Antivirus Comparisons - How to Choose the Best Antivirus Software Product

Years ago it used to be important that you had some antivirus software on your machine. With the Internet, it is now imperative. Viruses can spread extremely quickly thanks to email, file sharing and chatrooms. To protect yourself you will want the best products available to you. Here is how to carry out antivirus comparisons to make sure you are using the best product.

First you should visit the websites of companies that carry out antivirus software reviews. Virus Bulletin and AV-Comparatives specialise in this type of software and both have a respected position in the industry. You can also visit the websites of computer magazines or buy them from a newsstand.

These reviews will concentrate on how effective the software is at doing its job: finding and eliminating viruses. Narrow your search down to the top performing products. But there are a lot more factors that will affect your choice. The first of these are speed and stability.

Find user reviews online that discuss how the software has performed on people's computers. Has it adversely affected the speed of the computer or are their conflicts with other software? Once you have carried out this bit of research, download a trial version. Any problems with stability will now show up before you actually spend money on the product.

Use the trial to evaluate other features such as ease of use and the graphical user interface. This type of software is very advanced but some manufacturers have succeeded in making it very easy to use. Others still have a way to go.

Another feature that many people ask for is a 'set and forget' option. This allows you to set the software to automatically perform scans and pick up updates. You should evaluate this process with the free trial.

When you are carrying out antivirus comparisons, don't be afraid to put several products on free trial. Just be aware that most antivirus software is incompatible. You have to remove one before you can install another.

Learn more about free virus software by visiting http://www.top-antivirus-software.com. Can free antivirus programs be better than paid? The results are surprising.

Usability & Security - Unlikely Bedfellows?

With an ever increasing online population - 41 million users in the UK alone - computer security and user authentication have never been more vital. Unusable security is expensive as well as ineffective. According to Password Research, two-thirds of users had to reset their passwords/PINs three or more times in the last 2 years. With each password reset estimated at £35 in help desk costs (source: Mandylion research labs), it's easy to see how expensive an affair this can be.

Passwords

Passwords are by far the most widely used method of authentication. We're all having to remember more usernames and passwords by the day. It comes as no surprise then that over half of us use the same password for everything from work to banking to ecommerce, which is known to be poor security practice. More worryingly, 21% of people revealed their passwords in exchange for a bar of chocolate (source: Infosecurity Europe)! Clearly it's not all about making systems secure but making them usable too.

Passwords have long been considered insufficient within the security industry. Bill Gates even called for an end to passwords 2 years ago (source: CNET news). As that day still seems a long way away, let's consider what we can do to make the best of a bad bunch.

What you can do

As a website owner, you can make your customers' lives easier, and your site more secure by adhering to the following guidelines:

* Use e-mail addresses as usernames - Don't ask site visitors to create separate usernames as this increases the number of items they have to remember.
* Allow passphrases rather than just passwords - Passphrases are just like passwords but longer, being entire phrases instead of single words. They're typically 20-40 characters in length, an example use being Wi-Fi security. A sample passphrase would be 'PASSphrase1234567890'. Phrases provide context and are easier to remember than words in isolation. Passphrases are also harder to crack than passwords.

Helping users remember their passwords

To help your users choose secure passwords that are memorable, try suggesting some of the following tips to them:

* Use a passphrase instead of a password, if the system permits.
* If not, take a phrase and use the first letter of each word to make up a password that's easy for them to remember but difficult for others to guess. For example the phrase 'my favourite sweet in the world has to be chocolate' becomes 'mfsitwhtbc'.
* Then replace some of the letters with capital letters and throw in numbers and symbols to increase the password strength. For example use '1' or '!' for an 'i', '4' or '@' for an 'a' and so on. The above sample password 'mfsitwhtbc' then turns into 'Mfs!twht6c', which is much stronger.

Do your users have one password that they use for everything and want to keep it that way? They can have an easy life and be security-conscious. Here's how: Advise them to append an additional word/number at the end of the universal password to make it longer and more secure. The add-on can be related to the application/site they're on, so it's easy to remember and yet unique.

Here's an example - let's say the universal password is 'password' (which it should never be of course!). This is of course a rather weak password in terms of security. For a florist's site they can turn it into 'p@ssw0rdfl0wers' (for 'passwordflowers') and for e-mail it can be 'p@ssw0rdem@1l' (for 'passwordemail'), both of which are much more secure than the initial choice and unique to the respective sites. With just a few modifications, the new password 'p@ssw0rdfl0wers' becomes very secure.

Encourage your users to find out how secure their passwords are by checking their password strength on sites like Security Stats, Password Meter and Microsoft's Password Checker.

What's the future?

Passfaces

Should passwords disappear then what'll replace them? An alternative is a system called 'passfaces' that utilises our innate ability to recognise faces with speed and accuracy. Users are required to correctly select their pre-chosen faces from a random set in order to gain access. Passfaces has already been implemented by a number of websites.

Random number generators

Some online banking customers are being sent chip-and-pin card readers to add a layer of security. A lot of banks and large corporations are using tokens such as random number generators in addition to passwords to increase security.

Biometrics

Another alternative is biometrics where a person's physical or behavioural characteristics such as fingerprint, iris or voice are used for authentication. Examples include laptops with built-in fingerprint readers and the new biometric passports in the UK.

These approaches aren't solutions in themselves but will have to consider the human as being central to the whole authentication process in order to succeed.
In a nutshell

Traditionally, security has been considered more important than usability. In reality, security measures only succeed when users' needs are taken into consideration. Contrary to popular belief, security and usability can and should go hand in hand. Let's hope whatever replaces passwords is designed with usability in mind so we don't have to lose ours!

