APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Drive by automatic downloads

Michael Desrosers

This month's topic is a how technology and procedures can be used to divert "drive-by" or automatic downloads such as the recent Internet Explorer exploit, and to prevent drive-by downloads and other Internet threats from damaging your infrastructure and stealing your personal information.

How This Attack Works

Drive-by downloads infect existing websites or create new websites, and trick users into visiting them. Upon landing on the fraudulent site, hackers slip malicious software onto the PC through a browser flaw. The malicious software assists with identity theft, stealing credit card numbers, passwords and other sensitive data by secretly logging everything the victim types. Having an unsecured web browser leaves you vulnerable to a variety of problems from malware installing without your knowledge to intruders taking control of your computer. Exploiting these vulnerabilities in web browsers has become a popular way for attackers to compromise computer systems.

According to a new study by Google, 1 in 10 sites are malicious sites, silently installing viruses and spyware or tricking you into revealing your confidential information. Recent studies found that close to half of all web browsers were not fully secure and half of all Web sites are infested with some form of malware, including many of the leading search, social networking and shopping sites. And a majority of all new malware is released on the same day as the corresponding browser vulnerability is announced. These and other "zero day" attacks illustrate that setting your browser to maximum security and updating the latest security patch alone is not enough.

How Does It Affect You

All of these attacks bypass traditional PC security, such as anti-virus and firewalls, through your web browser damaging your PC while invading your privacy and stealing your money.

Do these scenarios sound familiar?


Lately I've noticed my computer is really slowing down. It takes forever to boot up, and my streaming video performance is terrible. I've spent a huge amount of time troubleshooting the problem, but can't seem to get my computer back up and running properly. As it turns out I was infected by malware disguised as a video file and silently installed itself on my machine.

I applied for credit and was turned down, even though my credit history is impeccable and I have never been late with a payment. As it turned out my identity was stolen and I was robbed. These identity thieves were running up thousands of dollars in debt under my name and it's all because I was tricked into entering my social security and banking account numbers on a fake website that posed as my bank's website. In the end, I had to spend a huge amount of time and hassle trying to recover my money and my identity.

Recently I needed access to this data but when I tried to locate the information everything was wiped out. Without our knowledge, we were the victims of an online attack that silently installed spyware, destroying all of our PC files. It was amazing how quickly we lost extremely valuable data. Most of the lost data cannot be recovered, and I am in fear about how this will affect my business and its reputation. Browser hijackers can install dangerous spyware that can cause irreparable damage to your files and programs as well as jeopardize your personal information and identity.

What Can You Do About It

Malware in action can consume a substantial amount of your computer's memory, leaving limited resources for other legitimate programs to use. This can lead to extremely sluggish performance of vital programs, like your current Internet browser or Operating System and a slow workstation overall.

Here are some smart guidelines that you can follow:

  1. Don't download from sites that you don't trust;
  2. Don't enter confidential information into sites you are not familiar with;
  3. Don't shop at sites you don't know;
  4. Update your operating system and browser regularly with the most current security fixes;
  5. Never follow a link from an e-mail that asks you to enter your personal information. Only malicious sites designed to look like real sites will ask for this, because reputable sites would never ask you to do this!

There are also some great plug-ins to grab for your browsers, whether you use Internet Explorer, Firefox, Mozilla, Safari or others. Here are a few tools that will provide additional levels of trust for your browser as you surf the web:

Calling ID - Free anti-phishing browser toolbar and embedded link checking software alerts the user if it detects phishing and related risks.

http://www.callingid.com/Default.aspx

Show IP - Show the IP addresses of the current page in the status bar. It also allows querying custom information services by IP and hostname and allows you to access DNSstuff tools to verify the location of the site..

https://addons.mozilla.org/en-US/firefox/addon/590

Router Status - Shows the current status of your router in the status bar.

https://addons.mozilla.org/en-US/firefox/addon/5544

Scandoo - This scanning technology scans each and every one of your search results to see if there is anything malicious behind the links and then feeds the security results back into your search page. Great home page!

http://static.scandoo.com/about/about_scandoo.html

There you have it. Hopefully some of these techniques and tools will make the potential for hijacks and "man-in-the-middle" attacks less viable for you and your organization. What it does provide, is a solid foundation to use the Internet safely and provide some level of security without being intrusive and preventing business uses for the web.

To view more articles:

http://aplawrence.com/cgi-bin/getauthart.pl?Michael%20Desrosiers

or to inquire about an on-site presentation, please feel free to call me at 508-995-4933 or email me at [email protected]

Until next time.....

Regards,

Michael Desrosiers
Founder & Principal Consultant
m3ip, Inc.
Managing Your Security and Risk Needs
(O)508.995.4933
(C)774.644.0599
(F)508.995.4933
[email protected]
http://www.m3ipinc.com



Got something to add? Send me email.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> -> trick users into visiting them.


1 comment



Increase ad revenue 50-250% with Ezoic


More Articles by © Michael Desrosiers







Wed Dec 24 15:40:41 2008: 4978   BigDumbDinosaur


Here are some smart guidelines that you can follow:

You forgot the most obvious one: if you use Windows don't use Internet Exploder.

------------------------
Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us





All this modern technology just makes people try to do everything at once. (Bill Watterson)

The use of COBOL cripples the mind; its teaching should, therefore, be regarded as a criminal offence. (Edsger W. Dijkstra)












This post tagged: