I tought I should put up a new thread regarding the subject. *Almost* all of these programs or stuff described here I have personally tryed out and found them not only useful but also SECURE. Honestly, I think they are the best (free) software and solutions there is, most of them are actually so good that you cant even get better ones even by spending a LOT of money!
Enjoy!
1) AVG for antivirus. Good and reliable antivirus with solid reputation.
»
www.grisoft.com/us/us_dw ··· free.php2) AntiVir for secondary (no offence meant but one of them has to be NO1) antivirus.
»
www.free-av.com/3) Spybot S&D to remove spyware, keyloggers, trojans, bots, usage tracks, etc. etc. etc. Excellent program indeed!!! A word of caution: If you are using F-Secure products, do NOT remove "Backweb" components you might find with Spybot S&D, or you cant update your F-Secure anymore!
»
www.safer-networking.org ··· download4) Ad-Aware is similiar to Spybot, but Ad-Aware is perhaps a bit better in finding and removing spyware. Hard to tell, but to be sure, run them both.
»
www.lavasoftusa.com/supp ··· ownload/5) WindowsXP Antispy to remove WindowsXP "build-in" components that might violate your privacy. Easy to use and quick to set it up properly.
»
www.xp-antispy.org/index ··· ws-e.php6) Abtrusion Protector is used to PREVENT malware or ANY other software that you have NOT personally installed on to the system, from running. Basicly speaking, boys and girls, if you have Abtrusion Protector running in your computer, you can doubleclick any files (yeah, even viruses, trojans, whatever you want to) or allow them to automatically executed somehow and try to run them (OK, this is NOT a wise thing to do in any situation but please listen). They will NOT run in your system and therefore can NOT infect your system in any way. Period.
And when you need to update Windows, no problem, this baby knows Windows updates automatically, so you can go ahead and install (it uses strong crypto and Microsofts digital signatures to verify the files so that they ARE safe). When you want to install something else (that you are SURE is safe to be installed into your system!), just tell this program to go to "install mode" and when you are done, turn of the "install mode" and again no other software can be executed in your system. This baby is SOOOOOOOOO great!!!
»
www.abtrusion.com/Downlo ··· onal.asp7) Script Sentry is good for preventing/monitoring scripts. You know, like scripts inside Word documents etc. etc. If possibly dangerous script is found, you can choose to abort running that file/document. I bet there isnt any better macro/script blocking program than this one.
»
www.jasons-toolbox.com/s ··· ntry.asp8) WMP Scriptin Fix to disable scripting from Windows Media Player. You can never be too carefull with Microsofts products you see...
»
www.wilderssecurity.net/ ··· fix.html9) Hushmail standard account. It gives you email box with TOP, TOP security features. First of all, the connection between your computer and Hushmail server is encrypted using SSL/TLS so nobody can spy on it. Second, Hushmail has build-in support for OpenPGP, meaning that you can semd and recive encrypted and signed emails (with other people who have Hushmail or use some compliant PGP software like GnuPG) from "end-to-end", meaning that NOBODY, not even Hushmail staff, can read or tamper them! Third, you can receive "end-to-end" secure emails from ANYONE (they dont have to have hushmail account or use GnuPG/OpenPGP) via »
hushtools.com and fourth, ANYONE can verify your digitally signed email messages (via hushtools) to be sure that it was really YOU who sent them that email. And its all open source code, no backdoors, no gaping holes, etc. etc. And there is a plus: Human authenticator system to eliminate SPAM for good! Oh and did I forget to mention that they also have HushMessenger, which allows you to have *secure* IM with any other Hushmail member.
»
www.hushmail.com10) Megaproxy provides SSL/TLS encrypted surfing and protects your IP. This means, that your ISP or anyone between you and Megaproxy servers (like some lurker listening to your network traffic in you LAN), can know
what or where you are doing or tamper it. Also, since it hides your IP, the pages you visit dont know who or where you are from. Free version has its limitations tought, but its still worth to try!
»
www.megaproxy.com11) ZoneAlarm is easy to use and very secure firewall. If you need some tips regarding it, you can check »
www.markusjansson.net/eza.html for some installation etc. tips. Firewall is basicly a "must-to-have" to ANYONE in ANY connection with internet. Period.
»
www.zonelabs.com/store/c ··· load.jsp12) Active Ports is a good tool to check what is happening in your network traffic. What programs are connecting to where etc. etc. Great tool to see if some spyware or trojan is contacting outside world and otherwise to keep in control of your network traffic. Sure, its NOT a firewall like ZoneAlarm, but it gives you information in more detailed way.
»
www.protect-me.com/freeware.html13) Whatshappening to check what is happening in your computer (hard to guess eh?). Good if you are wondering about possible trojan infection, running processes etc. etc. But you must know what you are looking for, if you dont, use Google.
