Confidentiality of information in my system ..

[Minto]

I have been hearing in the news that Windows XP is having a few flaws
which Microsoft is trying to patch up. How do I know that my system has
not been compromised already? I am storing all sorts of confidential
data like credit card numbers and passwords in my system, so naturally
I am very concerned. Also, I have other confidential information that I
would not like to share with others.
Is there any way to confirm that my system has not been already
compromised? I have anti-virus and firewall installed, but maybe they
are not good enough??

 

[Mark Ritchie]

Hi there,

With all the nasties out there these days it's sometimes hard to tell if
you've been the victim. There are rogue anti-spyware and anti-virus
programs that act like legit programs but install other items that will
steal your data and keystrokes. A sign that you are probably infected is
slow PC performance and alot of pop-ups.

The best way to tell if you've been infected is to run Virus and Spyware
scans. I personally prefer to use AVG and Ewido for these, but there are
alot of other good programs as well.

Once that is done, you might want to make a Hijackthis log and have someone
look it over for you. I'd be more then happy to, here is a page on my site
that outlines the 4 basic steps

http://www.livetechsupport.ca/free_pc_help.htm


--
Regards,

Mark Ritchie


**************************************
Computer Problems Dragging you Down?
Let us Fix it for you quickly and remotely!
http://www.livetechsupport.ca
(866)730-5403
**************************************

 

[Maurice N ~ MVP]

Hello Minto,

The patches that MS has been issuing (in the main) are for some exotic-type conditions. If you practice "safe pc practices", your odds of having an issue are lessened. e.g., Not opening attachments from unknown or un-expected sources. Not clicking on email links, unless to be known safe websites.

Beyond using an AV & firewall, you need to have an active antimalware application.
I use and recommend CounterSpy.
But there are free tools also, like AdAware SE & Spybot.

You also need to do a scheduled scan of the system -- say each week at least -- by the anti-malware & the AV.

It is very very hard if your system has been compromised, unless their are some leftover trace(s) on it ( and NOT counting cookies here).

Check for Malware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/Darnit.htm
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine.blogspot.com/

When all else fails, HijackThis
(http://aumha.net/downloads/hijackthis.zip) is the preferred tool to
use. It will help you to both identify and remove any hijackware/spyware.
**Post your HijackThis log to http://forums.spywareinfo.com/,
http://castlecops.com/forum67.html or
http://aumha.net/viewforum.php?f=30 for expert analysis, not here.**

 

[Maurice N ~ MVP]

It would help to have re-read (re-checked) before pressing Send. sorry

Revise it say
It is very very hard _to know _ if your system has been compromised, unless their are some leftover trace(s) on it ( and NOT counting cookies here).

 

[Patrick Keenan]

I have been hearing in the news that Windows XP is having a few flaws
which Microsoft is trying to patch up.

It's not news, but all large software, including all operating system
software, has flaws. What's probably more important is how the people
administering the systems secure them (or don't). This is why

How do I know that my system has
not been compromised already? I am storing all sorts of confidential
data like credit card numbers and passwords in my system, so naturally
I am very concerned. Also, I have other confidential information that I
would not like to share with others.

There's a saying that the only secure computers are those not connected to
networks. As well, anyone who can get physical access to your machine can
be assumed to be able to take any data from it.

If you have a concern for security, educate yourself (there is a lot of
information, much highly technical, on this topic), and if you are
uncertain, move (not copy) that data to media that is not shared, does not
always have to be attached to the PC (like on CD/RW or an external drive you
can disconnect) and that others don't have physical access to. Turn off
any un-needed file sharing and install a NAT router. And change your
passwords regularly.

A word regarding XP Pro encryption: this is effective, but is tied to the
user account credentials. Once you're in the account, the data is
unencrypted. And should the account be changed from outside, such as a lost
password being reset by the administrator, if the credentials weren't
exported and verified, the data is permanently lost.

Is there any way to confirm that my system has not been already
compromised?

Pretty much only by watching for misuse of your information.

If you think there is the remotest chance that this has happened,
immediately change all the passwords and credit card numbers.

Doing so will not only prevent misuse by instantly invalidating all the old
information, but will trigger detection activities when and if the old
information is used. Just be sure it isn't *you* that accidentally uses
the old information - this can be rather embarassing.

Regularly changing passwords is a very basic security measure. Many people
do not do this.

I have anti-virus and firewall installed, but maybe they
are not good enough??

They help, but do not absolve you of responsiblilty for your data. Do not
consider them as complete or impenetrable security solutions.

HTH
-pk

 

[Ken Blake, MVP]

I have been hearing in the news that Windows XP is having a few flaws
which Microsoft is trying to patch up.

*All* operating systems, as well as all other software, has more than a
"few" flaws. Patches are issued as they become availabel, and this is a
continuous process.

How do I know that my system
has not been compromised already?

You need to install the critical updates as they become available (for
Windows, normally on the second Tuesday of each month), and you need to run
appropriate protection software.

I am storing all sorts of
confidential data like credit card numbers and passwords in my
system, so naturally I am very concerned. Also, I have other
confidential information that I would not like to share with others.
Is there any way to confirm that my system has not been already
compromised? I have anti-virus and firewall installed, but maybe they
are not good enough?

They are defintely *not* good enough. You need three types of software to
protect yourself. You have only two of the three. The third type is
anti-spyware soiftware. I recommend running a combination of the following
free products:

Ad-aware
Spybot Search and Destroy
Spyware Blaster

Just running one such product is not sufficient.

 

[Minto]

Thanks, excellent advise from all.

I hope someone will come up with a program that will optionally
identify a credit card with a particular machine's hardware signature,
which will be registered in the bank, so that no one can actually may
any use of it even if he steals the number and details - unless he
physically steals the laptop or the card as well!

I think I will begin by changing my credit card numbers so that any
information that someone may have gathered will be worthless. Thanks
again!

 

[Bruce Chambers]

I have been hearing in the news that Windows XP is having a few flaws
which Microsoft is trying to patch up. How do I know that my system has
not been compromised already? I am storing all sorts of confidential
data like credit card numbers and passwords in my system, so naturally
I am very concerned. Also, I have other confidential information that I
would not like to share with others.
Is there any way to confirm that my system has not been already
compromised? I have anti-virus and firewall installed, but maybe they
are not good enough??

There are several essential components to computer security: a
knowledgeable and pro-active user, a properly configured firewall,
reliable and up-to-date antivirus software, and the prompt repair (via
patches, hotfixes, or service packs) of any known vulnerabilities.

The weakest link in this "equation" is, of course, the computer
user. No software manufacturer can -- nor should they be expected to --
protect the computer user from him/herself. All too many people have
bought into the various PC/software manufacturers marketing claims of
easy computing. They believe that their computer should be no harder to
use than a toaster oven; they have neither the inclination or desire to
learn how to safely use their computer. All too few people keep their
antivirus software current, install patches in a timely manner, or stop
to really think about that cutesy link they're about to click.

Firewalls and anti-virus applications, which should always be used
and should always be running, are important components of "safe hex,"
but they cannot, and should not be expected to, protect the computer
user from him/herself. Ultimately, it is incumbent upon each and every
computer user to learn how to secure his/her own computer.

To learn more about practicing "safe hex," start with these links:

Protect Your PC
http://www.microsoft.com/security/protect/default.asp

Home Computer Security
http://www.cert.org/homeusers/HomeComputerSecurity/

List of Antivirus Software Vendors
http://support.microsoft.com/default.aspx?scid=kb;en-us;49500

Home PC Firewall Guide
http://www.firewallguide.com/

Scumware.com
http://www.scumware.com/


--

Bruce Chambers

Help us help you:



They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Many people would rather die than think; in fact, most do. -Bertrand Russell