Author Message

Liddokun

GameSage: Aura Kingdom
Liddokun
Joined
22 Feb 2008
Posts
3141
Location
San Francisco United States
PostedMay 26, 2010 1:39 pm

How To: System Security

These simple steps will prevent 95% of hackers from intruding into your computer and game accounts.

1. Malicious websites - These are websites setup by hackers that has been laced with malware (trojan, keyloggers, viruses, worms, etc). They are disguised to look very much like the original website they are trying to mimic. Usually these are spread by phishing emails from the hacker trying to trick the victim into visiting their websites. Gold sellers love to advertise their website this way in order to infect their victim's computer with trojan and keyloggers in order to steal the gold and items of their victims. Simply visiting the website can infect your computer with the malware's payload.

2. Fake/Phishing email - Be very careful in clicking on the links of suspicious emails. Make it a habit to type out the full url of a website manually. Also make sure to ALWAYS check the actual URL on a link before clicking on it. There has been a rash of such type of scam lately with bogus claims convincing the victim to give out their personal information and/or password or get their computer infected with malware.

3. Malware - If a stranger or someone you know sent you an email or link with a piece of software attached that you are not expecting, then be very suspicious. Always scan the software first as it might contain a virus, trojan, rootkits or keylogger embedded in it. Also be very suspicious of any software downloaded from the internet especially from any P2P (peer to peer) networks such as bit torrent.

4. Password Security - One way for a hacker to get hold of your account is thru weak easy to guess passwords. Most people use passwords that are related to them such as birthdates, spouse name, home addresses, phone numbers, relative's name, etc. These should never be used as passwords as they are the easiest to guess. A good password should be a combination of letter and numbers and symbols at least 8 to 14 character long. Even better would be ones that is a mix of upper and lower case letters and numbers. (Example: g@ndFaNT@s1a)

5. Never share your account and/or password - If you share your account and/or password with your best friend, spouse or relatives this exponentially increases the risk that your account/password could be compromised. It is also against Aeria Games term of service to share accounts.

6. Security suite - Invest in a good internet security suite such as AVG, Malwarebytes etc. The are several ones that are decent in the market and will provide you with peace of mind and decent protection against basic and advanced methods of intrusion such as trojans, keyloggers and rootkits.

7. Personal Firewall - It's good to have one. The basic firewall that comes with Windows XP and 7 is good enough for most general use. It protects your computer from unauthorized intrusion and most basic attacks such as ICMP bombs.

8. Windows Update - Always check your windows for updates at least once a month or better yet once a week. Microsoft regularly sends out patches for windows that addresses bugs and weaknesses in the Windows operating system. Your system should be set up to automatically check for updates but you can do so manually at http://update.microsoft.com/
Advertisement

JonGhost

Rank 5.2
JonGhost
Joined
20 Feb 2007
Posts
16075
Location
Colorado United States
PostedMay 26, 2010 2:27 pm
To summarize, use your common sense.

Also, if you're going to get antivirus and firewalls for that "peace of mind" feeling and that inconvenient use of your computer, then make sure to also (if you have Windows Vista or Windows 7) turn on UAC and UAP if they aren't on already. And on Win 7, just set UAC to its highest setting (not on the highest by default).

In addition to that, disable all remote access services and options on your computer unless you actually use them (I do).

By the way, if you're using Windows 7 and have wireless... you might want to read this:
 
http://msdn.microsoft.com/en-us/library/dd815243(VS.85).aspx  


You will probably also want to use your computer on a Power User account so that when you infect your computer, the virus won't have permissions to do certain things... Unless it cracks the very easy to crack Windows passwords...

Make sure not to save any passwords or logins on your web browsers either. Lots of malware go straight to those areas to retrieve that information and send it to bad people.