This article was written by Mrudula Kodali. Mru's crazy about improving online user experiences - so crazy that she works for Webcredible ( http://www.webcredible.co.uk ), an industry leading user experience consultancy, helping to make the Internet a better place for everyone.

Scanning the Box

This article provides details on the scanning phase of any penetration test (blackbox, whitebox, gray box). Let's start from defining the types of scan we can use while performing a penetration test.

Scanning the box means performing the scan on the target to blueprint its security measures and than to penetrate into the box.

Types of scan we can perform on the selected target:

1. OS Scan (OS fingerprinting)

2. Port Scan ( Service detection)

3. Vulnerability scan (finding the hole)

Let's discuss the above types in detail:

OS Scan (OS fingerprinting):

When we are performing a pen-test we need to detect what OS is being running on the remote machine so what we can search for its related critical patches and vulnerabilities. OS fingerprinting is also known as banner grabbing.Banner grabbing and operating system identification - can also be defined as fingerprinting the TCP/IP stack. Banner grabbing is the process of opening a connection and reading the banner or response sent by the application

Following are the two techniques used to detect OS fingerprint:

a. Active Stack fingerprinting

b. Passive Stack fingerprinting

Active stack fingerprinting:

Active stack fingerprinting is the most common form of fingerprinting. It involves sending data to a system to see how the system responds. It's based on the fact that various operating system vendors implement the TCP stack differently, and responses will differ based on the operating system. The responses are then compared to a database to determine the operating system. Active stack fingerprinting is detectable because it repeatedly attempts to connect with the same target system.

Passive stack fingerprinting:

Passive stack fingerprinting is stealthier and involves examining traffic on the network to determine the operating system. It uses sniffing techniques instead of scanning techniques. Passive stack fingerprinting usually goes undetected by an IDS or other security system but is less accurate than active fingerprinting.

Port Scan (Service detection):

Port scanning is used to gather information about a test target from a remote network location. Specifically, port scanners attempt to locate which network services are available for connection on each target host by probing each of the designated (or default) network ports or services on the target system.

In a broad approach Port scanning is the process of identifying open and available TCP/IP ports on a system. Port-scanning tools enable a hacker to learn about the services available on a given system. Each service or application on a machine is associated with a well-known port number. For example, a port-scanning tool that identifies port 80 as open indicates a web server is running on that system. Hackers need to be familiar with well-known port numbers.

Vulnerability scanning (finding the hole):

The primary distinction between a port scan and a vulnerability scan is that vulnerability scan attempt to exercise (known) vulnerabilities on their targeted systems, whereas port scan only produce an inventory of available services. That said the distinguishing factors between port and vulnerability scan are often times blurred.It is the automated process of proactively identifying vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network's security. Vulnerability scanning typically refers to the scanning of systems that are connected to the Internet but can also refer to system audits on internal networks that are not connected to the Internet in order to assess the threat of rogue software or malicious employees in an enterprise.

Tools available for Scanning the BOX

Port Scanners: de-factor for port scanning is NMAP some more tools are available for port scanning are net cat, advance port scanner, super scan etc

Vulnerability scanners: de-facto standard for vulnerability scanning is Nessus some more tools are available for vulnerability scanning are GFI Languard, SARA, Shadow security scanner etc.

Spy Scanners - Don't Compromise your Privacy

Spies, spyware, internet parasites are among what they are usually called. These are scouts that monitor your web activities. The work undercover to check on your surfing patterns, spending habits, items bought, they extract email addresses, hijack browsers, steal credit card information. These are just some of the things a spyware is capable of.

A spyware is mainly an information hungry parasite determined to gather data from a user or surfer without him knowing it.

The information gathered by these parasites are then sent to the originator without the users consent. Most often, the information gathered by the spyware are used to generate ads and pop-ups on the user’s PC.

Spywares and Adwares aside from being a nuisance and an invasion of privacy can also jeopardize the optimal performance of your PC. They can eat up unused disk spaces and position themselves in an inconspicuous location in your hard drive. They can also eat the bandwidth, crash your system and oftentimes inflict themselves in the Registry or in the memory of your computer.

Spyware and Adwares have become very rampant nowadays. Prevent yourself from being a victim of these by:

* Being careful of Freeware and Shareware Downloads

- Some of these downloads are tagged with spywares which may be unknown to the user. Refrain from downloading sharewares and freewares from unknown sources.

* Installing a good spyware/adware scanner and removal software

- There are a number of spyware scanner and/or removal softwares in the market today. A good spyware scanner can effectively locate all spywares installed on your PC and a good spyware removal tool can effectively remove all the spywares detected.

Spy Scanners are programs designed to detect spies in your PC. A good spy scanner can effectively search through the most unnoticeable embedded files that spy on you.

Most Spy scanners include a spyware removal function. Other spy scanners do not entail spyware removal features but display the logs of the spyware detected in your PC. The information in the logs contains the location and nature of the spywares.

For spy scanners with no built-in spyware removal functions, a manual deletion of the spyware files could also be done since the location and the file type is specified in the logs. Some Spy scanner products on the market today have spyware scan available for non-paying users and the removal tool available only for paying users.

Spy Scanners when installed can be chosen to run on demand or periodically.

-------------------------------------------------------------------
Gina Marie Capatar is a Technical Writer by profession and writes articles for http://www.isnare.com, also accepts freelance writing jobs. feel free to drop by http://www.isnare.com or email her at gcapatar@gmail.com