Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Amazonsucks

Cybersecurity help and quick reference guide

Recommended Posts

Posted · Original PosterOP

The discussion about cybersecurity is almost non existent on this forum so I thought I'd make a basic list of things to do, that people can point to if they're having, or trying to prevent having, cybersecurity related issues. Also after reading stuff about peoples' PC's being full of malware and all the news of hacking etc. I figured I might as well take a few minutes and write a post on it. Not sure if this is the best place to put it though. Oh well.

 

 

 

Security Basics

 

The first thing to do is follow and familiarize yourself with basic security best practices. By doing so, you can avoid most problems and mitigate the damage caused by any that can't be prevented.

 

Never assume that your security setup is going to be 100% effective, and therefore assume that someone, somehow can get malware onto your system or that your password will be hacked in a database breach of some sort. If that sounds depressing, it's not that bad.

 

 

 

 

Two Factor Authentication(2FA) Basics

 

Use two factor authentication and two step verification for every account you can. The most secure 2FA is NOT to use the cell phone based text message code. Its unlikely, but an adversary who is an advanced persistent threat(APT), can intercept normal text messages pretty easily, and actually get into an account using such 2FA without the account owner knowing.

 

That's why you should use a 2FA app like the Google Authenticator, which uses codes that expire every minute or so and constantly change. Other companies like Blizzard and Steam have these type of authenticators built into their apps or they have dedicated 2FA apps for mobile devices. Use them.

 

Since no one can easily access the account if you have 2FA, including you if you lose your backup codes, make sure that you keep the backup codes off your device, somewhere safe. Like written down or burned to a DVD in a fireproof safe. That way, if your devices break, you're not locked out of your accounts.

 

 

The second thing to do is make sure that you are running your computer in a way that does several things to minimize potential infections and mitigate any damage they might cause:

 

• Minimize the use of accounts with high priveliges within your operating system(so don't have admin priveliges on every account by default or something like that).

 

• Minimize the attack surface of your computer by not having a bunch of unnecessary programs that can be vectors for attack. For example, if you have some free program that has a bunch of ads in it that you don't use, uninstall it. Ad networks get compromised all the time and if you don't use it, don't have it active. The same goes for mobile devices too.

 

• Always keep your software updated. Make sure that Widows Update is fully functional(malware will often disable it) and install all of the security related updates.

 

• Get rid of commonly attacked programs that you don't need. If you have Java and Flash and you don't need them, uninstall them.

 

• Use something that actually works for security software.

 

 

 

Security Software

 

Most conventional AV software, and a lot of unconventional antimalware software, is worse than just useless. It gives people a false sense of security, so they don't think a phishing link can affect them, or they think that visiting webpages with exploit kits in the ads won't affect them, and very quickly their PC will be full of rootkits. Some antimalware is itself a vector for malware to enter a system. PC Matic was called out relatively recently for allowing an attacker to take over a system.

 

Its important to realize that AV test and comparison websites are also basically useless, much like synthetic hardware benchmark websites are useless. They don't represent the kind of threats that are actually faced today. A very common way to get the nastiest malware out there like a rootkit or a crypted RAT, is to browse the internet on perfectly normal websites that have ads(ad blockers don't stop this either), or a website that has been hacked, and has an exploit kit on it or in an ad being displayed.

 

An exploit kit will, without any user interaction, silently drop malware onto the target machine and the user will often never be the wiser. Most antivirus software will remain silent on runtime, and there are anti-detection techniques that assist the malware in evading detection(polymorphism, crypting, stuff like that).

 

In my experience, the only consumer level piece of antimalware that has actual exploit mitigations(like the now deprecated EMET from Microsoft, but more effective and actually user friendly) is Malwarebytes premium. If you don't want to pay for it, you can get the permanent beta version of Malwarebytes Anti Exploit off their forum, and it has much of the functionality of the premium version's. Whatever version of Malwarebytes Anti Malware you use, make sure you go into the detection settings and enable the rootkit detection option before you do a scan, and for the first scan do a Threat Scan instead of a Hyper Scan.

 

Normal program with premium trial:

 

https://www.malwarebytes.com/

 

Free permanent beta of MBAE:

 

https://forums.malwarebytes.com/forum/126-anti-exploit-beta/

 

There are a few other tools that can be run as second, and third opinion scanners as well. These are not full fledged antivirus or antimalware solutions, so don't think that they replace one.

 

Interestingly, Malwarebytes bought one of the best ones and now runs it as well: Adwcleaner. Anyone who has had to fix browser hijackers knows this piece of software well!

 

https://www.malwarebytes.com/adwcleaner/

 

Microsoft, of course, has their Malicious Software Removal Tool

 

https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

 

And the Microsoft Safety Scanner

 

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

 

F-Secure has a good, small, free scanner as well

 

https://www.f-secure.com/en/web/home_global/f-secure-online-scanner

 

There are two other tools that everyone using Windows should familiarize themselves with:

 

Process Explorer is basically an advanced version of Task Manager, which has Virus Total MD5 hash comparison integrated, meaning it will compare the cryptographic hashes of the processes running on your PC with Virus Total(owned by Google) database and show you a result in a column on your screen. You have to enable it, as well as "Signature Verification" which shows who the certificate signer of the software is.

