Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to protect from infected network?


  • Please log in to reply
5 replies to this topic

#1 Randomb

Randomb

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:46 AM

Posted 19 April 2016 - 04:28 PM

My youtube account was compromised a while ago. The place I'm currently in I have no control over the router, or other computers.. I'm just wondering if I were to do a fresh install of my windows OS, what kind of programs would you recommend to prevent hacks, and other viruses or malware, zero-day exploits etc from my network, any good anti-hacking tools? Or if I were to set up my own router, would it be safe from the other computers if it was still on the same network? If I had my own secure password & etc? I had eset firewall installed on a fresh install of Windows, and it was blocking requests from a few devices on this network, as well as a few unknown ip addresses such as from Brazil on TCP in. I installed eset off of connecting my phone to my computer.

I found a program called heimal, is it any good? Is it a new program? Or has it been around for a while?

Make and model of computer

Acer Aspire E-15

How the computer is connected (wireless or wired)

Wireless

Make and model of Router

Actiontec V1000h

Approximate Distance From the router the PC is if its a wireless connection

30 meters

What type of internet you have (Dsl, Cable, T-1,etc..)

Dsl

Thanks! Your help is much appreciated =)

Edited by Randomb, 19 April 2016 - 04:34 PM.


BC AdBot (Login to Remove)

 


#2 Kilroy

Kilroy

  • BC Advisor
  • 3,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:08:46 AM

Posted 20 April 2016 - 06:21 AM

You are the weakest link in your security.  Your habits are more likely to get you infected than a hole in your security.  Since the Windows firewall is turned on by default along with Windows Defender you have basic security by default.

 

The first thing to remember is that security is not convenient.

 

Are you using a password manager?  If you can remember all of your web passwords they aren't secure enough.  If you are using the same password on more than one site as soon as one of those sites loses control of your password all of the sites are compromised.  Personally I use LastPass with a Yubikey for two factor authentication into my password vault.  LastPass is free for PC use, but requires premium, only one dollar a month, for two factor authentication and mobile access.

 

Are you using scripting?  Most drive by infections are from advertisements that have been compromised.  These ads are being served on major sites, Yahoo, CNN, Forbes, New York Times, and many more.  I'm currently using Google Chrome with the No Script Light add-on.  Previously I was using FireFox and No Script.  Bonus you will see fewer ads when you block scripting.


Edited by Kilroy, 20 April 2016 - 06:23 AM.


#3 Randomb

Randomb
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:46 AM

Posted 20 April 2016 - 12:42 PM

Hi, this was a fresh install of Windows. I re-installed windows after my youtube account was compromised. Even though I only installed eset security , I had requests of different devices trying to connect to my computer through various ports. Some of them were unknown, and from various different countries.

What about https://howsecureismypassword.net? I have a long password that I can remember, and this site tells me that it's safe? It's also not a dictionary password.

You say my habits were likely to cause infection, but the only thing I did was install eset from my phone on USB, on a fresh install of Windows.

My youtube account being compromised could've been a result of that as you said, but I'd also would like to rule out other devices on this network as well, and some way to protect myself.

I don't think I'm computer savvy enough to prevent viruses, & malware myself.

There aren't any good antivirus, antimalware, anti-zero day exploits, and anti-hacking tools out there?

It seems as soon as I try to use the internet on a fresh install of Windows, I'm getting various ports incoming from other devices.

I've read that varonis datadvantage is good. Is this a dlp ( data loss program ) ? And also heimal I found as well.

In the 'am I infected?' part of your site, you use combofix and various other tools to make a computer 'safer'. I'm not sure I'd like to bug your site from every infection, so is there any tools that provide real-time protection of your files, network, and etc that would do almost the same thing as your tools?

Thanks! Your reply is much appreciated =)

Edited by Randomb, 20 April 2016 - 12:47 PM.


#4 Kilroy

Kilroy

  • BC Advisor
  • 3,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:08:46 AM

Posted 20 April 2016 - 03:00 PM

Provided you weren't allowing the ports to be connected, unless you know what they are for, you're fine.  Being attacked is a fact of life these days.  A router can eliminate that as it drops all non-requested traffic, provided you turn off UPnP as it can open holes that you'll never know about.

 

Any password checker only checks for a pure brute force attack.  Since attackers use a combination brute force dictionary attack they are really accurate.  If you only have one password it better be the one you use on your password manager.  Otherwise once anything you secure with it is compromised, everything is compromised.  All of my passwords look something like this - dqp5%FAbJ9@Y48cZ provided the site will allow the use of special characters.  All of the passwords are different from each other.

 

I'm not saying that there aren't any good anti-virus, anti-malware, or anti-zero day applications out there.  I am saying that they are unnecessary if you practice good security on your own part, and they won't protect you if you click on every link you see.

 

Actually the more software install the more opportunity to have to create holes in your security as each piece of software adds additional possibilities for security holes and zero day bugs.

 

Running with a standard user account is also a very good way to run, unfortunately Microsoft still doesn't enforce this by default.



#5 Randomb

Randomb
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:46 AM

Posted 20 April 2016 - 06:44 PM

Hi, thanks I'll try a standard user account. The router may be compromised as well. I don't have access to it, and upnp is enabled. I dont know what else too. What about using my own router? The password I put on that website was secure , the website said that anyways. I'm not sure if I was allowing the ports, and eset wouldn't allow me to close them either,it seems something messed with the settings on eset on my fresh install of Windows.

What security systems may you recommend? Anything that works to prevent hackers and etc?

Do you know of varonis datadvantage? Or heimdal?

How do you deal with an infected network?

Edited by Randomb, 20 April 2016 - 06:46 PM.


#6 Kilroy

Kilroy

  • BC Advisor
  • 3,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:08:46 AM

Posted 21 April 2016 - 06:12 AM

A Virtual Private Network (VPN) would secure your network traffic.  I have ProXPN, I don't normally use it, but have it available.  A VPN would protect you from local LAN traffic and Internet traffic from being sniffed by the router.  However you have to trust your VPN provider as they can see everything you do.  VPN also adds latency to your connection as you are adding at least one hop to everything.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users