Tag Archives: processes

Five Steps for a Secure Cloud Transition

In this post, guest author David Maman, CTO and founder of GreenSQL – the database security company – lays out a series of simple steps for cloud migration – ensuring security is systematically addressed.

Five Steps for a Secure Cloud Transition

imageAlmost every type of SMB is examining it’s current IT infrastructure, determining what data and processes can move to the cloud. Of course, security remains one of the biggest concerns.

Here are five steps to make the transition much safer for your data, and your company:

1. Understanding my “Attackability Surface”: Before considering migrating to the cloud, map every project component, and map all the hazards. Including which operating systems will be used, which applications will be installed, which types of security mechanisms are required for each component and, which types of access are required for each service running on this cloud.

Generally, after truly understanding the project scope, the risk becomes controllable.

2. Sharing is Not Caring: Many times, using cloud services involves sharing infrastructure and applications with others, which means that the risk factor is multiplied.

The lack of security configuration at one customer, of application vulnerabilities by other customers, can lead to data loss in your databases. Make sure which components you share, and which are dedicated to you.

Often, when it comes to your customers’ or employees’ sensitive information, you cannot avoid purchasing a private cloud for most components.

3. Command and Control: Demand your cloud providers give you true control and monitoring of any, and all, security components. If necessary, even insist that only you will be able to change the configuration of these components.

If it’s just a network firewall, if it’s a web application firewall, if it’s a database firewall or any other element, those elements ensure your level of risk and your business survival on the cloud. Make sure you are aware of any changes in any security element.

4. The Cat in the Hat: The “Cloud” is a beautiful buzzword; every vendor in the entire IT segment is using the word “Cloud” in presentations and sales speeches. But eventually we have to understand, “Cloud” is really only a hosting service; it might be more advanced; it might support “elastic” growth; it might even provide an extremely easy user interface.

Please make sure you understand that the “Cloud” is “smart” shared hosting, which means that many people may have physical access to the servers that host your data and operating systems.

You can almost never be sure that if – your servers have restarted, it’s not because someone copied the hard drive you are using. Encrypt what you can, and make sure that the most sensitive information is not on the “Cloud.”

5. Software As A Service (SaaS) can work: Salesforce taught us that SaaS can actually work, with extremely high business continuity and extremely high levels of security.

Many Fortune 1000 companies use Salesforce with some of their most sensitive information. The thing is is that Salesforce has invested $100s of millions on infrastructure and security, which more than 90% of other SaaS providers will ever be able to afford.

So, if you decide to go forward and adopt a SaaS provider, keep in mind that size does matter; the bigger the provider (and we’re not talking about boutique providers who cost a fortune), the more secured they are.

Advertisements

6 Comments

Filed under Cloud Computing, Guest Writers

System Explorer and System Security Guard – A Review

https://i1.wp.com/careeroptionscoach.com/wp-content/uploads/2012/03/iStock_000013997777XSmall-focus-magnifying-glass.jpgDepending on which version of Windows Task Manager you use, you may find that it provides you with usable information – or not. Windows Task Manager is most commonly used to display information on all processes running on your computer, as well as advising you of the CPU and memory usage stats for a given process. Additional selective information on running applications, performance, local area connection and information on users, is also available.

But, back to running processes for a moment. What if you need additional information on a running process – or, processes? How, for example, would you determine which processes are safe if you rely on Windows Task Manager?

Running Windows Task Manager in Windows 8 (a major improvement over previous versions), as I’ve done for the following example, is not particularly useful since the only option is a raw online search. Which, in a real sense, is a hit and miss affair. Give it a try with your version of Windows Task Manager – you might be surprised to see just how cumbersome it is.

image

Instead, taking advantage of one of the built-in features in the freeware application, System Explorer, is a much more appropriate solution. In the following example, the selected process can easily be checked at VirusTotal, and at VirusScan, directly from within System Explorer.

image

It’s unlikely however, that you’ll have to take this extra step – since System Explorer has been designed to automatically rate, and provide details on processes that are listed in the developer’s extensive database.

image

Further information can be obtained by clicking on the “See More Details” link which will open the database reference at the developer’s site, as shown below.

