The ULTIMATE Guide.
|
| 11.25.2009, 10:46 PM |
Being a hacker, you're coming face
to face with some of the most malicious programs on the internet every
day. You want to be secure. Most of the programs you'll be downloading
will be malicious, so how can you tell if the program will be working
against you or for you?
This guide will be looking at the scanning of malicious files, as well
as a guide to anti-viruses & firewalls and a brief introduction to
sandboxing and anonymity. So yep, you're in for quite a bit of reading.
Grab a drink, maybe a cigarette.
Being secure is important. Just because you call yourself a hacker, it
doesn't mean you're immune to attacks towards your computer. Without my
anti-virus, I doubt I'd actually be typing this now - I'd probably be
searching through my registries and screaming like a chicken on speed.
I'm like that.
Not all anti-viruses work the same way. Some anti-virus programs are
bad; some are good, and some are just plain useless. We'll be looking
at which ones are the best of the best, and which ones are just plain
fail.
Being infected with something can also put your friends and family at
risk, other users of your computer could be having their login &
credit card details stolen without any knowledge of it. Worms can also
spread to your email contacts and friends on popular websites such as
Facebook.
Downloads & Scanning
For example, you download a program and the poster is claiming that it
is a clean botnet controller. If we can this, it will come up with
results such as "Win32/RBot" etc.. This means that the file should be what we wanted.
Now, if the botnet-controller scan came up as something like
"Win32/trojan.agent.a", we can tell that this is a malicious program
that will work against us. This is an example of a download you do not want to use.
All in all, the scan should show results similar to what you were downloading.
You should always be careful what you download. You may often be
downloading malicious software without even realizing sometimes. Trust
me, this happens to a lot more people than you think.
If you're expecting a file to be much bigger than the download you
find, don't touch it. An example of this would be "Windows XP Theme -
350kb!" when it should be a lot higher, such as 30-50mb.
Remember to always check the names of the files you download.. If
you're downloading a cracked program, it would be unusual for it to
have no credits or advertisements in it. I would trust " 'x' cracked by
'y' " more than I'd trust " 'x' crack". Credits, names or
advertisements should nearly always be in .rar or .zip files, this is
one good way of recognizing a trusted download.
Here is a quote from Wikipedia which you may find helpful: "Example:
ZTreeWin_1.5.zip contains a crack to register ZtreeWin 1.51 included
files are: keygen.exe, one.nfo, file_id.diz and 'RUN.EXE'. It is the
'RUN.EXE' that contains the rogue program"
Downloading really isn't necessary and is often risky, but we have some
clean content in the HF-L33t section if you want to upgrade for that. ;)
Online File Scanners
Web-scanners such as "VirusTotal" and "NoVirusThanks" are becoming
increasingly popular with the amount of anonymous downloads posted all
over the internet.
If you want to scan a file you find suspicious, you can go to either http://virustotal.com or http://novirusthanks.org to do so.
VirusTotal will send samples of the file to the antivirus companies, so this is not recommended if you want to keep your file undetectable.
NoVirusThanks has an "Advanced options" area where you can choose to
not distribute your file to the antivirus companies, this is handy for
keeping things fully undetectable, but if it's a file you don't trust
and don't want yourself or others to be infected by it in the future, I
suggest you allow them to distribute it to the antivirus companies. I
respect what these websites and the malware fighting websites do, and
so should you.
Visiting Websites & Reading Emails.
Be cautious of the websites you visit. I wouldn't recommend visiting
any websites that seem cheap, uncommon, or freely hosted. Malicious
websites are often misleading or can just inject things into your
system without your consent. If you use the "Chrome" browser from
Google, you may have noticed that it automatically downloads files
without prompting you. Chrome is a browser I would not recommend just
because it is so new, all new things have vulnerabilities, and if a
vulnerability can be exploited, it will be exploited.
I'm behind a firewall and anti-virus anyway, but the only websites I
visit are popular ones. The untrustworthy and uncommon websites usually
don't appeal to me, for obvious reasons..
When opening emails, you should also be cautious. Just because it's an
email from your friend - it doesn't mean you can trust it! You may see
some emails asking you to update your bank details -- your banks should
never
ask you to do that via email. The details you enter will be sent out to
someone who is going to exploit your details, so steer away from these
emails.
Worms can be spread via email. For example, you open an email from Bob
containing a worm, this worm is then sent to all of your contacts. This
is how most worms will work, and it is suggested that you change your
emailing service if it could be vulnerable. You can use Microsoft's
live hotmail service which is excellent, it will also disable any
harmful content from downloading onto your computer. You can find this
service at http://mail.live.com
Sandboxing
By using a sandbox, everything that is downloaded onto your computer
will remain in the sandbox. It will not escape, meaning that malicious
downloads cannot harm your computer. Sandboxing is a great way to test
whether or not a website can be trusted. I rarely do this, but it's so
useful sometimes.
Sandboxing will also protect your cookies, history and cached temporary
files from being leaked. Downloads are isolated, meaning that they are
trapped and your computer is protected.
Here is a download I posted for Sandboxie v3.30: http://www.hackforums.net/showthread.php?tid=30371
Firewalls
The good antiviruses will have a built-in Firewall, but if not, then it
may be worth downloading one. Firewalls aren't essential, but can help
a lot.
Some firewalls have IP masking options, but these can usually slow down
your computer and are not worth using unless you're doing something
illegal.
The main use of a firewall is to prevent incoming traffic, which will
stop things like 'telnet' from reaching your connection, and can also
stop worms etc. from accessing your network. Firewalls will also block
the backdoors that trojans create, so if you find yourself unlucky
enough to have a RAT (Remote Access Trojan) on your computer, the
backdoor should
be blocked by your firewall, but it is possible for a trojan to bypass
this. Having a firewall does not mean you are secure, many firewalls
can be easily disabled or bypassed by malware. Some firewalls will also
block legit connections, such as downloads for software. Do not think
you're secure just because you have a firewall, this is a common
misconception with firewalls. Too many people think that by installing
a highly popular firewall, they'll instantly be secure against the
latest intrusions, but this is not at all true.
Firewalls may also make an effect on your connection speed. If you have
a very fast download speed, you may notice a difference when you get a
firewall, but the download speed may remain normal on users with slower
speeds. This effect can vary between users, and depends on the
connection. It's best to try several firewalls to find out which one
suits you best - reviews are personal and will not always be the same
for everyone.
One of the favourite firewalls is "ZoneAlarm" which is very popular and
has a free version. The paid version is obviously better, but it isn't
necessary at all.
If you're using Windows Vista, I'd recommend choosing ZoneAlarm as your
firewall. The same goes for XP, but you might want to get your hands on
a "BlackIce" crack instead, if possible.
Another great Firewall is "Comodo" which is also free can be found here...
Comodo: http://www.personalfirewall.comodo.com/
Zone Alarm: http://www.zonealarm.com/store/content/c...wall_b.jsp
Ghost: http://www.ghostsecurity.com/ghostwall/
Antiviruses
An anti-virus program is essential.
You honestly shouldn't go without one. If you don't have one, there is
a list of downloads and recommendations in the next post. Don't be
worried about the anti-virus slowing down your computer, if you get the
right one then your computer will remain at maximum performance.
You want an antivirus that will scan your RAM and system folders
constantly, because then you will be alerted if something harmful has
been found in them. The average antivirus will only scan and remove
when told to, but the best ones will scan constantly, update daily, and
give plenty of tweaking options to fit to your preferences.
If there are malicious programs that you want to download such as
Metasploit, it is best if you have an antivirus that will allow you to
do so. Some antivirus programs will give you no option and will
quarantine the file straight away, but others such as Kaspersky will
give you the option to clean, remove or ignore.
Viruses can sometimes fully disable your protection, but the stronger
programs such as Nod32 can withstand this and will be unclosable. You
want something tough if you're going to be downloading riskware.
A good anti-virus will also constantly scan your downloads and running
processes. Hopefully you are able to understand now why these are
essential.
If you want to run more than one antivirus, you must find a combination
that works. If you have a good antivirus, you won't need to. Infact,
you shouldn't ever need to run more than one. I remember having
Kaspersky running while I installed Nod32, my PC growled. :3 The only
antivirus-related programs I have installed at the moment are
HijackThis, ComboFix and NOD32. I like to use HijackThis to see what's
running on my computer, and I always keep ComboFix just incase, you
never know what's round the corner...
I remember having no antivirus software installed whatsoever, and then
I received a rootkit that wouldn't let me download any software.. I got
rid of them eventually, but it wasn't easy, the rootkit wasn't detected
by most AV's because of it being so new/rare - you still can't find it
on a few of the AV databases! But I do wish I had it again, so I could
send it out as a sample.
I will be listing my favourite anti-viruses in my next post. I strongly
recommend you stick to these, as there are many fake ones that you can
be easily lead to. Remember to look things up before downloading them.
Pick wisely! :3
The Top 5 Anti-virus Programs.
Here's the list of my top five favourite anti-virus programs in order.
You can pick which you want from each picture, but I'd recommend Kaspersky.
Kaspersky:
Downloads & keys - http://www.hackforums.net/showthread.php?tid=26117
![[Image: 2vvrzx2.jpg]](http://i35.tinypic.com/2vvrzx2.jpg)
Nod32:
Crack (Doesn't get updated) - http://rapidshare.com/files/157586621/NO...k.rar.html
Logins for legit version - http://www.hackforums.net/showthread.php?tid=31238
(Legit version available at http://eset.com)
![[Image: 5zekbl.png]](http://i36.tinypic.com/5zekbl.png)
Avast:
Avast also has skins available, which is great!
Free download: http://www.avast.com/eng/download-avast-home.html
![[Image: 142rocp.png]](http://i38.tinypic.com/142rocp.png)
Bitdefender:
Free downloads: http://www.bitdefender.com/site/Downloads/
![[Image: jl77z9.png]](http://i38.tinypic.com/jl77z9.png)
AVG:
Credits to Goodkidz for the download.