And while we're at it, don't be an idiot like this guy:
http://today.msnbc.msn.com/id/24790921/

<object> <param> </embed> </object>

cluskey1

Rank 3
cluskey1
Joined
10 Jan 2010
Posts
1568
Location
scotland United Kingdom
PostedMay 26, 2010 3:54 pm
very helpful ..im saving this thread

balgph

Rank 0
Joined
23 Dec 2009
Posts
30
Location
Philippines
PostedJun 18, 2010 9:35 pm
just some additional points

1. the built in firewall on XP provides excellent inbound protection but ZERO outbound protection

not sure about the firewall in windows 7 yet (since I have not tested it yet).

however, there are lots of good free personal firewalls out there (comodo, zone alarm, etc etc)

2. to avoid visiting malicious websites, try using a freeware program like spywareblaster (it doesnt support all browsers though).

3. you might also want to check out other freeware security programs like secunia PSI and WOT

grimtonez

Rank 0
grimtonez
Joined
27 Jun 2008
Posts
82
Location
Heijō-kyō Japan / Colo Sprgs CO United States
PostedMay 21, 2011 3:49 pm
Great post! I wrote up something similar for my little Bro's gaming site and I have two things to add that could further prevent getting hacked.

1. Here is one people look past frequently. DO NOT use the same login information you use for your game accounts for any third party community, fan based, or third party forum sites relating to any games you may play. Hackers love hacking these typically unsecured sites and pulling the User Data files. This means they most likely just gained access to your email address, user name, and password that you use for the site. Hackers will not waste one minute taking this information and running it through a games login process just to see if they get a hit and its very automated which means FAST.

2. This one is often looked over as well. Change your game account password MONTHLY. The harder it is to pin down your password the more trouble hackers will have. I believe the Taiwanese (non disclosed pay2play game) servers make this manditory every time you buy in-game time. I sometimes do this weekly depending on what I have stored on a certain account.

The second one really only helps if you take the precautions mentioned above by Liddokun and goes along with picking a unique password as stated.

Thanks for the great post! Smile

limitboost

Rank 0
limitboost
Joined
06 Feb 2010
Posts
163
Location
United States
PostedMay 22, 2011 7:41 am
All very good information to have. Having recently had a virus problem that had to be resolved professionally, I can say that one can never be too careful. It came as a surprise that, given I'm very cautious, I got a virus anyhow. So a few pointers from the experience...

1. You do NOT want two different antivirus programs running at the same time. This can generate false positives as well as conflicts between the two programs. One may allow malicious software through that the other would not. For those who don't know what a false positive is, that's when security software erroneously identifies a harmless file or program as a virus or malware. As an example, Lavasoft AdAware has (despite updates that should have resolved it) repeatedly identified GrandFantasia.exe as a worm.

2. With the previous example in mind, it's important to find software that works for your specific needs. Personally I can recommend Norton/Symantec products and services from positive experience, and my sister can say the same for Avira. Once you have one that works for you, make good use of it.

3. Scope out a website, service, or program before making use of it. There are many ways to do this, including a website analysis service from Norton. It's important to note that sometimes the best gauge of the actual threat level is reading comments by other users. Additionally you can Google a program and see what turns up, it's an easy way to see if something's legit or not.

4. For those not using Firefox and its ad-block utility, be aware that viruses can attach themselves to advertisements in websites. You don't even have to do anything for malicious software to download itself into your machine in these instances, but there are several ways to help prevent this. Consider making use of passive protection. An example of free passive protection for your web browser is the Immunize feature of Spybot S&D. As the name suggests, this feature immunizes your browsers (Firefox and Internet Explorer) from a series of known risks.

5. Whenever you're done with your online activities for the day, perform a Disk Cleanup. To do this, click on Computer. Then right-click your C drive. The name may vary but by default, you will see (C:) at the end. From the dropdown menu, select properties. You will then see a small screen that displays information like disk space used. Here, you will also find a button that says Disk Cleanup. Click this and let the utility load, after which you will get a list of possible areas to perform cleanup in. Be sure the following are checked:
- Recycle Bin
- Downloaded Program Files
- Temporary Internet Files
- Temporary Files
- Offline Webpages

This was recommended to me by the technician. It's not uncommon for infected files to find their way to some of these places first.

6. Lastly, perform virus and malware scans with whatever programs you have before restarting or shutting down your PC. Viruses propagate when your system's defenses are down, which means if left unchecked a small problem can get a whole lot worse.

Hope these things are helpful.
Display posts from previous:   Sort by: