Internet Security, Online privacy, Antivirus, Firewall, Antispyware, Top Windows Threats, Keep Your Computer Secure, Anti spyware, Email Spam, Spam Guard, Spam Filter, Spam Fighter, Computer security, Signs of spyware, protect your computer, Virus detection and prevention


Home

ARTICLES


 Spyware
 Viruses & Worms
 Email Spam
 Protect Your Computer

Essential Software

 Firewall
 AntiVirus
 AntiSpyware
 Spam Fighters


How to protect your computer?  FREE Antispyware   FREE Antivirus  FREE Firewall

Security has become a major problem on the Internet. Most security threats are made by attackers using a relatively small number of vulnerabilities. Attackers, being relatively opportunistic, take the path of least resistance, and continue to take advantage of these most common failures, rather than seeking out new exploits or taking advantage of more difficult ones.

Top Windows Threats

1. Web servers and services. Default HTTP (Web) servers have had several vulnerabilities, and numerous patches have been issued over the past several years. Make sure all your patches are up to date, and do not use default configurations or default demonstration applications. These vulnerabilities may lead to denial-of-service attacks and other types of threats.

2. Microsoft SQL Server (MSSQL). Keep an eye on new patches for MSSQL and apply them as soon as possible. The Internet Storm Center always shows MSSQL's default ports, 1433 and 1434, as being among the most actively probed on the net. Any weakness will be quickly exploited.

3. Windows remote access services. A variety of remote access methods are included by default on most systems. These systems can be very useful, but also very dangerous, and an attacker with the right tools can easily gain control over a host.

4. Windows authentication Most Windows systems use passwords, but passwords can be easily guessed or stolen. Good password management is the key to effective authentication. Passwords should contain characters from three of the following four categories: English uppercase characters (A through Z), English lowercase characters (a through z), Base 10 digits (0 through 9), non-alphanumeric characters (for example, !, $, #, %).


5. Web browsers.
A web browser is your window to the Internet, a Web browser contains many vulnerabilities. Common exploits may include disclosure of "cookies" with personal information, the execution of rogue code that could compromise a system, and exposure of locally-stored files. Most Internet users use Internet Explorer. Every version of IE has critical threats, and new ones are found all the time. Any administrator without a regular plan for updating this critical tool is making a major mistake. SANS suggests that you use online browser tests, such as the one from Qualys, to help maintain IE security. This is particularly useful because the test can easily be run by a nontechnical staffer.

6. File sharing applications. Peer-to-peer (P2P) programs are commonly used to share files. In a P2P system, computers are open to others in the P2P network to allow for all participants to search for and download files from one another. Many corporations forbid use of P2P networks because of the obvious risk of compromised data.

7. Microsoft Data Access Components (MDAC) The Remote Data Services component of many MDAC versions has serious vulnerabilities.

8. Windows Scripting Host (WSH) You probably can't simply disable WSH because it's used for many administrative and desktop automation functions, so you should simply change the default treatment of script files with these extensions: .vbs, .vbe, .js, jse, and .wsf.

9. Mail client. Attackers can use the mail client on a computer to spread worms or viruses, by including them as attachments in emails. Configuring the mail server appropriately, and blocking attachments such as .exe or .vbs files, will prevent most mail client attacks.

10. Instant messaging. Many corporations also block employees from using instant messaging, not only because of the technical threats but also because of the possibility of lost productivity. Configuring IM properly, applying all the latest patches, and taking control over any file transfers that occur over IM will prevent most attacks.

11. LSAS exposures. The Windows Local Security Authority Subsystem (LSAS) has a critical buffer overflow that can be exploited by an attacker to gain control over the system. Again, proper configuration and application of patches will prevent most exploits.