Make Firewalls and Antivirus Compatible

Different people like different security programs. Some rely on security suites, where as others rely on their own custom made suites (combination of antivirus and firewall from different vendors). Those who rely on security suite, will not experience any compatibility problems. Because, the company which develop these suites will take enough care while developing, so that antivirus and firewall of that suite will go hand in hand. But, things will be different for those who use separate antivirus and firewall. I personally experienced many problems like  slow boot times, slow application startups, slow internet speeds, etc. when I installed antivirus and firewall from different vendors. In this article we’ll see how to make antivirus and firewall compatible. This article is intended for newbies who don’t know how to tackle the above said problems.

Make them Friends :

Recently, I installed Online Armor Premium. I’m already using AVG Free 2012 to protect my PC from malware. But after installing OA (Online Armor) Premium, my PC has become dead slow, taking around 3 minutes to complete boot process. Not only that, I can also feel the slowness of PC when running applications and browsing. After a while, I came to know the reason. The reason is this. Both, AVG and OA Premium are aggressively monitoring each others processes. Instead of working together to fight malware, they are wasting both time and CPU resources by suspecting each other processes and behavior. This issue, is not just limited to OA Premium and AVG. Many security combinations are like this.

Adding AVG to Online Armor Premium's Exclusion list

Adding Online Armor to AVG's Exception List

We can solve this issue by stopping them from monitoring each other processes. This can be implemented by using the Exclusion/Whitelist feature of that corresponding security product.

Every security product will offer these kind of settings. So, if you are facing any problem with your security setup then check out the settings of your program and add folders of Antivirus to Firewall’s exclusion list and add Firewall’s folders to Antivirus exclusion list.

Disable Redundant Protection Modules :

Every security vendor tries to include as many features and modules into their products, so as to make sure that the end-user will have an optimum protection. Actually this is intended for good. But in the end, people who use their own custom security combination will end up having repeated modules. In my case, both AVG and OA Premium have their own :

• Web Shields
• Program monitoring.

So, when I browse web, both AVG and OA will be scanning web traffic. Eventually slowing down page load times. Same is the case, when I run any program. Both AVG and OA will be monitoring program’s behavior and because of this the software will become unresponsive at times.

So, instead of having two programs doing the same job, it is better to turn off any one of them and hence avoiding unnecessary slow downs.

After performing above two steps, my system boot time has decreased to 1 min 30 seconds, from the previous 3 mins. So, if you are facing any slow downs after installing Firewall or Antivirus, then do the above two steps and feel the difference.

What is Duqu Virus

Just few days ago Hackers find a security hole on the Microsoft OS Software and used this to send virus. This virus targeted victims via email and attached with a Microsoft word document. [Microsoft software bug Tied to Duqu virus] 
News and analysis started coming out earlier this week about the Duqu Trojan and the threat which it represents. McAfee, Symantec and Venafi has highlighted some of the potential implications of Duqu.
According to SYMANTEC:-

