Tag Archives: prevents

ExploitShield Browser Edition – FREE

Cybercriminals design malware to exploit vulnerable systems without user interaction being required – on the one hand, and craft attacks that take advantage of unaware computer users, in which user interaction is required – on the other hand.

The second part, of this two part attack approach, can only be defeated if the computer user is aware of current Internet threats. So, knowledge and experience, are critical ingredients in the never ending, and escalating battle, against cybercriminals.

In order to defeat attacks which rely on exploiting vulnerable systems, the preferred method to do so, is the implementation of a layered security approach. Employing layered security should (I emphasize should), ensure the swift detection of malware, before any damage occurs on the targeted system.

Let’s talk real world:

Given existing technology, no single security application is capable of providing adequate computer system protection. Gaps exist in protection capabilities in even the most sophisticated security applications.

Layering (or stacking) security applications, offers the best chance of remaining infection free, by closing these gaps. Keep in mind however, that even the best layered protection strategy will not make up for the lack of experience, and intuitiveness, of many computer users.

So, stopping the bad guys from gaining a foothold has to be a primary objective of that layered defense strategy that I mentioned earlier. And, part of that strategy includes raising barriers at the doorway to the system – the Internet browser.

ExploitShield (brought to my attention some time ago by good friend Michael Fisher), a free Internet browser security application which is currently in Beta, seems well suited to helping raise those barriers.

From the site:

ExploitShield protects users where traditional security measures fail. It consists of an innovative patent-pending application shielding technology that prevents malicious exploits from compromising computers through software vulnerabilities.

ExploitShield Browser Edition is free for home users and non-profit organizations. It includes all protections needed to prevent drive-by download targeted attacks originating from commercial exploit kits and other web-based exploits.

These type of attacks are used as common infection vectors for financial malware, ransomware, rogue antivirus and other types of nastiest not commonly detected by traditional blacklisting antivirus and security products.

Where’s the proof?

Since I’m just now getting back into application testing, following six months or so of 60+ hours a week assignments, I’ve relied (in this case) on the expert opinion of others (including Neil J. Rubenking), as to the effectiveness of ExploitShield. My apologies for that.

Installation is a breeze and, on application launch, a simple and uncomplicated interface is presented.

image

Clicking on the “Shields” tab will provide you with a list of applications protected by ExploitShield – as shown below.

image

Once loaded, ExploitShield will run as a background process (shown in the screen capture below – necessary since it provides active protection for the applications shown in the screenshot above.

image

As a reminder that ExploitShield is up and running, a new Icon – the “Z”, as shown in the following screen shot ,will appear in the system tray.

image

System requirements: Windows 8, Windows 7, Windows Vista, and Windows XP. ExploitShield runs as both 32 bit and native bit.

From the developer: This beta 0.8.1 expires March 31, 2013. Check back to download a new version once expired.

Download at: ZeroVulnerabilityLabs

It may be a new year – but, the state of Internet security is as it ever was – pathetic. The Internet is a world that is full of cybercriminals, scam and fraud artists, and worse. A world that reeks of tainted search engine results, malware infected legitimate websites, drive-by downloads and bogus security software.

Please be guided by the following: Stop – Think – Click. The bad guys really are out to get you.

15 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Browsers, Don't Get Hacked, downloads

Trap Malware With Toolwiz TimeFreeze

Toolwiz CareBack in April, I reviewed and highly recommended, a suite of freeware utility applications – Toolwiz Care. Having tested the application extensively, at the end of the day, it was no great leap in logic to say –  “This application is feature packed, and includes a wide range of tools that an average computer user should find powerful, efficient, and effective.”

One of the components included in this super suite is Time Freeze (recently released by the developer’s as a stand alone application) – a “one click simple” virtual system which, when active, virtualizes the operating system. In other words, a copy of the operating system is generated, and it’s within this “copy” – or sandbox, if you like – that all activity takes place. Keep in mind – the operating system is virtualized, only when Time Freeze is active.

So, why bother running in a virtualized environment, you might wonder? The answer is pretty simple – in most circumstances, there’s no real benefit. In fact, running virtualized may create a slight time lag in system response. There are, of course, particular circumstances in which running a virtual machine offers major  advantages – but, those circumstances (since I’ve covered this aspect numerous times in the past), are outside the scope of this review.

Instead, I’ll focus on the security aspect of running in virtual mode with Time Freeze when connected to the Internet. And, there can be significant security benefits.

Let’s assume, for example, that while surfing the Internet you fall victim to a drive-by download (more common than you might realize), while visiting an infected web site. Running in “real” mode would mean that you now have a significant problem on your hands. You can, if you like, believe that your AV application will protect you from the consequences – but, don’t count on it.

