Last Updated: 2008-02-10 21:28:43 UTC
by Lorna Hutcheson (Version: 1)
Here is the compiled list of tools for the home user. Hopefully this list will grow over time and give people many options for making their systems safer. Please, if you have anymore to add, let me know. If you have feedback, its very appreciated and can make a difference. I passed comments I received on to Charlie over at PacketProtector and he appreciated the feedback. A new version will be out very soon, so keep checking his site. Here are the list of tools in no particular order. As the list grows, I'll try to categorize the tools.
1. PacketProtector was recently featured on Linux.com and provides some nice features for protecting your wireless home network. PacketProtector is a Linux distribution for your wireless router. Here are a list of the features that you get according to their website:
--a stateful firewall (iptables)
--WPA/WPA2 Enterprise wireless (802.1X and PEAP with FreeRADIUS)
--intrusion prevention (Snort-inline)
--remote access VPN (OpenVPN)
--content filtering/parental controls (DansGuardian)
--web antivirus (DG + ClamAV)
--a local certificate authority (OpenSSL)
--secure management interfaces (SSH and HTTPS)
--advanced firewall scripts for blocking IM and P2P apps
--IP spoofing prevention (Linux rp_filter)
--basic protocol anomaly detection (ipt_unclean)
2. Endian Firewall Community: Submitted by JD: I know many people that throw away
old computers when they purchase new ones. If the home user does not
have a supported router for PacketProtector, they can put their old
computer to good use instead of creating hazardous waste at their local
landfill. Endian has many of the same features as PacketProtector.
"What is Endian Firewall Community?
Endian Firewall Community is a "turn-key" linux security distribution
that turns every system into a full featured security appliance. The
software has been designed with "usability in mind" and is very easy to
install, use and manage, without losing its flexibility.
The features include a stateful packet inspection firewall,
application-level proxies for various protocols (HTTP, FTP, POP3, SMTP)
with antivirus support, virus and spamfiltering for email traffic (POP
and SMTP), content filtering of Web traffic and a "hassle free" VPN
solution (based on OpenVPN). The main advantage of Endian Firewall is
that it is a pure "Open Source" solution that is sponsored by Endian."
"Blue Coat® K9 Web Protection is a content filtering solution for your home computer. Its job is to provide you with a family-safe Internet experience, where YOU control the Internet content that enters your home. K9 Web Protection implements the same enterprise-class Web filtering technology used by Blue Coat's Fortune 500 customers around the world, wrapped in simple, friendly, and reliable software for your Windows 2000, Windows XP or Windows Vista computer."
They also state the following:
"The function that K9 provides is not antivirus, anti-spam, or firewall functionality. K9 is a Web filter; it determines where the computer user can go inside your Web browser. (In our upcoming release, we'll also be offering Instant Message/Chat controls, and Peer-to-Peer controls.)"
4. Windows Sysinternals is a popular submission for inclusion (Thanks Paul and Brian). It is a collection of tools for troubleshooting and monitoring your systems. Some are GUI oriented and others are used from the command line. From Microsoft's website:
"The Sysinternals web site was created in 1996 by Mark Russinovich and Bryce Cogswell to host their advanced system utilities and technical information. Microsoft acquired Sysinternals in July, 2006. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows systems and applications."
Its not a long list, but if you have more, I'll be happy to post them. Thanks to everyone who submitted!
Last Updated: 2008-02-10 19:39:39 UTC
by Lorna Hutcheson (Version: 1)
A reader pointed out an interesting set of Frequently Asked Questions done on Microsoft's blog site pertaining to the concept of a kill-bit which is really just a registry setting. There are so many ActiveX exploits floating around out on the internet. For example, on the February 4, fellow handler Mari posted a diary about 6 new ActiveX exploits.
In order to protect your network and your systems, it is key you understand how to defend against this threat. I highly recommend reviewing the three part series posted on Microsoft's site. The URLs are below: