Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[GUIDE] How to keep your PC safely - Tips to determine a legitimate file [TIPS]
#1

[Image: ZJLcb.png]

A firewall is a program that filters what travels through one network to another.

[Image: 5UQbr.png]

It is used to secure networks and computers, in short, control access and block what is forbidden.
We also use a firewall to protect a local network of the Internet:


[Image: g88AF.png]

[Image: xzdoQ.png]

Briefly, it does:

₪ Allow LAN computers to connect to the Internet.

₪ Block attempts to connect to the Internet computers on the LAN.


[Image: 0ffDe.png]

Each time a data packet arrives, the firewall compares the packet to every rule until it finds one that matches the packet. It runs the action corresponding to the rule.

The rules can be: the packet's destination address, source address, destination address, source port, date, time, etc..

Actions can be: deny the packet, drop the packet, accept the packet, forward the packet to another network, modify the packet headers...


[Image: GdLir.png]

Some time ago, a new type of firewall has emerged: the so-called "personal" Firewalls. They are intended for individuals who can not afford to buy a separate computer just to make a firewall.

[Image: 0R9ot.png]

Instead of being a separate machine, the personal firewall works directly on the computer to be protected.

Example of personal Firewalls (download link included):


SoftPerfect Personal Firewall

Comodo Personal Firewall

BitDefender Internet Security 2012 (30 days trial)

A firewall is not an absolute weapon

Do not think your computer is 100% protected because you have a reliable and well configured firewall.

Some Trojans are able to disable personal firewalls, or even pretend to be your Internet browser to navigate to the firewall without noticing, that's why an antivirus is also very important.


[Image: DMTO6.png]

An antivirus is a software that aims to detect and possibly eliminate viruses from your computer, and take steps to prevent harm.

To detect a virus, it uses several techniques. How?

The signature:

₪ This method involves analyzing the hard drive looking for the signature of the virus, which is present in the database of the software (your antivirus), if it is current and if it knows this virus. That's why a FUD file is not always detected the first time when you scan the 'suspicious file' with your antivirus or with an Online Scanner, even with VirusTotal. The signature is a piece of virus code that identifies it. This method is most used.

Heuristic analysis:

₪ This is the most powerful because it can detect any unknown viruses by your antivirus. It seeks to detect the presence of a virus by analyzing the code of an unknown program (by simulating its operation). It sometimes causes false alarms, also know as 'false positive'.

Behavior:

₪ Antivirus software continually monitors the behavior of software assets; it scans all files created and modified. In case of anomaly, it warns the user by a message. This protection is essential when you surf the internet.


[Image: BHyp6.png]

When the antivirus detects a virus, there are three possible solutions.

① Repair the file:

₪ The antivirus must be able to repair a file reached, but this is not always possible.

② Delete the file:

₪ If the antivirus is not able to delete the file, you can delete it.

③ Quarantine:

₪ This is a temporary solution. The virus places the file in a safe folder on the hard drive. When the virus is able to repair the file, you can extract the file and repair it.


Free antivirus

Avast! Free antivirus

AVG Free

Norton 360



Windows updates are published on the second Tuesday (US hour) of each month.

[Image: XnPbI.png]

Windows updates are published on the second Tuesday (US hour) of each month.

This is an extremely important update which fixes several bugs and security issues that attackers exploit. Without it, I can almost guarantee that you will get infected more easily.


[Image: BQj0g.png]

Windows Update is included in Control Panel. To check for updates, click the 'Start button', click 'All Programs', and then click 'Windows Update'.

[Image: fKhx] [Image: fKhf]

[Image: TP3rR.png]

If you recently downloaded a suspicious file, you can follow the steps below to know if the file is legitimate or not.

₪ File name

₪ File size

₪ File location

₪ VirusTotal or other

₪ Google.com

₪ MD5 checksum verifier

[Image: hE3Dg.png]

The sources above are very useful. You can know the reputation of a file, if a process is legit, and more. (Links included)

ProcessLibrary

File Net

What is exe

File Inspect

Neuber

Thumbs up to Biggrodd for the GFX.

Reply
#2
ZoneAlarm is horrible, I wouldn't advise anyone to use it. It's also notorious for being the cause of many BSOD's as it has unstable drivers.
Reply
#3
AceInfinity,

What is best personal Firewall for you so?
Reply
#4
Regardless of what people say, I think Norton has had a great Firewall in it's 2010/11 versions, but BitDefender is good as well. Norton's firewall is very customizable though. If you get Norton up and running on your system correctly, i've never had issues with it. I know some others have had issues, but i'm sure that's because of the people out there that can't remove norton through the control panel, so they try deleting it, and then reinstalling it, and other dumb things like that Rolleyes

If you use the Norton Uninstaller tool and you install it cleanly to your PC, i've not had issues with it that way. Otherwise I could assume someone might have issues with it if they don't know what they are doing like most of the average computer users i've seen. Most people don't care though. As long as their PC still works and they can get onto Facebook everything is good it would seem.