image

System Explorer is not a one-trick pony since it has the capacity to provide detailed information on Tasks, Processes, Modules, Startups, IE Add-ons, Uninstallers, Windows, Services, Drivers, Connections and Opened Files. For this review I’ve focused on the security aspect and next up is System Explorer’s “Security Scan” which is easily launched from the GUI.

image

As you can see in the following screen capture – running processes are checked online against the developer’s extensive database.

image

The following screen capture shows a small portion of the 808 processes compared against the developer’s database.

image

Additional information on any specific process can easily be obtained by clicking on the “Details” link, as illustrated below.

image

One aspect of this application which I found intriguing is the “History” function. Running this function allows the user to view and develop information on currently running processes as well as those process running earlier but which are no longer running.

image

System requirements: Windows XP, Vista, Win 7.

Download at: System Explorer Net

Note: also available in a portable version that is just right for geeks on the go.

System Security Guard

System Security Guard, in a broad sense, is very much like the “Security Scan” built into System Explorer. System Security Guard however, as a stand alone small security utility, is designed to run at system startup and automatically scan running processes. As well, all new processes, as they are launched, are scanned.

The results of the initial run with System Security Guard shown below.

image

For this review I set the application to run at startup, and the following graphic represents the results following a week or so of automatic running. You’ll note that the application has identified 4 “Threat Files” – which, in reality, is the same file which has been flagged 4 times (each time the application was launched).

image

The application (CurrPorts), was flagged for good reason since it behaves in a way similar to that of a remote access Trojan. That is – it connects to the Internet in a peculiar way.

image

For illustrative purposes only, I ran the file against the developer’s database. However, since I use this application frequently throughout the day, I’m aware that this is a safe program.

image

System requirements: Windows XP, Vista and Win 7.

Download at: the developer’s site.

A big “Thank You” to regular reader Charlie L. for referring me to these applications.

8 Comments

Filed under downloads, Freeware, Malware Protection, System Utilities, Windows Task Manager Replacement

WinPatrol Plus – ONLY $5 This Weekend

imageI’m often asked to describe the security applications I run on my primary home machine and, I’ll occasionally post an article which does just that. Regular readers will have noticed, that consistent with that old aphorism “the only constant is change”, my choices of security applications over the years have frequently changed. Except, that is, for one application – WinPatrol.

WinPatrol makes my indispensible program list every time – as it has for the last 10 years, or more (WinPatrol is now in its 20th version). No other security application, on any of my machines, comes close to that.

There are a host of additional features that make WinPatrol a very powerful addition to your security toolbox.

From the site:

Instead of a $29.95 upgrade to WinPatrol PLUS this weekend upgrading will only for $5. Like our everyday pricing you can use your single license on every personal computer you own and use it for your lifetime including any new versions we release.

For our friends in Europe $5 USD currently converts to about €3.73 so it’s even a better deal. $25 USD converts to about €18.7 at least by today’s rate.

The sale starts midnight, Friday morning EST time zone.

image

WinPatrol Overview:

WinPatrol’s strong point is – it monitors system areas that malicious programs attack. The free version of this highly regarded application doesn’t stop there though. With WinPatrol in your system tray, you can monitor your system, startup programs, services, cookies, current tasks, and more.

If anything changes, Scotty (the system tray Icon) will alert you. Taking it one step further; WinPatrol allows you to terminate processes and enable, or disable, startup programs.

WinPatrol’s user interface couldn’t be any simpler. New users should have no difficulty following this self explanatory layout.

Selecting options is “click the box” simple.

image

The following screen shot shows currently running applications on my machine, at the time the window was captured.

image

The following screen shot shows recent activity. The right click context menu allows the user to perform a number of operations on the selected entry. I’ve illustrated this by selecting “Properties” of the highlighted .dll.

image

WinPatrol Free – Feature Chart

image

Additional Features in WinPatrol Plus

image

System requirements: Window XP, Vista, Win 7 ( including x64 support).

Download WinPatrol Free at: BillP Studios

If you’re currently a WinPatrol user – don’t keep it a secret. Let you friends/relatives/associates know – WinPatrol is a must have application.

