Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help me protect myself


  • Please log in to reply
10 replies to this topic

#1 SidMax

SidMax

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 05 January 2012 - 08:17 PM

I recently had some bad time with a person. Right now, I am in danger of being attacked by a hired hacker to destroy important data from my PC and denigrate my image in front of the ones I know. This would be a big hit for me, so I want to know what can I do to protect myself.

Right now i checked the following:
1. Antivirus software
2. Firewall configured with a list of trusted programs
3. Password manager application (no more passwords stored in browser)
4. Changed all the passwords to more powerful ones (15+ random generated characters)
5. Bought a VPN

Please let me know what else can I do. I don't think there are any law regulations in my country that can help me, so I'm on my own.
Please consider this as being serious. Thank you in advance.

BC AdBot (Login to Remove)

 


#2 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:08:55 PM

Posted 05 January 2012 - 08:23 PM

Your questions are ones that are frequently asked, please take a look here: Answers to common security questions: Prevention & Choosing an Anti-virus or Firewall

Please keep in mind that nothing is 100% attack/bulletproof. The only way to achieve that, is not be connected to the web.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#3 SidMax

SidMax
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 05 January 2012 - 08:29 PM

Thank you.

I have allready read the topic you linked to, and yes I meet mostly all the rules that are written there.

I was asking if there is anything more, of course, except disconnecting from the internet, which is not possible.

Edited by SidMax, 05 January 2012 - 08:30 PM.


#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 AM

Posted 06 January 2012 - 06:34 AM

Right now, I am in danger of being attacked by a hired hacker to destroy important data from my PC


Please let me know what else can I do.


Make a backup of your data or your complete PC, and store it offline in a safe place.

Edit: maybe in your case it's probably good to encrypt the backup too.

Edited by Didier Stevens, 06 January 2012 - 06:47 AM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 AM

Posted 06 January 2012 - 06:38 AM

4. Changed all the passwords to more powerful ones (15+ random generated characters)


Make sure the security questions to recover access to an account are strong passwords too.
For example, don't use your real mother's name for a security question like "What is your mother's name?", but use a (different) strong password too for the answer.

Edited by Didier Stevens, 06 January 2012 - 06:39 AM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#6 SidMax

SidMax
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 06 January 2012 - 08:23 AM

Make a backup of your data or your complete PC, and store it offline in a safe place.

Edit: maybe in your case it's probably good to encrypt the backup too.


Already doing it. I am using Truecrypt (with all three encryption algorithms) to encrypt data to an external hard drive. I believe it is enough, right?

Make sure the security questions to recover access to an account are strong passwords too.
For example, don't use your real mother's name for a security question like "What is your mother's name?", but use a (different) strong password too for the answer.


I am using custom questions.

#7 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 AM

Posted 06 January 2012 - 09:03 AM

I believe it is enough, right?


More than enough.

Looks like you understand IT security technology pretty well. Do you use process whitelisting technology? Like SRP or AppLocker.
Because if you fear a targeted attack with custom malware, AV will not help you much.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#8 SidMax

SidMax
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 06 January 2012 - 10:01 AM

Looks like you understand IT security technology pretty well. Do you use process whitelisting technology? Like SRP or AppLocker.
Because if you fear a targeted attack with custom malware, AV will not help you much.


I noticed that SRP Whitelists can be overpassed using scripts from software like office applications (i.e excel). But, to answer your question, I did not use it.

Someone mentioned on some other forum that I should install FreeBSD, but I think that would reduce my job activities quite a lot. But, taking away this problem, would it be linux a more secured environment on its own than my secured windows operating system it is?

#9 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 AM

Posted 06 January 2012 - 10:48 AM

I noticed that SRP Whitelists can be overpassed using scripts from software like office applications (i.e excel).


Yes, and AppLocker too, that is research I published on my blog the last years. But there are other products that do this, I was just mentioning them an as example of whitelisting processes.

But you shouldn't worry about macros in Office documents, because they would need to trick you into opening the document and running the macros.

Anyway, if you do consider SRP or AppLocker, be aware that Microsoft has provided features in the Windows API to bypass SRP and AppLocker. I blogged about this beginning of last year. And at the end of last year, Microsoft published a hotfix for this (e.g. to disable the bypass).

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#10 SidMax

SidMax
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 06 January 2012 - 10:50 AM

Then, I will consider AppLocker or SRP.

Any opinion regarding passing to Linux FreeBSD?

LE: Nevermind, I won't change the OS unless there is no other choice.

Edited by SidMax, 06 January 2012 - 10:52 AM.


#11 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 AM

Posted 06 January 2012 - 10:54 AM

Someone mentioned on some other forum that I should install FreeBSD, but I think that would reduce my job activities quite a lot. But, taking away this problem, would it be linux a more secured environment on its own than my secured windows operating system it is?


I can't answer that. But do you know how to properly secure a Linux workstation? Because if you don't, switching will open you to more risk.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users