Wednesday, November 30, 2011

What is a "Good and strong" password and other questions.

1. What is a good password?

There is a vast difference between a "good and strong" password and a "complex" password. 'Ab%98@#k*t5z' is a very complex and strong password but is a bad password because it is very hard to remember. However, 'Blacck>Mang0s' is a strong as well as a good password because you can easily remember it. It is strong because it is of sufficient length and is a combination of lower case, upper case, special character and numerals. Passphrase or related characters like above would be good.The other requirement is that of sufficient length, 10 or more characters.

2. Can  a Antivirus product detect all malware in existence?

This is simply not possible techinally, whatsoever the vendors may claim. However, some poducts may be better at any given time. The detection rate of even the best product may be not more than 85%.

3. Which is best anti-virus?

For commercial software go by the existing market reputation. But, be careful, a recently reported news mentions about an emerging antivirus product which induced malware and subsequently cleaned them to generate a good scan report. If you are using freeware then check for the reputation or popularity. Download these from a trusted source.

4. Is  an Antivirus still required if a firewall is used and vice versa?

Both have a different but comlimentary fuction. You require both to safeguard your computer. If a malware is able to breach your firewall then at least the Antivirus would have a chance to detect it.

5. What if the AV has not detected the malware and someone is remotely controlling or using my computer?

If your are a normal user then nothing much can be done except to attempt manually cleaning the offending software. The best option would be to go back to a previous checkpoint, or reinstall the OS after you have taken a backup. Before such a step, take a chance with the free tools i have listed on the right side of this post. Experienced users can use the tools mentioned in my prevoius post.

6. Enabling all the Browser security features has blocked my critical banking and email site?

There is no absolute '0' or '1' answer to this question. Depending on a users requirements and his web browsing habits he may have to customise the settings slowly over a period of few days. Disabling java may have led to your bank account page being rendered useless. You need to figure out this and enable java specifically for this site.

Tuesday, November 22, 2011

Android Smart - Phones Security

Android devices have become so ubiquitous that not acknowledging them would be a sin. These smartphones are nothing but mini computers or rather super computers of a previous era. It would be beneficial if users are aware about the security features available on these phones. I have listed some important security tips, in brief, on the Tips and Tricks page. They are also listed below. Hope they are of help to all.

1. Activate lock screen(‘Settings’ > ‘Location & security’). A pattern style is recommended.
2. Use a good data enryption app.
3. Donot store passwords as passwords in the phone.
4. Deactivate bluetooth when not required.
5. Deactivate WiFi when not required.
6. Deactivate GPS when not required. Do not update GPS location unnecessarily.
7. Turn off bluetooth discovery mode when not required(Settings > Wireless and networks > Bluetooth settings > Discoverable).
8. Install only trusted apps.
9. Ensure that the Browser does not store usernames and passwords.
10. Be careful when using wifi-hotspots.
11. De-activate geo-location feature.
12. Update(Settings > About phone > System updates) and upgrade wherever possible.
13. Use apps like 'Where’s my Droid' to Remote locate the phone in case it is lost.
14. Backup and sync important data(Settings > Privacy > Back up my data).
15. Install a good antivirus app.
15. Customize screenlock screen to display alternate contact information.
16. Consider using a 'Remote Wipe' app for contigencies
17. You can use 'Famigo Sandbox' to provide a safe environment for kids on your phone.
18. Use VPN (Settings > Wireless and networks > VPN settings).
19. Pay attention to tell-tale signs of SPAM.

Thursday, November 10, 2011

More Free Security Tools for Adventuorous Windows Users

I have listed some free and safe Windows tools or software to ensure safety of your computer, Internet surfing  and in general Information security, in my previous post. In this post i would list out some tools for people who are not averse to slight advanced approach.

1.  The first of these is the "msconfig" tool bundled with the Windows operating system. Just type msconfig in the run box and you see a window opening. Take sometime to familiarize yourself before making any changes.

msconfig.exe : windows security and administration tool

2. Netstat is another wonderful command line tool for network statistics.Use these tool to investigate network connections, listening services, exe files associated with the running programs and many more.

Windows netstat command line tool for network statistics

3.   Systinternal Tools.  Check them out on

4. 'nbtstat' in command prompt
5. 'net' commands in command promt
6. Windows TaskManager
7. Use regedit.exe to play around. Warning: some amount of familarlisation is required before you modify entries.
8. Use 'Windows Firewall with Advanced Security'. Run the command wf.msc to configure the Firewall.
9. Additional resources can be found on the following links