From the site:

Instead of a $29.95 upgrade to WinPatrol PLUS this weekend upgrading will only for $5. Like our everyday pricing you can use your single license on every personal computer you own and use it for your lifetime including any new versions we release.

For our friends in Europe $5 USD currently converts to about €3.73 so it’s even a better deal. $25 USD converts to about €18.7 at least by today’s rate.

Download WinPatrol Plus at: BillP Studios

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

8 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Don't Get Hacked, downloads, Freeware, HIPS, Software, Spyware - Adware Protection, System Utilities

Don’t Have WinPatrol? Look What You’re Missing!

imageI’m often asked to describe the security applications I run on my primary home machine and, I’ll occasionally post an article which does just that. Regular readers will have noticed, that consistent with that old aphorism “the only constant is change”, my choices of security applications over the years have frequently changed. Except for one application – WinPatrol.

WinPatrol makes my indispensible program list every time – as it has for the last 10 years, or more (WinPatrol is now in its 20th version). No other security application, on any of my machines, comes close to that.

WinPatrol’s strong point is – it monitors system areas that malicious programs attack. The free version of this highly regarded application doesn’t stop there though. With WinPatrol in your system tray, you can monitor your system, startup programs, services, cookies, current tasks, and more.

If anything changes, Scotty (the system tray Icon) will alert you. Taking it one step further; WinPatrol allows you to terminate processes and enable, or disable, startup programs.

WinPatrol’s user interface couldn’t be any simpler. New users should have no difficulty following this self explanatory layout.

Selecting options is “click the box” simple.

image

The following screen shot shows currently running applications on my machine, at the time the window was captured.

image

The following screen shot shows recent activity. The right click context menu allows the user to perform a number of operations on the selected entry. I’ve illustrated this by selecting “Properties” of the highlighted .dll.

image

WinPatrol Free – Feature Chart

image

Additional Features in WinPatrol Plus

image

System requirements: Window XP, Vista, Win 7 ( including x64 support).

Download WinPatrol Free at: BillP Studios

If you’re currently a WinPatrol user – don’t keep it a secret. Let you friends/relatives/associates know – WinPatrol is a must have application.

BTW, Bill Pytlovany, WinPatrol’s developer, accepts and encourages donations.

WinPatrol Plus lifetime licenses are available as follows:

WinPatrol PLUS $29.95

WinPatrol PLUS Family Pack $49.95

Download WinPatrol Plus at: BillP Studios

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

8 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Don't Get Hacked, downloads, Freeware, HIPS, Malware Protection, New Computer User Software Tools, Software, System File Protection, System Security, System Utilities, Windows Tips and Tools

What’s Really Running On Your PC? Find Out With Free What’s Running 3.0

Regular readers are going to start thinking that along with my addiction to wine, women, and song, I must be addicted to writing reviews on Windows Task Manager replacements and the like.

This review is a little different though, since I’ve written it with the casual computer users’ needs in mind, rather than the more experienced user I usually focus on.

If you are a new or a casual computer user, What’s Running is a free application that can help you easily find what’s actually running on your computer. It presents a number of views, in a tabbed format, and each one relates to what’s really running on your machine.

Helpful definitions:

Let’s start with processes; the most basic concept – every program you start, or is started by the operating system, is a process. In the process view you can see all the processes easily.

Services are background tasks – keep in mind that a process can contain many services.

The modules are actual files with code and other data, that a process needs. Each process contains at least one loaded module.

Drivers are small programs loaded by the system, to handle hardware and specific system tasks.

IP connections are connections that your computer needs to make in order to send and receive data from the Internet.

Click on a graphic to expand to original.

Process View:

image

In the expanded view of this screen capture, you can readily see what’s running on the test machine. 52 Processes; 164 Services; 653 Modules; 48 IP Connections; 288 Drivers; and 6 Startups.

I’ve chosen to seek out more information on FWservice.exe by clicking on “Check info online, which returned the following from the developer’s site.

image

Each class of running component can be viewed in detail, by accessing the tabbed interface. Control functions are built-in by accessing the “right click” context menu.