Download: http://rapidshare.com/files/147004395/AV....0.164.rar
![[Image: 35jdpau.png]](http://i34.tinypic.com/35jdpau.png)
Essential Additions.
There's a few more tools which I'm sure you'll definetely want to get.
HijackThis is a tool used to scan the areas of your computer which
viruses are often located in. It will also scan the registry areas
which hold the legitimate programs and, quite often, the infections. It
is best not to delete ('fix checked') any entries on HijackThis unless
you know what you're doing, as you may be removing something which is a
required part of your system.
Another good thing about HijackThis is the fact that it's so
lightweight, it uses barely any memory, it's easy to use, and you don't
need to keep it running!
This is a great area to check if a process is harmful or not: http://www.bleepingcomputer.com/startups/
HijackThis can be found here: http://www.trendsecure.com/portal/en-US/...hijackthis
Browser Protection
There are several great addons for browsers which you can get to protect you from malicious websites.
If you use FireFox,
look for "WOT" and "NoScript", WOT will give warnings before you visit
a website, and NoScript will disable malicious scripts from running
when you visit a website.
If you use Internet Explorer, look for "IE-Spyad", IE-Spyad will redirect you away from malicious webpages and guard you from over 5,000 different URL's.
I'm also working on my own plugin, which you can expect to see in a few
months. This will be for IE only, until I fully figure out how FireFox
operates.
Okay, now that you're protected (well, I hope you are), it's time to be invisible...
IP Hiders
You can get some great IP hiders to keep you anonymous.
A personal favourite is "Hide-The-IP", which allows you to select the proxy and choose the speed of the one you want.
Hide-The-IP can be found here: http://www.hide-the-ip.com/ - Though you may need to find a crack for it!
There are many fabulous IP hiders out there which can be found, and these are a must if you're going to be involved in any illegal activity.
Tor: Anonymity Online
You may want to download "Tor" and TorButton for FireFox. This is a
program which will select a proxy for you and allow you to spoof your
connection by using that.
TorButton is a FireFox addon which allows you to change your proxy
quickly by clicking the button. This is a great tool, and another good
reason to download FireFox!
The whole Tor website with information & downloads can be found here: http://www.torproject.org/
Alright, grab another cup o' coffee, 'cause we've still got more to do..
Personal Details
Okay, you may want to give out your name and things on your Facebook or
MySpace, but if you do, it's wise to use an alternate alias. If someone
searched your hacking alias in Google, they'd probably be able to pick
up a lot of information on you from that. Think about the name you
choose before you choose it, and make sure you don't over-use it - only
use it where you think you should. Don't complain about not being
anonymous if you're going to splurt out your details everywhere, you
can't expect to stay hidden if you're going to give yourself away
without realising. Remember that.
Keeping Software Updated
Software should always
be kept updated. This is vital. Most security experts will tell you
that updating your software is more important than having an antivirus,
because malware finds flaws and vulnerabilities in software that it can
exploit.
This is what should always be kept fully up to date:
Your operating system (e.g. updating from Windows XP SP1 to SP2).
Java.
Browser.
Antivirus.
Firewall.
Instant messaging or email applications.
Any other software which could be exploited.
Zer0man showed me this lovely website with scanners you can use to check for out-of-date software...
Here's the online version: http://secunia.com/vulnerability_scanning/online/
And the downloadable version: http://secunia.com/vulnerability_scanning/personal/
Quite obviously, the downloadable version scans for more
vulnerabilities than the online version, and it includes more features.
This is a great tool to use every few weeks, since you never know
what's around the corner ;-)
Active Thinking
Many scams and computer infections require your consent, so you should
always be wary. If something doesn't quite look right, make sure to
research it. Many people are fooled into giving away their details by
fake emails from companies such as banks, social networking websites,
etc. You shouldn't believe everything you read. Many scams will lead
you on, so you just have to watch out. Keep everything you've learned
from this guide in mind, and you'll be safe.
A good quote from The Real Hustle: "If it looks too good to be true, then it probably is".
Passwords
Though it is also important to have a password you will remember, you
should also be sure that it can't be guessed. If it's a site containing
personal information, I suggest you change your password once a month.
A good password would contain letters, numbers and symbols - maybe even
words in a foreign language if it helps! An example of a good password
would be "A$fao4iz3£p" not
"John1982" or "ilovefootball". Passwords should be different for each
website you use, because if someone hacked into a forum, for example,
and took your details - potentially, they could have access to your
PayPal account, Facebook, etc.
Well, you should know just about everything you need to know by now. If
there's anything else you're wondering, don't hesitate to ask! I will
be here for any questions, feedback or suggestions. This guide should
keep you well-hidden and protected from now on, just remember to keep
everything in mind!
|
|
Category: Hacking tutorials | Added by: h4ckz0r
|
| Views: 10830 | Downloads: 0
| Comments: 1
| Rating: 0.0/0 |
|
|