Sunday, September 27, 2009

How to download and install Live.com applications

One change Microsoft started with Vista and continued with Windows 7 is to remove some components and make them available via a separate download.  This was done to remove some “size” from Windows and to allow faster development for some of the applications in question.

To download and install some or all of these applications, access:

http://download.live.com/

Once on the home page, click on the Download button.  A separate link is available under the Download button for system requirements.  Some of the components will run under Windows XP but others such as Movie Maker will not.

1

When a file dialog box appears, click on the Run button.

2

After downloading the initial loader, a dialog box will appear asking which applications you wish to install.  When you click on an entry, a description of the component should be displayed on the right.  After selecting the applications, click on the Install button.

3

A dialog box may appear asking to close some open programs; click on the Continue button if all data has been saved.

 4

Depending on the components selected and your Internet speed, the download and installation can take a few or several minutes.

5

One of the final screens ask to change your home page and search engine; you have the option of not making these changes.  Once you have made your selections, click on the Continue button.

6

The install process should now be completed.  Click on the Close button.

7

To access some of the applications, a new Windows Live entry should now be present under the Start Menu.

8

When you open some of the applications, a dialog box may appear asking to log into Live.com:

9 

You can use an existing Live.com account or create a new entry if you wish.  But a Live.com account is not a requirement for using the application.  In the example above, you could simply click on the Cancel button and continue to use the program.

Saturday, September 26, 2009

How to change the taskbar within Windows 7 to the “classic” view

One of the big interface changes within Windows 7 is the new taskbar.  Certain windows are combined into one icon.  The example below is Windows Explorer with three windows open.

taskbar

If you wish to go back to the “classic” view with each window a separate entry on the taskbar, right-click the Start icon on the lower left hard corner of the screen and left-click on the Properties entry.

taskbar2

Click on the Taskbar tab.  To the right of the Taskbar buttons selection, click the drop-down box and select the “Never combine” option.  Click on the OK button near the bottom of the dialog box.

taskbar3

Your taskbar should now resemble previous versions of Windows.

taskbar4

Thursday, September 24, 2009

Alternatives to Windows, Mac, Linux and online software

http://alternativeto.net/

How to disable JavaScript within Acrobat Reader

By default, Adobe Acrobat Reader has JavaScript support enabled.  Disabling this feature can help against malicious PDF files. 

To disable scripting support, launch Adobe Acrobat Reader as normal.  Click on Edit – Preferences.

clip_image006

Click on the JavaScript text within the left column and remove the checkmark to the left of “Enable Acrobat JavaScript”.

clip_image008

Disabling scripting is not a cure-all for all potential security issues.  But it should protect you from the majority of the current PDF threats found on the Internet today.

Most of the time, JavaScript support is not needed to view “normal” PDF files.  But certain situations do require this option.  The latest Reader version allows editing of files depending on how the PDF was created.  I accessed the IRS’s web site to obtain some examples.  The form below did not have any problems with the security setting in place.

clip_image002

But when I accessed another form, an error dialog box appeared.

clip_image004

If you click on the Yes button above, this action enables JavaScript for this document as well as all future documents.  If the file in question requires this feature, you do not have a choice but to enable scripting.  But you do have the option of again disabling scripting support after processing the file in question.

Monday, September 21, 2009

MAC Address Lookup Link

http://www.coffer.com/mac_find/

Spycar Link

http://www.spycar.org/

This site mimics spyware-like behavior to test anti-spyware applications.

Anti-Virus Rescue CD Links

http://devbuilds.kaspersky-labs.com/devbuilds/RescueDisk/

http://download.bitdefender.com/rescue_cd/

http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-services/rescue-cd/

Regular Expression Links

http://immike.net/blog/2007/04/06/the-absolute-bare-minimum-every-programmer-should-know-about-regular-expressions/

http://www.linuxforums.org/applications/demystifying_regular_expressions.html

http://www.regular-expressions.info/quickstart.html

http://gnosis.cx/publish/programming/regular_expressions.html

http://www.zytrax.com/tech/web/regex.htm

http://www.addedbytes.com/cheat-sheets/regular-expressions-cheat-sheet/

http://www.visibone.com/regular-expressions/

http://gskinner.com/RegExr/

http://www.weitz.de/regex-coach/

http://ryanswanson.com/regexp/#start

http://www.regexbuddy.com/

IP Subnet Practice Page

http://faculty.valleycollege.net/rpowell/jscript/subnet2.htm

How to disable IPv6 with Vista and Windows 7

Add the following Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpip6\Parameters\

Create the following registry value (DWORD type): DisabledComponents

Note that “DisabledComponents” is case sensitive and should be typed exactly like that.

DisabledComponents is set to 0 by default. To disable IPv6 support on all interfaces, set the value to FFFFFFFF.

Using the Network Properties GUI will disable IPv6 on your LAN interfaces and connections, but does not disable IPv6 on tunnel interfaces or the IPv6 loopback interface.

Free backup software

http://www.todo-backup.com/

Flash Cookies

Some people do not realize that Adobe’s Flash player actually includes cookies or site information outside of the normal cookies stored within a browser.  Last week I was playing around and decided to see if I could block these cookies within Flash and determine if they were required.  So I went to the Flash Manager on Adobe’s site and configured my local player using some recommendations I found on another site:

clip_image002

The recommendations included removing the check mark to allow third-party content.  I then went looking for Flash videos.  I did not appear to have any problems on YouTube, but did find some issues on other sites.

clip_image004

clip_image006

clip_image008

Even if you clear out the local Flash cookies via the online tool, a list of sites is still “left behind” on the local system.  Below is the path on my Vista machine:

clip_image002[4]

For example, I accessed a Symantec link this morning.  I cleared out my Flash cookies, but a folder is still present under the path above:

clip_image004[4]

Notice the time stamp on the everyclickmatters.com folder.  So at least on my machine, these folders remained even after I cleared all Flash cookies.

On a site note, a Firefox plug-in is available at https://addons.mozilla.org/en-US/firefox/addon/6623 called Better Privacy that can block and manage Flash cookies locally.

Phishing Example

Below is a sample phishing message concerning EBay:

clip_image002

Clicking on the link within the message would take you to the following site:

clip_image004

As you can see, the web page appears to be legit.  Two items to notice would be the address within the address bar and the lack of a secure (little padlock) connection. 

One safeguard within most modern browsers is a phishing filter.  A feature such as this does not offer 100% protection, as new phishing sites are added on a consistent basis.  But in the example above, you would have received the following screen if the phishing filter had been enabled within Internet Explorer:

clip_image006

If you realize that you have been tricked with a phishing message, the first thing to do is log into the “real” web site for the service in question and change your password.

Example of fake or misleading security web site

One of the most current popular categories of malware is fake or misleading security applications.  One security company has an entire blog http://rogueantispyware.blogspot.com/ dedicated to this subject.  To offer a brief summary of this threat, you are taken by some method to a web site that displays some information about all of the viruses your computer currently has.  You are prompted to download and run a free scanning utility.  This download actually contains the malware in question.  The free download will confirm that your computer has problems and you are then prompted to pay via credit card to use the “full” version that will remove all of the existing threats.  So you are tricked into playing for a fake solution to a problem that does not exist.

Below are some screen captures I took from a “rogue” security web site.  New versions of these threats appear on a regular basis, so the text and images may change but the basic concept should remain the same.

The initial screen will normally be a warning about threats currently found on your computer:

clip_image002

If you click anywhere on the screen, new information normally appears highlighting all of the threats that were found:

clip_image004

At this point, clicking anywhere on the screen will prompt a download dialog box to appear:

clip_image006

If you click on the Cancel button and attempt to leave the screen, the download dialog box will reappear.  If you attempt to close your web browser or simply close the tab, new dialog boxes may appear:

clip_image008

The malware authors attempt to “lock” your browser to prevent you from leaving the site until the .EXE in question is downloaded.  If you find yourself in this situation, one method of “escape” would to be “kill” your web browser process.  To launch the Task Manager dialog box, the quickest method is to select the Ctrl – Shift – Esc keys at the same time.  Click on the Applications tab.  In the example below, I only have one program currently running (Internet Explorer).  Click on the entry for the web browser to select it and then click on the End Task button:

clip_image010

A dialog box may appear asking if you really wish to close the application in question; click End Now.

clip_image012

You will lose any data within other tabs, but this procedure should allow you to “escape” the misleading security application’s web site.  The main item to avoid is downloading or launching any executable.

Social Engineering web site

http://www.social-engineer.org/

Hosts file links

I have used the Hosts file at http://www.mvps.org/winhelp2002/hosts.htm for years. But below are a few more that were highlighted within a blog posting.

http://www.hosts-file.net/

http://www.malwaredomainlist.com/hostslist/

http://www.sysctl.org/cameleon/hosts

http://www.hostsfile.org/hosts.html

Kon-Boot

Kon-Boot is an prototype piece of software which allows to change contents of a linux kernel (and now Windows kernel also) on the fly (while booting). In the current compilation state it allows to log into a linux system as 'root' user without typing the correct password or to elevate privileges from current user to root. For Windows systems it allows to enter any password protected profile without any knowledge of the password.
http://www.piotrbania.com/all/kon-boot/

Windows 7 Logon Background Changer

An application that allows custom pictures via the Windows 7 login screen.

http://www.julien-manici.com/windows_7_logon_background_changer/

Security client from Fortinet

A free security application from Fortinet.

http://www.forticlient.com

FYI concerning security URL from Google

The URL is:

google.com/safebrowsing/diagnostic?site=

After the equal sign, enter the web site address you wish to check. A nice resource to check the history of a particular site.

FYI concerning Muziic

Nice media player that accesses content via YouTube.

http://www.muziic.com/