»
www.turboware.com/WhatsH ··· ning.htm14) Hijackthis is good tool to peak under your registry and other hives where malware/spyware might be lurking. If you are not sure what you see with this baby, DONT remove it. But if you take few lessons and use Google, you can and will find this program VERY usefull!
»
www.tomcoyote.org/hjt/15) CompuSecTM to encrypt your HDD:s. If you want to keep something protected, you MUST encrypt it with good encryption, good passphrase and good program that implements that all. CompuSecTM is one such product. Sure, you can and should use PGP perhaps too, but what is great about this one is that it encrypts WHOLE HDD. This means, that ALL the temporary files, hidden data, history markings, etc. etc. are always in encrypted form. Its transparent to user so you wont even know its there after you have once set it up. A word of caution however: You might be having a lot of trouble with imaging software, or to be more precise, on restoring or using images/clones you have created from encrypted HDD:s...
»
www.ce-infosys.com.sg/Ce ··· uSec.asp16) PGP 6.58ckt8 is good "tweaked" version of PGP. This baby has PGPdisk, supports very large key sizes (up to 16000bit RSA) and new hash algorithms. Its very easy to use as PGP always is. However, if you need some help with it, check these pages »
webpages.charter.net/archer/USA/ they have tips and guide on using it. If you dont install software to encrypt your entire HDD, PGPdisk is your second best option on secure storage of your data. Not to mention that you can use this for secure emails, creating secure packets (like backups, etc.), etc. etc.
»
ftp://
ftp.zedz.net/pub/crypto/ ··· kt08.zip17) Password Safe to secure and control your passwords. You should always have different passphrases in different locations. Now, when you have dozen or so passphrases, its hard to keep count on them all. Password Safe solves this problem by keeping ALL you passphrases behind ONE main passphrase in encrypted format. Easy to backup to floppy etc. etc.
»
sourceforge.net/projects ··· ordsafe/18) Eraser 5.7 for erasing data from your media. Now, when you delete something, it really isnt gone. It can be restored usually very easily. Even when you encrypt something (like move file to PGPdisk or EFS encrypted folder), the original file that was in cleartext, is simply removed, not erased. With Eraser, you can fix this one. You
can wipe individual files, folders, or drives from Windows Explorer! And, you can wipe free space, directory entries and file slacks from your hdd, so that the hdd space (that still has your old files that you havent wiped and that can be recovered) can be "purified" too. Also, it has "Nuked" bootable diskette that you can use to wipe HDD:s without booting up OS (be carefull when using that one!). One important thing is to be mentioned. Eraser IS good. It uses well documented wiping patterns and has good pseudorandom number generator. It REALLY wipes the data for good.
»
www.heidi.ie/eraser/download.php19) Openoffice.org as office tool. Its safer than MS Office and is also very easy to use. Try it out!
»
www.openoffice.org/dev_d ··· e/1.0.3/20) Mozilla for browsing in the internet and reading emails & news. Mozilla is much more secure browser than IE is (IE still has over 20 unpatched security holes, see »
www.pivx.com/larholm/unpatched/ for more info). It has good privacy features, such as blocking popups etc.
»
ftp.mozilla.org/pub/mozi ··· ller.exe21) Sun Java JRE for java instead of Microsofts JVM. Also, Mozilla needs JRE anyway so why not also use it with Internet Explorer eh?
»
www.java.com/en/download ··· nual.jsp22) UPDATES, more and more and more UPDATES to ALL your programs, especially operating system and browser (and browser components like Active-X controls like Flash, Shockwave etc.) every now and then. ALSO, remember to visit the windowsupdate page until you have downloaded ALL updates available. Usually you have to install, reboot, install, reboot, install, etc. etc. many times before ALL updates have been downloaded and installed onto your computer. Remember to make sure that you also update your ANTIVIRUS on daily basis!
»
windowsupdate.microsoft.com23) Secure the WindowsXP settings (+ Internet Explorer settings), since they are VERY INSECURE by default! Also, many services that are not needed are starting up and therefore taking system resources and being potential security vulnerabilities. If you dont use XP for anything very fancy like server etc. then these will be just fine for you.
»
www.markusjansson.net/exp.html24) Use Microsofts own tool, MBSA, to verify that you have secured your settings and otherwise things are prettymuch OK. This baby checks for configuration etc. vulnerabilities/holes but dont count on it too much. Its always better know yourself that your system is secure than let some program tell you that...
»
www.microsoft.com/techne ··· home.asp25) Use online scanners, like Sygatetech:s ones, to see what they can see/do to you. Its important to drop your firewall before doing these scans.
»
scan.sygatetech.com/