ClearCloud DNS Service Bites The Dust – Pick Up The Slack With Norton DNS

Occasionally, when I’m stuck for time, I’ll post an edited version of an earlier article. In choosing an appropriate article, I try to focus on a free application or service that has real value, but is often underappreciated. More and more often though, I’m finding that a free application I reviewed is no longer free, or the free service I recommended, no longer exists.

Another one bites the dust.

Regular reader Georg L., has just notified me that ClearCloud DNS, a free DNS alternative (reviewed here September 5, 2010) which prevented users from visiting sites identified as harboring malware exploits, will be closing the curtain – effective September 1, 2011.

If you are currently using ClearCloud DNS, you will need to reconfigure your network connection prior to September 1, so that your Internet connectivity is not interrupted. You can learn how to remove ClearCloud DNS from your computer by clicking here.

If you’re convinced that an alternative DNS service has value, and you wish to continue to harden your system by substituting your ISP provided DNS service, with a more secure alternative – you have a number of choices to consider, including – Norton DNS, with Norton Safe Web.

Benefits of running with Norton DNS:

Malware Site Blocking – Automatically blocks known dangerous and infected Web sites. Provides a complete overview of the threats found so you know why a site is blocked.

Web Content Filtering – Lets you block Web sites that contain content that you think is inappropriate or dangerous. You can choose from over 45 different categories of content to block and specify individual sites to block.

Here’s an example of Norton DNS in action following my clicking on a spam comment link. 

Further investigation of the Threat Report, reveals the following.

Pretty scary stuff, I think you’ll agree.

You can install Norton DNS either by download and running the installer or, if you want to have a bit of fun – you can choose to install manually. At first glance, you may think this is complicated when it fact, it’s quite easy. So, give it a try, and don’t be nervous. 

The screen captures below, reflect the changes I made.

Manual Setup for Windows:

Open the Control Panel from your Start menu.

Click Network Connections and choose your current connection.

On the General tab of the Connection Status screen, click Properties.

On the General tab of Connection Properties, scroll down and select Internet Protocol (TCP/IP), then click Properties.

On the General tab of Internet Protocol (TCP/IP) Properties, select Use the following DNS server addresses, then enter the two NortonDNS IP addresses 198.153.192.1 and 198.153.194.1.

Click OK until each window is closed. You are now using NortonDNS.

Once installation is complete, you will be presented with the following confirmation screen.

To ensure that you have in fact, been successful in making the change, visit this Norton page. The page will let you know if you are currently using Norton DNS.

or

System requirements: Windows XP (32-bit) with Service Pack 2 or later, Vista (32-bit and 64-bit) Win 7 (32-bit and 64-bit).

Download at: Norton DNS

Note: Uninstalling or canceling Norton DNS is easy – simply uninstall it. The process will revert your DNS settings to their previous values.

Additional free alternatives include OpenDNS, and Google Public DNS.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

MyProtect – A Free Armored Browser Service

Since system security (while you surf the Net), starts with the Web Browser – armored, virtualized, sandboxed, security add-ons, privacy, (or the lack of), secure browsing – are all words (and many more besides), that are part of the “safe surfing” Browser Wars lexicon.

Applications that promise to keep you, and your computer system safe, as you wander the raucous and potentially dangerous neighborhood that the Internet has become, (employing one, or more, of the technoligies mentioned above), are emerging like dandelions following a Spring rain.

MyProtect, a free secure Internet browsing service, is one more application/service in the Browser protection scheme marketplace – with a bit of a twist.

From the developer’s site:

MyProtect provides you with a protected browser session from any PC. When you launch MyProtect, a new instance of Internet Explorer with an orange border and toolbar will open on your desktop. Any web sessions within that browser are protected from a variety of security and privacy threats.

Note that you can launch MyProtect from browsers such as Firefox, but the secured browser itself is always IE.

You can keep a MyProtect armored browser open for up to 2 hours; after that, you’ll need to come back to the site and re-launch MyProtect. There’s also a 30 minute idle timeout.

How MyProtect Works:

MyProtect works by downloading a small, temporary agent onto your PC when you launch MyProtect from the site (registration required). This agent then launches a secure “armored browser” session, identified by a distinctive orange border and toolbar.

Information entered by you into the armored browser, or delivered to the armored browser by a web site, is protected from malware – even if you’re using a machine which is already infected with malware, the MyProtect armored browser session is secure from threats such as keyloggers, cache miners, and frame grabbers.

All sensitive session data such as browser cache files, cookies, passwords, and history information is kept private during the session and is completely erased when your MyProtect session ends.