The same scenario, while running in virtual mode, will have an entirely different outcome. Since, in virtual mode – it’s a copy of the operating system which is facing the Internet – all system and application changes are restricted to the virtual environment. In other words – it’s the copy which has been infected. Simply rebooting the system does away with the copy, and with it – the infection.

Toolwiz Time Freeze, of all the virtual solutions I’ve reviewed over the past few years, has to be the simplest. It’s easy to use, non intrusive, and after initial setup, requires a minimum of user intervention – perfect for the average user.

Installation was hassle free – it was just a matter of  following the on-screen instructions.

Since the application place a small toolbar (shown below), on the Desktop – launching the application is a snap.

image

A quick click on the toolbar and, a click on “Start TimeFreeze”…………

image

image

… and, you’re in business.

image

image

Backing out of the application is equally as easy. At which time, you will have the option of saving any changes made to the system – or not. Not saving changes will require a reboot.

image

Fast facts:

Start up system protection. Prevents malicious threats being made and doing harm to your computer. It puts the actual system under protection and creates a virtual environment for system partition.

Simply reboot to restore your system to the previous state.

Don’t reboot to accept all the changes. It will take several minutes to save the changes to your real system.

Folder Protection – Help you to prohibit the changing of files by others.

Helps you to prohibit accessing the protected folders by others.

Protects your files from being infected by viruses or stolen by trojans.

Very easy switch between virtual & real system.

To enter virtual system, no need to reboot computer. To return to real system, just exit System Protection.

System requirements: Windows XP, Vista, Win 7, Win 8(32 bit and 64 bit)

Download at: Major Geeks

FAQ for Toolwiz Time Freeze

A word of caution: There are no perfect solutions – this application will not protect you against rootkits. Developing safe surfing habits remains your best protection against malware infection.

A further word of caution: Although I’ve had no difficult with this application, there have been reports of system crashes caused by Toolwiz Time Freeze. It’s always good practice to occasionally create a Restore Point – just in case.

This just in: Jim Hillier over at Daves Computer Tips reports the following:

Hey Bill –

I was using Time Freeze pretty regularly to test software for review purposes. I actually stopped using Time Freeze because of persistent issues. Occasionally, after the reboot process, a random service would be stopped. It was no big deal, just go into Services and re-start whichever service had been affected. Then finally, after a reboot, the OS would not load at all. I tried everything to get the OS to boot but no go. I can only assume that this time an essential system service had been stopped. I ended up having to restore a recent image.

So, you may be better off avoiding this application.

10 Comments

Filed under 64 Bit Software, downloads, Freeware, Software, System Utilities, Virtualization

ClearCloud DNS Service Bites The Dust – Pick Up The Slack With Norton DNS

Occasionally, when I’m stuck for time, I’ll post an edited version of an earlier article. In choosing an appropriate article, I try to focus on a free application or service that has real value, but is often underappreciated. More and more often though, I’m finding that a free application I reviewed is no longer free, or the free service I recommended, no longer exists.

Another one bites the dust.

Regular reader Georg L., has just notified me that ClearCloud DNS, a free DNS alternative (reviewed here September 5, 2010) which prevented users from visiting sites identified as harboring malware exploits, will be closing the curtain – effective September 1, 2011.

If you are currently using ClearCloud DNS, you will need to reconfigure your network connection prior to September 1, so that your Internet connectivity is not interrupted. You can learn how to remove ClearCloud DNS from your computer by clicking here.

image

If you’re convinced that an alternative DNS service has value, and you wish to continue to harden your system by substituting your ISP provided DNS service, with a more secure alternative – you have a number of choices to consider, including – Norton DNS, with Norton Safe Web.

Benefits of running with Norton DNS:

Malware Site Blocking – Automatically blocks known dangerous and infected Web sites. Provides a complete overview of the threats found so you know why a site is blocked.

Web Content Filtering – Lets you block Web sites that contain content that you think is inappropriate or dangerous. You can choose from over 45 different categories of content to block and specify individual sites to block.

Here’s an example of Norton DNS in action following my clicking on a spam comment link. 

image

Further investigation of the Threat Report, reveals the following.

image

Pretty scary stuff, I think you’ll agree.

You can install Norton DNS either by download and running the installer or, if you want to have a bit of fun – you can choose to install manually. At first glance, you may think this is complicated when it fact, it’s quite easy. So, give it a try, and don’t be nervous.  :)

The screen captures below, reflect the changes I made.

