Being a programmer, you're coming face to face with some of the most malicious programs on the internet every day. You want to be secure. Most of the programs you'll be downloading will be malicious, so how can you tell if the program will be working against you or for you?
This guide will be looking at the scanning of malicious files, as well as a guide to anti-viruses & firewalls and a brief introduction to sandboxing and anonymity. So yep, you're in for quite a bit of reading. Grab a drink, maybe a cigarette.
Being secure is important. Just because you call yourself a hacker, it doesn't mean you're immune to attacks towards your computer. Without my anti-virus, I doubt I'd actually be typing this now - I'd probably be searching through my registries and screaming like a chicken on speed. I'm like that.
Not all anti-viruses work the same way. Some anti-virus programs are bad; some are good, and some are just plain useless. We'll be looking at which ones are the best of the best, and which ones are just plain fail.
Being infected with something can also put your friends and family at risk, other users of your computer could be having their login & credit card details stolen without any knowledge of it. Worms can also spread to your email contacts and friends on popular websites such as Facebook.
Downloads & Scanning
For example, you download a program and the poster is claiming that it is a clean botnet controller. If we can this, it will come up with results such as "Win32/RBot" etc.. This means that the file should be what we wanted.
Now, if the botnet-controller scan came up as something like "Win32/trojan.agent.a", we can tell that this is a malicious program that will work against us. This is an example of a download you do not want to use.
All in all, the scan should show results similar to what you were downloading.
You should always be careful what you download. You may often be downloading malicious software without even realizing sometimes. Trust me, this happens to a lot more people than you think.
If you're expecting a file to be much bigger than the download you find, don't touch it. An example of this would be "Windows XP Theme - 350kb!" when it should be a lot higher, such as 30-50mb.
Remember to always check the names of the files you download.. If you're downloading a cracked program, it would be unusual for it to have no credits or advertisements in it. I would trust " 'x' cracked by 'y' " more than I'd trust " 'x' crack". Credits, names or advertisements should nearly always be in .rar or .zip files, this is one good way of recognizing a trusted download.
Here is a quote from Wikipedia which you may find helpful: "Example: ZTreeWin_1.5.zip contains a crack to register ZtreeWin 1.51 included files are: keygen.exe, one.nfo, file_id.diz and 'RUN.EXE'. It is the 'RUN.EXE' that contains the rogue program"
Downloading really isn't necessary and is often risky.
Online File Scanners
Web-scanners such as "VirusTotal" and "NoVirusThanks" are becoming increasingly popular with the amount of anonymous downloads posted all over the internet.
If you want to scan a file you find suspicious, you can go to either http://virustotal.com or http://novirusthanks.org to do so.
VirusTotal will send samples of the file to the antivirus companies, so this is not recommended if you want to keep your file undetectable.
NoVirusThanks has an "Advanced options" area where you can choose to not distribute your file to the antivirus companies, this is handy for keeping things fully undetectable, but if it's a file you don't trust and don't want yourself or others to be infected by it in the future, I suggest you allow them to distribute it to the antivirus companies. I respect what these websites and the malware fighting websites do, and so should you.
Sandboxing
By using a sandbox, everything that is downloaded onto your computer will remain in the sandbox. It will not escape, meaning that malicious downloads cannot harm your computer. Sandboxing is a great way to test whether or not a website can be trusted. I rarely do this, but it's so useful sometimes.
Sandboxing will also protect your cookies, history and cached temporary files from being leaked. Downloads are isolated, meaning that they are trapped and your computer is protected.
This guide will be looking at the scanning of malicious files, as well as a guide to anti-viruses & firewalls and a brief introduction to sandboxing and anonymity. So yep, you're in for quite a bit of reading. Grab a drink, maybe a cigarette.
Being secure is important. Just because you call yourself a hacker, it doesn't mean you're immune to attacks towards your computer. Without my anti-virus, I doubt I'd actually be typing this now - I'd probably be searching through my registries and screaming like a chicken on speed. I'm like that.
Not all anti-viruses work the same way. Some anti-virus programs are bad; some are good, and some are just plain useless. We'll be looking at which ones are the best of the best, and which ones are just plain fail.
Being infected with something can also put your friends and family at risk, other users of your computer could be having their login & credit card details stolen without any knowledge of it. Worms can also spread to your email contacts and friends on popular websites such as Facebook.
Downloads & Scanning
For example, you download a program and the poster is claiming that it is a clean botnet controller. If we can this, it will come up with results such as "Win32/RBot" etc.. This means that the file should be what we wanted.
Now, if the botnet-controller scan came up as something like "Win32/trojan.agent.a", we can tell that this is a malicious program that will work against us. This is an example of a download you do not want to use.
All in all, the scan should show results similar to what you were downloading.
You should always be careful what you download. You may often be downloading malicious software without even realizing sometimes. Trust me, this happens to a lot more people than you think.
If you're expecting a file to be much bigger than the download you find, don't touch it. An example of this would be "Windows XP Theme - 350kb!" when it should be a lot higher, such as 30-50mb.
Remember to always check the names of the files you download.. If you're downloading a cracked program, it would be unusual for it to have no credits or advertisements in it. I would trust " 'x' cracked by 'y' " more than I'd trust " 'x' crack". Credits, names or advertisements should nearly always be in .rar or .zip files, this is one good way of recognizing a trusted download.
Here is a quote from Wikipedia which you may find helpful: "Example: ZTreeWin_1.5.zip contains a crack to register ZtreeWin 1.51 included files are: keygen.exe, one.nfo, file_id.diz and 'RUN.EXE'. It is the 'RUN.EXE' that contains the rogue program"
Downloading really isn't necessary and is often risky.
Online File Scanners
Web-scanners such as "VirusTotal" and "NoVirusThanks" are becoming increasingly popular with the amount of anonymous downloads posted all over the internet.
If you want to scan a file you find suspicious, you can go to either http://virustotal.com or http://novirusthanks.org to do so.
VirusTotal will send samples of the file to the antivirus companies, so this is not recommended if you want to keep your file undetectable.
NoVirusThanks has an "Advanced options" area where you can choose to not distribute your file to the antivirus companies, this is handy for keeping things fully undetectable, but if it's a file you don't trust and don't want yourself or others to be infected by it in the future, I suggest you allow them to distribute it to the antivirus companies. I respect what these websites and the malware fighting websites do, and so should you.
Sandboxing
By using a sandbox, everything that is downloaded onto your computer will remain in the sandbox. It will not escape, meaning that malicious downloads cannot harm your computer. Sandboxing is a great way to test whether or not a website can be trusted. I rarely do this, but it's so useful sometimes.
Sandboxing will also protect your cookies, history and cached temporary files from being leaked. Downloads are isolated, meaning that they are trapped and your computer is protected.