Security Boot Camp

[Dashken]

If you are always worrying about the security of your computer but do not know what to do about it, then this is the boot camp for you.

Join Empire23 as he goes through the simple ways of checking for malware and cleaning your PC of them.

Link : Security Boot Camp

[repare]

Hey fellow security investigators;

Thank you for pointing to windows utilities that appear to work but do not in many situations.
netstat lists many process ID's that are not addressed on Microsoft knowledge base articles..i.e; (UDP connections *.*)
Various numbers of these when searched on Google return me to Microsoft's support page only to inform me that there is now data about these ports.

My msconfig startup file has no startup programs checked.

My task manager notebook has 26 processes running with Idle processes at 87% and taskmngr.exe averaging 7-8%.
0% for all other processes. I then click on performance tab and it shows 50-98% CPU usage mostly red. This is on a dual Opteron processor rig. I click on processes tab and It shows the same CPU idle 87% and taskmngr.exe at 9%.

The conclusion---taskmanager is unaware of hidden background CPU cache cycles and is not tagging all processes for viewing.

System event viewer shows application error and warning events. Disregards BSOD kernel memory dumps to the event viewer. Lists other event errors, that when sent to Microsoft support center, return the help and support message We're sorry

[empire23]

IIRC, taskmanager's system is unified, meaning that the numbers from both the performance tab and the processes tab should be the same, unless it's a smarter version of spyware that hides itself within metadata and is a latch on process (a parasitic one).

Caches was never meant to be known, processor makers design it to be totally transparent, so i guess it is natural. Although i would garner that the likelihood of a piece of spyware (being spyware of course) hiding from the Task manager is really small, Viruses on the other hand, especially ones that load their execution payload into the stack or extended memory locations can hide from task manager, although this will be explained in the later sections.

[Dashken]

We have just posted Part 2 of the article!

If you are always worrying about the security of your computer but do not know what to do about it, then this is the boot camp for you.

Join Empire23 as he goes through the simple ways of checking for malware and cleaning your PC of them.

Link : Security Boot Camp Part 2

[Dashken]

We have just posted Part 3 of the article!

If you are always worrying about the security of your computer but do not know what to do about it, then this is the boot camp for you.

Join Empire23 as he goes through the simple ways of checking for malware and cleaning your PC of them.

Link : Security Boot Camp Parts 1, 2 & 3!

[hyper_raider]

Heh with the wireless router as the icon i thought that you guys are talking about wireless security

[empire23]

lol wireless security, maybe i'll write an addon piece which includes security and auditing. Auditing as in being a hax0r

[Dashken]

We have just posted the Part 4 of the article.

If you are always worrying about the security of your computer but do not know what to do about it, then this is the boot camp for you.

Join Empire23 as he goes through the simple ways of checking for malware and cleaning your PC of them.

Link : Security Boot Camp Part 1, 2, 3 & 4

[Dashken]

In this installment, we covered the topic of anti-virus software and the best practices you can adopt to make full use of them. Armed with regular updates and following the tips we set out, you can be assured of a much safer system. This is particularly important if your PC is open for public use.

In the next part, we will take a look at spyware and how to remove them. This includes both basic and advanced spyware removal procedures. We will also take a look at various anti-spyware utilities and see how they can help us maintain the security of our systems. Finally, we will take a look at some tips that will keep you safe from getting hit by viruses, spyware and other malware.

Link : Part 5 of the Security Boot Camp

[Dashken]

In this installment, we covered the topic of spyware and the best prevention and removal practices you can adopt to fix the problems. Armed with regular updates and following the tips we set out, you can be assured of a much safer system. This is particularly important if your PC is open for public use.

In the next part, we will take a look at some tips that will keep you safe from getting hit by viruses, spyware and other malware. That will be the final part although we will continue to add and update this guide from time to time.

Here's a quote from the guide :

Quote:

"Spyware has to be the biggest bane of modern computing in recent years. It's that annoying and prevalent because 90% of the PCs I fix these days have problems stemming from spyware. Do note that the term spyware is, in my view, is a bit misleading. Spyware do not just “spy” on you. They are generally much more malicious."

Link : Part 6 of the Security Boot Camp