Hintlink

Hintlink

Home

Who we are  Capabilities

Applications - Latest versions Units of measure "Forecastfox" replacement 

News  Oil  Exchanges & Economics  

Weather Storms Climate Satellite Lightning Hail Snow Ice Air Fire Temperature Tropical Wind

Online Payments        Webmail            tripadvisor status

Add-ons: Seamonkey Firefox Thunderbird Chrome/Chromium

Open Source Applications

Open Source OS/GUI

Viruses, Spam & Security

RSS News feed

Hobbies / Guinea Pigs

Utilities  RF Exposure Calculator

WebCAM(1) (2)  (3)  More

Technologies  Product Designs 

 
  W4/VP9KF & G4BKI radio
 
  Data Policy  Disclaimer GDPR

Protecting your computer

Viruses, Spam & Security (+Alerts)


Better yet, just give up - Windows PCs are dead - run Linux Preferred Linux = Linux Mint with Cinnamon (32/64bit) or Apple Noooooooo... don't go there! 


Why you shouldn't run telnet (or open FTP) on any servers, routers or other infrastructure
You can make legacy telnet servers secure by using a Raspberry Pi :-) 

Tip of the moment: If using a bulk email service, make sure they don't leave the To: field empty.


Over the last couple of days (2018-01-03), there has been a lot of discussion about a pair of security vulnerabilities nicknamed Spectre and Meltdown. These affect all modern Intel processors, and (in the case of Spectre) many AMD processors and some ARM cores. Spectre allows an attacker to bypass software checks to read data from arbitrary locations in the current address space; Meltdown allows an attacker to read arbitrary data from the operating system kernel’s address space (which should normally be inaccessible to user programs). The Raspberry Pi family is immune to this.

'WannaCry' fixes (urgent 2017-05-13):
Manually installable patch for XP and other non-supported OSes can be found at this Microsoft page
Manually installable patch for Windows 7 and later can be found at this Microsoft page
You can be sure more is coming, so stay alert to media and SANS
Note: this exploits SMB1 server (optional) connection code. In our Win7 Professional installs none of the SMB1, SMB2 or SMB3 options were even present. To be safe, run these patches anyway.

DON'T EVER leave your e-mail client running all the time!
If you run Windows (or Wine on Linux), do yourself a BIG favour and use PopTray (use for Wine/Linux) or PopTrayU (use for Windows).
For the most reliable (and supportable) version of PopTrayU go to this download page and download v5.0.15.
This allows you to keep your e-mail client closed and will also block unwanted spam (by installing the example Rules.ini file given here):

Install PopTray or PopTrayU- tick greentick greentick greentick greentick green  then download our latest PopTray(U) Rules.ini file.
File last updated: Thursday, 06-Sep-2018 03:37:57 PDT Size:1.0MB

The Rules file is frequently tested and then updated. Re-visit here frequently and download to be rid of the 'spam of the day'.
Setting up PopTray(U) and Thunderbird
[you can also use BlackList.ptdat & WhiteList.ptdat files on specific e-mail addresses].

Saving Bookmarks, Passwords, Form entries? Avoid services such as LastPass
Ask yourself: Can I trust them? How long will they be around?
The top 10,000 passwords used - avoid them like the Plague.

Why you shouldn't use a "Cloud" - plus they are built on wobbly foundations


Internet Storm Center

Current Internet performance  Global Internet Traffic Report  Global graphical Traceroute  

Real-Time Web Traffic  SANS "Ouch" Newsletter Spam Statistics threatpost


Stop Badware Alerts and Reports


Spam
Where’s the latest Spam coming from?
EVERYTHING YOU TO NEED TO KNOW ABOUT PHISHINGThunderbird eliminates this
More Phishing Info - Thunderbird eliminates this
REDUCING Spam - in detail
A good article about “Why so much spam”

Security
THE DNS vulnerabilty - check your ISP's DNS updates - an overview of the worldwide patching

From here on down, ignore the rest of this page if you run Linux or *NIX

____________________________________________________________________________________________________


Microsoft's Security Vulnerability Research & Defense Blog a "must read"