Services View:

image

Modules View:

image

Internet Connections View:

What's Running

Startup View:

image

Drivers View:

image

Snapshot View:

image

Fast facts:

Processes – Inspect your processes and find all the relevant details that you need. Get performance and resource usage data such as memory usage, processor usage and handles. As well, you get details about what dll:s are loaded, what services are running within the process, and what IP connections each process has.

IP Connections – Find out information about all active IP connections in the system. Get a list of what remote connections each program has, and find out what applications are listening for connections.

Services – Inspect what services are running or stopped and  find the process for your services and inspect its properties easily.

Modules – Find information about all dll:s and exe:s in use in your system. For each module you can find all processes that have loaded the module. Also you can find the full path and immediately open the folder where the file is located.

Drivers – Find information about all drivers. For running drivers you can inspect the file version to find the supplier of the driver.

Startup – Manage all your startup programs. Disable, edit, delete, etc. Manage startup programs regardless of source (registry or Startup folder).

If you are a new or casual computer user, What’s Running is a terrific application that will help you become familiar with your computer; what drives it, and in an overall sense – how it works.

Once you become familiar with your machine, you can then start taking action, including stopping and starting processes and services, and preventing unwanted programs from running on startup.

Experienced users know, that applications such as What’s Running can be used as an aid in tracking down malware infections. As a new, or casual user, it won’t take long before you have the ability to do the same thing (if you become infected) – once you learn to harness the power of What’s Running.

System requirements: Windows 2000, Windows XP, Windows Vista, Windows 7.

USB compatible: During the install process, you have the option of a minimum install to a Flash Drive.

image

Download at: Developer’s site (whatsrunning.net)

Note: This application is classified as a Beta, but I’ve been running it for years (in one version or another – including this version), with no difficulties.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Beta Software, Computer Tools, downloads, flash drive, Freeware, Portable Applications, Software, System Utilities, USB, Utilities, Windows 7, Windows Vista, Windows XP

BitDefender QuickScan – Scan for Malware Inside Firefox Or Chrome

Interested in a cloud based malware scanner that can scan your machine from inside your Web Browser, in under a minute? Then you’re going to love BitDefender QuickScan.

BitDefender, offers BitDefender QuickScan as a Firefox, or a Chrome add-on, which is designed using cloud based technology ( a continuously updated malware database and the scanner, hosted on remote servers), making it blazingly FAST!

Following installation of the add-on, BitDefender QuickScan sets a quick launch Icon in the Browser Status Bar, for easy access.

The following screen shot shows BitDefender QuickScan completed scanning 911 critical files and modules on my Win 7 machine in 22 seconds, in an initial scan. My Internet connection speed is – 16 Mbps (download) and 1.5 Mbps (upload). Your results may vary, depending on your connection speed.

image

BitDefender claims – the more you use the application, the faster the scan. The following screen capture (second scan), shows a 50% improvement over my initial scan speed – eleven seconds, versus twenty two seconds. The time it takes for me to take three breaths. That meets my definition of FAST!

image Following the scan, you’ll have access to a full report. The following screen capture is only a partial representation of the report, (it’s just too big to insert in this article).

image

Fast facts:

Very fast scanning

Runs online from any Internet connected PC

Based on BitDefender anti-malware technologies

Detects running malware

Detects hidden threats (rootkits) and keyloggers

Scans:

Processes

Network activity

Autoruns and critical files

Browser plug-ins

Note: No cleaning capabilities are included. If BitDefender Online Scanner returns a positive indication of a malware infection, use your onboard antimalware application to clear it.

The main reason I’m recommending BitDefender Online Scanner is: Today’s malware is quite capable of shutting down onboard antimalware applications, while allowing the user to believe the application/s are fully functional. A simply one minute scan can provide an early warning of such activity.

Download: Firefox

Download: Chrome

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

19 Comments

Filed under Anti-Malware Tools, Browser add-ons, Chrome Add-ons, Cloud Computing Applications, Don't Get Scammed, Don't Get Hacked, downloads, Firefox Add-ons, Free Anti-malware Software, Freeware, Software, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Think You’re Infected? Find Out – Run An Online Scanner From Your Browser

clip_image001

Today’s malware generally writes itself into multiple parts of the operating system, and in many cases it can hide it’s files, registry entries, running process and services, making the infection virtually invisible.