Now I don't use Norton though, I just use MSE. Almost anything I can think of is better than having ZoneAlarm screw up your computer though.
Reply
#5
(02-09-2012, 03:05 AM)AceInfinity Wrote: Personally I think Norton has had a great Firewall in it's 2010/11 versions, but BitDefender is good as well. Norton's firewall is very customizable though. If you get Norton up and running on your system correctly, i've never had issues with it. I know some others have had issues, but i'm sure that's because of the people out there that can't remove norton through the control panel, so they try deleting it, and then reinstalling it, and other dumb things like that Rolleyes

If you use the Norton Uninstaller tool and you install it cleanly to your PC, i've not had issues with it that way. Otherwise I could assume someone might have issues with it if they don't know what they are doing like most of the average computer users i've seen. Most people don't care though. As long as their PC still works and they can get onto Facebook everything is good it would seem.

Now I don't use Norton though, I just use MSE.

You are right, I'm using Norton 2011 and it is perfect, my license will expires in April. Pinch

I will add Norton and BitDefender once I am at home.
Reply
#6
I have heard Norton is quite the CPU eater. I don't know if it's true or not. But for it's antivirus capabilities it is very good. I'm using Malewarebytes right now and I'm pretty happy with it.
Reply
#7
(02-09-2012, 03:05 AM)AceInfinity Wrote: Regardless of what people say, I think Norton has had a great Firewall in it's 2010/11 versions, but BitDefender is good as well. Norton's firewall is very customizable though. If you get Norton up and running on your system correctly, i've never had issues with it. I know some others have had issues, but i'm sure that's because of the people out there that can't remove norton through the control panel, so they try deleting it, and then reinstalling it, and other dumb things like that Rolleyes

If you use the Norton Uninstaller tool and you install it cleanly to your PC, i've not had issues with it that way. Otherwise I could assume someone might have issues with it if they don't know what they are doing like most of the average computer users i've seen. Most people don't care though. As long as their PC still works and they can get onto Facebook everything is good it would seem.

Now I don't use Norton though, I just use MSE. Almost anything I can think of is better than having ZoneAlarm screw up your computer though.

Added!

(02-20-2012, 04:55 AM)Untitled Wrote: I have heard Norton is quite the CPU eater. I don't know if it's true or not. But for it's antivirus capabilities it is very good. I'm using Malewarebytes right now and I'm pretty happy with it.

Yes I also heard the same thing. The problem with Norton, it finds a lot of 'false positive'.
Reply
#8
(02-22-2012, 09:03 AM)Vexna Wrote: Added!

(02-20-2012, 04:55 AM)Untitled Wrote: I have heard Norton is quite the CPU eater. I don't know if it's true or not. But for it's antivirus capabilities it is very good. I'm using Malewarebytes right now and I'm pretty happy with it.
Yes I also heard the same thing. The problem with Norton, it finds a lot of 'false positive'.

Not false positives however, it's built to recognize "hacktools" and other things like that which aren't meant to break your computer in any way. That can be configured however through Norton's signature settings to not show you warnings, or block files with particular signatures. Norton actually has less false positives than something like ESET, which has lots of them. And BitDefender was rated as one of the AV's that don't generate a lot of false positives either.
Reply
#9
(02-22-2012, 09:05 AM)AceInfinity Wrote: Not false positives however, it's built to recognize "hacktools" and other things like that which aren't meant to break your computer in any way. That can be configured however through Norton's signature settings to not show you warnings, or block files with particular signatures. Norton actually has less false positives than something like ESET, which has lots of them. And BitDefender was rated as one of the AV's that don't generate a lot of false positives either.

I did know it but I did not know that it was specially built for this kind of thing. I did not know either that Norton had less false positive than ESET. We are using ESET at each end of PLs (HJT on HF), I thought the opposite.

It is instructive to talk with you.
Reply
#10
(02-22-2012, 09:12 AM)Vexna Wrote: I did know it but I did not know that it was specially built for this kind of thing. I did not know either that Norton had less false positive than ESET. We are using ESET at each end of PLs (HJT on HF), I thought the opposite.

It is instructive to talk with you.

No, people use ESET for how "good" it is because they are blinded by how many false positives it generates though. But as i've said to others in the past about this. If it's false positives, isn't that better than not blocking something that may not be a false positive? But that is up to your own personal discretion to decide. That was a valid report from late 2011 that I had seen.

Now however, I believe Symantec is partnering up with Microsoft, and that will make them pretty powerful in the world of security, especially if they combine knowledge to create something new, or build on their products together. Or that was the plan anyways for Windows 8.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  [Help-Tips] How to Install RAM flAmingw0rm 17 6,675 02-14-2020, 03:07 AM
Last Post: lucifer1413
  TIPS!! how to clean a Virus-Infected Computer ginoside021 9 3,687 12-13-2010, 11:14 PM
Last Post: Bursihido
  12 Tips to Maintain a Virus Free Computer tech2game 9 2,523 12-13-2010, 11:11 PM
Last Post: Bursihido
  [Guide]Very basic guide for general security Zurmi 14 6,916 11-02-2010, 10:28 AM
Last Post: Zurmi
  [Guide] How To Browse The Internet Safely Silver 16 4,670 09-03-2010, 10:50 PM
Last Post: Hustler

Forum Jump:


Users browsing this thread: 3 Guest(s)