Symantec summary useful information
Real Time Top 10 Vulnerabilities from Qualys. High end vulnerability news [professional]
Trojan & Virus News (live)Trojan info, but with Virus news & ratings [normal user]
TruSecure News mixture of vulnerability & virus news [medium user]
CERT mixture of vulnerability & virus news [medium user]
Zdnet security mixture of vulnerability & virus news [medium user]
SANS Institute mixture of vulnerability & virus news [power user] – Top 20 Threats
VirusBuster mixture of vulnerability & virus news [low end user]
MessageLabs Very nice presentation of stats and latest news [normal user]
Trusted Source  Threats and Trends McAfee [medium user]
Trend Micro highly rated, but stats seem older [medium user]
Security Geeks as you can guess this is higher end [professional user]
Virus Threat Centre

Notes for your Security & “Well Being”:
Our recommended – essential – programs carry a 5 tick rating

PROTECT YOURSELF
Install an anti-virus program. NOW.
Keep all security tools up to date EVERY DAY
Make sure you or your machine spend at least 15 minutes per day looking after your security
Get the latest patches and updates for your operating system (not a great idea after August 2013!!)
NEVER automatically open e-mail attachments
Always download free software or purchased software from trusted, reputable sources.
Make backups of important files on a regular basis – don't entrust them to a "Cloud" service.

Frequently Asked Questions:

Q. Why is this page a bit disorganized?

A. Viruses, spam and Security have become so inter-connected that to consider each in isolation is almost impossible. Writing a page which covers this subject is a vast job!

Q. Does that mean I should install everything on this page?

A. To be absolutely sure, yes. Of course, don’t install two anti-virus programs or two firewalls.

Q. Should I be constantly on the alert for the latest threats?

A. Within reason, yes. Without spending all your time doing it.

Q. What prevention measures are in place on your server?

A. The first thing an incoming e-mail hits is an absolute brickwall which refuses e-mail from some addresses and domains. This blocks very well known spammers. On a daily basis, this list is updated on the basis of real received spam. Next, the e-mail passes through SpamAssassin. This is the highest rated server spam blocker in the industry. Finally, our latest feature, special files in the web site areas prevent spam-bots from harvesting e-mail addresses automatically from your webpage. Webmasters must not remove these files, or this protection will be lost.

Q. How often should I update my programs?

A. Whenever and as soon as you can

Q. Why do I get so much spam?

A. With all of these measures in place, you should see a reduction in spam, especially with our new spam-bot blocker. However, spam is growing at at least 10% per month, so our latest measures, whatever they are, may seem to do no good.

Why so much spam, or why does some of your e-mail “go missing” went sent to others?

The longer your e-mail address is in service, the more you will receive. Period.

How to attract spam:

Visit “bargain” sites and sign up for e-mail alerts.

Simply register with many web sites.

Allow pop-ups & cookies (at the very least it’ll tempt you to “break the rules”).

Leave your e-mail address wide open on your website for spam-bots to collect.

Catch a virus.

Have somebody you know catch a virus and flood the internet with your e-mail address from their address book.

 

How to “lose” e-mail sent to others: (trigger spam filters)

Use an empty Subject line.

Use an empty From: line.

Use subjects such as “Check this out”, “Re:”

Attach .exe, .pif, .scr, .zip and other file types.

Use a bulk e-mail service (they break nearly all of these “rules”) - Gmail, Yahoo, Outlook, etc.

Use lots of HTML tags.

Use phrases such as “click here” or “to unsubscribe”

Use proprietary e-mail client phrases, such as "Emailing"

Use bad spelling and grammar

 

What’s an “acceptable” amount of spam? Anybody who “plays by the rules” will still receive spam, probably at the rate of 2-3 per day i.e. if you log on on Monday morning you should almost expect there to be 8-10 spam e-mails awaiting you after a weekend off.

 

Q. Aren’t you a bit anti-Microsoft & other big companies?

A. Well, yes, but for good reasons. Ours and our customers findings have been that many of the open-source or free versions of anti-virus, firewall, e-mail clients & browsers are superior in speed and performance than “mainstream” applications. Example: a machine infected with 18 viruses failed to have them detected by up-to-date versions of McAfee and Norton. AVG detected them and removed them on the first pass.

