Dismiss Notice
Join Physics Forums Today!
The friendliest, high quality science and math community on the planet! Everyone who loves science is here!

Protecting yourself from botnets

  1. Jan 7, 2007 #1
    Hey there, so I just finished reading this newyork times articles on Bot Nets: http://www.nytimes.com/2007/01/07/technology/07net.html?ei=5087%0A&em=&en=79cc489d42f00bc8&ex=1168318800&adxnnl=1&adxnnlx=1168193055-/Md4/0S5iz1xLjldK+u7Mw
    and it got me thinking. I have no firewall or antivirus software, though I use SpyBot S&D and webroot spysweeper, so I'd like to install a fresh copy of windows and put up every preventative measure I can. Only problem is every botnet article I've read so far suggests that there really isn't any way you can fight them. So I'm wondering if you guys can help me out.

    First I'm thinking of getting Shields UP as an antivirus and Zonealarm firewall. Do you suggest another anti-virus/firewall?

    PCWorld suggests the following:

    I'm not very computer-literate so can someone explain how and why these work?

    Also, anymore suggestions would be great. Thanks a lot.
     
  2. jcsd
  3. Jan 7, 2007 #2

    -Job-

    User Avatar
    Science Advisor

    The idea with those programs is to isolate personal data and trusted applications from the high risk operations of browsers and malicious software.
    With DropMyRights, by restricting program's ability to make system changes you can, isolate your browser from the system registry, so malicious software running on the browser won't be able to change the computer policy to disable access to the TaskManager, for example.
    Sandboxing also isolates a program's access. By sandboxing an application, such as a browser you can disable access to certain information on your disks for example (i.e. the program can only use the resources in its sandbox). This would prevent malicious software from stealing your personal data.
    Finally, VMWare Player, or VMWare Workstation which is better but not free, allows you to create a completely separate environment. VMWare emulates computer hardware, which you can use to run a separate Operating System from within your existing OS (called the host OS). When you run an OS image from VMWare you specify how much disk space to use, how much RAM, how many CPU cores, etc. The OS running within VMWare has only access to these resources (unless you explictly enable access, by creating network shares for example). So VMWare can work as a sandbox for a whole Operating System.
    For example, i have VMWare Workstation installed on my laptop (Win XP) and i have two OS Images that i can load into VMWare at any time, one is SUSE Linux 10 and another is Windows Vista. I use these for testing mostly, but if you're worried about security then you would do your high risk operations in one of the images, and keep your personal data and applications on the host Operating System.
     
  4. Jan 8, 2007 #3
    Thanks. Very informative. DropMyRights might be unnecessary if you use zonealarm, it prevents any registry changes while you surf. But I think I'll try it out anyway. And I hear that Virtual OS can themselves be weak against exploits, is this true? And I plan on using bank accounts/credit cards online. One more question, will these sandboxes interfere with Kaspersky or Zonealarm? I'm pretty sure both also monitor program access. I remember using Zonealarm a while ago and the constant prompts for permissions gave me headaches, not even knowing what to allow and not to allow.

    So from now on I'll only use my admin account for adding new programs, I'll get Kaspersky and Zonealarm, both having these nice privacy protection centers, try sandboxing, and also switch to my ISP provided email accounts. Is this a good start? I've tried backing up my free hotmail account but I couldn't figure out how. I think I'll have to forward each message individually to my gmail and use outlook express to back that up.
     
    Last edited: Jan 8, 2007
  5. Jan 9, 2007 #4
    Zonealarm is the worst program I have ever seen. It manipulate Ignorance to make itself look like it is doing something.

    "Zonealarm has stop 10,000,000 crack attempts to root your system"

    should read

    "Normal network chatter has been detected 10,000,000 on your network"
     
  6. Jan 16, 2007 #5
    Link to Good Review of 8 Sandbox Programs

    phusicist,

    Gizmo over at Tech Support Alert did a review of 8 popular sandbox apps. It's good reading, check it out at

    http://www.techsupportalert.com/security_virtualization.htm

    Also AVG has both a free and paid AV program that work well and are popular. I've used both with minimal complaints.
    www.grisoft.com (paid) or http://free.grisoft.com (free)

    Nod32 also has a very good AV program.
    http://www.eset.com

    Good Luck!
    -McGreen
     
Know someone interested in this topic? Share this thread via Reddit, Google+, Twitter, or Facebook

Have something to add?



Similar Discussions: Protecting yourself from botnets
Loading...