Symantec stated that on October 14, 2011, a research lab with strong international connections alerted the company to a sample that appeared to be very similar to Stuxnet [Read More: What is Stuxnet and How does it Works?]. They named the threat ‘Duqu’ because it creates files with the filename prefix ‘~DQ’. The research lab provided Symantec with samples recovered from computer systems located in Europe, as well as a detailed report with their initial findings, including analysis comparing the threat to Stuxnet. Symantec has been able to confirm that ‘parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose’. 
Symantec says that Duqu is ‘essentially the precursor to a future Stuxnet-like attack. The threat was written by the same authors (or those that have access to the Stuxnet source code) and appears to have been created since the last Stuxnet file was recovered. Duqu’s purpose is to gather intelligencedata and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility.’ 
Duqu does not contain any code related to industrial control systems and is primarily a remote access Trojan (RAT). The threat does not self-replicate and is highly targeted toward a limited number of organizations for their specific assets. However, says Symantec, ‘it’s possible that other attacks are being conducted against other organizations in a similar manner with currently undetected variants’. 
More details. 
According to MCAFEE:- 
McAfee says that Duqu is based on Stuxnet and is very similar. ‘Only a few sites so far are known to have been attacked by the code, and it does not have PLC functionality like Stuxnet. Instead, the code, delivered via exploitation, installs drivers and encrypted DLLs that function very similarly to the original Stuxnet code. In fact, the new driver’s code used for the injection attack is very similar to Stuxnet, as are several encryption keys and techniques that were used in Stuxnet.’ 
Duqu is very time sensitive says McAfee and ‘is controlled by an extended, encrypted configuration file. It communicates with a command server in India. This IP address has since been blacklisted at the ISP and no longer functions. Yet it was specially crafted to execute sophisticated attacks against key targets and has remote control functionality to install new code on the target. These include key loggers, which can monitor all actions on systems: running processes, window messages, and so on. Furthermore, the key logger component also contains functionality to hide files with a user-mode rootkit.’ 
McAfee also says the following: ‘It is highly likely that this key, just like the previous two known cases, was not really stolen from the actual companies, but instead directly generated in the name of such companies at a CA as part of a direct attack.’ 
More details. 
According to VENAFI:-
Venafi has been exploring whether Duqu is a private key or a certificate authority compromise. The company warns that since the certificate used in Duqu is used for authentication — much like SSL server – and client-sidecertificates — either cause should warrant that organizations look closely at their security and operations management processes and response plans.Certificates are used for authentication, in addition to encryption.
Venafi highlights the following: 
CA compromise
If the Duqu creator compromised a CA to get their certificate, they could have also fraudulently issued other certificates. The security of that CA could be called into question, as well as all the certificates it issued. 
If a CA was compromised, companies with certificates from that CA must replace them and all organizations must ensure they’re not trusting that CA. Going beyond this incident, if Duqu is targeting CAs, that reinforces the importance of preparing for a CA compromise, especially coming on the heels of the DigiNotar CA breach this summer. 
Private key compromise
If the Duqu creator stole the private key of C-Media Electronics (the Taiwanese company whose certificate is associated with Duqu), that pointsJust few days ago Hackers find a security hole on the Microsoft OS Software and used this to send virus. This virus targeted victims via email and attached with a Microsoft word document. [Microsoft software bug Tied to Duqu virus] 
News and analysis started coming out earlier this week about the Duqu Trojan and the threat which it represents. McAfee, Symantec and Venafi has highlighted some of the potential implications of Duqu.
According to SYMANTEC:-

Symantec stated that on October 14, 2011, a research lab with strong international connections alerted the company to a sample that appeared to be very similar to Stuxnet [Read More: What is Stuxnet and How does it Works?]. They named the threat ‘Duqu’ because it creates files with the filename prefix ‘~DQ’. The research lab provided Symantec with samples recovered from computer systems located in Europe, as well as a detailed report with their initial findings, including analysis comparing the threat to Stuxnet. Symantec has been able to confirm that ‘parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose’. 
Symantec says that Duqu is ‘essentially the precursor to a future Stuxnet-like attack. The threat was written by the same authors (or those that have access to the Stuxnet source code) and appears to have been created since the last Stuxnet file was recovered. Duqu’s purpose is to gather intelligencedata and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility.’ 
Duqu does not contain any code related to industrial control systems and is primarily a remote access Trojan (RAT). The threat does not self-replicate and is highly targeted toward a limited number of organizations for their specific assets. However, says Symantec, ‘it’s possible that other attacks are being conducted against other organizations in a similar manner with currently undetected variants’. 
More details. 
According to MCAFEE:- 
McAfee says that Duqu is based on Stuxnet and is very similar. ‘Only a few sites so far are known to have been attacked by the code, and it does not have PLC functionality like Stuxnet. Instead, the code, delivered via exploitation, installs drivers and encrypted DLLs that function very similarly to the original Stuxnet code. In fact, the new driver’s code used for the injection attack is very similar to Stuxnet, as are several encryption keys and techniques that were used in Stuxnet.’ 
Duqu is very time sensitive says McAfee and ‘is controlled by an extended, encrypted configuration file. It communicates with a command server in India. This IP address has since been blacklisted at the ISP and no longer functions. Yet it was specially crafted to execute sophisticated attacks against key targets and has remote control functionality to install new code on the target. These include key loggers, which can monitor all actions on systems: running processes, window messages, and so on. Furthermore, the key logger component also contains functionality to hide files with a user-mode rootkit.’ 
McAfee also says the following: ‘It is highly likely that this key, just like the previous two known cases, was not really stolen from the actual companies, but instead directly generated in the name of such companies at a CA as part of a direct attack.’ 
More details. 
According to VENAFI:-
Venafi has been exploring whether Duqu is a private key or a certificate authority compromise. The company warns that since the certificate used in Duqu is used for authentication — much like SSL server – and client-sidecertificates — either cause should warrant that organizations look closely at their security and operations management processes and response plans.Certificates are used for authentication, in addition to encryption.
Venafi highlights the following: 
CA compromise
If the Duqu creator compromised a CA to get their certificate, they could have also fraudulently issued other certificates. The security of that CA could be called into question, as well as all the certificates it issued. 
If a CA was compromised, companies with certificates from that CA must replace them and all organizations must ensure they’re not trusting that CA. Going beyond this incident, if Duqu is targeting CAs, that reinforces the importance of preparing for a CA compromise, especially coming on the heels of the DigiNotar CA breach this summer. 
Private key compromiseIf the Duqu creator stole the private key of C-Media Electronics (the Taiwanese company whose certificate is associated with Duqu), that points to another risk that organizations need to address: providing better protection of private keys. to another risk that organizations need to address: providing better protection of private keys.