Frankly, we all know the faux-pas’ made in security by many of these companies. Not that open-source is perfect; but the time from finding a problem to fixing it is often much less than in the big corporations.

 

Now, let’s get on with fixing things!


OK, let’s do your Virus, Spam & Security Fixes now in one go (Windows only)
START HERE
down arrow
Download and install a firewall. Zone Alarm tick greentick greentick green(don’t ever go on the internet without it!) (DON'T USE Comodo)
We have removed two ticks. ZA isn't as good as it used to be.
In fact, Windows Firewall/Defender now seems to do quite a good job.
It seems to remove a lot of overhead.
down arrow
Avira   To update this you can use "C:\Program Files\Avira\AntiVir Desktop\update.exe" /DM="0" /NOMESSAGEBOX /receivetimeout=120 in a Scheduled task in Windows. (running this in scan mode will take about 60 mins on a typical system)  or AVG
Microsoft Defender does a reasonable job.
down arrow
Download and install  Wireshark (optional - almost certainly too complex for 99% of users)
down arrow
Download and install Noscript Windows Scripting Host Stopper
down arrow
Windows Update
down arrow
UnPnP
down arrow
Mozilla Firefox Secure Browser with industry standard plug-ins tick greentick greentick greentick greentick green
down arrow
Mozilla Thunderbird Secure e-mail with industry standard plug-ins tick greentick greentick greentick greentick green
Not only is Mozilla secure, but you can add calendar functions and PGP, GPG Enigmail encryption to your messages and attachments,
with Bayesian filtering built-in

down arrow
Remove Outlook, Outlook Express, Windows Live, Windows Mail and stop using Internet Explorer, Edge or Chrome. Use Vivaldi.
down arrow
Spybot remover – SpyBotS&D tick greentick greentick greentick greentick green To automatically update this you can use "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /taskbarhide /autoupdate /autoclose  in a Scheduled Task in Windows (running in scan mode will take about 45 mins on a typical system) [don't enable TeaTimer]. On Win7 and 8 you can use SpybotS&D v2 which has a completely different approach.
down arrow
Also Anti-Malware tick greentick greentick greentick greentick greenTo automatically update this you can use "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /update in a Scheduled Task in Windows (running in scan mode will take about 45 mins on a typical system) 
down arrow
REMINDER: I hope you followed the advice to install PopTray at the start of this page and to NEVER keep your e-mail client open.
Install PopTray PopTrayU - tick greentick greentick greentick greentick green Example Rules.ini file.
File last updated: Thursday, 06-Sep-2018 03:37:57 PDT Size:1.0M B

Test your Security
ShieldsUp
How can I see if my machine is sending out spam behind my back? You can look at Internet activity on your PC. A simple visual proof is to install NetMeter. If you see attempts to send out data every few seconds then you might have a problem.

However, don't be fooled, sometimes you'll see frames every 10s or so. This can be Microsoft networking trying to reach another machine. Likewise, you may see the effects of SSID broadcasts from a WiFi system.

To test further, you can download the rather complex
Wireshark which will give all the details of what is going on. When you do this, make sure that your browser, e-mail client and any other programs that talk to the internet are not running. There may be background jobs such as Real, Apple, Garmin and Google updates which you aren't aware of.
Useful links - Wilders
Anti-Virus Software (JUST FOR YOUR INFORMATION)
AVG anti-virus (free). 
Avast (free) – very complex user interface
F-Secure
Kaspersky
ClamWin (free)
Trend Micro anti-virus
McAfee anti-virus
Norton anti-virus
Specific removal tools (just in case your anti-virus tool misses it!) and another one too

Anti-Spam (JUST FOR YOUR INFORMATION)
PopFile Bayesian filtering for POP servers

menu
Home  | Who we are  | Capabilities  | Web Hosting & System News  | News  | Oil  | Exchanges  | Weather  | Online Payments  | Applications - Latest Versions
Open Source Applications  | Open Source OS/GUI  | Viruses, Spam & Security Alerts  | RSS News feed  | Hobbies  | Utilities  | WebCAM  | Politics  | Software

footer
© 2003-2024 Hintlink. All rights reserved. IP footer
User Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) IP Address: 3.141.41.227