Secure Cleanup – At the end of the session, all encrypted content is deleted and overwritten using a U.S. Department of Defense specification

Developer’s site: MyProtect

System requirements: Windows XP SP2 or later (32-bit), Windows Vista (32-bit or 64-bit), or Windows 7 (32-bit or 64-bit). Internet Explorer 7 or higher installed (session can be started with any modern browser). JavaScript enabled. ActiveX or Java applets enabled.

Note: MyProtect shares its name with a rogue anti-spyware application.

Bottom line:

I ran with MyProtect for several days, and in the end, determined – this is the type of service that fits into my personal “it’s not worth the trouble category”. Which is not to say, that MyProtect may not have value for other users – perhaps you.

Whether it has value to you or not, will depend on the methods and the applications you currently use to safeguard your Internet sessions.

FYI:

I test many more software applications than ever appear here in a review article. Some applications don’t make the cut because they simple don’t live up to the developer’s hype. Others, are just more trouble than they’re worth.

Occasionally, as in this case, I will post a review on an application or service which doesn’t make the cut.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

BitDefender TrafficLight – Real-time Anti-virus, Anti-phishing Browser Add-on

Surfing the Internet without a site reputation Browser add-on is not much different than stumbling down a set of stairs in the dark – while blindfolded. At a minimum, a risky venture.

As with all applications designed to enhance Internet safety however, site reputation Browser add-ons are not without there shortcomings. One particular issue that raises concern is – reputation add-ons are site specific and not page specific. In other words, the site may have passed the test for safety and yet contain a page, or pages, that harbor threats.

BitDefender’s recently released (March 24, 2011), beta – TrafficLight Browser add-on, attempts to address this page specific issue by utilizing “the BitDefender scanning engines to check, and rate, every page and link from the users’ web traffic, blocking unsafe content before it reaches the user’s browser.” In an effort to cover all the bases, TrafficLight is active in in search engines, and social networking sites (Facebook and Twitter), as well.

Control Panel screen capture.

Fast facts:

TrafficLight works with virtually any Windows-compatible browser. It even keeps look, feel and functionality consistent if you switch browsers.

TrafficLight intercepts and scans web traffic before it even reaches the browser, effectively blocking disguised or stealth attacks before it’s too late.

TrafficLight scans the pages you visit for malware and phishing attempts each and every time you access them to avoid the threat of legitimate but recently compromised websites.

TrafficLight won’t block an entire website if just some pages within are malicious. Only the potentially harmful elements are blocked, leaving you free to view the rest of the site if you so choose.

TrafficLight relies on intelligence provided by BitDefender Cloud services to flag malware and phishing attempts in search results from Google or Bing. Not only that, but it also checks links in popular social network platforms and blocks them if they are suspect.

TrafficLight does not add a toolbar to your already-cluttered browser interface. Its interface remains invisible until your input is needed or it’s called up with a simple mouse gesture.

Supported Operating systems: Microsoft Windows XP SP2, Windows Vista SP2, Windows 7.

Supported Browsers:
Internet Explorer 7+, Opera, Mozilla Firefox, Google Chrome, Safari.

Download free TrafficLight at: BitDefender

Note: As with all beta, or release candidates, take sensible precautions prior to installation. This should include setting a new restore point.

Additional reading:

WOT Beta for Social Media – Facebook, Twitter Protection And More

Free BufferZone Pro – Maybe The Best Surfing Virtualization Application At Any Price

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Search Engine Results – More Malware Surprises Than Ever!

Regardless of the fact that many of us are seasoned web surfers, and we tend to be cautious, we’re not likely to question a search engine’s output – and, we should.

Barracuda Labs 2010 Annual Security Report, released just days ago, should be an eye opener for those who blindly assume all search engine results are malware free. In fact, search engine malware has doubled since we last reported on this security issue in 2009.

Barracuda Labs most recent study, reviewed more than 157,000 trending topics and roughly 37 million search results on Bing, Google, Twitter and Yahoo. Overall research results indicated that cyber criminals have bumped up the level of search engine malware, as well as expanded their target market beyond Google.

Key highlights from the search result analysis include:

In June 2010, Google was crowned as “King” of malware, turning up more than twice the amount of malware as Bing, Twitter and Yahoo! combined when searches on popular trending topics were performed.

As malware spread across the other search engines, the ratios were distributed more evenly by December 2010, with Google producing 38 percent of overall malware; Yahoo! at 30 percent; Bing at 24 percent and Twitter at eight percent.

The amount of malware found daily across the search engines increased 55 percent from 145.7 in June 2010 to 226.3 in December 2010.

