Tag Archive for firewall

Tuesday Tech Tips

This has been the week of malware.

I have not had to fix two systems, where somehting crawled in via the internet connection and took over the computer.

Case 1) Total Security 2009. You could not get to the Internet, the screen was resized down to 640×480 (making it difficult to redo things like screen size settings, as the buttons were now below the bottom of the page and you couldn’t pull them up any higher), Task Manager was corrupted (so you couldn’t shut down the offending program), and any anitvirus/antispyware/antimalware program would not run. Top it off with the program put up a whole screen message about every 5 seconds showing a list of all the spyware it found on your system.

The way around this? My first effort was to just start over the customer’s installation on a new dick drive, then come back and move the data over. Once things were under control, I found the easy answer, but it wasn’t apparent while you kept getting a screen up every 5 seconds, the program had put a shortcut to itself on the desktop. Using that marker of its presence, I found where the program had installed itself, and it was not in the Program Files directory. It had put itself in My Documents/Application Data (a hidden file to the normal user) and it didn’t use it’s name for the program, it was numbers only on the folder that held the program. I verified this by changing the folder’s name and rebooting. The program didn’t start up this time, but the Task Manager was still damaged to the point it did not work. I also then scanned the disk using CyberDefender and it found Total Security and labeled it as a Rogue MalWare program. running CyberDefender while the malware was running resulting in saying there were no problems.

Solution? Pay attention to what your firewall is asking you to allow. Oh, better yet: Make sure you have a good firewall installed and that you use it. I use the PCTools firewall. Free and effective.

Case 2) No Internet, and you can’t run any program. Now, it’s difficult to discern exactly what this is right now, but the user said it had been like this for about 3 months. He had another computer sitting off to the side, actually a better one, and I spent last night moving the data off the hard drive of the first drive (while attached as an external drive, not the boot drive). I haven’t had the time to run the actually problem to ground, but I’m leaving to deliver the other computer, with all the work files moved over, so they can get back to work.

There are those who will spend their days figuring out how to attack your computer across the net, and make your life frustration, and maybe even stop your business for at least a day, while someone like me gets you back to operating mode.

Unfortunately, you just have to come to grips with the fact these people are out there and you need to make sure you compute safely!

Tuesday Tech Tips

Today: Firewalls…What’s up with that?

I had an interesting discussion the other day with a client who just wanted “error messages” to go away. I, using my experience, figured they were having hardware problems. I asked “what ones?” figuring there is a great possibility of doing just that. “Here…I wrote them down.” I was shown a list of “errors” that were obviously some attacks from web based sources. I then began to explain the good news was the firewall was stopping bad things from getting into the system. BAd news: Bad stuff is out there. Still insisting that the “error messages” go away, I explained the firewall and ended with this: “I noticed you keep your front door locked. Could that be in case someone tries to get in? The firewall is the same type of function, because that are things trying to get in.”

Firewall: A component used to manage the flow of traffic to and from your computer and also within your system. Some firewalls, the ones commonly used in home and small office systems are software based. Windows XP and above have a built in firewall, but it provides only very basic levels of protection. Otherwise, you most likely will have them on your system within the Internet security suite, if you have one installed. If you don’t have an internet security suite installed, you can still get standalone firewalls to help you keep your system safe from intrusion, which, is a necessity now.

There are also hardware based firewalls. They range from large multi-user capability for use in a large networked environment, but they also are around in the form of the commonly used routers in your home or small offices. The best part of these systems are the ability to perform the security checks of information flowing at the single point of entry/exit from the network, without having the specifically cover each and every machine in the home/office. In addition, they are less likely to be able to be hacked past than a purely software firewall.

What does this mean for the single/few computer user? You still need the protection on your home/small office network, no matter who you are. There are “bots” (short for “robots” and are actually software programs) seacrhing the net for active computers. When they find one, then they will begin running a series of small programs, looking for know bypasses of commonly installed hardware and software protections. If they fail…they “move along.” If not, they then imbed themselves in your system and go about their assigned tasks of stealing your data, using your machine to pump out thousands upon thousands of “Get Rich QUICK!” emails, or other nefarious acts.

The use of the firewall requires some self-education about what is happening in your computer world. Since the firewall is the watchdog on what is coming and going between your computer and the rest of the attached parts (to include the internet), it needs you to “train” it as to what you say is ok to let operate. Computer programs, from Word to spyware are all “executable” programs. The firewall will see one of them starting up, either as the computer boots up, or as you start the program and will then alert you and provide you with a “block” or “allow” option. In most cases you will see the “Allow XXXXX to run?” with the XXXX relating to what you just started and know it’s ok to say “allow.” While you’re on that warning window, look for a “remember this answer” check box. Check it if the program you are starting is one you commonly use, so the firewall will know this is allowed in all future events. Generally the “cause” (starting a program) and “effect” (the “Is this OK?” firewall question) are easy to relate.

The firewall will also manage “ports,” which is the term for connections between such things are other computers and printers in your networks, or standard data paths between computers, in the local network, as well as on the internet. You’re less likely to deal with that type of firewall setting, but this sometimes affects sharing files and printers in a networked environment.

That being said, if you are just reading your emails, surfing the web and watching a few YouTube videos and the firewall pops up to alert you to a program trying to run, that is cause for reading very closely what’s on the screen. In many of those (but not all) cases, the warning needs to be heeded and the “block” option used. Exception: You had to install a add on like Flash or Java to make some of the web page content run, but, even this can be dangerous. Note: If you block it and need it, you can dig about in the settings (or have someone help you) and then allow something. Conversely, if you allow something and it should have been blocked, it will run amok and damage your system until you stop it. The “fail safe” solution, if you’re not sure what the response should be to the Allow/Block question, choose “Block.” The net result of blocking something OK is inconvenient, but not a possible complete loss of your pictures, music and data files, when the entire hard drive has to be redone.

I know it’s asking you to do some more self-education, but, unless you enjoy leaving your home and business doors unlocked, this is necessary. Take the time to make sure you have a firewall installed. Take the time to “train” it (that usually takes a few days before you’ve probably used most of your programs at least once). Trust me, that’s easier frustration to deal with than losing your system for maybe a few days of time, while someone fixes the damage caused.

There are several free, and widely used software firewalls available, if your budget is a little short, so cost is not an excuse.

Let’s be safe computing out there!