Fix Microsoft Services Problems Online

Fixit is a great solution center from Microsoft which scans and fixes any issues affecting your pc with problems. Now Fixit contains all the categories in which problems can come and have very nice solutions to every problems.


So as you can see all the categories like Windows, Internet explorer and all the other products which Microsoft manufactures. So now how this amazing Fixit website works, well you simply have to visit their Fixit website and then you will presented by some screen containing all these categories of interest you have to choose the one which is making troubles.

Categories contained in this Fixit Solution website are right below .:

  Now after you choose a category like I choose Windows and then you will see something like below .:

So now you have to choose what problem are you facing like it can be Connect to internet, after you click one thing you will see a sub-category like you see on the right hand side in the above image, and you will see something  .:

Now any of the useful link containing your solution well this can be really useful if you are facing any unknown problems. Well now fix problems and have fun.

VISIT FIXIT WEBSITE

HOW TO PASSWORD-PROTECT YOUR FOLDERS WITH FREE DOCLOCK

If you share your PC with friends, family members, co-workers, the occasional IT guy, etc., there may be files and folders you want to keep private. You know, financial data, company secrets, certain sensitive video files--that kind of thing. (Hey, I'm not here to judge.)

Out of the box, Windows doesn't give you the tools you need to password-protect files and folders. For that, you'll need a third-party utility. Most of them cost anywhere from $30-50, but if you're quick with your clicking finger, you can score one absolutely free.

Today only, Giveaway of the Day is giving away docLock for Windows. It regularly sells for $49.95 (though it's currently on sale for $29.95 from developer Large Software).

docLock provides military-grade security for any files and folders you want to protect. You can assign your own password or let the software generate one for you. And locking/unlocking is as simple as dragging and dropping to the docLock window or right-clicking the item and choosing docLock from the context menu.

If you need to share a protected file/folder with someone or take it with you, docLock gives you the option of making it portable--meaning it can be unlocked just by supplying the password (i.e. docLock itself doesn't need to be present).

Like all Giveaway of the Day deals, this one expires at midnight. To take advantage of it, you must download and install the program today. (And, yes, if you reformat your hard drive or migrate to another PC down the road, you'll lose access to the software. It's really intended to be a kind of extended trial.)

Change Your Password For Safety

Do you have many account on the net? Do you use the same username and password in many account?if yes, then you need to change your password for safety. One of the reason that many blog and social media hijacked because of the same reason.

You can not be to careful in protecting your privacy and especially your business. May be some of you have heard that there are massive attack on google mail in February 2011. Here is a quote from Google Enginerring Director of security team.

How to Create Strong Passwords that are Easy to Remember but Hard to Break

I don’t need to tell you the importance of using strong passwords when creating user accounts online. Passwords are keys to accessing your online accounts or your computer. Using strong passwords are vital in protecting your identity and stopping others from hijacking your account. In this Post I have shared a trick to create strong but memorable passwords that I learned a few days ago.

Tips to Boost Your WordPress Site’s Security

You have started a blog to share your opinion with the World Wide Web. Someone stumbles upon one of your articles. He likes it, and posts it on Digg. Now it gets everyone’s attention. Visitors come pouring into your site. Your revenue starts to go up. Definitely good news! But now there is a catch. You are now the target of the ‘bad crowd’ of the Internet, spammers, hackers and leechers.

Two simple tips related to the security of PayPal

Free Premium Plugin and Theme Downloaders – Beware!

Reading this article may end up saving your site from getting hacked.