Security Tips

Ransomfree
Ransomfree detects known and unknown ransomware and stops attempts to encrypt local disks and share network drives. The vendor claims it works to spot and stop infections against 99 percent of ransomware strains. And it is free, but just for Windows 7 and above for now. — CYBERREASON
Securing WordPress
When performing a self-installation of WordPress, there are a number of easy steps that can be taken to protect against an attack. While these steps will not guarantee security, they will make it harder to gain access. Click here to find out how.
Disable Autorun
Removable USB/thumb drives use the Autorun feature to load files when the drives are plugged into the USB port. Malware exploits the Autorun feature to spread from thumb drive to PC. Disable the autorun feature to prevent malware from spreading. To use this method, Open Notepad and copy/paste the following into a text file, or download it here:

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@=”@SYS:DoesNotExist”

Save the file as something.reg. (You have to be sure to change the “Save File as Type” to “All Files” before saving, or Windows will try to save it as a .txt even if you typed in .reg.

Locate the file you just saved and double-click the file to run it. You will receive a prompt asking if you want to add the data to the registry. Click yes to allow the modification.

The above method nulls any request for autorun.inf and works on XP Home or Pro, as well as Windows Vista.

Disabling Remote Registry
By default, the registry on your computer is available to others on the network. This means another user on the network could remotely access your registry if they have the skills to do so. Since the registry is the core of the operating system, you may want to increase security on your computer by removing this capability.

One way you can accomplish this is to disable the Remote Registry service. If you are running Windows 2000, Windows XP, or Windows Server 2003, open the Administrative Tools within the Control Panel and locate the Services applet. Double click Services and locate Remote Registry. Right click the Remote Registry service and click Properties. Change the startup type option to disable. Click OK. Once you restart your computer, the service should no longer be running.

Stealth those Ports
Firewalls
A closed port is like locking your home, anyone can SEE your home is there, and SEE that it is locked. That will discourage HONEST people from attempting entry, and discourage most thieves. However, thieves with enough interest and time will break through those locks. Now, imagine having a home that is invisible? No one can see it but you! To everyone else it looks like an empty parking lot. People may walk by and look, but they CANT SEE YOU! That is what a Firewall can do for your computer. A firewall ABSOLUTELY ISOLATES your computer from the Internet using a “wall of code” that inspects each individual “packet” of data as it arrives at either side of the firewall — inbound to or outbound from your computer — to determine whether it should be allowed to pass or be blocked.

Firewall Tip: Many mail servers will do a reverse connect on port 113 to see if you are who you say you are. Generally an ident server isn’t running and the mail server gives up it’s connect. But if 113 can’t get through the firewall it will delay for it’s timeout period before continuing. Solution: Set your firewall to allow port 113 (ident) through.

A word about scrap files:
Scrap files are potentially lethal because the .shs extension is never shown by Windows and therefore a seemingly harmless attachment like update.txt can actually be update.txt.shs and when you open it…surprise …it’s-a-script! (capable of all kinds of mayhem). To prevent this (if you feel brave) back up your registry (just in case), open regedit and look for HKEY_CLASSES_ROOT\ShellScrap and find the value NeverShowExt on the right hand side. and delete it. Do the same for the value HKEY_CLASSES_ROOT\DocShortCut and close regedit.

Now open windows explorer and select folder options from the view menu. Click on the file types tab and select Scrap object from the list, select edit, change icon, browse…go to pifmgr.dll (usually in c:\windows\system32) and select the last icon (a bundle of dynamite) and select it. Now any time you see a bundle of dynamite attached to your email, you know not to open it.

Subscribing to Microsoft’s Security Bulletins
Compose an e-mail to: microsoft_security-subscribe-request@announce.microsoft.com. The subject line and the message body are not used to process the subscription request, and can be anything you like. Send the e-mail. You’ll receive a response, asking you to verify that you really want to subscribe. Compose a reply, and put “OK” in the message body. (Without the quotes). Send the reply. You’ll receive two e-mails, one telling you that you’ve been added to the subscriber list, and the other with more information on the notification service and its purpose. More details are available here.
Internet companies, whose apparent “business model” is the exploitation of consumer trust and ignorance, are sneaking their spyware systems into our machines for their own purposes.

What to do about it?
To keep up on issues like this you can visit http://www.PrivacyDigest.com

Privacy Digest covers the items directly and indirectly impacting your privacy such as cryptography, wiretaps, Free Speech, DNA and genetic testing, and database tracking in general. The author uses main stream sources such as CNN, MSNBC, NY Times, Washington Post, CNET, ZDNET and ideas from SlashDot, and other sources of similar stature for his links. No black helicopters here 🙂

Membership options