One in five search topics lead to malware, while one in 1,000 search results lead to malware.

The top 10 terms used by malware distributors include the name of a Jersey Shore actress, the president, the NFL and credit score.

There’s little doubt that the manipulation of search engine results, exploiting legitimate pages, and the seeding of malicious websites among the top results returned by search engines in order to infect users with malware, is a continuing threat to system security.

When a potential victim visits one of these sites the likelihood of the downloading of malicious code onto the computer by exploiting existing vulnerabilities is high.

Let’s take, as an example, a typical user running a search for “great vacation spots” on one of the popular search engines.

Unknown to the user, the search engine returns a malicious or compromised web page as one of the most popular sites. Users with less than complete Internet security who visit this page will have an extremely high chance of becoming infected.

There are a number of ways that this can occur. Cyber-crooks can exploit vulnerabilities on the server hosting the web page to insert an iFrame, (an HTML element which makes it possible to embed another HTML document inside the main document). The iFrame can then activate the download of malicious code by exploiting additional vulnerabilities on the visiting machine.

Alternatively, a new web page can be built, with iFrames inserted, that can lead to malware downloads. This new web page appears to be legitimate. In the example mentioned earlier, the web page would appear to be a typical page offering great vacation spots.

One more common method is the insertion of false dialogue boxes, fake toolbars, and more on sites; all designed to load destructive malware which could include rootkits, password stealers, Trojan horses, and spam bots.

Unfortunately, since Cyber-crooks are relentless in their pursuit of your money, and in the worst case scenario your identity, you can be sure that additional threats are being developed or are currently being deployed.

So what can you do to ensure you are protected, or to reduce the chances you will become a victim?

Install an Internet Browser add-on such as WOT (my personal favorite), which provides detailed test results on a site’s safety; protecting you from security threats including spyware, adware, spam, viruses, browser exploits, and online scams

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer

Install a personal firewall on the computer

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all e-mail attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

Fact: Consumer confidence in the reliability of search engine results, including relevant ads, is seriously misplaced.

You can download the full Barracuda Labs 2010 Annual Security Report (PDF), at Barracuda Labs.

Update: March 5, 2011. The following comment illustrates perfectly the issues discussed in this article.

Funny you write about this today. I was reading about the spider issue Mazda was having and wanted to know what the spider looked like so I Googled it, went to images and there it was. There was also a US map that had areas highlighted, assuming where the spiders exist, and before I clicked on the map I made sure there was the green “O” for WOT for security reasons.

I clicked on the map and BAM I was redirected instantly and hit w/ the “You have a virus” scan malware. I turned off my modem then shut my computer off. I restarted it and scanned my computer w/ MS Security Essentials and Super Anti Spyware. MS Essentials found Exploit:Java/CVE-2010-0094.AF, and Trojan:Java/Mesdeh and removed them. I use WOT all the time, but now I’m going to be super cautious.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Tips On A Layered Security Approach To Internet Safety

Unfortunately, finding a balance between computer security and functionality can often be a question of “hit and miss”. By protecting your computer using the layered approach laid out here, you will reduce the chances of malware infections significantly without impacting convenience, and functionality, unduly.

Cybercriminals design malware to exploit vulnerable systems without user interaction being required – on the one hand, and craft attacks that take advantage of unaware computer users, in which user interaction is required – on the other hand.

The second part, of this two part attack approach, can only be defeated if the computer user is aware of current Internet threats. So, knowledge and experience, are critical ingredients in the never ending, and escalating battle, against cybercriminals.

In order to defeat attacks which rely on exploiting vulnerable systems, the preferred method to do so, is the implementation of a layered security approach. Employing layered security should ensure the swift detection of malware, before any damage occurs on the targeted system.

We live in a world in which we are surrounded by “buzz words”, and it seems that I’m occasionally guilty of using buzz words in writing this Blog. Buzz words which don’t always adequately explain a point, or which interfere with a readers understanding of a concept.

This was brought home to me recently when a regular reader emailed me privately; asking that I explain layered security. As I considered this, it occurred to me that this was a very legitimate question. From a reader’s perspective – just what is “layered security”?

What is layered security?

Let’s take the “buzz” out of layered security. Layered security, in its simplest form, consists of stacking security solutions, one on top of the other, to protect a computer from current, and zero day malware attacks (malware for which there is yet, no programmed defense).

Why do you need it?

The answer is pretty simple – gap management (words that are well know to consultants). In other words, no single security application is capable (nor should we expect a single application to be capable), of providing adequate computer system protection. Gaps exist in protection capabilities in even the most sophisticated security applications.