Norton DNS 2

Norton DNS

Manual Setup for Windows:

Open the Control Panel from your Start menu.

Click Network Connections and choose your current connection.

On the General tab of the Connection Status screen, click Properties.

On the General tab of Connection Properties, scroll down and select Internet Protocol (TCP/IP), then click Properties.

On the General tab of Internet Protocol (TCP/IP) Properties, select Use the following DNS server addresses, then enter the two NortonDNS IP addresses 198.153.192.1 and 198.153.194.1.

Click OK until each window is closed. You are now using NortonDNS.

Once installation is complete, you will be presented with the following confirmation screen.

image

To ensure that you have in fact, been successful in making the change, visit this Norton page. The page will let you know if you are currently using Norton DNS.

image

or

image

System requirements: Windows XP (32-bit) with Service Pack 2 or later, Vista (32-bit and 64-bit) Win 7 (32-bit and 64-bit).

Download at: Norton DNS

Note: Uninstalling or canceling Norton DNS is easy – simply uninstall it. The process will revert your DNS settings to their previous values.

Additional free alternatives include OpenDNS, and Google Public DNS.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

8 Comments

Filed under 64 Bit Software, Cyber Crime, Don't Get Hacked, downloads, Free Internet Protection, Freeware, Internet Safety Tools, Malware Protection, Norton, Software, Windows Tips and Tools

Steer Clear of Malware Web Sites With ClearCloud DNS

imageSecurity conscious Internet users are aware, that so called “trusted” websites, are not always to be trusted. We’ve covered this issue here on Tech Thoughts a number of times, most recently in, “How Safe Are Trusted Web Sites? Not Very!

The following is a brief explanation, from that article, on how cyber crooks manage to infect web sites:

“Cyber-crooks can exploit vulnerabilities on the server hosting the web page to insert an iFrame, (an HTML element which makes it possible to embed another HTML document inside the main document). The iFrame can then activate the download of malicious code by exploiting additional vulnerabilities on the visiting machine”.

Unfortunately, installed anti-malware solutions may not always provide adequate protection against this type of attack. Luckily, there is a solution which can add an additional layer of security by substituting your ISP provided DNS service, with a more secure alternative. An alternative that can prevent you from visiting sites that harbor malware exploits.

Free alternatives include OpenDNS, Google DNS, Norton DNS – and now, an additional free service can be added to this list with the release of ClearCloud Beta from Sunbelt Software, the developer’s of the highly regarded VIPRE antivirus application.

According to ClearCloud, the application “checks every website address your computer is trying to access, whether you’re browsing the internet, clicking a link in an email, or a program “under the hood” trying to communicate with servers for information or updates”.

In a quick 24 hour test, I found ClearCloud worked as advertised. With ClearCloud up and running, you will be prevented from visiting sites identified as harboring exploits. In which case, you will get detailed information on why ClearCloud believes the site is unsafe.

Taking advantage of this service couldn’t be easier. Simply download the setup application, execute, and as the simply interface shown below indicates, you’re now protected by ClearCloud.

image

image

Following installation, visit the ClearCloud block page to verify the service is up and running.

System requirements: Windows, Mac.

Download at: ClearCloud

Alternatively, you can manually set your DNS server address to 74.118.212.1.

Note: You can configure ClearCloud on your router. Click here for a setup walkthrough.

A big ”Thank You” to regular reader TeX for bringing this service to my attention.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

36 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Freeware, Internet Safety Tools, Mac, Software, Spyware - Adware Protection, System Security, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Norton DNS Can Save Your Butt!

In early June, I posted an article – Norton DNS – Another Layer of Computer Security, in which I stated –

You should consider additional system hardening by substituting your ISP provided DNS service, with a more secure alternative.

A few days later, I posted an article – Follow the Link and You “Takes Your Chances”, in which I made the point –

As a matter of policy, I test every allowed link included in a comment, for safety. Spam filters can often miss comment spam, some of which are highly dangerous. While comment Spam is a pain for the Blogger, a reader who follows a link in a malicious Blog comment, which leads to a malware site, is in for a very painful experience.

The following comment emailed to me by WordPress just today, and not picked up by the Askimet spam filter, provides a perfect example where these two intersect:

The email notice:

A new comment on the post “Download TrueCrypt –  TrueCrypt Beats The FBI Decryption Team!” is waiting for your approval.

Author : retnol (IP: 202.70.54.67 , 202.70.54.67)

E-mail : retno.larasati08@student.ipb.ac.id

URL    : http://retno.larasati08.student.ipb.ac.id

Comment:

well, nice post. Thank you for sharing.

