Antivirus
Software, Firewall & Browser
So you
have an antivirus
that protects your system, your firewall is active, your browser add-ons are up
to date, and you are not missing any security patches. But how can you be
sure that your defenses are working as well as you think?
These
tools can also be particularly useful if you are trying to quickly determine
how secure someone else's PC is. They can show you how much vulnerable
software your PC has installed.
Test your Antivirus
No,
we will not recommend downloading a virus to test your Antivirus Software; that's
a recipe for disaster. If you ever want to test your antivirus software,
you can use the EICAR test file. The EICAR test file is not a real virus,
it is just a text file that contains a string of harmless code that prints the
text "EICAR-STANDARD-ANTIVIRUS-TEST-FILE!" if you run it in DOS. However,
all antivirus programs are capable of recognizing the EICAR file as a virus and
responding to it as they would a real virus.
You
can use the EICAR file to test your virus scanner in real time to make sure it
will detect new viruses, but it can also be used to test other types of virus
protection. For example, if you are running antivirus software on a Linux mail server and
you want to test that it works correctly, you can email the EICAR file through
the mail server and make sure it is detected and quarantined.
Note: It is
important to test and ensure that all your defenses are configured and working
properly, but this cannot guarantee that your antivirus will stop every new
virus. Since there are new viruses every day, it pays to keep an eye on
what you download.
You
can download an EICAR test file from the EICAR website . However,
you can also create your own EICAR test file by opening a text editor (such as
Notepad), copying and pasting the following text into the file, and then saving
it:
X5O! P% @ AP [4 \ PZX54 (P ^) 7CC) 7} $ EICAR-STANDARD-ANTIVIRUS-TEST-FILE! $
H + H *
Your
antivirus program should react as if it has just created a real virus.
Port scan your firewall
If
you are behind a router, the router's Network Address Translation (NAT) feature effectively
acts as a firewall, preventing other computers on the Internet
from connecting to your computer. To ensure that your computer software is
protected from the Internet, either with a NAT router or through a software
firewall if your computer is directly connected to the Internet, you can use the
ShieldsUP! Test website. It will perform a port scan of your IP
address, determining if the ports are open or closed on your address. You
want ports to be closed to protect potentially vulnerable services from the
wild west environment of the open Internet.
Check browser add-ons
Browser
plug-ins are now the most common attack vector, that is, software such as Java,
Flash, and Adobe's PDF reader. You must ensure that you always have the
most recent and up-to-date versions of all your browser add-ons if you want to
stay safe online.
Mozilla's
plugin checker website is particularly good for this. It's made by
Mozilla, but it doesn't just work on Firefox. It also works in Chrome,
Safari, Opera, and Internet Explorer.
If
you have outdated plugins, you should update them to the latest secure
versions. If you have Java installed, you should uninstall
it now - or at least disable your browser plug-in . Java
is subject to a constant flood of zero-day vulnerabilities and
seems to spend most of its time vulnerable to attack.
Scan for vulnerable software
On
operating systems with central software repositories (like
Linux) or app stores (like iOS, Android, and the modern Windows 8 environment),
it's easy to know that all your apps are up to date with the latest released
security patches. Everything is managed through a single tool that updates
them automatically. The Windows desktop doesn't have this luxury.
Secunia,
an IT security company, develops a free app called Secunia Personal
Software Inspector to help with this. When installed, Secunia PSI
scans the software installed on your computer and identifies any outdated and
potentially vulnerable programs on your computer. You don't know all the
programs made for Windows, but it helps to identify the software to update.
Of
course, this does not cover everything. There is no way to guarantee that
your antivirus will
detect all the viruses that have been created; it won't because no antivirus is perfect. There
is no way to ensure that you are not the victim of phishing or
another social engineering attack. But these tools will help you test some
of your most important defenses and ensure they are ready for an assault.
No comments:
Post a Comment