: (no reason given)



posted on Aug, 26 2012 @ 06:40 PM
link   
It's incorrect to state that the virtual machine doesn't write to your hard drive, and it's also incorrect to state that virtual machines leave behind very little evidence.. that's quite a dangerous assumption.. and by default, absolutely false.

The fact is that these virtual machines create a disk image and the virtual machine writes to that image ( which is written to your hard drive ) .. BY DEFAULT .. these images are not encrypted and can be mounted as a drive on your machine... meaning that all someone would need to do is copy your image and mount it on their computer.. your data is now available with minimal effort at all.

So again, the statements made in regards to that are just completely false... if you enable encryption and set a password then you're probably pretty safe..

IF you really want to worry about not leaving evidence behind for whatever reason ( paranoid much? lol ) .. I would recommend the free software called TrueCrypt... You can create an encrypted virtual drive and from there, you can create your vmware image inside that encrypted virtual drive... when you're done playing in your virtual environment, you simply dismount the truecrypt volume... As long as you're using a very powerful password, or making use of a key file.. you can bet on everything being secure.

ALTERNATIVE TO VMWARE .. for those who don't want to spend the money, you can download VirtualBox for no cost... it's very very similar to Vmware, in my opinion it's actually better .. $0.00 .. Yes vmware player is free, but limited... VirtualBox is entirely free and without limit.. it's more like the full commercial version of vmware, but again in my opinion, better.

Truecrypt is also $0.00

There's another app that you can also use for free that I highly recommend for those who are downloading and running software that you might not trust .. it's called Sandboxie .. you can right click a program and launch it in sanbdboxed mode... it has a virtual registry and filesystem so everything the program does is trapped within that box...

Virtual machines are certainly good for keeping your host system clear of infection.. I won't take issue with that


Enjoy!

Ps. I'm a systems administrator for an internet company, I've been involved in security and systems management / programming and yes even some real investigation work for law enforcement as part of my job.. I've been at it since 1998.. Practice safe internet =)
edit on 8/26/2012 by miniatus because: (no reason given)



posted on Aug, 26 2012 @ 06:42 PM
link   
reply to post by digital01anarchy
 


First, that rootkit would have to be able to work through linux. And then work through windows. A Virus like this would have to be one of the more rare virus'es you could ever come across.

Think about this. Virus writers want to get as many people as possible. How many people do you think browse the internet through a sandbox? As a % of the population, it would be a VERY small number. The knowledge and time needed to create a root kit like this would be tremendous compared to your average virus.

REGARDLESS, this method is still much much safer than browsing the way people typically do. IF you know about rootkits, then you should know this...

Personally, I think its kind of rude for you to come onto this thread spouting stuff like this, when this is one of the safest ways to browse the internet! Do you have a personal issue with people doing this??



posted on Aug, 26 2012 @ 06:43 PM
link   
reply to post by denver22
 


reply to post by hellzdoms
 


I suggest reading before commenting.
Everything I posted is 100% free.



posted on Aug, 26 2012 @ 06:47 PM
link   
reply to post by SonOfTheLawOfOne
 


reply to post by miniatus
 


And here comes the internet cavalry! Thank you for the comments though!

Yes i know this method is not 100% secure. I did not want to get extremely technical in this post, as it would tend to turn away even more people. However, this is a good method of providing a lot of protection.

I didnt want to get into a USB build, and or using truecrypt, as that just makes it more confusing for beginners.



posted on Aug, 26 2012 @ 06:49 PM
link   
reply to post by miniatus
 


If you would like to create a truecrypt tutorial for doing so, please be my guest!

But I must correct you, VMware is free. Im not sure why you think its not?



posted on Aug, 26 2012 @ 06:50 PM
link   

Originally posted by VonDoomen
reply to post by SonOfTheLawOfOne
 


reply to post by miniatus
 


And here comes the internet cavalry! Thank you for the comments though!

Yes i know this method is not 100% secure. I did not want to get extremely technical in this post, as it would tend to turn away even more people. However, this is a good method of providing a lot of protection.

I didnt want to get into a USB build, and or using truecrypt, as that just makes it more confusing for beginners.