Layering (or stacking) security applications, offers the best chance of remaining infection free, by closing these gaps. Keep in mind however, that even the best layered protection strategy will not make up for the lack of experience, and intuitiveness, of many computer users. So, I’ll repeat what I said earlier “knowledge, awareness, and experience are critical ingredients in the escalating battle, against cybercriminals”

A consumer layered security approach: recommendations.

Backup – While you may not think that a backup strategy forms part of a layered security approach to Internet security, it is, without exception, a most crucial part.

Consider where you would be if your layered security strategy failed. If you’ve ever lost critical data to a malware infection, no doubt you already consider it of primary importance.

Free backup utilities are readily available – see “Hard Drive Cloning is Easy with Free Easeus Disk Copy” and “Free DriveImage XML – “The Best Way to Backup Data?”, on this site.

Operating System and Application Patch Management – Again, this is an area that is often not considered as critical by many users. In a recent survey, Secunia, the Danish computer security service provider, well known for tracking vulnerabilities in software and operating systems, concluded that less than one in 50 Windows driven computers, are totally patched.

To stay ahead of the curve in this critical area consider downloading, and installing, the free Secunia Personal Software Inspector, which will constantly monitor your system for insecure software installations, notify you when an insecure application is installed, and even provide you with detailed instructions for updating the application, when available.

Firewall – Simply put,  a firewall is an application, or a hardware appliance, designed to block unauthorized access to your computer from the Internet, at the same time permitting authorized communications.

There are many free Firewalls available, but many can be intrusive and not really appropriate for casual computer users. Zone Alarm offers a very robust, uncomplicated, free Firewall, and more information is available here, “Download ZoneAlarm Free Firewall 2010 – Windows 7 Compatible”.

Antimalware – A front line antimalware application is absolutely critical to avoid system infection. Your primary application should be supplemented by an on-demand scanner (part of the stacking approach).

There is no harm in downloading more than one antimalware application to be used as a secondary scanner. In fact, doing so can be advantageous. However, be sure NOT to allow more than one application to autostart, in order to prevent conflicts. For a list and download links to recommended free antimalware applications, including secondary scanners, see “Tech Thoughts Top 8 Free Antimalware Applications”, on this site.

Antivirus – An antivirus application is another critical component in a layered defense strategy to ensure that if a malicious program is detected, it will be stopped dead in its tracks!

Avira AntiVir Personal (see “Free Avira AntiVir Personal Protection – Get the Real Deal!” on this site), is a very effective application which offers scans for viruses, Trojans, backdoor programs, hoaxes, worms, dialers and other malicious programs.

It’s simple interface provides access to a command structure, that makes it easy to repair, delete, block, rename and quarantine programs, or files.

Web Browser Security – Install a free Internet Browser add-on such as WOT (my personal favorite). WOT tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

Please read “An IT Professional’s Must Have Firefox and Chrome Add-ons” on this site, which lists additional critical Browser add-ons.

System Isolation – An isolator is a security application which dynamically isolates Internet applications including Web Browsers, Chat Clients, Email Clients, and so on. Isolators, or sandbox applications, prevent damage from intrusions and malicious software: viruses, worms, spyware, key loggers etc., including disallowing rogue software from being installed. To understand this concept more thoroughly, please see “Free GeSWall Isolates You From Cybercriminals”, on this site.

Zero Day Protection – Since most viruses, worms, Trojans and other types of Internet threats only last 24 hours, how do security applications that rely on a definition database to identify malware files (most anti-malware applications), keep up with this onslaught? The simple answer is; they don’t.

Threatfire, from PC Tools is a terrific security application which covers the vulnerability gap with respect to zero-day threats. ThreatFire blocks malware (including zero-day threats) by analyzing program behavior (heuristics), based on the theory that if it looks like a crook and acts like a crook, then it must be a crook, instead of relying only on a signature based database.

For additional information and a download link please see – “Protect Yourself Against Zero Day Internet Threats with Free ThreatFire From PC Tools”, on this site.

Unfortunately, finding a balance between security and functionality can often be difficult. By protecting your computer using the layered approach laid out here, you will reduce the chances of malware infections significantly without impacting convenience, and functionality, unduly.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Download Immunet Protect 2 – Free Cloud Based Antivirus Application

When I first reviewed Immunet Protect in May of this year ( while it was still in Beta), I was impressed with it’s light use of system resources and bandwidth. Now, with the official release of Version 2, (June 17, 2010), I’m even more impressed.

Immunet Protect is a lightweight cloud based, community driven, antivirus application, (available in both a free, and a fee version), designed to add a layer of protection while working in partnership with the most popular antimalware solutions.