The installation of this type of malware can often lead to a critically disabled PC, or in the worst case scenario, allow hackers access to important personal and financial information.

There are plenty of good anti-malware products, but no one anti-malware tool is likely to identify and remove all of the millions of malware strains that infest the cyber world.

As part of the mix of security solutions, online scanners offer an extra layer of protection that’s required in the current Internet environment.

The following graphics illustrates a scan I ran on a Windows 7 system:

clip_image002

clip_image003

Online Scanner Benefits:

Generally fast and easy to use.

Threat signatures and heuristic detection algorithms are always up to date.

Provides deep scanning of archive files, runtime packed executables and email messages.

Can often detect malware that some AV solutions cannot detect.

Avoids conflicts with existing security software.

Acts as a double-check on the accuracy of your onboard AV solutions.

Disadvantages:

May have fewer scanning options than locally installed AV solutions.

Not all scanners disinfect, or remove found malware.

The following are Online Scanners that have developed a good reputation for accuracy; be sure to read the Terms of Use, or Privacy Statements carefully.

Panda ActiveScan 2

ActiveScan 2.0 is an advanced online scanner based on Collective Intelligence (scanning in-the-cloud) that detects malware that traditional security solutions cannot detect.

Make sure your antivirus is offering you proper protection.

Find hidden threats on your PC, such as rootkits, banker Trojans and malware designed to steal your identity.

Simple, online disinfection of all malware detected on your PC.

BitDefender Online Scanner

Free and effective malware cleanup directly from your browser

Incorporating the BitDefender award-winning scanning engines, BitDefender Online Scanner is an on-demand antivirus and antispyware tool that shows how safe your PC is. Accessible from your browser, it will scan and automatically clean the system memory, all files and drives’ boot sectors.

One major advantage of BitDefender Online Scanner is, you can use it without having to uninstall your existing data security product.

Symantec Security Check

The Symantec site offers two scans – a security checker and a virus scanner. Both use ActiveX, so you need to have Internet Explorer running.

The security scan checks that you’re running an anti-virus program and then looks for Windows vulnerabilities, hacker risks and Trojan horses.

The anti-virus checker performs a deep scan and takes a considerable amount of time to complete. It won’t remove any infections it finds, but will suggest actions that you can take.

Note: Does not disinfect.

The graphic below (taken from my test system), outlines the results of the “hacker check” portion, of the Symantec Security Check.

Symantec Security Check

Trend Micro’s HouseCall

HouseCall can quickly identify and fix a wide range of threats including viruses, worms, Trojans, and spyware. It is now faster, more powerful and browser independent.

Full scan and custom scan options, in addition to Quick Scan.

Support for 64-bit and Windows 7.

ESET Online Scanner

ESET Online Scanner is a user friendly, free and powerful tool which you can use to remove malware from any PC utilizing only your web browser without having to install anti-virus software.

ESET Online Scanner uses the same ThreatSense technology and signatures as ESET Smart Security/ESET NOD32 Antivirus, and is always up-to-date.

Administrator privileges are required to run ESET Online Scanner.

Kaspersky

Kaspersky Online Virus Scanner is a free online virus scanner to find out if you have any viruses or spyware on your machine without having to uninstall your current antivirus software or install a new one.

Most importantly, you can see what viruses your current antivirus software let slip through.

Note: Does not disinfect.

It’s good practice to run an online scanner occasionally. It’s convenient, and it’s a good double-check that your onboard security solutions are effective.

If your onboard AV informs you that you’ve been infected, it’s always a good idea to run a secondary on board scanner for confirmation, followed by an online scan.

Antimalware applications are not immune from false positives. In fact, false positives are more common than many users realize. Here’s just one example – some AVs are notorious for seeing extractor files in application setup files as a Trojan.

So run an online scanner if you think you’ve been infected. You may think this is aggravating, and maybe it is, but it’s a better solution than having to rebuild your system because you’ve removed a critical file.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

22 Comments

Filed under Anti-Malware Tools, Antivirus Applications, cybercrime, downloads, Freeware, Malware Removal, Online Spyware/Virus Scanners, Software, Windows Tips and Tools