Approve it:

Trash it:

Spam it:

On testing the URL (the link), contained in the comment, I get this result from Norton DNS. This is not as uncommon as you might think.

image

Further investigation of the Threat Report, reveals the following.

image

Pretty scary stuff, I think you’ll agree.

So, I’ll repeat –

Be cautious when following links contained in comments on any web site – not just Blogs.

Be particularly cautious of comments, on any web site, where the writer is describing a problem with recommended software and offers a link to alternative software.  This is a favorite technique employed by cyber-criminals. All software reviewed on this site, for example, has been thoroughly tested, by me, for usability. If a reader has a problem with recommended software, it’s generally a machine specific problem.

Be cautious when following any link contained in any web page. Recent reports indicate there are 5.8 million individual web pages infected across 640,000 compromised websites. Cyber-criminals are finding it easier than ever to inject malicious content into legitimate sites.

Since the majority of infected sites are infected with Java based scripts, consider using Firefox with the NoScript add-on. NoScript offers superior protection.

Install an Internet Browser add-on that provides protection against questionable, or unsafe websites.

Use Norton DNS as an added safety precaution.

You simply cannot trust links, given the state of the Internet, so if you haven’t hardened your system by substituting your ISP provided DNS service, with a more secure alternative, I urge you to do so.

I deal with comments like this every day – it just happens, that today, I had some spare time to bring this situation to your attention, one more time.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

28 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Freeware, Interconnectivity, Internet Safety Tools, Internet Security Alerts, Malware Advisories, Norton, Online Safety, Safe Surfing, Software, Utilities, Viruses, Windows Tips and Tools

Norton DNS – Another Layer of Computer Security

image Here’s an item from today’s Tech Net News – “Thousands Of High-Ranked Web pages Infected With Malware, including ……

We’ve covered this issue here on Tech Thoughts a number of times, most recently in, “How Safe Are Trusted Web Sites? Not Very!

The following is a brief explanation, from that article, on how cyber crooks manage to infect web sites:

“Cyber-crooks can exploit vulnerabilities on the server hosting the web page to insert an iFrame, (an HTML element which makes it possible to embed another HTML document inside the main document). The iFrame can then activate the download of malicious code by exploiting additional vulnerabilities on the visiting machine”.

Unfortunately, your anti-malware solutions may not always protect you from this type of attack, so you should consider additional system hardening by substituting your ISP provided DNS service, with a more secure alternative.

Free alternatives include OpenDNS, Google DNS, and now Norton DNS – a free service (in Beta), that provides faster web browsing with basic security. The additional security is provided by Norton Safe Web, which provides a quick check on each site to make sure that it isn’t a threat. If it is, you are protected from the site, and you will get detailed information on why Norton believes the site is unsafe.

Norton DNS, with Norton Safe Web incorporated, prevents users from visiting sites identified as harboring exploits including.

Viruses

Drive-By Downloads

Malicious Downloads

Worms

Suspicious Applications

Suspicious Browser Changes

Security Risks

Heuristic Viruses

Adware

Trojans

Phishing Attacks

Spyware

Backdoors

Remote Access Software

Information Stealers

Dialers

Downloaders

Norton has not yet provided an install client, but in the meantime, you can make the required changes manually by following the instructions below. At first glance, you may think this is complicated when it fact, it’s quite easy. So, give it a try, and don’t be nervous.  🙂

The screen captures below, reflect the changes I made.

Norton DNS 2

Norton DNS

Manual Setup for Windows:

Open the Control Panel from your Start menu.

Click Network Connections and choose your current connection.

On the General tab of the Connection Status screen, click Properties.

On the General tab of Connection Properties, scroll down and select Internet Protocol (TCP/IP), then click Properties.

On the General tab of Internet Protocol (TCP/IP) Properties, select Use the following DNS server addresses, then enter the two NortonDNS IP addresses 198.153.192.1 and 198.153.194.1.

Click OK until each window is closed. You are now using NortonDNS.

To disable or uninstall Norton DNS manually:

Follow the same instructions above, but on step five, select Obtain DNS server address automatically on the last screen (or replace our NortonDNS addresses with your recursive resolver IP addresses).

To ensure that you have in fact, been successful in making the change, visit this Norton page. The page will let you know if you are currently using Norton DNS.

Note: According to Norton, this service is currently only available in English and, not all users in all countries will benefit.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

31 Comments

Filed under Anti-Malware Tools, Beta Software, cybercrime, Don't Get Scammed, Don't Get Hacked, Freeware, Google, Interconnectivity, Internet Safety Tools, Norton, Safe Surfing, Spyware - Adware Protection, Symantec, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP