Computer, no pain - Vulnerability Checklist
We very often hope for “chance” and begin to struggle with the consequences when everything has already happened. This is especially true of information security. But why wait when your computer is hacked or infected with a virus if you can solve all possible problems in advance. At Qihoo 360 Technology Co, we know a lot about the prevention of infections and hacks, and we suggest you use our checklist, with which you can check your computer.
The simplest and very first way to check your computer for vulnerabilities is to regularly scan it for viruses and unwanted programs. Modern antiviruses have learned to accurately detect any malware even at the stage of their attempts to integrate into the system, but, however, no one has yet canceled the human factor. According to statistics, the majority of computer infections with viruses occur precisely through the fault of the users themselves. Anyone can accidentally click “skip” on the antivirus warning and now the system is infected.
So it is best to put in a regular anti-virus schedule a full scan. And do not forget with all the media that you use, as they can be stored copies of viruses. If you are afraid that the system is already infected, we would recommend checking it with several different antivirus programs. Or one of 360 Total Security, which includes such well-known anti-virus engines like Avira, Bitdefender, cloud cloud scanner 360 Cloud and QVM AI. Together, they will cope with the most cunning infection.
Of course, vulnerability testing cannot be limited to antivirus alone. There are many programs that are not identified as malicious. These are the so-called adware, annoying browser toolbars and hijacker utilities that change start pages, potentially unwanted programs (PUP), and so on. These programs are disguised and even perform some useful functions, but at the same time allow themselves to load your system in terms of using RAM and processor, and your brain in terms of displaying completely unnecessary advertisements.
')
Such software should be removed from the installed programs and, of course, carefully study the scheduled tasks, autoload and services. It is there that they often hide from the usual methods of removal. If you do not check, then there is a big chance that after some time these programs will return to the system and continue their dirty work. 360 Total Security Antivirus can automatically detect and remove such malicious software and, in addition, disable some scheduled tasks, unnecessary services, as well as optimize the network connection. Moreover, the antivirus allows the user to independently select exceptions for optimization - thus, you can leave intact form those programs and utilities whose autostart is critical for one reason or another.
Understand the very concept of "vulnerability". In computer security, it is used to indicate a flaw in the OS or program, using which an attacker can disrupt the system or even gain control over it. Vulnerabilities arise most often due to programming errors and are treated with patches that are released by developers.
It would seem that a hidden error can affect its software security. The usual user thinks so, prohibiting the automatic update for the operating system and programs. However, such a known vulnerability as buffer overflow may well allow an attacker to download and execute arbitrary machine code on behalf of the program and with the rights of the account from which it runs. And memory leaks can disrupt the operation of the entire system without any action from the side. The introduction of SQL-code can enable an attacker to execute an arbitrary query to the database of the program or site and get the ability to read or write local files. And, of course, how can I not mention CSRF - “Cross-site request forgery”. This type of attack is applied to site visitors and is accomplished by placing a link or script on a web page that can imitate normal operation. This way passwords, personal data and even your money from bank cards are stolen.
Part of all vulnerabilities should be closed by administrators of servers and sites, and the other only by users on their computers. The principle: “it seems to work stably and well” does not work here, and it’s not for nothing that developers release software updates. This is done not only to add some new features, but also to close errors that were discovered by other users and professional testers.
Operating system vulnerabilities are more dangerous than individual program vulnerabilities, as they are much more complex and are used everywhere. They are closed by the timely installation of security updates that fix errors in vulnerable components of the system. On Windows, a special service “Windows Update” is responsible for this, which automatically checks for new updates and installs them, unless, of course, this is prohibited by the user.
Software vulnerabilities have less of an impact on security than operating system vulnerabilities. But, for example, security errors in browsers or office applications can lead to very serious consequences. Eliminating such vulnerabilities is necessary and is done either manually from the developer sites or through the update tools incorporated into the programs themselves.
In 360 Total Security, we have built in a special mechanism that checks the operating system and installed programs for updates. This service monitors the executable files and the OS itself, compares it with a special database and provides recommendations for updating.
In addition, there is a reverse situation and updates disrupt the system. In our antivirus, you can see which patches were installed and remove those that, in your opinion, can cause errors.
The system itself and browsers, which are currently one of the main sources of potential danger to your computer, should be cleaned from time to time. Delete temporary files and traces of your activity on the Internet: history of visits, cookies, saved passwords. You should also check the installed extensions, among which may be elements of adware and tracking software.
This is an important point of checking your computer for vulnerabilities, because by removing all this garbage from the system, you wipe out all the “tails” of viruses that you have already disposed of. And in time, a remote history of your browser can keep your personal data intact.
All these features are included in the “Cleaning” module of 360 Total Security. It removes various garbage like temporary files, browser cache files, system garbage, etc ... In addition, with the help of System Backup Cleaner you can clean up backup copies of drivers and temporary update files. And you do not need to install additional software. In the process of working with the anti-virus, the user can put down or remove hints opposite the temporary files that should or should not be deleted (for example, if you do not want to clear the browser cache or are afraid to delete temporary Windows files).
After checking your computer and removing all unnecessary, you need to ensure that your computer is protected from infection at the earliest stages. Check your antivirus for all possible system monitoring functions in real time. Of course, it should check any connected media immediately upon connection. Once upon a time, viruses were successfully distributed via USB flash drives and even DVDs, copying themselves to a computer. The times have changed a little and even the simplest antiviruses have learned to block such threats, but it’s still impossible to forget about them.
Your antivirus should be able to protect webcams from unauthorized connections, and keyboards from keyloggers. If you, of course, do not want to ever see your video in shorts on the network or lose all personal information from your mailbox or social networking accounts. Sometimes it is enough just to allow a seemingly safe application on a randomly detected site, and now the camera of your laptop records everything that happens in front of the laptop. And keyloggers, who can disguise themselves as quite useful programs, immediately merge all the characters you typed on the keyboard into the network. And on the other side, the attacker will easily find typed letters and logins with passwords that you have scored.
The anti-virus is also simply obliged to be able to check the downloaded files right at the stage of their download, and not after their launch. And if we continue the topic of browsers, then, of course, you need protection for online purchases. You do not want to lose your bank card details. 360 Total Security, when this mode is enabled, blocks the operating system to prevent possible threats or launching unknown applications that can intercept online shopping sites or online transactions.
Continuing the theme of the capabilities of your antivirus, you need to separately tell about such a possibility as a “sandbox”. With this feature, you can run potentially dangerous programs on your computer and not be afraid that this will affect your system. After all, it will start it in a limited environment, without access to the network and the ability to communicate with the OS. If the program starts installing malware or replacing system files, the anti-virus protection mechanisms will work. But since you launched it in the sandbox, there will be no consequences. If the program is safe, then it can be installed in the system and work.
Be sure to check your antivirus for all these features. In 360 Total Security, it is.
Anti-virus check - regular full scheduled check, control of external devices (flash drives, memory cards, external drives, gadgets)
System optimization - eliminate the work of adware, hijacker utilities, unnecessary toolbars in the browser, unnecessary programs in autoload
Updates of the operating system and programs - be sure to check for the presence and composition of updates, roll up useful patches
Cleaning the system and browsers - periodically clean unnecessary and irrelevant temporary files, cookies, history and saved passwords
Real-time protection - protect your webcam from unauthorized access, disable keyloggers, check files when downloading
Running a suspicious program in the sandbox - if the desired program is suspicious, run it in the sandbox and install it into the system only if it is completely safe
As a rule, most of what is described above is performed by different programs. Cleaners clean the system of debris, antiviruses - from malware. And if the first ones are mostly free (and sometimes they carry the same adware on board), then you will have to buy the second ones in order to use all the necessary functions. However, our free 360 Total Security antivirus can do everything and even a bit more. However, it is free, and in its capabilities and reliability is not inferior to expensive counterparts. Do not believe - read our review .
PS: in the post used comics from the site xkcd.ru and the site of the original xkcd.com
Antivirus check
The simplest and very first way to check your computer for vulnerabilities is to regularly scan it for viruses and unwanted programs. Modern antiviruses have learned to accurately detect any malware even at the stage of their attempts to integrate into the system, but, however, no one has yet canceled the human factor. According to statistics, the majority of computer infections with viruses occur precisely through the fault of the users themselves. Anyone can accidentally click “skip” on the antivirus warning and now the system is infected.
So it is best to put in a regular anti-virus schedule a full scan. And do not forget with all the media that you use, as they can be stored copies of viruses. If you are afraid that the system is already infected, we would recommend checking it with several different antivirus programs. Or one of 360 Total Security, which includes such well-known anti-virus engines like Avira, Bitdefender, cloud cloud scanner 360 Cloud and QVM AI. Together, they will cope with the most cunning infection.
System optimization
Of course, vulnerability testing cannot be limited to antivirus alone. There are many programs that are not identified as malicious. These are the so-called adware, annoying browser toolbars and hijacker utilities that change start pages, potentially unwanted programs (PUP), and so on. These programs are disguised and even perform some useful functions, but at the same time allow themselves to load your system in terms of using RAM and processor, and your brain in terms of displaying completely unnecessary advertisements.
')
Such software should be removed from the installed programs and, of course, carefully study the scheduled tasks, autoload and services. It is there that they often hide from the usual methods of removal. If you do not check, then there is a big chance that after some time these programs will return to the system and continue their dirty work. 360 Total Security Antivirus can automatically detect and remove such malicious software and, in addition, disable some scheduled tasks, unnecessary services, as well as optimize the network connection. Moreover, the antivirus allows the user to independently select exceptions for optimization - thus, you can leave intact form those programs and utilities whose autostart is critical for one reason or another.
OS and software updates
Understand the very concept of "vulnerability". In computer security, it is used to indicate a flaw in the OS or program, using which an attacker can disrupt the system or even gain control over it. Vulnerabilities arise most often due to programming errors and are treated with patches that are released by developers.
It would seem that a hidden error can affect its software security. The usual user thinks so, prohibiting the automatic update for the operating system and programs. However, such a known vulnerability as buffer overflow may well allow an attacker to download and execute arbitrary machine code on behalf of the program and with the rights of the account from which it runs. And memory leaks can disrupt the operation of the entire system without any action from the side. The introduction of SQL-code can enable an attacker to execute an arbitrary query to the database of the program or site and get the ability to read or write local files. And, of course, how can I not mention CSRF - “Cross-site request forgery”. This type of attack is applied to site visitors and is accomplished by placing a link or script on a web page that can imitate normal operation. This way passwords, personal data and even your money from bank cards are stolen.
Part of all vulnerabilities should be closed by administrators of servers and sites, and the other only by users on their computers. The principle: “it seems to work stably and well” does not work here, and it’s not for nothing that developers release software updates. This is done not only to add some new features, but also to close errors that were discovered by other users and professional testers.
Operating system vulnerabilities are more dangerous than individual program vulnerabilities, as they are much more complex and are used everywhere. They are closed by the timely installation of security updates that fix errors in vulnerable components of the system. On Windows, a special service “Windows Update” is responsible for this, which automatically checks for new updates and installs them, unless, of course, this is prohibited by the user.
Software vulnerabilities have less of an impact on security than operating system vulnerabilities. But, for example, security errors in browsers or office applications can lead to very serious consequences. Eliminating such vulnerabilities is necessary and is done either manually from the developer sites or through the update tools incorporated into the programs themselves.
In 360 Total Security, we have built in a special mechanism that checks the operating system and installed programs for updates. This service monitors the executable files and the OS itself, compares it with a special database and provides recommendations for updating.
In addition, there is a reverse situation and updates disrupt the system. In our antivirus, you can see which patches were installed and remove those that, in your opinion, can cause errors.
Cleaning the system and browsers
The system itself and browsers, which are currently one of the main sources of potential danger to your computer, should be cleaned from time to time. Delete temporary files and traces of your activity on the Internet: history of visits, cookies, saved passwords. You should also check the installed extensions, among which may be elements of adware and tracking software.
This is an important point of checking your computer for vulnerabilities, because by removing all this garbage from the system, you wipe out all the “tails” of viruses that you have already disposed of. And in time, a remote history of your browser can keep your personal data intact.
All these features are included in the “Cleaning” module of 360 Total Security. It removes various garbage like temporary files, browser cache files, system garbage, etc ... In addition, with the help of System Backup Cleaner you can clean up backup copies of drivers and temporary update files. And you do not need to install additional software. In the process of working with the anti-virus, the user can put down or remove hints opposite the temporary files that should or should not be deleted (for example, if you do not want to clear the browser cache or are afraid to delete temporary Windows files).
Real time protection
After checking your computer and removing all unnecessary, you need to ensure that your computer is protected from infection at the earliest stages. Check your antivirus for all possible system monitoring functions in real time. Of course, it should check any connected media immediately upon connection. Once upon a time, viruses were successfully distributed via USB flash drives and even DVDs, copying themselves to a computer. The times have changed a little and even the simplest antiviruses have learned to block such threats, but it’s still impossible to forget about them.
Your antivirus should be able to protect webcams from unauthorized connections, and keyboards from keyloggers. If you, of course, do not want to ever see your video in shorts on the network or lose all personal information from your mailbox or social networking accounts. Sometimes it is enough just to allow a seemingly safe application on a randomly detected site, and now the camera of your laptop records everything that happens in front of the laptop. And keyloggers, who can disguise themselves as quite useful programs, immediately merge all the characters you typed on the keyboard into the network. And on the other side, the attacker will easily find typed letters and logins with passwords that you have scored.
The anti-virus is also simply obliged to be able to check the downloaded files right at the stage of their download, and not after their launch. And if we continue the topic of browsers, then, of course, you need protection for online purchases. You do not want to lose your bank card details. 360 Total Security, when this mode is enabled, blocks the operating system to prevent possible threats or launching unknown applications that can intercept online shopping sites or online transactions.
Running a suspicious program in the sandbox
Continuing the theme of the capabilities of your antivirus, you need to separately tell about such a possibility as a “sandbox”. With this feature, you can run potentially dangerous programs on your computer and not be afraid that this will affect your system. After all, it will start it in a limited environment, without access to the network and the ability to communicate with the OS. If the program starts installing malware or replacing system files, the anti-virus protection mechanisms will work. But since you launched it in the sandbox, there will be no consequences. If the program is safe, then it can be installed in the system and work.
Be sure to check your antivirus for all these features. In 360 Total Security, it is.
Must read & save checklist for mandatory vulnerability check
Anti-virus check - regular full scheduled check, control of external devices (flash drives, memory cards, external drives, gadgets) System optimization - eliminate the work of adware, hijacker utilities, unnecessary toolbars in the browser, unnecessary programs in autoload Updates of the operating system and programs - be sure to check for the presence and composition of updates, roll up useful patches Cleaning the system and browsers - periodically clean unnecessary and irrelevant temporary files, cookies, history and saved passwords Real-time protection - protect your webcam from unauthorized access, disable keyloggers, check files when downloading Running a suspicious program in the sandbox - if the desired program is suspicious, run it in the sandbox and install it into the system only if it is completely safeConclusion
As a rule, most of what is described above is performed by different programs. Cleaners clean the system of debris, antiviruses - from malware. And if the first ones are mostly free (and sometimes they carry the same adware on board), then you will have to buy the second ones in order to use all the necessary functions. However, our free 360 Total Security antivirus can do everything and even a bit more. However, it is free, and in its capabilities and reliability is not inferior to expensive counterparts. Do not believe - read our review .
PS: in the post used comics from the site xkcd.ru and the site of the original xkcd.com
Source: https://habr.com/ru/post/281076/
All Articles