On my principal home machine for example, Immunet Protect lines up with Microsoft Security Essentials and ThreatFire, to shore up any vulnerabilities my system might have to to zero-day threats.

Zero-day threats are those that are defined as malware that has been written and distributed to take advantage of system vulnerabilities, before security developers can create, and release, counter measures.

In real time, Immunet Protect keeps track of the state of security in the collective community (network), and should a member of the network (the community), encounter malware, you (as a member of the protected community), are instantly protected against the threat.

A rather more impressive security solution than having to wait for a malware definition database update. An update that may take several days. Days in which you are effectively open to infection.

The Beta version had limited functionality since it did not provide complete scanning – it acted as a defender only. But, all that has changed with the addition of new features in the final release, which include:

Two active scanning engines

Custom Scan

Scheduled scan

Context menu scan

And more

Just like the Beta, the final release was equally straightforward to install, and ran without complication.

If you’ve used the Beta release you’ll find (as the following screen capture illustrates), a substantially improved user interface, with much more functionality.

Setting the operating parameters (the protection settings), is straightforward. In the following screen capture you’ll notice tooltip pop outs which explain the function of each setting. A very cool feature for less experienced users.

During my initial full scan, CPU usage ran at roughly 20% on a dual core machine. And, system memory usage was surprisingly low at only 36 MB, as the following screen capture shows.

I have a preference for antimalware solutions that include the ability to launch a specific file scan from the Windows Explorer context menu, and Immunet Protect has included this feature.

Should you consider installing, and running, a Cloud Antivirus as supplementary antimalware protection?

If you are uncertain, then consider this:

The Internet is an uncertain world at the best of times

Cybercriminals design specific malware to exploit vulnerable systems without user interaction being required.

No single security application is capable (nor should we expect a single application to be capable), of providing adequate computer system protection. Gaps exist, in protection capabilities, in even the most sophisticated security applications.

Layering (or stacking) security applications, offers the best chance of remaining infection free, by closing these gaps.

A cloud based protective solution, in this case Immunet Protect, is a major step in shoring up any weaknesses, or gaps, and significantly increase your overall ability to detect malware.

Keep in mind however, that even the best layered protection strategy will not make up for lack of experience, and intuitiveness, when surfing the Internet. So, I’ll repeat what I have said here, many times – “knowledge, awareness, and experience are critical ingredients in the escalating battle, against cybercriminals.”

Immunet Protect Fast facts:

Fast Antivirus: Immunet leverages the speed of cloud computing to deliver real-time protection to your PC

Light Antivirus: Immunet is up to 35 times lighter than traditional antivirus solutions

Real-time Antivirus: Immunet provides cloud-based protection that is always up-to-date against viruses, spyware, bots, worms, Trojans, and keyloggers without slowing down your PC. No need to download any virus signature files!

Companion Antivirus: Immunet is compatible with existing antivirus products to help protect you better. Add an extra, lightweight layer of protection for free

Community Antivirus: Immunet’s Collective Immunity technology protects all users the instant that a virus is detected on one PC

System requirements: Windows XP with Service Pack 2 or later, Vista (32-bit and 64 bit), Windows 7 (32-bit and 64-bit).

Download at: Developer’s site

A final note: I recommend that you approach installation cautiously, since you will be offered the opportunity to install the Ask.com toolbar. There are reports that some users had the toolbar installed despite their refusal. If, this is the case, Immunet Protect needs to address this issue immediately.

In March of this year, I wrote a piece “We Don’t Want No Stinkin’ Toolbar!”, which drew a large number of outraged comments from readers, aimed at software developers.

So, I’ll repeat, for the benefit of developers, a statement I made in that article –

“Stop with the crapware already. If you’re pissing me off, just consider what you’re doing to an average user. Like it or not, there’s a lesson here. In the long run, your behavior will cost you – big time.”

Update – June 21,2010: Immunet Protect is a highly responsible company which listens to its community of users. And, based on feedback received, the company has chosen to remove the Ask toolbar from the application installer as a recent posting (shown below), on the community site clearly indicates.

“Now that our release is out, we’ve had a moment to sit back and reflect on the feedback we’ve gotten from our community. Some of the feedback we received was clear that our implementation of a build with the ASK toolbar gave some people a degree of discomfort.

As a result we’ve released a new build – Version 2.0.11.4. This new build fixes some outstanding UI issues and completely removes the ASK toolbar. In the next couple of weeks we’ll discuss this issue with our Community to review our next steps.”

Kudos to Immunet Protect, for taking this responsible position that other companies should learn from, and emulate.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.