 

Make sure you go to File and Show Details From All Processes or do run this as administrator.

 

https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

 

Autoruns allows you to see, and prevent, things from starting with Windows easily. It also has Virus Total integration that can be enabled in settings. Administrator also applies here.

 

https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

 

 

 

System Repair

 

After you have completely removed all traces of malware from your system, which if the tools listed don't do it, you should probably head over to Bleeping Computer or some forum like that where they have people who will step by step walk you through malware removal, you should run two built in Windows features.

 

Open an elevated command prompt by searching for command in Windows Search, and right click the Command Prompt and click "Run as Administrator". Once you're in there, type in the following commands and hit enter afterward. 

 

Note: you will need to wait for the previous command to finish running before going to the next one. Use the exact spacing that I use here:

 

DISM /online /cleanup-image /restorehealth

 

sfc /scannow

 

 

Mobile Security

 

A lot of people use mobile devices for banking and things like that nowadays as well. Not to mention that a phone or tablet will usually be the device that has the mobile authenticator app installed(as it should be), so it's important to keep those clean and secure as well.

 

•Disable all the useless bloatware in your devices application settings. 

 

• Disable "install from unknown locations" on for Android, don't root the phone.

 

• Don't Jailbreak the Apple stuff and that takes care of most of the problem for them.

 

• I would also enable Lookout Mobile Security and set it up correctly for Android devices that come with it preinstalled, and I install it on every Android device that I use that doesn't have it by default.  The free version is really quite good for mobile antimalware.

 

 

 

VPN Considerations

 

If you need a VPN, I would recommend using a VPN that's ACTUALLY a security/privacy product, and not a scam or data harvesting piece of malware itself. There was a good study a while back that I'll have to find about how many free "VPNs" were just massive security risks themselves.

 

I know that there are a few reputable ones out there, but the ones I always personally recommend are F-Secure Freedome(Finland) and ProtonVPN(run by CERN in Switzerland). Freedome has more security focused features like app scanning and malicious website blocking, but ProtonVPN has a completely free client that has unlimited data.

 

https://www.f-secure.com/en_US/web/home_us/freedome

 

https://protonvpn.com/

 

You do need a free Protonmail account to use it, but if you don't have a Protonmail account you should have one as a more secure alternative to Gmail or Hotmail. It has 2FA using Google Authenticator as well so it can be fully secured like a Gmail account.

 

Once you have your VPN of choice setup, make sure its working by going to:

 

https://ipleak.net

 

If you see your real IP or DNS with the VPN active, your browser is leaking, probably via WebRTC. There are various different ways to disable WebRTC depending on which browser you use. For example, in Chrome you need to type chrome://flags into the URL bar and disable the WebRTC stun header flag. 

 

 

 

Basic Network Security

 

For your home network and WiFi, make sure you change the default password and login name on your router/modem.

 

Make sure you have remote administration off on your modem/router, and that it's off on your computers unless you need it to be on.

 

Use Windows built in firewall! It's really the best one to use in Windows. Most of the third party ones are just an overlay on Windows Firewall anyway, and are useless.

 

 

 

Things to Avoid

 

Do not use software that does more harm than good like:

 

• Registry cleaners or optimizers. They are worse than useless and can break things.

 

• Driver updaters. They're mostly garbage and can break things. Just do it manually.

 

• File managers. They're often loaded with malware.

 

• "System booster" type software. Worse than useless and can have a bunch of malware as well.

 

• Don't connect a bunch of IoT garbage to your network. It's mostly just going to be exfiltrating data from your network for companies to sell and market you junk.

 

Link to post
Share on other sites

This is pretty nice, but you need to structure it a bit more - it's hard to sift through a wall of text like this. Try dividing it into categories and adding some bullet points or example pictures.


<Make me a sandwich.> <No! Make it yourself!> <Sudo make me a sandwich.> <FINE.> What is scaling and how does it work? Asus PB287Q unboxing! Console alternatives :D  CoC F.A.Q Beginner's Guide To LTT (by iamdarkyoshi)

Sauron'stm Product Scores:

Spoiler

Just a list of my personal scores for some products, in no particular order, with brief comments. I just got the idea to do them so they aren't many for now :)

Don't take these as complete reviews or final truths - they are just my personal impressions on products I may or may not have used, summed up in a couple of sentences and a rough score. All scores take into account the unit's price and time of release, heavily so, therefore don't expect absolute performance to be reflected here.

 

-Lenovo Thinkpad X220 - [8/10]

Spoiler

A durable and reliable machine that is relatively lightweight, has all the hardware it needs to never feel sluggish and has a great IPS matte screen. Downsides are mostly due to its age, most notably the screen resolution of 1366x768 and usb 2.0 ports.

 

-Apple Macbook (2015) - [Garbage -/10]

Spoiler

From my perspective, this product has no redeeming factors given its price and the competition. It is underpowered, overpriced, impractical due to its single port and is made redundant even by Apple's own iPad pro line.