Well no need to get technical when it comes to that.. but I wanted to point out that what you said is only true if you enable encryption and set a password.. which is literally just one additional step


I fully support everything else you've said.. and I wanted to mention VirtualBox because it's a fully featured alternative to the free vmware player .. Sandboxie is an excellent alternative for people who are generally safe with their browsing habits but might not trust something they downloaded..

Anyway - useful info



posted on Aug, 26 2012 @ 06:51 PM
link   
oh great, this thread got moved to "Computer help" Where most frequent browsers already know this.

Well, that was a short run



posted on Aug, 26 2012 @ 06:54 PM
link   
reply to post by miniatus
 


yes, 1 additional step, which actually turns into 20 additional steps when you document it in the manner I did



posted on Aug, 26 2012 @ 06:57 PM
link   

Originally posted by VonDoomen
reply to post by miniatus
 


If you would like to create a truecrypt tutorial for doing so, please be my guest!

But I must correct you, VMware is free. Im not sure why you think its not?


Vmware player is free, vmware's full product "Workstation" isn't .. the player product is limited in features.. so I wanted to at least give virtualbox an honorable mention since it's not feature limited and is free, there's no commercial version.

Truecrypt's website actually has a pretty straightforward tutorial already..for anyone who's interested in looking it over you can check it out here

www.truecrypt.org...



posted on Aug, 26 2012 @ 06:57 PM
link   

Originally posted by VonDoomen
reply to post by SonOfTheLawOfOne
 


reply to post by miniatus
 


And here comes the internet cavalry! Thank you for the comments though!

Yes i know this method is not 100% secure. I did not want to get extremely technical in this post, as it would tend to turn away even more people. However, this is a good method of providing a lot of protection.

I didnt want to get into a USB build, and or using truecrypt, as that just makes it more confusing for beginners.


I totally agree and applaud you for your efforts!


With end-users, I've found the KISS principle works best.


~Namaste



posted on Aug, 26 2012 @ 06:57 PM
link   
reply to post by miniatus
 


Edited the OP to include a reference to you and Truecrypt if users wish to use this additional method.

ETA: Ah i see you beat me to it!
edit on 8/26/2012 by VonDoomen because: (no reason given)



posted on Aug, 26 2012 @ 07:11 PM
link   
reply to post by SonOfTheLawOfOne
 


I have to agree with sonofthelawofone. It isn't as easy as you make it out to be but as a learning tool its powerful because it allows you to run any os which is nice, Very helpful tool when getting your MCITP cert



posted on Aug, 26 2012 @ 07:14 PM
link   

Originally posted by miniatus

Originally posted by VonDoomen
reply to post by miniatus
 


If you would like to create a truecrypt tutorial for doing so, please be my guest!

But I must correct you, VMware is free. Im not sure why you think its not?


Vmware player is free, vmware's full product "Workstation" isn't .. the player product is limited in features.. so I wanted to at least give virtualbox an honorable mention since it's not feature limited and is free, there's no commercial version.




I will go with that, as it is 100% free with full features.
Vmware is not 100% free in the sense with full "features".

So theoretically vmare when visited becomes a sales pitch to entice you to buy the full product
My vote is with virtualbox 100% free fully featured.



posted on Aug, 26 2012 @ 07:19 PM
link   
reply to post by denver22
 


Well I am sorry if i offended you.

I am in no way linked to VMware and this is not a sales pitch. It was intended to be a tutorial for beginners. The people who do not necessarily need every single feature.

This was a lab I did last semester, and didnt feel like doing EVERYTHING (documenation) over again while using new software.



posted on Aug, 26 2012 @ 07:23 PM
link   
reply to post by VonDoomen
 


I really didn't think about that aspect to be honest I ran server 2003 and xp as well as some other ones but your right about it not being able to cross into a different os. Like i said i used mine to get a cert most of the os except two or three are windows based so they could cross over sorry I posted incorrect information which isnt really incorrect just situational incorrect if running a different os on your desktop

the way i processed it was using my own virtual box and you got that response but the op is totally correct
edit on 26-8-2012 by digital01anarchy because: (no reason given)






top topics



 
38
<<   2  3  4 >>

log in

join