 

-OnePlus X - [7/10]

Spoiler

A good phone for the price. It does everything I (and most people) need without being sluggish and has no particularly bad flaws. The lack of recent software updates and relatively barebones feature kit (most notably the lack of 5GHz wifi, biometric sensors and backlight for the capacitive buttons) prevent it from being exceptional.

 

-Microsoft Surface Book 2 - [Garbage - -/10]

Spoiler

Overpriced and rushed, offers nothing notable compared to the competition, doesn't come with an adequate charger despite the premium price. Worse than the Macbook for not even offering the small plus sides of having macOS. Buy a Razer Blade if you want high performance in a (relatively) light package.

 

-Intel Core i7 2600/k - [9/10]

Spoiler

Quite possibly Intel's best product launch ever. It had all the bleeding edge features of the time, it came with a very significant performance improvement over its predecessor and it had a soldered heatspreader, allowing for efficient cooling and great overclocking. Even the "locked" version could be overclocked through the multiplier within (quite reasonable) limits.

 

-Apple iPad Pro - [5/10]

Spoiler

A pretty good product, sunk by its price (plus the extra cost of the physical keyboard and the pencil). Buy it if you don't mind the Apple tax and are looking for a very light office machine with an excellent digitizer. Particularly good for rich students. Bad for cheap tinkerers like myself.

 

 

Link to post
Share on other sites

On android I recommend netguard[1], it's a great app. set it to monitor system apps and set it to default block wifi and mobile then slowly enable the apps you use. If you pay some money you can even control what an app can connect to allowing you to block all ads but keep the app functional.

 

[1] https://play.google.com/store/apps/details?id=eu.faircode.netguard&amp;hl=en_GB


                     ¸„»°'´¸„»°'´ Vorticalbox `'°«„¸`'°«„¸
`'°«„¸¸„»°'´¸„»°'´`'°«„¸Scientia Potentia est  ¸„»°'´`'°«„¸`'°«„¸¸„»°'´

Link to post
Share on other sites
Posted · Original PosterOP
1 hour ago, Sauron said:

This is pretty nice, but you need to structure it a bit more - it's hard to sift through a wall of text like this. Try dividing it into categories and adding some bullet points or example pictures.

Still needs work but i rearranged and clarified it for the time being. 

Link to post
Share on other sites

Very cool!  I hope to see it keep growing with tips for general user! 


Just your everyday Anime Weeb Time Traveling Mad Scientist Collector

CPU: AMD Ryzen 1800X | GPU:  Gigabyte G1 Gaming GTX 1080 | RAM:  32GB G Skill Flare X DDR4-2400 | PSU: EVGA 1000W GQ 80+Gold | Motherboard: Gigabyte AX370 Gaming 5| Cooler:  Noctua NH-D15 |Case:  NZXT Noctis 450 (White) | Storage: 512GB Samsung SSD + 4TB Western Digital 7200RPM|

Link to post
Share on other sites
Posted · Original PosterOP
8 hours ago, LordOTaco said:

Very cool!  I hope to see it keep growing with tips for general user! 

I think they really need a security sub section of the forum. Its exasperating when someone asks for help but says "i have no malware" and they clearly do.

Link to post
Share on other sites
Posted · Original PosterOP
1 hour ago, Speed Weed said:

Please update the thread.

 

MBAE is already implemented to MBAM 3.0 

 

Please read the thread. Its only in premium. If you want it free you need to use the beta.

Link to post
Share on other sites
27 minutes ago, Amazonsucks said:

Please read the thread. Its only in premium. If you want it free you need to use the beta.

Last update is in 2017. Malwarebytes seems to abandoned this tool to force users to their MBAM 3.0 

 

Since Windows 10 is already implemented its own Anti Exploit features; therefore, Malwarebytes Anti Exploit doesn't need it. 

 

BETA security software are good for testing, but it is not recommended for daily use. Hint: BETA

 

 

 

 

Link to post
Share on other sites
Posted · Original PosterOP
1 hour ago, Speed Weed said:

Last update is in 2017. Malwarebytes seems to abandoned this tool to force users to their MBAM 3.0 

 

Since Windows 10 is already implemented its own Anti Exploit features; therefore, Malwarebytes Anti Exploit doesn't need it. 

 

BETA security software are good for testing, but it is not recommended for daily use. Hint: BETA

 

 

 

 

Thats when the locked stickied threads were posted. The beta is still up to date.

 

https://www.wilderssecurity.com/threads/malwarebytes-anti-exploit.354641/page-154

 

Its clearly marked as beta. Its a free option for people who refuse to pay for software so its better than nothing.

 

Also the exploit mitigations in Windows are not the same as those used in MBAE and arent available for all versions of Windows.

 

https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection

 

 

Link to post
Share on other sites
On 11/5/2018 at 5:49 AM, Amazonsucks said:

WebRTC

So I want webRTC off? 

Is there an efficient way of doing this in safari? 


ITS YA BOIIIIIII. I only just saw this feature and I'm already out of control with excitement 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×